DFRWS-EU 2022: The Future of Digital Forensics Is Now

An analog clock superimposed on a blue background showing hexadecimal code

Moving digital forensics forward in terms of methods and frameworks, as well as organizational and cross-cultural collaboration, was an overarching theme of this year’s European Union edition of the Digital Forensics Research Workshop (DFRWS). 

After 40 years, mainstays like file … Read more

Leveraging Intel DCI for Memory Forensics

A small circuit board is connected to a larger circuit board via cabling

Hello, and welcome to my DFRWS US 2021 talk about leveraging Intel DCI for memory forensics. My name is Tobias Latzo and I’m in the security research group of the Friedrich-Alexander University Erlangen-Nürnberg in Germany, which is led by Felix … Read more

JTAG-Based Memory Acquisition Framework

Multicolored cables connect small electronic boxes

Hello everyone. My name is Muhammad Haris Rais. I am a PhD student at SAFE lab – Security And Forensics Engineering lab at Virginia Commonwealth University.  The lab is led by Dr. Irfan Ahmed and is mostly focused around industrial … Read more

Is More Efficient, Accessible Memory Forensics Possible?

Christa: Memory forensics is a mainstay of incident response. Its relevance and necessity only growing with time, as encryption technology has become more integrated, especially in consumer devices. Yet memory forensics is neither intuitive nor simple.

Looking to change … Read more

Seance: Forensic Divination

Hi everybody, my name is Ryan Maggio. I am a recent graduate from the Louisiana State University and today I’m going to be presenting a project called Seance that was worked on by myself, Andrew Case, Aisha Ali-Gombe and Golden … Read more

Duck Hunt: Memory Forensics of USB Attack Platforms

Matthew: Welcome to our presentation. I’m Matthew Piscitelli.

Tyler: And I’m Tyler Thomas.

Matthew: And we performed memory forensics on USB attack platforms. This work was supported by National Science Foundation Grant number 1921813. We looked at two USB … Read more

How To Use AXIOM In Malware Investigations: Part I

Hey everyone, Tara Nelson here with Magnet Forensics. Today I’m going to give a little bit of insight into how AXIOM can help with some of your day-to-day investigations.

In part one of the segment we’re going to talk a … Read more

Memory Dump Formats

by Chirath De Alwis

As in other storage devices, volatile memory also has several formats. According to the acquisition method that is in use, the captured file format can be vary. According to (Ligh et al, 2018) the most commonly … Read more

Linux Memory Forensics: Dissecting the User Space Process Heap

by Frank Block and Andreas Dewald

Abstract

The analysis of memory during a forensic investigation is often an important step to reconstruct events. While prior work in this field has mostly concentrated on information residing in the kernel space (process … Read more

Share to...