[ecoop-info] CFP: Systematic Approaches to Digital Forensic Engineering (SADFE)
Rob Erbacher
erbacher at cs.albany.edu
Fri Dec 24 22:18:35 CET 2010
Call for Papers
IEEE/SADFE-2011 Sixth International Workshop on
Systematic Approaches to Digital Forensic Engineering
In conjunction with IEEE Security and Privacy Symposium, Oakland, CA, USA,
May 26, 2011
**********************************************************************
Paper submissions due: February 18, 2011
http://conf.ncku.edu.tw/sadfe/sadfe11/
Papers will be published in the IEEE digital library
**********************************************************************
The SADFE (Systematic Approaches to Digital Forensic Engineering)
International Workshop promotes systematic approaches to cyber crime
investigations, by furthering the advancement of digital forensic
engineering as a disciplined science and practice.
Today's digital artifacts permeate our lives and are part of every crime
and every case of digital discovery. The field of digital forensics faces
many challenges, including scale, scope and presentation of highly
technical information in legal venues to nontechnical audiences. Digital
evidence may be extant for only nanoseconds or for years; they may consist
of a single modified bit, or huge volumes of data; they may be found
locally or spread globally throughout a complex digital infrastructure on
public or private systems.
Following the success of previous SADFE workshops, cyber crime
investigations and digital forensics tools will continue to be the key
topics of the meeting. We also welcome a broader range of digital
forensics papers that do not necessarily involve either crime or digital
forensics tools. General attack analysis, the insider threat, insurance
and compliance investigations, similar forms of retrospective analysis,
and digital discovery are all viable topics.
Past speakers and attendees of SADFE have included computer and
information scientists, social scientists, digital forensic practitioners,
IT professionals, law enforcement, lawyers, and judges. The synthesis of
science with practice and the law with technology form the foundation of
this conference.
Workshop Topics
SADFE addresses the gap between today's practice and the establishment of
digital forensics as a science. To advance the field, SADFE-2011 solicits
broad-based, innovative approaches to digital forensic engineering in the
following four areas:
Digital Data and Evidence Management: advanced digital evidence discovery,
collection, and storage
* Identification, authentication and collection of digital
evidence
* Post-collection handling of evidence and the preservation of
data integrity and admissibility
* Evidence preservation, archiving and storage
* Forensic ready and compliance ready architectures and processes,
including network processes
* Managing geographically, politically and/or jurisdictionally
dispersed data artifacts
* Data and web mining systems for identification and
authentication of relevant data
* Botnet forensics
Scientific Principle-based Digital Forensic Processes: systematic
engineering processes supporting digital evidence management that is sound
on scientific, technical and legal grounds
* Legal and technical aspects of admissibility and evidence tests
* Examination environments for digital data
* Courtroom expert witness and case presentation
* Case studies illustrating privacy, legal and legislative issues
* Forensic tool validation: legal implications and issues
* Legal and privacy implications for digital and computational
forensic analysis
* Handling increasing volumes of digital discovery
Digital Evidence Analytics: advanced digital evidence analysis,
correlation, and presentation
* Advanced search, analysis, and presentation of digital evidence
* Cyber crime scenario analysis and reconstruction technologies
* Legal case construction & digital evidence support
* Cyber-crime strategy analysis & modeling
* Combining digital and non-digital evidence
* Supporting qualitative or statistical evidence
* Computational systems and computational forensic analysis
* Digital evidence in the face of encryption
Forensic-support technologies: forensic-enabled and proactive
monitoring/response
* Forensics of embedded or non-traditional devices (e.g. digicams,
cell phones, SCADA)
* Innovative forensic engineering tools and applications
* Proactive forensic-enabled support for incident response
* Forensic tool validation: methodologies and principles
* Legal and technical collaboration
* Digital forensics surveillance technology and procedures
* "Honeypot" and other target systems for data collection and
monitoring
* Quantitative attack impact assessment
Best Paper, Best Student Paper, and Best Poster Awards
To honor the outstanding work in digital forensics, the SADFE will provide
awards for the highest overall quality papers and posters from the
accepted program, as measured by scientific contribution, depth, and
impact. A student must be the first author to be eligible for the best
student paper award.
