CS-457.1: Digital Forensics

• Home
• Schedule
• Course Policies
• Assignments

Schedule

Lesson	Subject
1	Introduction to Digital Forensics Cybercrime and Cybersecurity Digital forensics objectives Types of investigations Specializations
2	Challenges in Digital Forensics Platforms Inherent security features Anti-forensics techniques Legal matters
3	Introduction to Cryptography Symmetric & public key cryptography Hashes Demo
4	Challenges - Information Hiding Methods and uses Information hiding & digital forensics Demo
5	Windows Forensics: RAM Memory acquisition and analysis Demo
6	Windows Forensics: Disk Disk acquisition and analysis Demo
7	Windows Forensics: File System NTFS analysis Undeleting files File carving
8	Windows Forensis: Operating System Artifacts I Recycle bin content analysis Event log analysis LNK file analysis Prefetch file analysis
9	Windows Forensis: Operating System Artifacts II Windows registry analysis Windows shadow copies analysis Windows ShellBags
10	Windows Forensics: Other topics Web browser forensics Email forensics Skype forensics
11	Digital Forensics Lab Management Forensic lab requirements Personnel Quality assurance and accreditation Policies and procedures
12	Digital Forensic Principles and Good Practice Locard's exchange principle Order of volatility Rules of evidence Evidence suitability in court
13	Introduction to Mobile Forensics Cybercrime trends Motivation for mobile forensics
14	The Digital Investigation Processs Investigation Preparation Seizure and Isolation Acquisition Examination and Analysis Documenting and Reporting Archiving
15	Android Forensics Setup Android Virtual Device Android Debug Bridge
16	Android Physical Extraction Physical Data Extraction using dd, nanddump and MagnetAcquire RAM Imaging and Analysis SD Card Acquisitions JTAG and Chip-off Methods
17	Android Logical Extraction Manual ADB Data Extraction ADB Backup Extractions ADB Dumpsys Android SIM Card Extractions
18	Android: Recovering Deleted Data Recovering Data Deleted from SD Cards, SQLite Databases & Internal Storage Recovering Deleted Data using File Carving Recovering Contacts using a Google Account
19	Android: Parsing Applications Forensic Analysis & Parsing of Android Applications Determining which apps are Installed Encoding v. Encryption Methods to Extract 3rd-party app Data
20	Network Forensics I Scenario 1: Keylogger Scenario 2: Port scan Scenario 3: ICMP reverse shell Scenario 4: Decrypting 802.11 packets
21	Network Forensics II Scenario 1: Decrypting HTTPS Traffic Scenario 2: Decoding a Malicious DNS Tunnel Scenario 3: Decoding Keyboard Captures Scenario 4: SSH Log Analysis Scenario 5: Defaced Server
22	Legal and Ethical Provisions Applicable rules on data protection and human rights Case Studies