SADFE 2005

SADFE 2005

First International Workshop
Systematic Approaches to Digital Forensic Engineering

November 7-9, 2005
Taipei, Taiwan

Preliminary Program

Day 1 (November 7, Monday) Tutorial





Phil Attfield
"Title: Real-Life Cyber Crime: Evidence Analysis, Scenario Re-Construction and Criminal Business Model Study"
Northwest Security Institute, Canada
Steve Schroeder
"Title: Real-Life Cyber Crime: Legal Case Construction, Analysis and Courtroom Proceedings"
Seattle University, USA

Rich Nolan
"Title: First Responders Guide to Computer Forensics "
Carnegie Mellon University CERT, USA
George Mohay
"Title: Filesystem and network acquisition and analysis tools"
Queensland University of Technology, Australia

Day 2 (November 8, Tuesday)


Keynote-I "United States v Gorshkov Detailed Forensics and Case Study; Expert Witness Perspective"
Phil Attfield, Northwest Security Institute, Canada

Session-1 Digital Forensic Engineering Process and Standards
Session Chair: Sudhir Aggarwal, USA

  • "A Software Engineering Modeling Approach to Computer Forensics
    Examination Planning"

    A. Chris Bogen, David A. Dampier (Mississippi State University, USA)
  • "Standardizing the Construction of a Digital Forensic Laboratory"
    Patrick S. Chen (Tatung University, Taiwan),
    Lawrence M. F. Tsai (Criminal Investigation Bureau, Taiwan),
    Ying-Chieh Chen (Chiao-Tung University, Taiwan),
    George Yee (National Research Council Canada, Taiwan)
  • "Digital Forensics: Exploring Validation, Verification & Certification"
    Tom Wilsdon, Dr. Jill Slay (University of South Australia, Australia)
  • "Establishment of Digital Evidence Standard Operating Procedure"
    Abe C. Lin (National Taiwan University of Science & Technology, Taiwan),
    I. L. Lin (Central Police University, Taiwan), T. H. Lan (Taipei Police Bureau, Taiwan), Tzong-Chen Wu (National Taiwan University of Science & Technology, Taiwan)


Keynote-II "How to be a Digital Forensic Expert Witness"
Steve Schroeder, Seattle University, USA
Session-2 Tools and Investigation Methodologies
Session Chair: JS Karl Li, ROC Taiwan

  • "The Use of Packet Inter-Arrival Times for Investigating Unsolicited Internet Traffic"
    Jacob Zimmermann, Andrew Clark, George Mohay, Fabien Pouget, (Queensland University of Technology, Australia), Marc Dacier (Institut Eurecom, France)
  • "SIMbrush: an open-source tool for GSM and UMTS forensics analysis"
    Fabio Casadei (Mercurio Wireless Solutions, Italy),
    Antonio Savoldi (University of Brescia DEA, Italy),
    Paolo Gubian (University of Brescia DEA, Italy)
  • "Comparative Survey of Local Honeypot Sensors to Assist Network
    P.T Chen, C.S Laih (National Cheng Kung University, Taiwan),
    F. Pouget, M. Dacier (Institut Eurecom, France)



16:10--17:00 Session-3 Evidence Analysis and Case Construction
Session Chair: Rich Nolan, USA
  • "Computer Forensics, Information Security and Law: A Case Study"
    A. Herath, S. Herath, Prasantha Samarasinghe, Susantha Herath
    (New Jersey and St. Cloud State University, USA)
  • "Legal Requirements for the Use of Keystroke Loggers"
    Charles W. Adams (Tulsa College University, USA)
18:30--20:30 Banquet
Day 3 (November 9, Wednesday)

09:00--09:40 Keynote-III "Incident Response Forensic Engineering Processes"
Rich Nolan, Carnegie Mellon University CERT, USA
09:40--10:30 Keynote-IV "Technical Challenges and Direction of Digital Forensics"
George Mohay, Queensland University of Technology, Australia
10:30--10:50 Break
10:50--11:40 Session-4 Legal Issues: Evidences, Cases and Prosecution
Session Chair: George Mohay, Australia
  • "Evidence Handling in Proactive Cyberstalking Investigations: The PAPA Approach"
    Sudhir Aggarwal, Peter Henry, Leo Kermes, Judie Mulholland
    (Florida State University, USA)
  • "The Law of Possession of Digital Objects: Dominion & Control Issues in Digital Forensics Investigations and Prosecutions"
    Michael Losavio (University of Louisville, USA)
Session-5 Cyber Investigation Systems

Session Chair: Dario Forte, Italy
  • "Digital Evidence Search Kit"
    K.P Chow, C.F. Chong, K.Y. Lai (CISC, University of Hong Kong)
  • "Anti-Cyberstalking: The Predator and Prey Alert (PAPA) System"
    Sudhir Aggarwall, Michael Burmester, Peter Henry, Leo Kermes, Judie Mulholland
    (Florida State University, USA)
  • "Challenges of Automating the Detection of Paedophile Activity on the Internet"
    Lyta Penna, Andrew Clark, George Mohay
    (Queensland University of Technology, Australia)
14:45--15:05 Break
15:05--16:45 Session-6 Integrity and Preservation of Data/Evidences
Session Chair: Mark Liao, ROC Taiwan
  • "A DCT Quantization-Based Image Authentication System for Digital Forensics"
    I-Chuan Chang, Bor-Wen Hsu and Chi Sung Laih (National Cheng Kung University, Taiwan)
  • "Digital evidence collection process in integrity and memory information gathering"
    Seokhee Lee, Hyungsang Kim, Sangjin Lee, Jongin Lim
    (Korea University, Korea)
  • "SecSyslog: an Approach to Secure Logging Based on Covert Channels"
    Dario V. Forte, Cristiano Maruti, Michele R. Vetturi, Michele Zambelli
    (Incident Response Italy project, Italy)
  • "Detecting Digital Tampering by Blur Estimation"
    Soo-Chang Pei, Dun-Yu Hsiao (National Taiwan University, Taiwan)
16:45 Adjourn

Call For Papers