Difference between pages "Windows" and "Upcoming events"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
(External Links)
 
(Calls For Papers)
 
Line 1: Line 1:
{{Expand}}
+
<b>PLEASE READ BEFORE YOU EDIT THE LISTS BELOW</b><br>
 +
When events begin the same day, events of a longer length should be listed first.  New postings of events with the same date(s) as other events should be added after events already in the list. Please use three-letter month abbreviations (i.e. Sep, NOT Sept. or September), use two digit dates (i.e. Jan 01 NOT Jan 1), and use date ranges rather than listing every date during an event(i.e. Jan 02-05, NOT Jan 02, 03, 04, 05).<br>
 +
<i>Some events may be <u>limited</u> to <b>Law Enforcement Only</b> or to a specific audience.  Such restrictions should be noted when known.</i>
  
'''Windows''' is a widely-spread [[operating system]] from [[Microsoft]].
+
This is a BY DATE listing of upcoming events relevant to [[digital forensics]].  It is not an all inclusive list, but includes most well-known activities.  Some events may duplicate events on the generic [[conferences]] page, but entries in this list have specific dates and locations for the upcoming event.
  
There are 2 main branches of Windows:
+
This listing is divided into three sections (described as follows):<br>
* the DOS-branch: i.e. Windows 95, 98, ME
+
<ol><li><b><u>[[Upcoming_events#Calls_For_Papers|Calls For Papers]]</u></b> - Calls for papers for either Journals or for Conferences, relevant to Digital Forensics (Name, Closing Date, URL)</li><br>
* the NT-branch: i.e. Windows NT 4, XP, Vista
+
<li><b><u>[[Upcoming_events#Conferences|Conferences]]</u></b> - Conferences relevant for Digital Forensics (Name, Date, Location, URL)</li><br>
 +
<li><b><u>[[Training Courses and Providers]]</u></b> - Training </li><br></ol>
  
== Features ==
+
== Calls For Papers ==
* Basic and Dynamic Disks, see: [http://msdn.microsoft.com/en-us/library/windows/desktop/aa363785(v=vs.85).aspx]
+
Please help us keep this up-to-date with deadlines for upcoming conferences that would be appropriate for forensic research.
  
=== Introduced in Windows NT ===  
+
{| border="0" cellpadding="2" cellspacing="2" align="top"
* [[NTFS]]
+
|- style="background:#bfbfbf; font-weight: bold"
 +
! width="30%|Title
 +
! width="15%"|Due Date
 +
! width="15%"|Notification Date
 +
! width="40%"|Website
 +
|-
 +
|8th International Conference on Malicious and Unwanted Software - Malware in the Era of Cloud Services and Mobile Endpoints
 +
|Jul 12, 2013
 +
|Aug 12, 2013
 +
|http://www.malwareconference.org/index.php?option=com_docman&task=doc_download&gid=8&Itemid=51
 +
|-
 +
|5th International Workshop on Managing Insider Security Threats
 +
|Jul 31, 2013
 +
|Aug 31, 2013
 +
|http://isyou.info/conf/mist13/cfp4mist13.txt
 +
|-
 +
|AAFS 66th Annual Scientific Meeting
 +
|Aug 01, 2013
 +
|Nov, 2013
 +
|http://www.aafs.org/aafs-66th-annual-scientific-meeting
 +
|-
 +
|21st Network & Distributed System Security Symposium
 +
|Aug 05, 2013
 +
|Nov 01, 2013
 +
|http://www.internetsociety.org/events/ndss-symposium-2014/ndss-2014-call-papers
 +
|-
 +
|9th International Conference on Cyber Warfare and Security (ICCWS-2014)
 +
|Sep 02, 2013 (abstract)
 +
|Sep 09, 2013 (abstract)<br>Dec 30, 2013 (final paper)
 +
|http://academic-conferences.org/iciw/iciw2014/iciw14-call-papers.htm
 +
|-
 +
|IFIP WG 11.9 International Conference on Digital Forensics
 +
|Sep 15, 2013
 +
|Oct 15, 2013
 +
|http://www.ifip119.org/Conferences/WG11-9-CFP-2014.pdf
 +
|-
 +
|}
  
=== Introduced in Windows 2000 ===
+
See also [http://www.wikicfp.com/cfp/servlet/tool.search?q=forensics WikiCFP 'Forensics']
  
