Full Program
Registration and Continental Breakfast
Keynote
Paper Session 1
• Fine-Tuning Large Language Models for Anomaly Detection in Distributed System Logs
• Analyzing Digital Forensic Data Using Process Mining Techniques: A Case Study
• Graph Neural Networks for Video Device Identification
• Securing Federated Learning: A Hybrid Defense Against Poison Injection Attacks in LLM
• Accelerating Criminal Investigations with TRACY
• Resilient Satellite Cybersecurity: Integrating NIST and AI Governance
Coffee Break
Paper Session 2
• Generative AI-Driven Anomaly Detection in Soil Electrical Conductivity Using Temporal Autoencoders
• Comparative Study of Quantum and Classical Layers in Hybrid Quantum Neural Networks
• Where the Money Is: Shadow AI Risks to Family Offices and the Wealth Management Sector
• Machine Learning Approach on Detection of DDoS and Malware Attacks in Drone Communication Networks
• Digital Forensic Investigation of Social Robots: Zenbo, Zenbo Jr., and Misty II as Case Studies
• Retrospective Analysis of Legal Documents Using Hybrid AI - A Preliminary Empirical Study of Historical Search Warrant Processing
Lunch
Paper Session 3
• SCOPE - Activity Recognition Using Temporally Dominant Topic Identification In Forensic Chat Analysis
• WebHunter: An LLM-Agent with Exploit Planning and Tool Collaboration for Automated SQL Injection
• AFLTrans: An Intelligent Generative Fuzz Testing Method for Binary Programs Based on Transformer
• Towards Regulated and Accountable Privacy-Preserving Retrieval for Digital Forensics: A Cryptographic Design Framework
Coffee Break
Paper Session 4
• The sample classification method accelerates the efficiency of robustness verification
• Integration of NLP in Digital Forensics: A Pilot Study of Practitioner Perceptions on Chat Data Analysis Tools
• Temporal Sparse Black-Box Adversarial Attack on Deepfake Video Detection Models
• DepFieldGen: Research on Dependent Field Generation for secure ICS Protocols
• iOS Cookie Forensics with Autopsy Tool
• Online Learning for Android Malware Detection under Concept-Drift
• An encrypted traffic classification method based on Mamba and wavelet transform convolution
• SolDataVul-LLaMA Dataset: a LLM-driven construction method and detection research of smart contract vulnerability dataset in data trading scenarios
Closing Remarks
Gala dinner
Registrations /Welcome /Breakfast
Keynote
Paper Session 1
• An Enhanced Federated Machine Learning Approach for Decentralized Water Contamination Detection
• Understanding Online Grooming Through LLMs: Stage Detection and Linguistic Patterns
• Validation of IP Reputations Through Redirection of Unsolicited Network Traffic to an Interactive Honeynet
• Deepfake Forensics Adapter: A dual-stream network for generalizable deepfake detection
• Automatic Recovery of Cryptowallets from Mnemonics Seed Phrases
• Improving the forensic integrity of Mark-of-the-Web (MOTW) files
Coffee Break
Paper Session 2
• Automating Cloud Security and Forensics Through a Secure-by-Design GenAI Framework
• Toward Structured Memory Forensics: A MITRE ATT&CK-Aligned Workflow for Malware Investigation
• Autoencoder-Based Intrusion Detection: A Hybrid Deep Learning Approach
• APT-Agent: A Training-Free, Unsupervised, LLM-Based Multi-Agent Framework for Interpretable Advanced Persistent Threat Detection
• A Reward-driven Automated Webshell Malicious-code Generator for Red-teaming
• A Malicious IoT Traffic Detection Method Based on Recursive Feature Addition Using Graph Neural Network
Lunch
Paper Session 3
• MFETD: Multimodal Feature Fusion for Encrypted Traffic Detection based on Transformer
• Detecting Container Escape Attacks via Graph Neural Networks on System Call Graphs
• LLM-Assisted Digital Forensic Investigations of Prompt Injection Attacks: Evidence Analysis and Representation
• MRES-S: Multi-scale Deep Learning Network for Hardware Trojan Detection
Coffee Break
Paper Session 4
• On the Security of the RDHEI by Binary Symmetric Channel and Polar Code
• MALDroid: An Explainable Android Malware Detection Framework Leveraging Temporal and Semantic Contextual Features
• A Real-Time Face Swap Detection Model for Video Chatting Scams
• FedHAP-MTD: Personalized Federated Malicious Traffic Detection Based on Hierarchical Updating and Adaptive Learning
• Privacy-Preserving k-Bitruss Community Query over Encrypted Bipartite Graphs
• Revealing the Intents: Malware Protocol Semantic Inference using Large Language Models
• ShellSight-LLM: Detecting Successful Webshell Intrusions via Optimized LLM
• LLM4PDF: Semantic-Aware Malicious PDF Detection Using LLMs
Closing Remarks
Social activity - Boat cruise
Registrations /Welcome /Breakfast
Keynote
Paper Session 1
• Chances and Challenges of the Model Context Protocol in Digital Forensics and Incident Response
• What’s Next, Cloud? A Forensic Framework for Analyzing Self-Hosted Cloud Storage Solutions
• An LLM-Driven Iterative Workflow for Ontological Mapping of Digital Forensic Artifacts
• AnchorMark: Real-World Anchor-Based Watermarking for Digital Content Authentication and Manipulation Detection
• MSMC-MobileNet: An Automated Multi-Scale and Multi-Contextual MobileNetv3 for Malware Detection Based on IoT
• FAIR-MPC:Secure and Auditable SMPC for Anonymous Financial Collaboration
Coffee Break
Paper Session 2
• Enhancing Trust in VideoKYC: Deepfake Detection and Source Attribution
• A Methodology for Event Log Generation from Unstructured Digital Forensics Data
• A ROSI-Based Framework with Zero Trust Architecture: Interdependent Risks and Cybersecurity Investment
• Evaluating the Impact of Honeynets on Malicious Activity in Home Network Environments
• Automated Injury Severity Assessment Using Knowledge-Grounded Large Language Models
• Memory-Recall-Based Watermarking for Data Misuse Detection in Large Language Models
Lunch
Paper Session 3
• LMBE: Unsupervised Detection of Lateral Movement via User Behavior Embedding
• HLSEn: High-level Semantic Awareness Pseudo-code Encoding for Binary Code Similarity Detection
• Threshold-driven: Reversible Adversarial Face Examples via Latent Diffusion Model
• Talking Like a Phisher: LLM-Based Attacks on Voice Phishing Classifiers
Coffee Break
Paper Session 4
• PhishIntentionLLM: Uncovering Phishing Website Intentions through Multi-Agent Retrieval-Augmented Generation
• MuLImg-SCV: Multi-Label Vulnerability Classification of Smart Contracts Based on RGB Image
• Blockchain-based vs. SQL Database Systems for Digital Twin Evidence Management: A Comparative Forensic Analysis