|
The
IEEE/SADFE (Systematic Approaches to Digital Forensic Engineering)
International Workshop promotes systematic approaches to computer
investigations, by furthering the advancement of digital forensic
engineering as a disciplined practice.
Most previous SADFE papers have emphasized cyber crime
investigations, and this is still a key focus of the meeting.
However, we also welcome papers on forensics that do not
necessarily involve a crime: general attack analysis, insider
threat, insurance and compliance investigations, and similar forms of
retrospective analysis are all viable topics. Digital forensic
engineering is characterized by the application of scientific and
mathematical principles to the investigation and establishment of facts
or evidence, either for use within a court of law or to aid in
understanding past events on a computer system.
Past speakers and attendees of SADFE have included computer
scientists, social scientists, forensic practitioners, law enforcement,
lawyers, and judges. The synthesis of hard technology and science with
social science and practice forms the foundation of this conference.
Workshop
Topics
The field of
digital forensics faces many challenges, including scale, scope and
presentation or reintegration of primarily technical information and
conclusions into a non-technical societal framework.
Digital information now permeates cyber-crimes and cyber-enabled
crimes. It may be available for only nanoseconds or for
years; it
may involve only a single bit that has been modified, or huge volumes
of data that may be found locally or spread globally throughout a
variety of infrastructures. Correlating large amounts of digital
information, establishing relevance and reliability and authenticating
electronic evidence may be exceptionally difficult across
geographically dispersed public and proprietary platforms.
To advance the state of the art, SADFE-2009 solicits broad-based,
innovative digital forensic engineering technology, techno-legal and
practice-related submissions in the following four areas:
Digital
Data and Evidence Management: advanced
digital
evidence discovery, collection, and storage
- Identification, authentication
and collection of digital evidence
- Post-collection handling of
evidence and the preservation of data integrity
- Evidence preservation and
storage
- Forensic-enabled architectures
and processes, including network processes
- Managing geographically,
politically and/or jurisdictionally dispersed data
- Data and web mining systems for
identification and authentication of relevant data
Principle-based
Digital Forensic Processes: systematic engineering processes
supporting digital evidence management which are sound on scientific,
technical and legal grounds
- Legal and technical aspects of
admissibility and evidence tests
- Examination environments for
digital data
- Courtroom expert witness and
case presentation
- Case studies illustrating
privacy, legal and legislative issues
- Forensic tool validation: legal
implications and issues
- Legal and privacy implications
for digital and computational forensic analysis
Digital Evidence
Analytics: advanced digital evidence
analysis, correlation, and presentation
- Advanced search, analysis, and
presentation of digital evidence
- Progressive cyber crime
scenario analysis and reconstruction technology
- Legal case construction
& digital evidence support
- Cyber-crime strategy analysis
& modeling
- Combining digital and
non-digital evidence
- Supporting qualitative or
statistical evidence
- Computational systems and
computational forensic analysis
Forensic-support
technologies: forensic-enabled
and proactive monitoring/response
- Forensics of embedded or
non-traditional devices (e.g., digicams, cell phones, SCADA)
- Innovative forensic engineering
tools and applications
- Forensic-enabled support for
incident response
- Forensic tool validation:
methodologies and principles
- Legal and technical
collaboration
- Digital Forensics Surveillance
Technology and Procedures
- "Honeypot" and other target
systems for data collection and monitoring
Instructions for
Paper and Panel Submissions
The SADFE-2009
Program Committee invites three types of submissions:
Full papers
Full
papers present
mature research results. Papers accepted for presentation at the
Workshop will be included in the SADFE-2009 proceedings, which we
anticipate will be published by IEEE Press. Full papers should be 8-12
pages when formatted according to IEEE Computer Society 6x9, one column
guidelines. Papers
must
include an abstract and a list of keywords, and clearly indicate the
corresponding author.
"Work-in-Progress"
short papers
These
shorter papers
should describe interesting developing work or concept in the field of
digital forensic engineering. These papers should emphasize the nature
of the problem they present, potential solution and
implications/impacts to the field, in such a way that it will engender
community discussion. A selection of these papers will be presented at
SADFE-2009 in a Works-in-Progress session. Work-in-Progress papers
should be 3-5 pages long. Work-in-Progress papers will be included as
an appendix in the SADFE-2009 proceedings. Authors may participate in
only one Work-in-Progress paper (in the case of multiple submissions,
later submissions will be deleted).
Posters
Describing
work in progress and/or specific tools available without charge to the
research community (ie, no vendor posters should be submitted).
Submissions must consist of a one-page abstract. Posters will not be
included in the proceedings. There will be a session at the
workshop in which authors of selected posters will have individual
opportunities to briefly introduce their work during the meeting, and
will receive live feedback and questions on their work from members of
the program committee.
