WSDF 2022

The 15th International Workshop on Digital Forensics (WSDF 2022)

to be held in conjunction with the 17th International Conference on Availability, Reliability and Security
(ARES 2022 – )

August 23 – August 26, 2022

Digital forensics is a rapidly evolving field primarily focused on the extraction, preservation and analysis of digital evidence obtained from electronic devices in a manner that is legally acceptable. Research into new methodologies tools and techniques within this domain is necessitated by an ever-increasing dependency on tightly interconnected, complex and pervasive computer systems and networks. The ubiquitous nature of digital devices in modern life presents many avenues for the potential misuse of these devices in crimes that directly involve, or are facilitated by, these technologies. The aim of digital forensics is to produce outputs that can help investigators ascertain the overall state of a system. This includes any events that have occurred within the system and entities that have interacted with that system. Due care has to be taken in the identification, collection, archiving, maintenance, handling and analysis of digital evidence in order to prevent damage to data integrity. Such issues combined with the constant evolution of technology provide a large scope of digital forensic research.

WSDF aims to bring together experts from academia, industry, government and law enforcement who are interested in advancing the state of the art in digital forensics by exchanging their knowledge, results, ideas and experiences. The aim of the workshop is to provide a relaxed atmosphere that promotes discussion and free exchange of ideas while providing a sound academic backing. The focus of this workshop is not only restricted to digital forensics in the investigation of crime. It also addresses security applications such as automated log analysis, forensic aspects of fraud prevention and investigation, policy and governance.

Topics of interest include, but are not limited to

Digital Evidence Extraction and Analysis
Network Forensics
Anti-Forensics Techniques
Physical Memory Acquisition and Analysis
Digital Forensic Information Visualisation
Fraud Investigations Involving Technology
Portable Devices
Cyber Terrorism and Warfare
Log Analysis
Incident Response and Management
Investigative Case Studies
Artificial Intelligence in Digital Forensics
Best Practices and Case Studies

Malware Analysis
Novel Data Recovery Techniques
Cyber Criminal Profiling
Big Data in Digital Forensics
Cyber Crime investigation
Cloud Forensics
Mobile & Drones Forensics
Investigative Methodologies and Procedures
Internet of Things (IoT) Forensics
Emerging challenges in Digital Forensics
Investigative OSINT

Important DAtes
Submission Deadline May 15, 2022
Author Notification June 01, 2022 June 06, 2022
Proceedings Version June 19, 2022
ARES EU Symposium August 23, 2022
Conference August 23 – August 26, 2022
Workshop Chairs

Richard Overill
King’s College London, UK

Virginia N. L. Franqueira
University of Kent, UK

Andrew Marrington
Zayed University, UAE

Andrew Jones
University of Hertfordshire, UK

Kim-Kwang Raymond Choo
University of Texas at San Antonio, US

Program Commitee

Olga Angelopoulou, University of Warwick, UK
Aswami Ariffin, CyberSecurity Malaysia, MY
Sandra Avila, University of Campinas (Unicamp), BR
Frank Breitinger, University of Lousanne, CH
Kam-Pui Chow, The University of Hong Kong, HK
Jan Collie, The Open University, UK
George Crispos, University of Nebraka, US
Chris Hargreaves, University of Oxford, UK
Helge Janicke, Cyber Security Cooperative Research Centre, AU
Erisa Karafili, University of Southampton, UK
Simon Lang, Coalfire, UK
Liliana Pasquale, University College Dublin, IE
Chiara Pero, University of Salerno, IT
Mark Scanlon, University College Dublin, IE
Stravos Shiaeles, University of Portmouth, UK
Simon Tjoa, St. Polten University of Applied Sciences, AT
Inna Vogel, Fraunhofer Institute, DE
Harm van Beek, Netherlands Forensic Institute, NL
Jeroen van den Bos, Netherlands Forensic Institute, NL

Best Paper A ward

The best paper award will be sponsored by the Institute of Cyber Security for Society (iCSS), University of Kent, UK.

Submission Guidelines

The submission guidelines can be found at (6-8 pages, a maximum of 10 pages is tolerated). Double blind review: All papers submitted to EasyChair should be anonymized (no names or affiliations of authors should be visible in the paper) with no obvious self-references. Submission of a paper implies that should the paper be accepted, at least one of the authors will register and present the paper in the workshop.


Dr. Andrew Marrington
Advisor to the Provost for Programs & Curricula at Zayed University, United Arab Emirates

Coming Back to the Backlog: Can Digital Investigations Catch Up?
Digital evidence is crucial in a wide variety of criminal investigations and prosecutions. The digital footprint of everyday life and the proximity of smartphones and other digital devices to physical crime scenes means that the relevance of digital evidence is by no means confined to cybercrime cases. As a result, law enforcement agencies around the world have huge backlogs of digital evidence awaiting extraction and examination. In the UK alone, the collective backlog is at least 21,000 digital devices (smartphones, computers, tablets, etc), contributing to significant delays in investigations and prosecutions.

For two decades, digital forensics research has been grappling with this backlog in a variety of ways. Researchers have proposed faster methodologies and tools, more automation of the process of examination and analysis, triage techniques to make better use of examinter time, and more. Nevertheless, the problem of large backlogs persists. This keynote considers the causes of the backlog problem, and discusses how the digital forensics community can try to address it in the years ahead.

Dr. Andrew Marrington is the Advisor to the Provost for Programs & Curricula at Zayed University. Dr. Marrington received his PhD in digital forensics from Queensland University of Technology (QUT), where he studied at the Information Security Institute. Dr. Marrington’s primary field of research is digital forensics, although he is also interested in other aspects of information security, and in the security and investigative implications of emerging technologies. He serves on the program committees of various conferences and workshops in digital forensics and information security, and on the editorial boards of several journals in the same field. With his colleagues Dr Don Kerr and Dr John Gammack he has co-edited a book of refereed chapters on the security of wearable technologies. In the past, he has served as Associate and Acting Dean of the College of Technological Innovation at Zayed University, and in his current capacity he oversees curriculum development and academic quality assurance across the institution.