=== Introduced in Windows XP ===
+
== Conferences ==
* [[Prefetch]]
+
{| border="0" cellpadding="2" cellspacing="2" align="top"
* System Restore (Restore Points); also present in Windows ME
+
|- style="background:#bfbfbf; font-weight: bold"
 +
! width="40%"|Title
 +
! width="20%"|Date/Location
 +
! width="40%"|Website
 +
|-
 +
|FIRST Conference
 +
|Jun 16-21<br>Bangkok, Thailand
 +
|http://conference.first.org/2013/
 +
|-
 +
|The 1st ACM Workshop on Information Hiding and Multimedia Security
 +
|Jun 17-19<br>Montpellier, France
 +
|http://ihmmsec.org/
 +
|-
 +
|28th IFIP TC-11 SEC 2013 International Information Security and Privacy Conference
 +
|Jul 08-10<br>Auckland, New Zealand
 +
|http://www.sec2013.org/
 +
|-
 +
|The Second International Workshop on Cyber Patterns: Unifying Design Patterns with Security, Attack and Forensic Patterns
 +
|Jul 08-09<br>Abingdon, Oxfordshire, United Kingdom
 +
|http://tech.brookes.ac.uk/CyberPatterns2013
 +
|-
 +
|10th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)
 +
|Jul 18-19<br>Berlin, Germany
 +
|http://dimva.sec.t-labs.tu-berlin.de/
 +
|-
 +
|Symposium On Usable Privacy and Security (SOUPS)
 +
|Jul 24-26<br>Newcastle, United Kingdom
 +
|http://cups.cs.cmu.edu/soups/2013/
 +
|-
 +
|BlackHat USA
 +
|Jul 27-Aug 01<br>Las Vegas, NV
 +
|https://www.blackhat.com/us-13/
 +
|-
 +
|DFRWS 2013
 +
|Aug 04-07<br>Monterey, CA
 +
|http://dfrws.org/2013
 +
|-
 +
|Regional Computer Forensics Group GMU 2013
 +
|Aug 05-09<br>Fairfax, VA
 +
|http://www.rcfg.org
 +
|-
 +
|6th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET '13)
 +
|Aug 12<br>Washington, DC
 +
|https://www.usenix.org/conferences?page=1
 +
|-
 +
|8th USENIX Workshop on Hot Topics in Security (HotSec '13)
 +
|Aug 13<br>Washington, DC
 +
|https://www.usenix.org/conferences?page=1
 +
|-
 +
|22nd USENIX Security Symposium - USENIX Security '13
 +
|Aug 14-16<br>Washington, DC
 +
|https://www.usenix.org/conference/usenixsecurity13
 +
|-
 +
|6th International Workshop on Digital Forensics (WSDF 2013)
 +
|Sep 02-06<br>Regensburg, Germany
 +
|http://www.ares-conference.eu/conf/index.php?option=com_content&view=article&id=49&Itemid=95
 +
|-
 +
|2013 HTCIA International Conference & Training Expo
 +
|Sep 08-11<br>Summerlin, NV
 +
|http://www.htciaconference.org/
 +
|-
 +
|New Security Paradigms Workshop (NSPW)
 +
|Sep 09-12<br>The Banff Center, Canada
 +
|http://www.nspw.org/current/
 +
|-
 +
|Black Hat-Regional Summit
 +
|Sep 10-12<br>Istanbul, Turkey
 +
|https://www.blackhat.com/is-13/
 +
|-
 +
|French-Speaking Days on Digital Investigations-Journées Francophones de l'Investigation Numérique (AFSIN)
 +
|Sep 10-12<br>Neuchâtel, Switzerland
 +
|https://www.afsin.org/
 +
|-
 +
|5th International Conference on Digital Forensics & Cyber Crime
 +
|Sep 25-27<br>Moscow, Russia
 +
|http://d-forensics.org/2013/show/home
 +
|-
 +
|VB2013 - the 23rd Virus Bulletin International Conference
 +
|Oct 02-04<br>Berlin, Germany
 +
|http://www.virusbtn.com/conference/vb2013/index
 +
|-
 +
|8th International Conference on Malicious and Unwanted Software
 +
|Oct 22-24<br>Fajardo, Puerto Rico, USA
 +
|http://www.malwareconference.org/index.php?option=com_frontpage&Itemid=1
 +
|-
 +
|16th International Symposium on Research in Attacks, Intrusions and Defenses (RAID)
 +
|Oct 23-25<br>St. Lucia
 +
|http://www.raid2013.org/
 +
|-
 +
|5th International Workshop on Managing Insider Security Threats
 +
|Oct 24-25<br>Busan, South Korea
 +
|http://isyou.info/conf/mist13/index.htm
 +
|-
 +
|4th Annual Open Source Digital Forensics Conference (OSDF)
 +
|Nov 04-05<br>Chantilly, VA
 +
|http://www.basistech.com/about-us/events/open-source-forensics-conference/
 +
|-
 +
|Paraben Forensic Innovations Conference
 +
|Nov 13-15<br>Salt Lake City, UT
 +
|http://www.pfic-conference.com/
 +
|-
 +
|8th International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE)
 +
|Nov 21-22<br>Hong Kong, China
 +
|http://conf.ncku.edu.tw/sadfe/sadfe13/
 +
|-
 +
|Black Hat-Regional Summit
 +
|Nov 26-27<br>Sao Paulo, Brazil
 +
|https://www.blackhat.com/sp-13
 +
|-
 +
|29th Annual Computer Security Applications Conference (ACSAC)
 +
|Dec 09-13<br>New Orleans, LA
 +
|http://www.acsac.org
 +
|-
 +
|IFIP WG 11.9 International Conference on Digital Forensics
 +
|Jan 08-10<br>Vienna, Austria
 +
|http://www.ifip119.org/Conferences/
 +
|-
 +
|AAFS 66th Annual Scientific Meeting
 +
|Feb 17-22<br>Seattle, WA
 +
|http://www.aafs.org/aafs-66th-annual-scientific-meeting
 +
|-
 +
|21st Network & Distributed System Security Symposium
 +
|Feb 23-26<br>San Diego, CA
 +
|http://www.internetsociety.org/events/ndss-symposium-2014/
 +
|-
 +
|9th International Conference on Cyber Warfare and Security (ICCWS-2014)
 +
|Mar 24-25<br>West Lafayette, IN
 +
|http://academic-conferences.org/iciw/iciw2014/iciw14-home.htm
 +
|-
 +
|2014 IEEE Symposium on Security and Privacy
 +
|May 16-23<br>Berkley, CA
 +
|http://www.ieee.org/conferences_events/conferences/conferencedetails/index.html?Conf_ID=16517
 +
|-
 +
|}
  
