lunes, 3 de septiembre de 2007

DRFWS 2007 - Presentaciones Disponibles

La DRFWS (Digital Forensic Research Workshop) es una prestigiosa conferencia en donde se presentan los últimos trabajos realizados por la comunidad forense.

Las presentaciones de este año ya se encuentran disponibles, y es importante destacar los trabajos realizados en el área de memoria volátil.

La DRFWS 2007 presento las siguientes sesiones:

SESSION 1: Physical Devices
  • Forensic Memory Analysis: From Stack and Code to Execution History.
  • BodySnatcher: Towards Reliable Volatile Memory Acquisition by Software.
  • The VAD Tree: A Process-Eye View of Physical Memory.

SESSION 2: Search Techniques
  • Multi-Resolution Similarity Hashing.
  • Digital Forensic Text String Searching: Improving Information Retrieval Effectiveness by Thematically Clustering Search Results.
  • Specifying Digital Forensics: A Forensics Policy Approach.

SESSION 3: Log Files
  • Introducing the Microsoft Vista Log File Format.
  • Automated Windows Event Log Forensics.
  • Analyzing Multiple Logs for Forensic Evidence.

SESSION 4: Tools
  • Capture - A Tool for Behavioral Analysis of Applications and Documents.
  • File Marshal: Automatic Extraction of Peer-to-Peer Data.
  • A Brief Study of Time.

SESSION 5: File Extraction / Carving
  • Massive Threading: Using GPUs to Increase the Performance of Digital Forensics Tools.
  • Carving Contiguous and Fragmented Files with Object Validation.

SESSION 6: Low Level Digital Evidence
  • An Efficient Technique for Enhancing Forensic Capabilities of Ext2 File System.
  • Issues with Imaging Drives Containing Faulty Sectors.
  • Forensic Data Recovery and Examination of Magnetic Swipe Card Cloning Devices.

No hay comentarios.: