DC3 Digital Forensics Challenge

From ForensicsWiki
Revision as of 13:02, 2 June 2008 by Jessek (Talk | contribs)

Jump to: navigation, search

The DC3 Digital Forensics Challenge is an annual forensics contest sponsored by the Defense Cyber Crime Center. The winning team, which must consist of U.S. citizens, receives a free trip to the annual DoD Cyber Crime Conference.

Participation

Participation in the contest is a good way for vendors to showcase their talents and for academics to teach computer forensics research. Some academics feel, however, that they are not getting much benefit from the the contest. They believe that the DoD should publish all of the submissions so that they can be independently evaluated. This opinion was most vocally stated by David C. Smith and Mickey Lasky from Georgetown University in August 2007. They gave a talk at the DEFCON conference titled "Cool stuff learned from competing in the DC3 digital forensic challenge" where they described their entries and the lack of feedback from the DC3 [1].

History

2008

The 2008 challenge is now open. Packets were mailed starting 1 Mar 2008 and solutions are due before 1 Nov 2008. The winner will be announced on 1 Dec 2008 and will, as usual, receive a free trip to the 2009 DoD Cyber Crime Conference. The challenges this year included detecting suspicious software, hash analysis, image analysis, partition recovery, signature analysis, file header reconstruction, password recovery, registry analysis, steganography, encryption, Skype analysis, foreign text identification and translation, MSN Live analysis, and image analysis.

2007

The challenge was held in 2007 again, this time asking participants to focus on BitLocker and PAX protected files, erased files on a CDROM, a damaged DVD and thumb drive, determining real images from fake ones, and audio steganography.

The archives from the 2007 challenge are online.

2006

The 2006 challenge was the first sponsored by the DC3. Entrants were asked to solve puzzles in Audio Steganography, Steganography using S-Tools, Password Cracking, Image Analysis: Real vs. CG, Data Carving: Linux LVM Interpretation, Data Acquisition: Boot a dd Image, Data Acquisition: Boot a Split dd Image, Media Recovery: Compact-disc, Media Recovery: Floppy Diskette, Keylog Cracking, and Metadata Extraction.

One hundred and forty teams requested challenge packets, but only 21 teams submitted entries. The winning team, announced on 15 Dec 2006, was AccessData. They won a free trip to the DC3's annual conference in St. Louis, MO in January 2007. They presented a complete solution at the conference.

Challenge submissions were broken down by academic, civilian, commercial, military, and government entrants. International teams from Australia, Canada, France, and India all requested packets, but were not eligible to win.

The archives from the 2006 challenge are online.

External Links