Call for Papers

The SADFE (Systematic Approaches to Digital Forensic Engineering) International Workshop brings together researchers and practitioners focused on the state-of-the-art and emerging topics of interest in digital forensics. The 2021 SADFE Workshop will be held remotely in conjunction with the 42nd IEEE Symposium on Security and Privacy.

The workshop promotes systematic approaches to digital forensic investigation on the vulnerabilities of today’s cyber systems and networks, digital exploitation and manipulation, and on the emerging methods for how to detect, track, and prevent digital threats. SADFE embraces Digital Forensic Engineering (DFE) advancement as a disciplined and holistic scientific practice.

Namely, the workshop focuses on the topics of AI-generated falsified media (e.g. DeepFakes), cloud forensics, emerging and non-traditional methods (e.g. digital currency forensics, contact tracing, digital evidence management and analysis), forensics of embedded and non-traditional forensics, and related legal, ethical and technical challenges.

The 2021 SADFE Workshop is calling for paper and poster submissions as well as panel proposals in the broad field of Digital Forensics from both practitioner and researcher perspectives. With the dynamic change and rapid expansion of the types of electronic devices, networked applications, and investigation challenges, systematic approaches for automating the process of gathering, analyzing and presenting digital evidence are in unprecedented demand. The SADFE Workshop aims to promote solutions to these and related problems.

Submission Instructions

Paper and poster submissions should be made at: . Panel submissions should be emailed directly to the Co-Chairs (Edmon Begoli - and John (Vinnie) Monaco -

Review Process

Papers will be double-blind reviewed using the EasyChair Submission system. Each paper will receive no less than three professional peer reviews with results used for acceptance determination.

Submissions Guidelines

Call for Papers:

All paper submissions must be original work; authors must dearly document any overlap with previously published or simultaneously submitted papers from any of the authors. We seek submissions of 5 to 10 pages, excluding references and supplementary materials. Submissions must be in PDF format using the IEEE conference proceedings templates. Failure to adhere to the page limit and formatting requirements are grounds for rejection without review.

We encourage authors to submit papers of appropriate length for the research contribution. If your research contributions only require 5-7 pages, please only submit 5-7 pages (plus references). Shorter papers will be reviewed like any other paper and not penalized. Papers shorter than 5 pages or longer than 10 pages {excluding references) will not be considered. Submitting supplementary material that adds depth to the contribution and/or contributes to the submission's replicability is strongly encouraged.

Papers must be submitted in a form suitable for anonymous review: no author names or affiliations may appear on the title page, and papers should avoid revealing author identities in the text. When referring to your previous work, do so in the third person, as though it were written by someone else. Only blind the reference itself in the (unusual) case that a third-person reference is infeasible. Publication as a technical report or in an online repository does not constitute a violation of this policy. Contact the program chairs if you have any questions. Papers that are not properly anonymized may be rejected without review.

Accepted papers will be published in the 42nd IEEE Symposium on Security & Privacy Workshop (SPW) Proceedings published by IEEE Computer Society Press (CPS). Authors of select papers will be invited to submit an extended version of their paper for publication in a journal special issue (venue to be determined).

Call for Posters:

We encourage submission of poster proposals for a chance to present your work interactively. Posters can cover preliminary or exploratory work, smaller research projects, projects that are showing promising results but aren't quite ready for a full publication, or any other work that would benefit from open forum discussion. Topics of interest are the same as those for papers as well as any other current digital forensics topics. We are particularly interested in work that shares real-life experiences including actual system or product implementation, deployment, and lessons learned. Poster proposals should be at most 2 pages in length and should briefly describe the objectives of the current work, any accomplishments to date, and future plans. Poster proposal submissions should not be anonymized; ensure that, you include author information (name, affiliation, country) in your proposal. If accepted, you are expected to attend the virtual poster session. Posters are not considered to be a prior publication.

Panel proposals:

We encourage submission of panels on the topics suggested below. A panel submission should be 1 page (US letter) in PDF format, listing the panel moderator and affiliation, as well as potential panelists and the panel topic. The length of a panel is typically 1 hour. Panel submissions should not be anonymized.

