Jimmy: Hello, and welcome to the basics of forensic video recovery and Magnet DVR Examiner. My name is Jimmy Schroering, and weโre today going to be looking at how traditional video recovery works and some of the challenges associated … Read more
Webinars
Magnet AUTOMATE Enterprise and How It Can Streamline Workflow for the Corporate World
Trey: Hey everyone. Thanks for tuning in today to the Magnet Summit 2022. Todayโฆmy name is Trey Amick and with me I have Tim McAnnany from Qualcomm. Thanks for joining in today, Tim, and doing this with us. But … Read more
Digital Evidence Review and Collaboration: A Roundtable Discussion
Kim Bradley: Welcome to this panel discussion on digital evidence review and collaboration. I’m Kim Bradley and with me today is Jessica Hyde, John Pizzurro, and Joshua James. Thank you all for being here.
Jessica, John, and Joshua: … Read more
Preparing for Court Testimony: What Happens When You Press That Button?
Heather Mahalik:ย Hello, everyone. Welcome to Preparing for Court Testimony. This is a product that we worked on at Cellebrite; and Paul, Ian, and myself are here to share some hints and tips and best practices with you on … Read more
Enhancing Digital Investigations With Cloud-Based Evidence
Matt: Hello everyone. My name is Matt Melton. I am a business development manager on our justice and public safety team at Amazon Web Services, or AWS, also known as the Amazon cloud. We’re gonna talk today about something … Read more
BlockQuery: Toward Forensically Sound Cryptocurrency Investigation
Tiffanie: Hi, my name is Tiffanie Edwards, and I’m gonna be presenting the paper โBlockQuery: Toward Forensically Sound Cryptocurrency Investigationโ.
So this is a little bit of background on the authors of this paper. Tyler Thomas is a primary … Read more
A Live Digital Forensics Approach for Quantum Mechanical Computers
Dayton Closser: Well, good evening, everyone. Thank you very much for coming to this speech today. It’s great to be back after the COVID pandemic. It’s great to see everyone in person. I’ve immensely enjoyed speaking with all of … Read more
Identifying Document Similarity Using a fast Estimation of the Levenshtein Distance
Frank: Warm welcome also from my side. This is a presentation or some work that I did together with Peter. He reached out to me. He is in the States and he reached out and said, โhey, I saw … Read more
DFIR Digital Transformation
Stephen Boyce: Welcome to the Magnet Virtual Summit 2022. We missed you in Nashville, but we’re glad that you’re here virtually. Today, I’ll be talking about the digital forensic and incident response digital transformation. Many of you in your … Read more
Prudent Design Principles for Digital Tampering Experiments
Mark: Okay. Good afternoon. Welcome to the next full paper session. We have three papers for you in this session on forensic methods. So, Janine will start shortly with a paper on evidence tampering, we have a paper on … Read more
Knock, Knock, Log: Threat Analysis, Detection & Mitigation of Covert Channels in Syslog Using Port Scans as Cover
In this paper, Kevin Lamshรถft describes how researchers performed a threat analysis for a covert Command and Control (C2) channel using port scans as cover and syslog as carrier for data infiltration.
Session Chair: So, Kevin is presenting Knock, … Read more
Distant Traces and Their Use in Crime Scene Investigation
Starting with a physical crime scene โ a fire โ Manon Fischer describes how IoT devices such as โsmartโ plugs and thermostats store โdistant tracesโ remotely, and could be used to help reconstruct a fireโs origin, cause, and timeline.
Session … Read more
The Wisdom of the Heap: Mesh It up by Weaving Data Structures
In this short presentation, Trufflepig Forensicsโ Aaron Hartel and Christian Mรผller present some early stage research about the volatility of data in memory as data structures change version to version.
Session Chair: We’re now going over to memory forensics … Read more
Toward Graph-Based Network Traffic Analysis and Incident Investigation
At DFRWS-EU 2022, Milan Cermak describes the need to create data associations for use during network traffic analysis and incident investigation. The focus is on robust graph data visualization of the kind thatโs commonly used in criminal investigation, allowing analysts … Read more
Memory Forensic Analysis of a Programmable Logic Controller in Industrial Control Systems
Winner of the Best Student Paper Award at DFRWS-EU 2022! Muhammad Haris Rais describes a step-wise approach to analyze the memory of specific PLCs, and subsequently find a generic framework applicable to all PLCs. By following a methodology that focused … Read more
PEM: Remote Forensic Acquisition of PLC Memory in Industrial Control Systems
Winner of the Best Paper Award at DFRWS-EU 2022, Nauman Zubair proposes a new memory acquisition framework to remotely acquire a programmable logic controller (PLC)โs volatile memory while the PLC is controlling a physical process.
Session Chair: Welcome Nauman, … Read more