Download presentation
Presentation is loading. Please wait.
1
Digital Forensics Dr. Bhavani Thuraisingham
The University of Texas at Dallas Introduction to the Course August 24, 2009
2
Outline of the Unit Objective of the Course Outline of the Course
Course Work Course Rules Contact
3
Objective of the Course
The course describes concepts, developments, challenges, and directions in Digital Forensics. Text Book: Computer Forensics and Investigations. Bill Nelson et al, 2007/2008. Topics include: Digital forensics fundamentals, systems and tools, Digital forensics evidence and capture, Digital forensics analysis,
4
Outline of the Course Introduction to Data and Applications Security and Digital Forensics SECTION 1: Computer Forensics Part I: Background on Information Security Part II: Computer Forensics Overview Chapters 1, 2, 3, 4, 5 Part III: Computer Forensics Tools Chapters 6, 7, 8 Part IV: Computer Forensics Analysis Chapters 9, 10 Part V Applications Chapters 11, 12, 13
5
Outline of the Course Part VI: Expert Witness Chapters 14, 15, 16
SECTION II Selected Papers Digital Forensics Research Workshop Guest Lectures Richardson Police Department North Texas FBI Digital Forensics Company in DFW area
6
Course Work Updated October 7, 2009
Two exams each worth 15 points Mid-term and Final exams (October 14, December 7) Programming project worth 14 points (November 30 ) Four homework assignments worth 8 points each (Due: September 23, October 26, November 4, November 16) Term paper 10 points, Due November 23 Digital Forensics Project 14 points December 2 Total 100 points Extra credit opportunities
7
Term Paper Outline Abstract Introduction
Analyze algorithms, Survey, - - - Give your opinions Summary/Conclusions
8
Programming/Digital Forensics Projects –
Encase evaluation Develop a system/simulation related to digital forensics Intrusion detection Ontology management for digital forensics Representing digital evidence in XML Search for certain key words
9
Course Rules Unless special permission is obtained from the instructor, each student will work individually Copying material from other sources will not be permitted unless the source is properly referenced Any student who plagiarizes from other sources will be reported to the Computer Science department and any other committees as advised by the department
10
Contact For more information please contact Dr. Bhavani Thuraisingham
Professor of Computer Science and Director of Cyber Security Research Center Erik Jonsson School of Engineering and Computer Science EC31, The University of Texas at Dallas Richardson, TX 75080 Phone: Fax:
11
Review of Lectures 1-3 September 2, 2009
Lecture 1: Overview of Digital Forensics Lecture 2: Background on Information Security Lecture 3: Data recovery, Evidence collection, preservation and analysis (Expanded overview) Reading: Chapters 1-3 of Textbook
12
Review of Chapters 1-3 of Textbook September 2, 2009
Chapter 1: Understanding digital forensics What is digital forensics, conducting investigation, case law (fourth amendment) Chapter 2: Understanding investigations Steps for an investigation: systematic approach Evidence collections and analysis Report writing Chapter 3: Forensics Laboratory Physical requirements, Workstation requirements, Making a case to build a lab
13
Review Questions (Lectures 1, 3-7) September 2, 2009
Describe what is meant by digital forensics Describe the steps for a forensic investigation Describe how Data is Acquired in a Forensics Investigation Describe the process of constructing a forensic lab Describe data recovery in a forensic investigation Describe verification aspects of a forensic investigation Describe for malicious code may be detected in a machine Describe techniques for digital forensics analysis Describe the steps involved in processing a crime scene Describe the rules of evidence Describe forensics technologies
14
Assignment #1 (given on September 9, 2009)
Text Book Hands-on Project 2.1 Hands-on Project 2.2 Chapter 2 Page 68-69 Due: Wednesday September 23, 2009
15
Review: September 23, 2009 Lecture 1: Overview of Digital Forensics (Chapter 1 of textbook) Lecture 2: Information Security Review Lecture 3: Data Recovery Lecture 4: Malicious code detection Lecture 5: Technologies/Services Lecture 6: Data acquisition, Processing crime scene, Lab Tour Lecture 7: Honeypots Lecture 8: Botnets Lecture 9: Windows File System and Forensics, Encase Lecture 10: Forensics Tools Lecture 11: Tampering and Forensics Analysis Lecture 12: Intelligent digital forensics Lecture 13: Graphical Forensics and Steganalysis Lecture 14. Review for Exam #1, Misc Topics
16
Assignment #2 (given on October 7 , 2009)
Text Book Hands-on Project 4.1 Hands-on Project 4.2 Chapter 4 Page Due: Monday October 26, 2009
17
Papers to Read for Mid-Term
Steganography: 2. Intelligent Digital Forensics XIRAF – XML-based indexing and querying for digital forensics Selective and intelligent imaging using digital evidence bags Detecting false captioning using common-sense reasoning 3. Snodgrass papers from his web site Richard T. Snodgrass, Stanley Yao and Christian Collberg, "Tamper Detection in Audit Logs," In Proceedings of the International Conference on Very Large Databases, Toronto, Canada, August–September 2004, pp. 504–515. Kyri Pavlou and Richard T. Snodgrass, "Forensic Analysis of Database Tampering," in Proceedings of the ACM SIGMOD International Conference on Management of Data (SIGMOD), pages , Chicago, June, 2006. Parts of the PhD thesis from Ireland
Similar presentations