==== SP2 ====
+
==See Also==
* Windows Firewall
+
* [[Training Courses and Providers]]
 
+
==References==
=== Introduced in Windows 2003 (Server) ===
+
* [http://faculty.cs.tamu.edu/guofei/sec_conf_stat.htm Computer Security Conference Ranking and Statistic]
* Volume Shadow Copies
+
* [http://www.kdnuggets.com/meetings/ Meetings and Conferences in Data Mining and Discovery]
 
+
* http://www.conferencealerts.com/data.htm Data Mining Conferences World-Wide]
=== Introduced in Windows Vista ===
+
* [[BitLocker Disk Encryption | BitLocker]]
+
* [[Windows Desktop Search | Search]] integrated in operating system
+
* [[SuperFetch]]
+
* [[NTFS|Transactional NTFS (TxF)]]
+
* [[Windows NT Registry File (REGF)|Transactional Registry (TxR)]]
+
* [[Windows Shadow Volumes|Shadow Volumes]]; the volume-based storage of the Volume Shadow Copy data
+
* $Recycle.Bin
+
* [[Windows XML Event Log (EVTX)]]
+
* [[User Account Control (UAC)]]
+
 
+
=== Introduced in Windows 2008 (Server) ===
+
 
+
=== Introduced in Windows 7 ===
+
* [[BitLocker Disk Encryption | BitLocker To Go]]
+
* [[Jump Lists]]
+
* [[Sticky Notes]]
+
 
+
=== Introduced in Windows 8 ===
+
* [[Windows Shadow Volumes | File History]]
+
* [[Windows Storage Spaces | Storage Spaces]]
+
* [[Resilient File System (ReFS)]]; server edition will likely be available in Windows Server 2012
+
 
+
== Forensics ==
+
 
+
=== Partition layout ===
+
Default partition layout, first partition starts:
+
* at sector 63 in Windows 2000, XP, 2003
+
* at sector 2048 in Windows Vista, 2008, 7
+
 
+
=== Filesystems ===
+
* [[FAT]], [[FAT|exFAT]]
+
* [[NTFS]]
+
* [[Resilient File System (ReFS) | ReFS]]
+
 