All submissions
(papers & panel proposals)
Each
paper submission will be reviewed by at least three SADFE-2009 Program
Committee members. The selection process will be based on review
technical merits. Panel and posters decisions will be made by Program
Chair with recommendations from Program Committee and Steering
Committee.
Double
Submissions, Uniqueness & Presentation
SADFE-2009
is intended to support discussion and publication of novel results. To
meet this goal, submissions must not substantially duplicate work that
any of the authors has published elsewhere. Work submitted in parallel
to any other conference or workshop with proceedings is explicitly
excluded from participation. If the work has been submitted elsewhere
in a venue that does not include proceedings, the extent of the
replication and the nature of the other venue should be clearly
indicated in a cover letter submitted along with the paper. Finally,
plagiarism has no place in the scholarly community, and will be dealt
with appropriately.
For accepted Full Papers, Posters,
and for the Work-in-Progress,
it is required that at least one of the authors attends the conference
to present the paper. The presenting author must be registered by the
date of the camera-ready submission. The
deadline for Work-in-Progress and Full papers is the same.
All
submissions (papers & panel proposals) must be submitted
electronically, following the instructions to be provided on
the
website. Papers must list all authors and their affiliations; in case
of multiple authors, the contact author must be indicated.
Workshop
Format
The SADFE
workshop will consist of invited talks, paper presentations and panel
discussions. All presentations, talks and panel discussions will be
made in English.
SADFE Steering
Committee
|
Deb Frincke,
co-chair
|
Pacific
Northwest National Lab
|
|
Ming-Yuh Huang, co-chair
|
The Boeing Company
|
|
Chi-Sung Laih
|
National Cheng Kung University
|
|
Michael Losavio
|
University of Louisville
|
|
Alec Yasinsac
|
Florida State University
|
IEEE/SADFE-2009
Organizing Committee
|
General Chair:
|
Rob Erbacher
|
Utah State
University
|
|
Program Committee
Co-Chairs:
|
Matt Bishop
|
UC Davis
|
|
Sean Peisert
|
UC Davis
|
| Publication Chair: |
Carrie Gates |
CA Labs |
| Publicity Chair,
North America: |
Marc Rogers |
Purdue University |
Publicity
Co-Chair, Asia:
|
Chi-Sung Laih |
National Cheng
Kung University |
| K P Chow |
University of Hong
Kong |
| Publicity
Co-Chair, Europe: |
Erland Jonsson |
Chalmers
University of Technology |
| Publicity
Co-Chair, Australia: |
Trish Williams |
Edith Cowan
University |
| Submission Chair: |
Adel Elmaghraby |
University of
Louisville |
| Sponsorship Chair: |
Alec Yasinsac |
University of
Southern Alabama |
| Website Host: |
Chi-Sung Laih |
National Cheng
Kung University |
IEEE/SADFE-2009
Program Committee
|
Becky
|
Bace
|
Infidel, Inc.
|
|
Matt
|
Bishop
|
University of
California, Davis
|
|
Brian
|
Carrier
|
Basis Corp.
|
|
Charisse
|
Castagnoli
|
John Marshal Law School
|
|
Hervé
|
Debar
|
France
Telecom R&D
|
|
Barbara
|
Endicott-Popovsky
|
University
of Washington
|
|
Deb
|
Frincke
|
Pacific
Northwest National Labs
|
|
Simson
|
Garfinkel
|
Naval
Postgraduate School
|
|
Carrie
|
Gates
|
CA
Labs
|
|
Brian
|
Hay
|
University
of Alaska, Fairbanks
|
|
Erin
|
Kenneally
|
University
of California, San Diego
|
|
Chi-Sung
|
Laih
|
National
Cheng Kung University
|
|
Michael
|
Losavio
|
University
of Louisville
|
|
Keith
|
Marzullo
|
University
of California, San Diego
|
|
Kara
|
Nance
|
University
of Alaska, Fairbanks
|
|
Sean
|
Peisert
|
University
of California, Davis
|
|
Mark
|
Pollitt
|
University
of Central Florida
|
|
Christian
|
Probst
|
Technical
University of Denmark
|
|
Clay
|
Shields
|
Georgetown
University
|
|
Abe
|
Singer
|
California
Institute of Technology
|
|
Fred
|
Chris
Smith
|
Former
Assistant U.S. Attorney
|
|
Tye
|
Stallard
|
University
of California, Davis
|
|
Bill
|
Tafoya
|
University
of New Haven
|
|
Carol
|
Taylor
|
Eastern
Washington University
|
|
Wietse
|
Venema
|
IBM
T.J. Watson Research Center
|
|
Giovanni
|
Vigna
|
University
of California, Santa Barbara
|
|
Avishai
|
Wool
|
Tel
Aviv University
|
|
