Course Description:
This course provides a comprehensive understanding of the techniques and tools used in criminal and civil investigations that involve computing systems, digital devices and media, and communication networks. The course covers recent research material published in the field. Hands-on experience will be acquired through case studies and projects. COURSE WILL BE DELETED EFFECTIVE FALL 2017.Prerequisite:
None.
Course Objectives:
|
1. |
Develop new tools that advance the state-of-the-art of digital investigations. |
|
2. |
Validate and compare between existing tools. |
|
3. |
Understand the ethical and legal issues involved when gathering evidence. |
|
4. |
Differentiate between the processes of offline analysis and live response. |
|
5. |
Acquire hands-on experience using a variety of tools for different systems to administrate live response investigations. |
|
6. |
Identify potential portions in the file system and hard drive that can be used to hide potential evidence. |
|
7. |
Identify potential backdoors in networking protocol that can be used to establish covert channels. |
|
8. |
Be able to capture data packets over the network (wired and wireless) and examine their headers and content for potential evidence. |
|
9. |
Set up a safe environment for executing malicious programs, monitoring their behaviors and uncovering their operations. |
|
10. |
Learn about cryptography and cryptanalysis. |
|
11. |
Learn about tools used in password cracking. |
|
12. |
Learn of different algorithms to create document (partially and fully) signatures along with algorithms to enable fast search for documents. |
|
13. |
Know of various forensics toolkits available publicly and commercially. |
|
14. |
Able to digest, present and discuss research papers in the field. |
|
15. |
Describe challenges that face investigators in recovering evidence from digital devices (e.g., mp3 players, cameras, phones, etc.). |
Course Notes:
This course replaced CS 5369F, Fall 2012.
It is anticipated that this topics course will be deleted for fall 2017.
Section Info:
Lecture/Lab Hours: 3 hours lecture, 0 hours lab
Offered: Infrequently