+
=== Recycle Bin ===
+
 
+
==== RECYCLER ====
+
Used by Windows 2000, XP.
+
Uses INFO2 file.
+
 
+
See: [http://www.cybersecurityinstitute.biz/downloads/INFO2.pdf]
+
 
+
==== $RECYCLE.BIN ====
+
Used by Windows Vista.
+
Uses $I and $R files.
+
 
+
See: [http://www.forensicfocus.com/downloads/forensic-analysis-vista-recycle-bin.pdf]
+
 
+
=== Registry ===
+
 
+
The [[Windows Registry]] is a database of keys and values that provides a wealth of information to forensic [[investigator]]s.
+
 
+
=== Thumbs.db Files ===
+
 
+
[[Thumbs.db]] files can be found on many Windows systems. They contain thumbnails of images or documents and can be of great value for the [[investigator]].
+
 
+
See also: [[Vista thumbcache]].
+
 
+
=== Browser Cache ===
+
 
+
=== Browser History ===
+
 
+
The [[Web Browser History]] files can contain significant information. The default [[Web browser|web browser]] that comes with Windows is [[Internet Explorer|Microsoft Internet Explorer]] but other common browsers on Windows are [[Apple Safari]], [[Google Chrome]], [[Mozilla Firefox]] and [[Opera]].
+
 
+
=== Search ===
+
See [[Windows Desktop Search]]
+
 
+
=== Setup log files (setupapi.log) ===
+
Windows Vista introduced several setup log files [http://support.microsoft.com/kb/927521].
+
 
+
=== Sleep/Hibernation ===
+
 
+
After (at least) Windows 7 recovers from sleep/hibernation there often is a system time change event (event id 1) in the event logs.
+
 
+
=== Users ===
+
Windows stores a users Security identifiers (SIDs) under the following registry key:
+
<pre>
+
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
+
</pre>
+
 
+
The %SID%\ProfileImagePath value should also contain the username.
+
 
+
=== Windows Error Reporting (WER) ===
+
 
+
As of Vista, for User Access Control (UAC) elevated applications WER reports can be found in:
+
<pre>
+
C:\ProgramData\Microsoft\Windows\WER\
+
</pre>
+
 
+
As of Vista, for non-UAC elevated applications (LUA) WER reports can be found in:
+
<pre>
+
C:\Users\%UserName%\AppData\Local\Microsoft\Windows\WER\
+
</pre>
+
 
+
Corresponding registry key:
+
<pre>
+
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting
+
</pre>
+
 
+
== Advanced Format (4KB Sector) Hard Drives ==
+
Windows XP does not natively handle drives that use the new standard of 4KB sectors. For information on this, see [[Advanced Format]].
+
 
+
== %SystemRoot% ==
+
The actual value of %SystemRoot% is store in the following registry value:
+
<pre>
+
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
+
Value: SystemRoot
+
</pre>
+
 
+
== See Also ==
+
* [[Windows Event Log (EVT)]]
+
* [[Windows XML Event Log (EVTX)]]
+
 
+
== External Links ==
+
 
+
* [http://en.wikipedia.org/wiki/Microsoft_Windows Wikipedia: Microsoft Windows]
+
* [http://support.microsoft.com/kb/927521 Windows 7, Windows Server 2008 R2, and Windows Vista setup log file locations]
+
* [http://www.forensicfocus.com/downloads/forensic-analysis-vista-recycle-bin.pdf The Forensic Analysis of the Microsoft Windows Vista Recycle Bin], by [[Mitchell Machor]], 2008
+
* [http://www.ericjhuber.com/2013/02/microsoft-file-system-tunneling.html?m=1 Microsoft Windows File System Tunneling], by [[Eric Huber]], February 24, 2013
+
* [http://www.nsa.gov/ia/_files/app/Spotting_the_Adversary_with_Windows_Event_Log_Monitoring.pdf Spotting the Adversary with Windows Event Log Monitoring], by National Security Agency/Central Security Service, February 28, 2013
+
 
