Preliminary CFP
CFP: Systematic Approaches to Digital Forensic Engineering
SADFE-2009: Fourth International Workshop on Systematic Approaches to
Digital Forensic Engineering
http://conf.ncku.edu.tw/sadfe/sadfe09/
May 21, 2009, Oakland, CA, USA
The SADFE (Systematic Approaches to Digital Forensic Engineering)
International Workshop promotes systematic approaches to computer
investigations, by furthering the advancement of digital forensic
engineering as a disciplined practice.
Most previous SADFE papers have emphasized cyber crime investigations,
and this is still a key focus of the meeting. However, we also welcome
papers on forensics that do not necessarily involve a crime:
general attack analysis, insider threat, insurance and compliance
investigations, and similar forms of retrospective analysis are all
viable topics. Digital forensic engineering is characterized by the
application of scientific and mathematical principles to the
investigation and establishment of facts or evidence, either for use
within a court of law or to aid in understanding past events on a
computer system.
Past speakers and attendees of SADFE have included computer scientists,
social scientists, forensic practitioners, law enforcement, lawyers, and
judges. The synthesis of hard technology and science with social science
and practice forms the foundation of this conference.
Workshop Topics
The field of digital forensics faces many challenges, including scale,
scope and presentation or reintegration of primarily technical
information and conclusions into a non-technical societal framework.
Digital information now permeates cyber-crimes and cyber-enabled
crimes. It may be available for only nanoseconds or for years; it may
involve only a single bit that has been modified, or huge volumes of
data that may be found locally or spread globally throughout a variety
of infrastructures. Correlating large amounts of digital information,
establishing relevance and reliability and authenticating electronic
evidence may be exceptionally difficult across geographically
dispersed public and proprietary platforms.
To advance the state of the art, SADFE-2009 solicits broad-based,
innovative digital forensic engineering technology, techno-legal and
practice-related submissions in the following four areas:
Digital Data and Evidence Management: advanced digital evidence
discovery, collection, and storage
* Identification, authentication and collection of digital evidence
* Post-collection handling of evidence and the preservation of data integrity
* Evidence preservation and storage
* Forensic-enabled architectures and processes, including network processes
* Managing geographically, politically and/or jurisdictionally dispersed data
* Data and web mining systems for identification and authentication of
relevant data
Principle-based Digital Forensic Processes: systematic engineering
processes supporting digital evidence management which are sound on
scientific, technical and legal grounds
* Legal and technical aspects of admissibility and evidence tests
* Examination environments for digital data
* Courtroom expert witness and case presentation
* Case studies illustrating privacy, legal and legislative issues
* Forensic tool validation: legal implications and issues
* Legal and privacy implications for digital and computational
forensic analysis
Digital Evidence Analytics: advanced digital evidence analysis, correlation,
and presentation
* Advanced search, analysis, and presentation of digital evidence
* Progressive cyber crime scenario analysis and reconstruction technology
* Legal case construction & digital evidence support
* Cyber-crime strategy analysis & modeling
* Combining digital and non-digital evidence
* Supporting qualitative or statistical evidence
* Computational systems and computational forensic analysis
Forensic-support technologies: forensic-enabled and proactive
monitoring/response
* Forensics of embedded or non-traditional devices (e.g. digicams,
cell phones, SCADA)
* Innovative forensic engineering tools and applications
* Forensic-enabled support for incident response
* Forensic tool validation: methodologies and principles
* Legal and technical collaboration
* Digital Forensics Surveillance Technology and Procedures
* "Honeypot" and other target systems for data collection and monitoring
Instructions for Paper and Panel Submissions
The SADFE-2009 Program Committee invites three types of submissions:
Full papers
Submission deadline: January 17, 2009
Full papers present mature research results. Papers accepted for
presentation at the Workshop will be included in the SADFE-2009
proceedings, which we anticipate will be published by IEEE Press. Full
papers should be 8-12 pages when formatted according to IEEE
guidelines. Papers must include an abstract and a list of keywords,
and clearly indicate the corresponding author.
"Work-in-Progress" short papers
These shorter papers should describe interesting developing work or
concept in the field of digital forensic engineering. These papers
should emphasize the nature of the problem they present, potential
solution and implications/impacts to the field, in such a way that it
will engender community discussion. A selection of these papers will
be presented at SADFE-2009 in a Works-in-Progress
session. Work-in-Progress papers should be 3-5 pages
long. Work-in-Progress papers will be included as an appendix in the
SADFE-2009 proceedings. Authors may participate in only one
Work-in-Progress paper (in the case of multiple submissions, later
submissions will be deleted).
Posters
Describing work in progress and/or specific tools available without
charge to the research community (ie, no vendor posters should be
submitted). Submissions must consist of a one-page abstract. Posters
will not be included in the proceedings. Authors of selected posters
will have an opportunity to briefly introduce their work during the
meeting.
Each paper submission will be reviewed by at least three SADFE-2009
Program Committee members. The selection process will be based on
review technical merits. Panel and posters decisions will be made by
Program Chair with recommendations from Program Committee and Steering
Committee.
Double Submissions, Uniqueness & Presentation
SADFE-2009 is intended to support discussion and publication of novel
results. To meet this goal, submissions must not substantially
duplicate work that any of the authors has published elsewhere. Work
submitted in parallel to any other conference or workshop with
proceedings is explicitly excluded from participation. If the work has
been submitted elsewhere in a venue that does not include proceedings,
the extent of the replication and the nature of the other venue should
be clearly indicated in a cover letter submitted along with the
paper. Finally, plagiarism has no place in the scholarly community and
the program committee reserves the right to notify employers and/or
others of any confirmed cases of plagiarism.
For accepted Full Papers, Posters, and for the Work-in-Progress, it is
required that at least one of the authors attends the conference to
present the paper. The presenting author must be registered by the
date of the camera-ready submission. The deadline for Work-in-Progress
and Full papers is the same.
All submissions (papers & panel proposals) must be submitted
electronically, following the instructions to be provided on the
website. Papers must list all authors and their affiliations; in case
of multiple authors, the contact author must be indicated
Workshop Format
The SADFE workshop will consist of invited talks, paper presentations
and panel discussions. All presentations, talks and panel discussions
will be made in English.
Organizing Comittee:
General Chair: Rob Erbacher (Utah State University)
Program Committee Co-Chairs: Matt Bishop (UC Davis) and
Sean Peisert (UC Davis)
Program Committee:
Becky Bace Infidel, Inc.
Matt Bishop University of California, Davis
Brian Carrier Basis Corp.
Charisse Castagnoli Independent Consultant
Peter Chen University of Michigan
Herve Debar France Telecom R&D
Barbara Endicott-Popovsky University of Washington
Deb Frincke Pacific Northwest National Labs
Simson Garfinkel Naval Postgraduate School
Carrie Gates CA Labs
Brian Hay University of Alaska, Fairbanks
Erin Kenneally University of California, San Diego
Chi Sung Laih National Cheng Kung University
Michael Losavio University of Louisville
Keith Marzullo University of California, San Diego
Kara Nance University of Alaska, Fairbanks
Sean Peisert University of California, Davis
Mark Pollitt University of Central Florida
Christian Probst Technical University of Denmark
Clay Shields Georgetown University
Abe Singer California Institute of Technology
Fred Chris Smith Former Assistant U.S. Attorney
Tye Stallard University of California, Davis
Bill Tafoya University of New Haven
Wietse Venema IBM T.J. Watson Research Center
Giovanni Vigna University of California, Santa Barbara
Avishai Wool Tel Aviv University