[AISWorld] June 10-12: 8th Annual ADFSL Conference on Digital Forensics, Security and Law

Glenn S. Dardick gdardick at dardick.net
Tue May 14 17:30:41 EDT 2013 

ANNOUNCEMENT: Conference on Digital Forensics, Security and Law


[Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: adfslgraphic.jpg]


Venue: Richmond, Virginia USA

Dates: 10-12 June 2013

Conference Website:
http://www.digitalforensics-conference.org




Dear colleagues:



The ADFSL 2013 Conference on Digital Forensics, Security and Law will be held on June 10-12, 2013.



The ADFSL Conference on Digital Forensics, Security and Law is a unique and innovative event.  It is managed by the Association of Digital Forensics, Security and Law (ADFSL). The conference focuses on the current and expanding role of digital forensics within investigations and the courts as well as its important role within cyber security - both national as well as corporate. Topics not only include technology and evidence, but also are very much focused on how to prepare students for careers in digital forensics. Conference papers are double blind refereed and provide a forum for high quality research, communication and debate on the subject of digital forensics and directly related fields.



2013 KEYNOTE SPEAKERS



MONDAY KEYNOTE SPEAKER: Craig Valli



Craig Valli is the Director of ECU Security Research Institute. He has over 20 years' experience in the IT industry and consults to industry on network security and digital forensics issues. His main consultancy focus is on securing networks and critical infrastructures, detection of network borne threats and forensic analysis of cyber security incidents. He is the Congress Chair for the annual secau Security Congress. Craig is also the Editor of Journal of Network Forensics and Co-Editor of the Journal of Information Warfare. He has over 60 publications to his name on security related topics.



TUESDAY KEYNOTE SPEAKER: Jake Kouns



Jake Kouns is the Director of Cyber Security and Technology Risks Underwriting for Markel Corporation. In this unique role, Mr. Kouns is responsible for strategy and oversight of the Enterprise Information Security Program for the company as well as the management of Cyber Liability insurance products. In his role as product line leader, he has broad responsible for all aspects of the products including the development of underwriting guidelines, pricing, risk analysis, claims oversight, training & marketing initiatives as well as risk management services for policy holders.



In addition, Jake is the co-founder, CEO, and CFO of the Open Security Foundation, a non-profit organization that oversees the operations of the Open Source Vulnerability Database (OSVDB.org), DataLossDB.org, Cloutage.org and SECore.info. All projects are independent and open web-based databases that provide detailed and unbiased technical information on security vulnerabilities, cloud security, security conferences and data loss incidents world-wide. Mr. Kouns has presented at many well-known security conferences including RSA, DEF CON, CISO Executive Summit, EntNet IEEE GlobeCom, CanSecWest, SOURCE and SyScan. He is the co-author of the book Security in an IPv6 Environment, Francis and Taylor, 2009, Information Technology Risk Management in Enterprise Environments, Wiley, 2010 and The Chief Information Security Officer, IT Governance, 2011. He holds both a Bachelor of Business Administration and a Master of Business Administration with a concentration in Information Security from James Madison University. In addition, he holds a number of certifications including ISC2's CISSP, and ISACA's CISM, CISA and CGEIT.



TUESDAY SPECIAL INVITED SPEAKER: Dan Ryan



Daniel J. Ryan is a lawyer in private practice, a businessman providing analyses of policy issues significant to national security, and an educator teaching cyberlaw and information security as a Senior Fellow at the National Defense University and as an adjunct professor for George Washington University. Prior to returning to the private sector in 2012, he served for eight years as a Professor at the National Defense University, teaching cyberlaw, information security, information assurance, cryptography, network security and computer forensics. Prior to joining NDU, he was a lawyer in private practice.



Earlier he served as Corporate Vice President of Science Applications International Corporation with responsibility for information security for Government customers and commercial clients who operate worldwide and must create, store, process and communicate sensitive information and engage in electronic commerce. While at SAIC, he developed and provided security products and services for use in assessing security capabilities and limitations of client systems and networks, designing or re-engineering client systems and networks to ensure security, enhancing protection through a balanced mix of security technologies, detecting intrusions or abuses, and reacting effectively to attacks to prevent or limit damage.



Prior to joining SAIC, Mr. Ryan served as Executive Assistant to the Director of Central Intelligence. Before that, he was Director of Information Systems Security for the Office of the Secretary of Defense serving as the principal technical advisor for all aspects of information security. He developed information security policy for the Department of Defense and managed the creation, operation and maintenance of secure computers, systems and networks. His specific areas of responsibility spanned information systems security (INFOSEC), including classification management, communications security (COMSEC) and cryptology, computer security (COMPUSEC) and transmission security (TRANSEC), as well as TEMPEST, technical security countermeasures (TSCM), operational security (OPSEC), port security, overflight security and counterimagery.