+
=== Under the hood ===
+
* [http://msdn.microsoft.com/en-us/library/windows/desktop/aa366533(v=vs.85).aspx MSDN: Comparing Memory Allocation Methods], by [[Microsoft]]
+
* [http://blogs.msdn.com/b/ntdebugging/archive/2007/06/28/how-windows-starts-up-part-the-second.aspx How Windows Starts Up (Part the second)]
+
* [http://msdn.microsoft.com/en-us/library/aa375142.aspx DLL/COM Redirection]
+
* [http://msdn.microsoft.com/en-us/library/windows/desktop/ms682586(v=vs.85).aspx Dynamic-Link Library Search Order]
+
* [http://blogs.msdn.com/b/junfeng/archive/2004/04/28/121871.aspx Image File Execution Options]
+
 
+
=== Side-by-side (WinSxS) ===
+
* [http://en.wikipedia.org/wiki/Side-by-side_assembly Wikipedia: Side-by-side assembly]
+
* [http://msdn.microsoft.com/en-us/library/aa374224.aspx Assembly Searching Sequence]
+
* [http://blogs.msdn.com/b/junfeng/archive/2007/06/26/rt-manifest-resource-and-isolation-aware-enabled.aspx RT_MANIFEST resource, and ISOLATION_AWARE_ENABLED]
+
* [http://msdn.microsoft.com/en-us/library/windows/desktop/dd408052(v=vs.85).aspx Isolated Applications and Side-by-side Assemblies]
+
* [http://blogs.msdn.com/b/junfeng/archive/2006/01/24/517221.aspx#531208 DotLocal (.local) Dll Redirection], by [[Junfeng Zhang]], January 24, 2006
+
* [http://blogs.msdn.com/b/junfeng/archive/2006/04/14/576314.aspx Diagnosing SideBySide failures], by [[Junfeng Zhang]], April 14, 2006
+
* [http://omnicognate.wordpress.com/2009/10/05/winsxs/ EVERYTHING YOU NEVER WANTED TO KNOW ABOUT WINSXS]
+
 
+
=== Application Compatibility Database ===
+
* [http://technet.microsoft.com/en-us/library/dd837644(v=ws.10).aspx Technet: Understanding Shims], by [[Microsoft]]
+
* [http://msdn.microsoft.com/en-us/library/bb432182(v=vs.85).aspx MSDN: Application Compatibility Database], by [[Microsoft]]
+
* [http://www.alex-ionescu.com/?p=39 Secrets of the Application Compatilibity Database (SDB) – Part 1], by [[Alex Ionescu]], May 20, 2007
+
* [http://www.alex-ionescu.com/?p=40 Secrets of the Application Compatilibity Database (SDB) – Part 2], by [[Alex Ionescu]], May 21, 2007
+
* [http://fred.mandiant.com/Whitepaper_ShimCacheParser.pdf Leveraging the Application Compatibility Cache in Forensic Investigations], by [[Andrew Davis]], May 4, 2012
+
 
+
=== System Restore (Restore Points) ===
+
* [http://en.wikipedia.org/wiki/System_Restore Wikipedia: System Restore]
+
* [http://www.stevebunting.org/udpd4n6/forensics/restorepoints.htm Restore Point Forensics], by [[Steve Bunting]]
+
* [http://windowsir.blogspot.ch/2007/06/restore-point-analysis.html Restore Point Analysis], by [[Harlan Carvey]],  June 16, 2007
+
* [http://windowsir.blogspot.ch/2006/10/restore-point-forensics.html Restore Point Forensics], by [[Harlan Carvey]], October 20, 2006
+
* [http://www.ediscovery.co.nz/wip/srp.html System Restore Point Log Decoding]
+
 
+
=== Crash dumps ===
+
* [http://blogs.technet.com/b/yongrhee/archive/2010/12/29/drwtsn32-on-windows-vista-windows-server-2008-windows-7-windows-server-2008-r2.aspx Technet: Drwtsn32 on Windows Vista/Windows Server 2008/Windows 7/Windows Server 2008 R2], by Yong Rhee, December 29, 2010
+
* [http://support.microsoft.com/kb/315263 MSDN: How to read the small memory dump file that is created by Windows if a crash occurs], by [[Microsoft]]
+
 
+
=== Windows Firewall ===
+
* [http://en.wikipedia.org/wiki/Windows_Firewall Wikipedia: Windows Firewall]
+
* [http://technet.microsoft.com/en-us/library/cc737845(v=ws.10).aspx#BKMK_log Windows Firewall Tools and Settings]
+
 
+
=== Windows 32-bit on Windows 64-bit (WoW64) ===
+
* [http://en.wikipedia.org/wiki/WoW64 Wikipedia: WoW64]
+
 
