Course Description:
This course is an introduction to digital forensics that describes the techniques and tools used in criminal and civil investigations that involve computing systems, digital devices, and networks. Hands-on experience will be acquired through projects. COURSE WILL BE DELETED EFFECTIVE FALL 2017.Prerequisite:
- C or higher in CS 4350: Unix Systems Programming -OR-
- Consent of instructor
Course Objectives:
1. |
Understand the ethical and legal issues when gathering evidence. |
2. |
Know the difference between offline analysis and live response. |
3. |
Acquire hands on-experience using a variety of tools for different systems to administrate live response investigations. |
4. |
Learn how to extract data from hidden portions on a hard drive or a file system. |
5. |
Learn how to capture data packets over the network and examine their headers and content. |
6. |
Set up a safe environment for executing malicious programs, monitoring their behavior and understanding their operation. |
7. |
Learn of different encryption schemes and possible recovery methods. |
8. |
Know of various techniques to fingerprint and search documents. |
9. |
Identify potential backdoors for the implementation of covert channels. |
10. |
now of various forensics toolkits available publicly and commercially. |
Course Notes:
This course replaced CS 4378Y. Student cannot receive credit for both CS 4378Y and CS 4378A.
It is anticipated that this topics course will be deleted for fall 2017.