Program of the Workshop 2019

Program of the workshop - 9th of December, 2019 (Updated 27.11.2019)

Introduction and Scope

Following the positive feedback and great interest last year, we are delighted to announce the 3rd International Workshop on Big Data Analytic for Cybercrime Investigation and Prevention, co-located with IEEE Big Data 2019 conference in Los Angeles, CA, USA on December 9-12, 2019.

The big data paradigm has become an inevitable aspect of today's digital forensics investigations. Acquiring a forensic copy of seized data mediums already takes several hours due to the increasing storage size. In addition are several other time-consuming laboratory analysis steps required, such as evidence identification, corresponding data preprocessing, analysis, linkage, and final reporting. These steps have to be repeated for every physical device examined in the criminal case. Conventional digital forensics data preprocessing and analysis methods struggle when handling the contemporary variety, variability, volume and velocity of case data. Thus, proactive approaches have to be developed and integrated in daily law enforcement operations; for timely detection and prevention of the illegal activities in a data-intensive environments. Thus, there is a need for advanced big data analytics to aid in cyber crime investigations, which requires novel approaches for automated analysis. This workshop is organized to bring together recent development in big data analysis to aid in current challenges in cybercrime investigations.

Research Topics of Interest

The topics of the workshop are as following, but not limited to:

Algorithm areas

- Machine Learning-aided analysis

- Graph-based detection

- Topic modelling

- Improvements of existing methods

- Decision Support Systems


- Novel datasets

- New data formats

- Digital Forensics data simulation

- Anonymised case data

- New data formats and taxonomies


- Secure collaborative platforms

- Distributed storage and processing

- Technologies for data streams

- Hardware / software architectures for large-scale data

Application areas

- Cyber Threats Intelligence

- Network Forensics Readiness

- Malware Analysis & Detection

- Emails mining & Authorship Identification

- Social Network Mining

- Events correlations

- Access Logs analysis

- Mobile Forensics

- Fraud Detection

- Database Forensics

- IoT Forensics

- Blockchain technologies

- Industrial systems

Important dates

Oct 23 (extended from Sep 20), 2019: Due date for full workshop paper submissions

Nov 10 (extended from Oct 15), 2019: Notification of paper acceptance to authors

Nov 20 (extended from Nov 10), 2019: Latest due date for camera-ready of accepted papers

Dec 9-12, 2019: Workshops and conference

Program Chairs

  • Andrii Shalaginov

    Postdoctoral Researcher in Digital Forensics,

  • Jan William Johnson

    PhD Research Fellow in Information Security,

  • Ambika Shrestha Chitrakar

    PhD Research Fellow in Information Security,

  • Asif Iqbal

    PhD Research Fellow in Digital Forensics, CISSP, CISA, CISM, Founder & CEO Athena Labs,

Technical Program Committee

Ali Dehghantanha (University of Guelph)

Bing Zhou (Sam Houston State University)

Hanno Langweg (Konstanz University of Applied Sciences)

Dmitry Kangin (University of Exeter)

Igor Kotsiuba (Pukhov Institute for modeling in Energy Engineering)

Inna Skarga-Bandurova (East Ukrainian National University)

Junaid Arshad (University of West London)

Mamoun Alazab (Charles Darwin University)

Neminath Hubballi (Indian Institute of Technology Indore)

Olaf M. Maennel (Tallinn University of Technology)

Shih-Chieh Su (‎Microsoft)

Vasileios Mavroeidis (University of Oslo)

Keynote Speakers

Igor Kotsiuba

PhD, Chief Engineer EU projects
Pukhov Institute for Modelling in Energy Engineering
National Academy Of Sciences of Ukraine

“Forensic Readiness as an inevitable part of open, cooperative and smart cyber-phisical systems"

