||Registration and Breakfast
Moderator: Brian Levine
- Howard Cox, Department of Justice Computer Crime and Intellectual Property Section
- Rich Cummings, HB Gary
- Bill Eber, Defense Cyber Crime Institute
- James Fottrell, Department of Justice, Criminal Division - Child Exploitation and Obscenity Section
||Views and Future Directions
Session Chair: David Dampier
- Fred Cohen, Fred Cohen & Associates, "Digital Forensics - the state of the
science - and where to go from here"
- Michael Losavio, Deborah Keeling and Adel Elmaghraby, University of Louisville, "Changing the Game - Mapping
Criminal Justice Models for Cyber Security, Digital Forensics & Information
- Barbara Endicott-Popovsky, University of Washington Information School,
"Digital Records Forensics: A New Science and Academic Program for Forensic Readiness"
Session Chair: Yong Guan
- Nicole Beebe,The University of Texas at San Antonio, "A Call for More Analytically Advanced String Search Approaches in Digital Forensics"
- Jon Stewart, Lighbox Technologies, "Lightgrep: multipattern grep for forensics"
- Gilbert Peterson, Air Force Institute of Technology, "Automating the Data to Information Process"
(Frank) Wang, George Mason University, "Toward On-the-Spot Live Computer Forensics"
||New Forensics Sources
Session Chair: Florian Buchholz
- AAron Walters, Volatile Systems LLC, "Memory Forensics
Research and Revolution: Innovating in a Volatile World"
- Brian Hay, University of Alaska
Fairbanks , "Virtual Machine Introspection for Digital
- Xinwen Fu, University of Massachusetts Lowell, "Wireless
Crime Scene Investigation"
||Identifying Malicious Network Users
Session Chair: Xinwen Fu
- Wei Yu, Towson Univeristy, "Tracing Anonymous Criminals over
- Kevin Butler, University of
Oregon, "Challenges and Alternatives to Solving the Host Identification
- Matt Wright, University of Texas at Arlington, "Evading
Stepping-Stone Detection Under the Cloak of Streaming Media with
Amit Yoran Chief Executive Officer of Netwitness
Amit Yoran has been serving as CEO of NetWitness since November of 2006. Prior
to NetWitness, he was appointed as Director of the US-CERT and National Cyber
Security Division of the Department of Homeland Security, and as CEO and
advisor to In-Q-Tel, the venture capital arm of the CIA. Formerly Mr. Yoran
served as the Vice President of Worldwide Managed Security Services at the
Symantec Corporation. Mr. Yoran was the co-founder of Riptech, a market
leading IT security company, and served as its CEO until the company was
acquired by Symantec in 2002. He served as an officer in the United States Air
Force in the Department of Defense's Computer Emergency Response
Team. Mr. Yoran serves as a commissioner on the CSIS Commission on Cyber
Security for the 44th Presidency and numerous other industry advisory
||Dinner at Farmers and Fishers
||Modeling and Testing
Session Chair: Brian Hay
- David Dampier,
Mississippi State University, "A Need for Models in Digital
- Florian Buchholz, James Madison University, "Error rates
for timestamp forensic analysis"
- James Lyle, NIST, "Forensic Tool Testing
||Media and File Analysis
Session Chair: Gilbert Peterson
- Vassil Roussev , University of New Orleans, "The forensics of
JPEG quantization tables - a second look"
Vidas, Carnegie Mellon University, "Revisiting Optical Media Data
- Eoghan Casey, cmdLabs/Johns Hopkins University, "Network Forensics and
Intrusion Investigation: Tips, Limitations and Future Needs"
Session Chair: Michael Losavio
- Sven Dietrich, Stevens Institute of Technology,
"Encrypted Command & Control: challenges for forensics"
- Marc Libertore, University of Massachusetts, "Challenges
in Peer-to-Peer Network Investigations"
- Kulesh Shanmugasundaram, New York University ,"Network Analytics for Incident Response and Forensics"
||Funding Representative Panel
Moderated by Cliff Wang
- Greg Alexander (OSD)
- Becky Bace (Infidel, Inc.)
- Cliff Wang (ARO)
- Sam Weber (NSF)