Instructions for Paper, Panel, and Poster Submissions
The SADFE-2011 Program Committee invites three types of submissions:
Full papers, Visionary/Opinion papers, and "Work-in-Progress" short papers
Full papers present mature research results. Papers accepted for
presentation at the Workshop will be included in the SADFE-2011
proceedings, which will be included in the IEEE Digital Library. Each full
paper submission can have 8 pages plus up to 2 over-length pages and
should follow the IEEE 8.5" x 11" Two-Column Format. Papers must include
an abstract and a list of keywords, and clearly indicate the corresponding
author. More specific requirements about the format can be found at:
http://www.ieee.org/publications_standards/publications/authors/authors_journals.html.
As a new call this year, we are soliciting a visionary paper or two, or a
panel that looks at where the discipline currently stands (Similar to the
SP main conference's Call for SoK papers). The goal is to encourage work
that provide useful and insightful perspectives on major DF research
areas, support or challenge long-held beliefs or DF principles with
compelling evidence, or provide an extensive and realistic evaluation of
competing approaches to solving specific problems. Such papers can offer a
high value to our community but would otherwise not be accepted because
they lack novel research contributions.
The shorter "Work-in-Progress" papers should describe interesting
developing work or concepts in the field of digital forensic. These papers
should emphasize the nature of the problem they present, potential
solution and implications/impacts to the field, in such a way that it will
engender community discussion. A selection of these papers will be
presented at SADFE-2011 in a Work-in-Progress session. Work-in-Progress
papers should be 3-5 pages long. Work-in-Progress papers will be included
as an appendix in the SADFE proceedings. Authors may participate in only
one Work-in-Progress paper (in the case of multiple submissions, later
submissions will be deleted).
Posters
Describing work in progress and/or specific tools available without charge
to the research community (i.e., no vendor posters should be submitted).
Submissions must consist of a one-page abstract which will be posted
online on the SADFE website. Note that the SADFE will have a joint poster
session with the SP main conference. In addition, authors of the accepted
posters will have an opportunity to briefly introduce their work during
the break of SADFE workshop.
Paper Acceptance
Each paper submission will be reviewed by the SADFE-2011 Program Committee
members and/or some external reviewers. The selection process will be
based on review technical merits. Panel and posters decisions will be made
by the Program Chair with recommendations from the Program Committee and
Steering Committee.
Double Submissions, Uniqueness & Presentation
SADFE-2011 is intended to support discussion and publication of novel
results. To meet this goal, submissions must not substantially duplicate
work that any of the authors has published elsewhere. Work submitted in
parallel to any other conference or workshop with proceedings is
explicitly excluded from participation. If the work has been submitted
elsewhere in a venue, which does not include proceedings, the extent of
the replication and the nature of the other venue should be clearly
indicated in a cover letter submitted along with the paper.
For accepted Full Papers, Posters, and Work-in-Progress papers, it is
required that at least one of the authors attends the workshop to present
the paper. The presenting author must be registered by the date of the
camera-ready submission deadline. The deadline for Work-in-Progress and
Full papers is the same.
All submissions (papers & panel proposals) must be submitted
electronically, following the instructions to be provided on the website.
Papers must list all authors and their affiliations; in the case of
multiple authors, the contact author must be indicated.
Workshop Format
The SADFE workshop will consist of invited talks, paper presentations, and
panel discussions. Additionally, the poster authors will present at the
poster session in the SP main conference. All presentations, talks and
panel discussions will be made in English.
Important dates
Deadline for paper and panel proposal submissions: 02/18/2011
Notification of paper/panel decision: 04/15/2011
Deadline for final paper camera ready copy: 04/25/2011
Deadline for poster session abstracts: 04/15/2011
Notification of poster decision: 04/21/2011
IEEE/SADFE-2011 workshop date: 05/26, 2011
Steering Committee:
Deborah Frincke, Co-Chair (Pacific Northwest National Lab)
Ming-Yuh Huang, Co-Chair (Northwest Security Institute)
Michael Losavio (University of Louisville)
Alec Yasinsac (University of South Alabama)
Robert F. Erbacher (Northwest Security Institute)
Wenke Lee (George Institute of Technology)
Barbara Endicott-Popovsky (University of Washington)
More information about the ecoop-info
mailing list