+
=== Windows XP ===
+
* [http://support.microsoft.com/kb/q308549 Description of Windows XP System Information (Msinfo32.exe) Tool]
+
 
+
=== Windows 8 ===
+
* [http://en.wikipedia.org/wiki/Features_new_to_Windows_8 Features new to Windows 8], Wikipedia
+
* [http://computerforensics.champlain.edu/blog/windows-8-forensics Windows 8 Forensics - part 1]
+
* [http://computerforensics.champlain.edu/blog/windows-8-forensics-part-2 Windows 8 Forensics - part 2]
+
* [http://computerforensics.champlain.edu/blog/windows-8-forensics-part-3 Windows 8 Forensics - part 3]
+
* [http://propellerheadforensics.files.wordpress.com/2012/05/thomson_windows-8-forensic-guide2.pdf Windows 8 Forensic Guide], by [[Amanda Thomson|Amanda C. F. Thomson]], 2012
+
* [http://forensicfocus.com/Forums/viewtopic/t=9604/ Forensic Focus: Windows 8 Forensics - A First Look], [http://www.youtube.com/watch?v=uhCooEz9FQs&feature=youtu.be Presentation], [http://www.forensicfocus.com/downloads/windows-8-forensics-josh-brunty.pdf Slides], by [[Josh Brunty]], August 2012
+
* [http://dfstream.blogspot.ch/2013/03/windows-8-tracking-opened-photos.html Windows 8: Tracking Opened Photos], by [[Jason Hale]], March 8, 2013
+
 
+
[[Category:Operating systems]]
+

Revision as of 07:33, 12 July 2013

PLEASE READ BEFORE YOU EDIT THE LISTS BELOW
When events begin the same day, events of a longer length should be listed first. New postings of events with the same date(s) as other events should be added after events already in the list. Please use three-letter month abbreviations (i.e. Sep, NOT Sept. or September), use two digit dates (i.e. Jan 01 NOT Jan 1), and use date ranges rather than listing every date during an event(i.e. Jan 02-05, NOT Jan 02, 03, 04, 05).
Some events may be limited to Law Enforcement Only or to a specific audience. Such restrictions should be noted when known.

This is a BY DATE listing of upcoming events relevant to digital forensics. It is not an all inclusive list, but includes most well-known activities. Some events may duplicate events on the generic conferences page, but entries in this list have specific dates and locations for the upcoming event.

This listing is divided into three sections (described as follows):

  1. Calls For Papers - Calls for papers for either Journals or for Conferences, relevant to Digital Forensics (Name, Closing Date, URL)

  2. Conferences - Conferences relevant for Digital Forensics (Name, Date, Location, URL)

  3. Training Courses and Providers - Training

Calls For Papers

Please help us keep this up-to-date with deadlines for upcoming conferences that would be appropriate for forensic research.

Title Due Date Notification Date Website
8th International Conference on Malicious and Unwanted Software - Malware in the Era of Cloud Services and Mobile Endpoints Jul 12, 2013 Aug 12, 2013 http://www.malwareconference.org/index.php?option=com_docman&task=doc_download&gid=8&Itemid=51
5th International Workshop on Managing Insider Security Threats Jul 31, 2013 Aug 31, 2013 http://isyou.info/conf/mist13/cfp4mist13.txt
AAFS 66th Annual Scientific Meeting Aug 01, 2013 Nov, 2013 http://www.aafs.org/aafs-66th-annual-scientific-meeting
21st Network & Distributed System Security Symposium Aug 05, 2013 Nov 01, 2013 http://www.internetsociety.org/events/ndss-symposium-2014/ndss-2014-call-papers
9th International Conference on Cyber Warfare and Security (ICCWS-2014) Sep 02, 2013 (abstract) Sep 09, 2013 (abstract)
Dec 30, 2013 (final paper)
http://academic-conferences.org/iciw/iciw2014/iciw14-call-papers.htm
IFIP WG 11.9 International Conference on Digital Forensics Sep 15, 2013 Oct 15, 2013 http://www.ifip119.org/Conferences/WG11-9-CFP-2014.pdf

See also WikiCFP 'Forensics'