Important Dates for SADFE 2021 (all deadlines are AoE time)

The Paper Submission Deadline Has Been Extended By 2.5 Weeks

  • Paper submission deadline: January 19, 2021 February 5, 2021
  • Paper decisions: February 24, 2021 March 5, 2021
  • Paper ready for publication: March 15, 2021 March 25, 2021
  • Poster submissions: February 28, 2021
  • Poster decisions: March 31, 2021
  • Panel poposals: February 28, 2021
  • Panel decisions: March 31, 2021

Topics of Interest

Topics to be addressed by submissions include, but are not limited to:

  • AI-Generated Falsified Media and Falsified Digital Content Detection, Prevention and Forensics
    • Modalities, sources, and variations of AI-generated falsified digital media and content (i.e. DeepFakes images, audio, video, speech, text, signals, etc.)
    • Processes, systems and methods for content analysis and verification (e.g., verification of anatomical correctness, background and setting validation, examination of physical conditions, speech patterns, likelihood of appearance, etc.)
    • Content and model watermarking, content protection, and tamperproofing methods
    • Identification, attribution, and source tracking of falsified digital media
    • Use of falsified media to spread misinformation and “fake news” and its political, societal, social, legal, and psychological implications
    • Legal and law enforcement implications and issues

  • Cloud Forensics
    • Collection and management of evidence on distributed and dynamically allocated assets
    • Issues related to physical location (e.g., locating evidence or data, determining user location, and estimating device geolocation)
    • Tracking the source and spread of misinformation and politically-motivated campaigns
    • Legal issues unique to cloud computing, such as digital crime spanning multiple jurisdictions and data obtained through an unverifiable chain of custody
    • Detection and analysis of covert communication channels, including the circumvention of sandbox and isolation methods
    • Live cloud forensics, including the analysis of distributed and volatile systems

  • Emerging and Non-traditional Methods
    • Digital Quantum Forensics
    • Nano-scale and ultra-trace forensics at the material level
    • Human-computer interaction forensics, including deception detection, user profiling, and the detection of illicit activities based on keyboard, mouse, touchscreen, and other behaviors
    • Behavior-based authentication and identification of users and devices
    • Novel methods of evidence collection in digital forensic investigations (e.g., evidence obtained through side-channels)
    • Unconventional sensing methods (e.g., evidence obtained through gyroscopic, electromagnetic, or ambient light sensors)

  • Digital Currency Forensics
    • Tracking currency origin, destination, and flow
    • Address clustering (i.e., resolving multiple addresses to a single entity)
    • Detection of illicit activities (e.g., tax evasion, sale of illicit goods, laundering services)
    • Transaction attribution and authentication
    • Cross-platform forensics (e.g., linking addresses on Bitcoin and Ethereum)
    • Analysis of transaction logs leveraging external sources (e.g., social media accounts)

  • Digital Contact Tracing
    • Forensic reconstruction of transmission networks, including contact event acquisition, storage, and promulgation
    • Applications and research related to COVID-19 infection containment, and other disease tracking applications
    • Privacy, policy, ethical, and legal issues of contact tracing
    • Advancements in mobile and proximity-based tracing
    • Novel sensing modalities (e.g., visual, acoustic, RF) and devices (e.g., home assistants, wearable devices)
    • CEvaluations of contact tracing protocol accuracy, integrity, usage, effects, and societal impact

  • Digital Evidence Management, Data Integrity, and Analytics
    • Digital evidence identification, authentication, collection, analysis, and presentation
    • Identification and redaction of personally identifying information and other forms of sensitive information
    • Cyber-crime scenario analysis, modeling, and reconstruction
    • Combining different forms digital evidence (e.g., digital/non-digital, qualitative/statistical)
    • Digital evidence in the face of encryption
    • Post-acquisition handling of evidence and the preservation of data integrity and admissibility

  • Forensics of embedded and non-traditional devices (e.g. digicams, SCADA, obsolete storage media)
    • PInnovative forensic engineering tools and applications
    • Proactive forensic-enabled support for incident response
    • Legal and technical collaboration
    • Digital forensics surveillance technology and procedures
    • “Honeypot” and other target systems for data collection and monitoring
    • Quantitative attack impact assessment

  • Legal, Ethical, and Technical Challenges
    • Examination environments for digital data, including forensic tool validation
    • Admissibility and evidence tests
    • Courtroom expert witness and case presentation
    • Case studies illustrating privacy, legal and legislative issues
    • New Evidence Decisions, e.g., United States v. Jones (2012) and United States v. Kotterman (9th Cir. 2013)
    • Transnational Investigations/Case Integration under the Convention on Cybercrime of the Council of Europe

This event is technically sponsored and co-sponsored by

School of Computing Logo John Jay Logo
IEEE Computer Society Technical Committee on Security & Privacy School of Computing John Jay