Abstract: Digital forensics readiness in smart environments and modern critical infrastructures is an embedded cyber surveillance as we are moving from proprietary protocols to more open paradigms. Considering raised inter-connectivity, smart everywhere societies and cyber and autonomous weapons as a norm, we understand new challenges to keep methods used to collect evidence at the same level. Cyber-Phisical Systems require modeling from both worlds and create new dimension for reasoning in cyber crimes or wars. These are very important considerations when developing methods, and designing or selecting associated tools and staff, to collect forensically-sound evidence, and these considerations are very difficult to keep in place when city or energy grid is being transformed to smart and interconnected one. Smart environments and infrastructures cause increasing of cybercrime, where the technology is the target, or victim, of the crime, usually involves a more sophisticated knowledge of technology on the part of both the perpetrators and those investigating the crime. This category involves attacks on the energy grid smart components them- selves, such as distributed denial of service attacks that freeze or significantly slow down a system’s operations; network intrusions that infect computers and systems with malware; and other means of damaging, deleting and altering electronic data, telemetry or commands and impeding system operations. These crimes can range from individual attacks by a sole actor against a single IoT devise, to major threats against a multinational organization or country by an organized criminal enterprise or enemy nation state. Potential harms from these crimes can scale from minor inconveniences impacting individuals and companies, to lost data, to significant threats to public health and safety, to cyberwarfare. This area of cybercrime likely also will continue to grow exponentially in light of our expanding reliance on computers, IoT combinations and ecosystems to efficiently manage all aspects of a country’s infrastructure and a city’s operations. Given the potential scope and , damage and complexity of these crimes, it is essential to have a solid understanding of how to prevent, detect and prosecute cybercrime targeted at computer systems. Forensic readiness is to be considered by security operations on individual, enterprise and national level, and require incisiveness and capacity to restore security, safety, and rule of law in mass cyber victimization.

Bio: Dr. Igor Kotsiuba has served for more than a decade in industry and academia and have completed numerous transnational projects with leading players in Cybersecurity and Industrial IoT. Dr. Kotsiuba is a counsellor in government and industry and founder at cybersecurity agency iSolutions and established digital forensics lab in Ukraine to build capacity and restore the rule of law in cyberspace. Igor is an evangelist of inclusive approach to delivering full stack cybersecurity managed services from initial compromise assessments to digital forensics evidences verifications. He has been advising Ukrainian Businesses and Governmental Institutions on Cybersecurity issues, In year 2018 Igor Kotsiuba was elected as a Head of Cybersecurity Work Group at American Chamber of Commerce Ukraine. Igor Kotsiuba is an Of Counsel at Asters and supports their team in Brussels on ongoing Joint Activities in European Parliament. Dr. Kotsiuba is eminently qualified in the field of cybersecurity; he is a participant in EU Horizon Research and Innovation and Key Expert in Regional EU projects, PhD in Information Technology and he is a member of IEEE. Igor regularly invited as keynote speaker, guest lecturer in European Universities as well as a Program Committee Member of reputable Cybersecurity Journals and conferences. Dr. Igor Kotsiuba is interested in interdisciplinary research and innovation projects especially in digital forensics and cybersecurity in smart and critical infrastructures. In addition, he is interested in technical research on Intelligent applications in cyber forensics (malware, big-data investigation, loT investigation) cybercrime (criminology and policy research), virtual currencies and crypto assets anti money laundering.

Paper Submission

The authors are invited to submit: full-length papers (up to 10 pages IEEE 2-column format), short papers (4-6 pages IEEE 2-column format) or abstract papers (up to 4 page IEEE 2-column format) through the online submission system. Page count includes references, figures and tables.

Paper Submission Page

Papers should be formatted to IEEE Computer Society Proceedings Manuscript Formatting Guidelines (see link to "formatting instructions" below) using Letter page format (8.5" x 11").

LaTex Formatting Macros or DOC


The authors of accepted papers must guarantee their presence at the conference for the papers to be published in the conference proceedings. At least one author of each accepted paper must register for the conference in order to include the paper in the proceedings.

Best Papers


The Best Paper Award 2019

is given to the contribution
PACE: Platform for Android Malware Classification and Performance Evaluation
Ajit Kumar, Vinti Agarwal, Shishir K. Shandilya, Andrii Shalaginov, Saket Upadhyay, and Bhawna Yadav

Moreover, selected papers are nominated for submission to “Special Issue on Advanced Big Data Analytics for Cyber and Cyber-Physical Crime Investigations", international scientific journal of Future Internet (ISSN 1999-5903), published online by MDPI, which Indexed in Ei Compendex, Scopus and the Emerging Sources Citation Index (ESCI - Web of Science). Extended papers should have at least 60% of new material and will be sent through a review process to ensure the quality of contributions. More about the Special Issue

The Best Paper Award is given to the best paper at the workshop. All participants who submitted a paper automatically qualify to enter, and the winner will receive 500 CHF.