622.770 (19S) Digital Forensics Concepts

Sommersemester 2019

Anmeldefrist abgelaufen.

Erster Termin der LV
15.03.2019 10:00 - 12:00 , S.2.42
... keine weiteren Termine bekannt

Überblick

Lehrende/r
LV-Titel englisch
Digital Forensics Concepts
LV-Art
Vorlesung-Kurs (prüfungsimmanente LV )
Semesterstunde/n
2.0
ECTS-Anrechungspunkte
4.0
Anmeldungen
12 (30 max.)
Organisationseinheit
Unterrichtssprache
Englisch
mögliche Sprache/n der Leistungserbringung
Englisch
LV-Beginn
15.03.2019
eLearning
zum Moodle-Kurs

LV-Beschreibung

Intendierte Lernergebnisse

This course aims to teach the basic concepts of Digital Forensics:

1. Searching digital evidence in a secondary storage medium,

2. Recovering deleted media (if it is not overwritten),

3. Learning the frequently used file systems: FAT, NTFS and Extn,

4. File system analysis for Digital Forensics,

5. Partition analysis for Digital Forensics,

6. Learning Sleuthkit, an open-source Digital Forensics tool.

Lehrmethodik

The lectures will be followed by practical applications where students will use Digital Forensics tools such as Sleuthkit. Low-volume media such as 4GB memory sticks (and access tools to them) will be used in the lab environment.

Kali and Ubuntu releases of Linux will be used as operating systems. They can be run “live” or in virtual machines.

Students will bring their own computers to the class so that they can work also at home. This will also provide flexibility for installing the required software.

Inhalt/e

Data acquisition for forensic analysis. Sector-level analysis of digital media. System vulnerabilities.

Volume analysis and file system analysis. File systems: FAT, NTFS and Extn. Using steganography tools.

Erwartete Vorkenntnisse keine Anmeldevoraussetzung

A working knowledge of Linux and number systems (decimal, hexadecimal and binary) are required.

Depending on the situation of the class, the first few hours may be used for teaching them.

Assessment:
• Midterm 25%
• Term Project 35%
• Final exam 40%

Literatur

• Carrier, B. (2005). File System Forensic Analysis, Addison Wesley Professional.

• Marcella, A.J., Menendez, D. (2008). Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, 2nd ed., Auerbach Publications.

Prüfungsinformationen

Beurteilungsschema

Note/Grade Benotungsschema

Position im Curriculum

  • Masterstudium Angewandte Informatik (SKZ: 911, Version: 13W.1)
    • Fach: Information and System Security (Wahlfach)
      • Ausgewählte Kapitel der Systemsicherheit ( 2.0h VK / 4.0 ECTS)
        • 622.770 Digital Forensics Concepts (2.0h VC / 4.0 ECTS)
  • Masterstudium Informationsmanagement (SKZ: 922, Version: 13W.2)
    • Fach: Informations- und IT- Management (Pflichtfach)
      • 3.8 Current Topics in Information Management ( 2.0h SE/VC/KS / 4.0 ECTS)
        • 622.770 Digital Forensics Concepts (2.0h VC / 4.0 ECTS)
  • Masterstudium Information and Communications Engineering (ICE) (SKZ: 488, Version: 15W.1)
    • Fach: Technical Complements (NC, ASR) (Wahlfach)
      • Wahl aus dem LV-Katalog (Anhang 5) ( 0.0h VK, VO, KU / 12.0 ECTS)
        • 622.770 Digital Forensics Concepts (2.0h VC / 4.0 ECTS)
  • Masterstudium Information and Communications Engineering (ICE) (SKZ: 488, Version: 15W.1)
    • Fach: Technical Complements (NC, ASR) (Wahlfach)
      • Wahl aus dem LV-Katalog (Anhang 5) ( 0.0h VK, VO, KU / 12.0 ECTS)
        • 622.770 Digital Forensics Concepts (2.0h VC / 4.0 ECTS)

Gleichwertige Lehrveranstaltungen im Sinne der Prüfungsantrittszählung

Diese Lehrveranstaltung ist keiner Kette zugeordnet