Home     Publications     Presentations     Utilities     Tools     Blog

Presentations

Social Computing: Enterprise Initiatives & Security Challenges
Panel Discussion, Cyber Summit USA, 2014, with James C. Foster, Chris Coleman, Paul Moreno, Dr. Parag Pruthi, Dr. Richard White.

Approximate Matching of Digital Artifacts
Panel Discussion, Digital Forensic Research Workshop 2013, with Frank Breitinger, Simson Garfinkel, Clay Shields, and Candice Quates.

Is Digital Forensics an Art or a Science
Panel Discussion, Digital Forensic Research Workshop 2013, with Cindy Murphy, Dave Baker, and Ovie Carroll.

The NSRLquery Project and Making the NSRL Practical
Poster Session, Digital Forensic Research Workshop 2013
NSRL homepage
NSRLlookup
NSRLServer

The National Software Reference Library: The Best Reference Which Nobody Uses
San Francisco Bay Area DFIR, March 2013
Sorry, no slides, but here are some links:
NSRL homepage
NSRLlookup
NSRLServer

How Memory Forensics will Help You Lose Weight and Look Ten Years Younger
SANS Cyber Defense Initiative, 2012
Abstract

Getting Fuzzy With It
High Technolog Crime Investigation Association, Mid-Atlantic Chapter
Abstract/Slides

Clustering and Classification for Cyber Crime
Conferência Internacional de Perícias em Crimes Cibernéticos, 2012
Slides

Audits, Triage, and the Future of Hashing
DoD Cyber Crime Conference, 2012
Abstract/Slides

Cake and Grief Counseling Will Be Available: Using Artificial Intelligence for Forensics Without Jeopardizing Humanity
DoD Cyber Crime Conference, 2012
Abstract/Slides

Artificial Intelligence in Computer Forensics
SANS 360: Digital Forensics and Incident Response Lightning Talks
Slides

Clustering and Classification for Cyber Crime
Abstract/Slides

Statistical Validation and Data Analytics in E-Discovery
AccessData User's Conference, 2011
Abstract/Slides

Applying the Science of Similarity to Computer Forensics
DoD Cyber Crime Conference, 2011
Abstract/Slides

Windows Memory Forensics and Direct Kernel Object Manipulation
DoD Cyber Crime Conference, 2011
Abstract/Slides

Beyond Fuzzy Hashing
The 2010 European Digital Forensics and Incident Response Summit, 2010
Abstract/Slides

Beyond Fuzzy Hashing
SANS What Works in Computer Forensics and Incident Response DC, 2010
Abstract/Slides

Next Generation Windows Forensics Panel
What Windows Area Needs Additional Research and Development?
SANS What Works in Computer Forensics and Incident Response DC, 2010
Slides

Windows Memory Forensics and Direct Kernel Object Manipulations
Techno Security, 2010
Abstract/Slides

Windows Memory Analysis
U.S. Naval Academy, April 2010
Slides

BitLocker To Go Forensics
DoD Cyber Crime Conference, 2010
Abstract/Slides

Google Earth Cache File Forensics
DoD Cyber Crime Conference, 2010
Abstract/Slides

Beyond Fuzzy Hashing: The New Similar
DoD Cyber Crime Conference, 2010
Abstract/Slides

The Science of Similar
Virginia Commonwealth University, January 2010
Abstract/Slides

Reverse Engineer File Formats by Searching for Binary Strings
SANS WhatWorks Summit in Forensics and Incident Response, 2009
Slides

Practical Methods for Dealing with Full Disk Encryption
DoD Cyber Crime Conference, 2009
Abstract/Slides

Windows Memory Analysis
The Johns Hopkins University, November 2008
Slides

Using JPEG Quantization Tables to Identify Imagery Processed by Software
Digital Forensic Research Workshop, August 2008
Abstract/Slides

Practical Cryptographic Key Recovery
Open Memory Forensics Workshop, August 2008
Slides

Fuzzy Hashing
United States Secret Service Quarterly Meeting, May 2008

Windows Memory Analysis
Texas State University, Febraury 2008
Abstract/Slides

Open Source in Computer Forensics
Mid-Atlantic HTCIA Meeting, February 2008

Using Digital Ballistics to Find the Smoking Camera
DoD Cyber Crime Conference, 2008
Abstract/Slides

My, You Look Super Fetching Tonight!
DoD Cyber Crime Conference, 2008
Abstract/Slides

Fuzzy Hashing
First Forensic Forum, Torthworth, UK, 2007

Fuzzy Hashing
Conference on Digital Forensics, Security and the Law, 2007
Slides

Recovering Executables from Windows Memory Images
DoD Cyber Crime Conference, 2007
Abstract/Slides

Fuzzy Hashing and Windows Memory Analysis
Regional Computer Forensics Group International Training Symposium, 2006
Abstract/Paper/Slides

Identifying Almost Identical Files Using Context Triggered Piecewise Hashing
Digital Forensic Research Workshop, 2006
Abstract/Paper/Slides

Fuzzy Hashing-Matching Similar Documents
High Technology Crime Investigation Association International Conference and Expo, 2006
Slides

Winking in the Dark
Texas State University, 2006

Hacker Court
BlackHat Las Vegas, 2004

Hacker Court
BlackHat DC, 2003

Hacker Court
BlackHat Las Vegas, 2003

Open Source in Computer Forensics
Open Standards/Open Source for National and Local eGovernment Programs in the U.S. and EU, 2003
Slides

Preserving the Evidence of Cybercrime
7th Annual Department of Defense Information Assurance Workshop, 2003

Simple But Sound Tools for First Responders
Oregon Center for Advanced Technology Education and Portland State University, 2003
Slides

Counterintelligence Methods
Infowarcon, 2002

Preservation of Fragile Digital Evidence by First Responders
Digital Forensic Research Workshop, 2002
Abstract/Paper

Hacker Court
BlackHat Las Vegas, 2002

Secret and Below Interoperability
AFOSI Computer Crime Workshop, 2001

Voice over IP Made Ridiculously Simple
AFOSI Computer Crime Workshop, 2001

User Level Computer Security
Pentagon Information Assurance Update, July 2001

The State of Computer Crime Today
North Florida Law Enforcement Officers Meeting, September 2000