La DRFWS (Digital Forensic Research Workshop) es una prestigiosa conferencia en donde se presentan los últimos trabajos realizados por la comunidad forense.Las presentaciones de este año ya se encuentran disponibles, y es importante destacar los trabajos realizados en el área de memoria volátil.
La DRFWS 2007 presento las siguientes sesiones:
SESSION 1: Physical Devices
- Forensic Memory Analysis: From Stack and Code to Execution History.
- BodySnatcher: Towards Reliable Volatile Memory Acquisition by Software.
- The VAD Tree: A Process-Eye View of Physical Memory.
SESSION 2: Search Techniques
- Multi-Resolution Similarity Hashing.
- Digital Forensic Text String Searching: Improving Information Retrieval Effectiveness by Thematically Clustering Search Results.
- Specifying Digital Forensics: A Forensics Policy Approach.
SESSION 3: Log Files
- Introducing the Microsoft Vista Log File Format.
- Automated Windows Event Log Forensics.
- Analyzing Multiple Logs for Forensic Evidence.
SESSION 4: Tools
- Capture - A Tool for Behavioral Analysis of Applications and Documents.
- File Marshal: Automatic Extraction of Peer-to-Peer Data.
- A Brief Study of Time.
SESSION 5: File Extraction / Carving
- Massive Threading: Using GPUs to Increase the Performance of Digital Forensics Tools.
- Carving Contiguous and Fragmented Files with Object Validation.
SESSION 6: Low Level Digital Evidence
- An Efficient Technique for Enhancing Forensic Capabilities of Ext2 File System.
- Issues with Imaging Drives Containing Faulty Sectors.
- Forensic Data Recovery and Examination of Magnetic Swipe Card Cloning Devices.
No hay comentarios.:
Publicar un comentario