Time's running out to apply for the 2011 DC3 Digital Forensics Challenge Published June 2, 2011 By Ms. Linda Card AFOSI Public Affairs MCB QUANTICO, Va. -- The 2011 Department of Defense Cyber Crime Center Digital Forensics Challenge is based on individual scenario-based, progressive level challenges as a call to the digital forensics community to pioneer new investigative tools, techniques and methodologies. The other objectives of this annual event are to establish relationships within the digital forensics community and resolve issues facing the digital forensics community. "I'm excited that the DC3 Digital Forensics Challenge has really been embraced by the digital forensics community world-wide," said Mr. Jim Christy, DC3 Futures Exploration director. "The U.S. teams have not won the challenges the past two years, but I'm optimistic they'll do better this year. For the United States to be successful, we need faculty in U.S. high schools, colleges and universities to become more engaged in the competition." Each challenge level establishes the total number of points available per challenge assigned based on its difficulty toward a solution (known to unknown). This is based on the complexity of what a digital forensics examiner normally runs into and has to adjust for/extract/scrutinize in an analysis of those file types for examination problems. The 2011 DC3 Digital Forensics Challenge now has 812 teams participating from 48 states and 45 countries. They still don't have teams from Nebraska or West Virginia. New York (46 teams) and Maryland (43 Teams) lead in the United States. Internationally, the United States (478 teams), the United Kingom (129 teams), and Italy (29 teams) leads the way. The first round of submissions have been graded and all have received 20 percent bonuses for early submission (1 May) and listed in the top 10 teams so far. LoneWolf from Turkey currently leads the "pack." DC3 has already received more solutions than last year at this time. They have had 77 teams submit 276 individual challenge solutions to date. This is a tremendous increase over last year. The next deadline for submission is July 1. Submissions received before July 1 will receive a 10 percent bonus on each submission. Level 100 establishes groundwork for novices. These challenges have a solution that is well-known to experienced examiners. Each subcategory of this level is worth 100 points (e.g. file signatures, suspicious software, hashing metadata, etc.). Level 200 establishes uncertainty for the more advanced competitor. At 200 points per subcategory, these solvable challenges have a varying degree of difficulty (e.g. data hiding, file headers, passwords, registry, etc.). Level 300 is for the expert digital forensics investigator. There is no guarantee that these challenges have a solution. Additionally, each 300 point challenge requires a solution that is not very well known (e.g. encryption, parsing, etc.). Level 400 is a master reveal challenge. These 400 point challenges have no known solution (e.g. communication recovery/parsing, information concealment in files, etc.). Level 500 is for the original developer. The 500 point challenge requires development of digital forensic tools based on the defined requirements (e.g. tools, methodologies, etc. for known digital forensic investigation issues). These tools can be used to solve other challenges as well. For an application for the 2011 DC3 Digital Forensics Challenge, email challenge@dc3.mil or call 410-981-6610 or 410-981-1092. For more information, visit the DC3 Web site. Additional information about The Department of Defense Cyber Crime Center (DC3): DC3 sets standards for digital evidence processing, analysis, and diagnostics for any DoD investigation that requires computer forensic support to detect, enhance, or recover digital media, including audio and video. The center assists in criminal, counterintelligence, counterterrorism, and fraud investigations of the Defense Criminal Investigative Organizations and DoD counterintelligence activities. It also supports safety investigations and Inspector General and commander-directed inquiries. DC3 aids in meeting intelligence community document exploitation objectives from a criminal law enforcement forensics and counterintelligence perspective. They also provide computer investigation training to forensic examiners, investigators, system administrators, and any other DoD members who must ensure defense information systems are secure from unauthorized use, criminal and fraudulent activities, and foreign intelligence service exploitation. DC3 remains on the leading edge of computer technologies and techniques through research, development, testing, and evaluation applied to digital evidence processing and computer forensic analysis; and by partnering with governmental, academic, and private industry computer security officials.