Conferences

Title Date/Location Website
FIRST Conference Jun 16-21
Bangkok, Thailand
http://conference.first.org/2013/
The 1st ACM Workshop on Information Hiding and Multimedia Security Jun 17-19
Montpellier, France
http://ihmmsec.org/
28th IFIP TC-11 SEC 2013 International Information Security and Privacy Conference Jul 08-10
Auckland, New Zealand
http://www.sec2013.org/
The Second International Workshop on Cyber Patterns: Unifying Design Patterns with Security, Attack and Forensic Patterns Jul 08-09
Abingdon, Oxfordshire, United Kingdom
http://tech.brookes.ac.uk/CyberPatterns2013
10th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA) Jul 18-19
Berlin, Germany
http://dimva.sec.t-labs.tu-berlin.de/
Symposium On Usable Privacy and Security (SOUPS) Jul 24-26
Newcastle, United Kingdom
http://cups.cs.cmu.edu/soups/2013/
BlackHat USA Jul 27-Aug 01
Las Vegas, NV
https://www.blackhat.com/us-13/
DFRWS 2013 Aug 04-07
Monterey, CA
http://dfrws.org/2013
Regional Computer Forensics Group GMU 2013 Aug 05-09
Fairfax, VA
http://www.rcfg.org
6th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET '13) Aug 12
Washington, DC
https://www.usenix.org/conferences?page=1
8th USENIX Workshop on Hot Topics in Security (HotSec '13) Aug 13
Washington, DC
https://www.usenix.org/conferences?page=1
22nd USENIX Security Symposium - USENIX Security '13 Aug 14-16
Washington, DC
https://www.usenix.org/conference/usenixsecurity13
6th International Workshop on Digital Forensics (WSDF 2013) Sep 02-06
Regensburg, Germany
http://www.ares-conference.eu/conf/index.php?option=com_content&view=article&id=49&Itemid=95
2013 HTCIA International Conference & Training Expo Sep 08-11
Summerlin, NV
http://www.htciaconference.org/
New Security Paradigms Workshop (NSPW) Sep 09-12
The Banff Center, Canada
http://www.nspw.org/current/
Black Hat-Regional Summit Sep 10-12
Istanbul, Turkey
https://www.blackhat.com/is-13/
French-Speaking Days on Digital Investigations-Journées Francophones de l'Investigation Numérique (AFSIN) Sep 10-12
Neuchâtel, Switzerland
https://www.afsin.org/
5th International Conference on Digital Forensics & Cyber Crime Sep 25-27
Moscow, Russia
http://d-forensics.org/2013/show/home
VB2013 - the 23rd Virus Bulletin International Conference Oct 02-04
Berlin, Germany
http://www.virusbtn.com/conference/vb2013/index
8th International Conference on Malicious and Unwanted Software Oct 22-24
Fajardo, Puerto Rico, USA
http://www.malwareconference.org/index.php?option=com_frontpage&Itemid=1
16th International Symposium on Research in Attacks, Intrusions and Defenses (RAID) Oct 23-25
St. Lucia
http://www.raid2013.org/
5th International Workshop on Managing Insider Security Threats Oct 24-25
Busan, South Korea
http://isyou.info/conf/mist13/index.htm
4th Annual Open Source Digital Forensics Conference (OSDF) Nov 04-05
Chantilly, VA
http://www.basistech.com/about-us/events/open-source-forensics-conference/
Paraben Forensic Innovations Conference Nov 13-15
Salt Lake City, UT
http://www.pfic-conference.com/
8th International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE) Nov 21-22
Hong Kong, China
http://conf.ncku.edu.tw/sadfe/sadfe13/
Black Hat-Regional Summit Nov 26-27
Sao Paulo, Brazil
https://www.blackhat.com/sp-13
29th Annual Computer Security Applications Conference (ACSAC) Dec 09-13
New Orleans, LA
http://www.acsac.org
IFIP WG 11.9 International Conference on Digital Forensics Jan 08-10
Vienna, Austria
http://www.ifip119.org/Conferences/
AAFS 66th Annual Scientific Meeting Feb 17-22
Seattle, WA
http://www.aafs.org/aafs-66th-annual-scientific-meeting
21st Network & Distributed System Security Symposium Feb 23-26
San Diego, CA
http://www.internetsociety.org/events/ndss-symposium-2014/
9th International Conference on Cyber Warfare and Security (ICCWS-2014) Mar 24-25
West Lafayette, IN
http://academic-conferences.org/iciw/iciw2014/iciw14-home.htm
2014 IEEE Symposium on Security and Privacy May 16-23
Berkley, CA
http://www.ieee.org/conferences_events/conferences/conferencedetails/index.html?Conf_ID=16517

See Also

References