2013 WORKSHOPS and PANELS



Workshop & Panel: Examining the Forensic Expert: an ADFSL Panel

In today's litigation climate, battles are often waged between experts throughout all phases of litigation. Forensic quality evidence is the primary deliverable from expert witnesses who are generally retained by litigants. This panel specifically explores the often daunting dynamics of cyberforensic expert testimony given in pre-trial depositions, as expert witness testimony at trial, and before various other tribunals. The panel will deploy role play to explore a range of issues confronting expert witnesses and special masters to illustrate how they approach negotiating engagement letters, performing expert forensic work, complying with forensic standards of professional conduct, establishing their own credibility on the witness stand, and "holding up" under intense cross-examination by opposing counsel. The panelists will play roles of judge, sponsoring legal counsel, opposing counsel and expert cyberforensic witnesses. The audience is invited to participate as mock jurors who can "debrief" during Q&A to confirm the impact of particular behaviors of cyberforensic experts on the witness stand.



Workshop & Panel: Digital Forensics Readiness

The concept of forensic readiness for a system describes the capability of the system to efficiently collect credible digital evidence that can then be used in legal proceedings. Efficiency for digital forensics has been described in terms of cost since costs tend to be significant especially for systems that are not forensics ready. Credible digital evidence refers to data that has been collected and preserved through a process that does not invalidate the legitimacy of the data.



Forensic readiness is one of the few proposed forensics characteristics discussed in the forensics literature. Forensic readiness was proposed by Tan in 2001 in order to meet two objectives for systems used in digital investigations: 1) Costs should be minimized for incident responses and 2) An environment's ability to collect digital evidence should be maximized. In his original paper on forensic readiness, Tan described many specific techniques for achieving digital forensic readiness including logging techniques, IDS data usage, forensic acquisition and evidence handling.



A later paper describes how forensic readiness can be built into an enterprise forensics program and outlines ten steps to achieving forensic readiness. The main point is that forensic readiness makes sense from a business perspective and can result in cost savings should there be an investigation. Enterprises should be actively collecting potential evidence such as log files, network traffic records, e-mail and telephone records prior to involvement in an investigation.



Others described different aspects of system forensic readiness including policies for enhancing digital forensics readiness, incorporation into existing response plans and making sure forensic readiness leads to sound investigation. Another perspective discusses ensuring that hardware devices used to capture forensic evidence are reliable enough to enforce forensic readiness. As the wide divergence of these studies illustrate, there is no one methodology or approach to enabling forensic readiness within a system or enterprise.



Although the concept of forensic readiness has been circulating for years, only recently are applications appearing in products. With civil and criminal cases relying heavily on digital evidence, it's time to revisit forensic readiness: what does the term mean today? What progress has been made in defining it? What products and systems incorporate forensic readiness concepts in their design?



Please join us for a discussion of these ideas. Your contributions will assist in defining the state of the digital forensic readiness in theory and practice. The outcome will be a call for chapters in this specific area.



2013 PAPERS and PRESENTATIONS



*         An Ontology-Based forensic Analysis Tool, United Arab Emirates

*         Significance of Semantic Reconciliation in Digital Forensics, South Africa

*         Identifying Peer-to-Peer Traffic on Shared Wireless Networks, USA

*         The Development of Computer Forensic Legal System in mainland China, China

*         A Thematic Review of User Compliance with Information Security Policies Literature, USA

*         An Image Forensic Scheme with Robust and Fragile Watermarking for Business Documents, China

*         System-Generated Digital Forensic Evidence in Graphic Design Applications, South Africa

*         First glance: An Introductory Analysis of Network Forensics of TOR, USA

*         Money Laundering Detection Framework to Link the Disparate and Evolving Schemes, USA / Chile

*         Windows 8 Forensic Overview, USA

*         A Forensic Study of the Effectiveness of Selected Anti-Virus Products Against SSDT Hooking Rootkits,Canada

*         Cybercrime and Punishment: An Analysis of the Deontological and Utilitarian Functions of Punishment in the Information Age,USA

*         Electronic Discovery and Proportionality in Minnesota:  A Harbinger for the Federal Court System?, USA



Participants



The primary audience will include individuals who are interested in developing curriculum and teaching methods as well as conducting research related to the areas of digital forensics, security, and law. This conference will be of value to both academic and practitioner audiences.



Submissions



All submissions are double blind peer reviewed.



Best Papers



Selected papers from the conference will be considered for inclusion in the following journal:

Journal of Digital Forensics, Security and Law

http://www.jdfsl.org



ADDITIONAL INFORMATION FOR THE CONFERENCE CAN BE FOUND AT:

http://www.digitalforensics-conference.org



REGISTRATION INFORMATION IS POSTED AT:

http://www.digitalforensics-conference.org/registration.htm



Association for Digital Forensics, Security and Law

Website: http://www.adfsl.org



Journal of Digital Forensics, Security and Law

Website: http://www.jdfsl.org











-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.aisnet.org/pipermail/aisworld_lists.aisnet.org/attachments/20130514/88e63781/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 2741 bytes
Desc: image001.jpg
URL: <http://lists.aisnet.org/pipermail/aisworld_lists.aisnet.org/attachments/20130514/88e63781/attachment.jpg>

More information about the AISWorld mailing list