dfrws Goto Github PK

dfrws-workshops

dfrws2005-challenge

MEMORY ANALYSIS was one of the primary themes of DFRWS 2005. In an effort to motivate discourse, research and tool development in this area, the Organizing Committee created the intrusion/intellectual property theft scenario detailed below. This memory challenge was open to all, and team efforts were encouraged.

dfrws2006-challenge

The results of existing file carving tools typically contain many false positives. An investigator must test each of the extracted files by opening them in an application that supports the file type. The goal of the DFRWS 2006 Forensics Challenge was to design and develop file carving algorithms that identify more files and reduce the number of false positives.

dfrws2007-challenge

The DFRWS 2007 Challenge is about data carving, which is a file recovery technique that is frequently used during digital investigations. Files are "carved" from the unallocated space using file type-specific information, such as footers, headers, and internal structures. The results of existing file carving tools typically contain many false positives. An investigator must test each of the extracted files by opening them in an application that supports the file type. The goal of the DFRWS 2007 Challenge was to design and develop file carving algorithms that identify more files and reduce the number of false positives.

dfrws2008-challenge

Details and results of the DFRWS 2008 Challenge

dfrws2009-challenge

The DFRWS 2009 Challenge focused on the development of tools and techniques for analyzing Playstation 3’s (PS3s). The Playstation 3 is a powerful, Cell processor-based system that can run both its native OS (which has significant DRM features that also thwart forensic investigation) and modern versions of Linux. This challenge focused on the Linux and network aspects of PS3s, and did not touch the DRM protected data. The challenge scenario required analysis of a physical memory dump, filesystem images, and network traces involving 2 PS3’s and a Playstation Portable (PSP).

dfrws2010-challenge

The DFRWS2010 Challenge Results Challenge offered a chance to perform forensic analysis of memory dumps from a Sony Ericsson mobile device. This challenge was designed to be accessible to a wide audience, combined accessible forensic analysis tasks with some harder problems. We were pleased that the submissions this year came from not just researchers and developers, but also practitioners in the community. Some aspects of the challenge could not be completed using existing tools and new techniques had to be developed. However, many of the questions could be answered without developing new approaches.

dfrws2011-challenge

Given the variety and impending ubiquity of Android devices along with the wide range of crimes that can involve these systems as a source of evidence, the DFRWS has created two scenarios for the forensics challenge in 2011. The data included flash-memory storage of two Android mobile devices for reconstruction and analysis of evidence.

dfrws2012-2013-challenge

2012 and 2013 challenges aimed to raise the state of the art in digital forensic practice by providing an open public venue for a best-of-breed competition. We challenge competitors to develop the fastest and most accurate data block classifier.

dfrws2015-challenge

Scenario, materials, and results from the 2015 DFRWS Forensics Challenge

dfrws2016-challenge

The 2016 DFRWS Forensic Challenge seeks to advance the state-of-the-art in SDN forensics by focusing the community's attention on this emerging domain.

dfrws2017-challenge

The DFRWS 2017 challenge (extended into 2018) is about Internet of Things (IoT), defined generally to include network and Internet connected devices usually for the purpose of monitoring and automation tasks. Consumer-grade “Smart” devices are increasing in popularity and scope. These devices and the data they collect are potentially interesting for digital investigations, but also come with a number of new investigation challenges.

dfrws2018-challenge

The DFRWS 2018 challenge (extended into 2019) is the second in a series of challenges dealing with Internet of Things (IoT). IoT is defined generally to include network and Internet connected devices usually for the purpose of monitoring and automation tasks. Consumer-grade “Smart” devices are increasing in popularity and scope. These devices and the data they collect are potentially interesting for digital investigations, but also come with a number of new investigation challenges.

dfrws2019-eu-workshops

dfrws2020-eu-workshops-case

Making the CASE for Cyber-investigation Interoperability

dfrws2020-eu-workshops-em

dfrws2020-eu-workshops-frida

dfrws2023-challenge

The DFRWS 2023 challenge (The Troubled Elevator) takes a deep dive into the domain of Industrial Control Systems (ICS), specifically focusing on programmable logic controllers (PLC). This challenge aims to provide deeper insights into ICS network traffic analysis and device memory in a real-world scenario.

papers

Papers and Presentations from the DFRWS Conferences