CYFO - Cyber Forensics
90 hp in Computer and Systems Sciences, with at least:
- 3 hp computer security
- 3 hp operative systems
or similar. The course DIFO Digital Forensics, while not mandatory, is strongly recommended.
One of the aims of the course is to provide students with an awareness and understanding of the variety, complexity and pervasiveness of digital evidence in the world today, often termed as a Cyber space, and its importance, relevance and protection for the proper functioning of any contemporary society. In addition, the student should be able to develop critical appreciation and approach to analyzing and solving cyber forensic problems such as the process of e-Discovery and its significance in the corporate world and relations to compliance and risk assessment.
Today, when mobile communication are omnipresent and mobile phones are the dominant way of communication the student should be able to extract and analyze any information stored and exchanged, including the location and the time provided by the GPS devices. The student should be able to use sophisticated tools in order to gather intelligence relevant to planned or executed frauds and crimes pertinent to counterfeiting, intellectual and industrial property, and terrorism.
Another objective is to develop skills for critical evaluation of the possible threats to critical infrastructure, abuse and misuse of social nets, identify who is behind and how operate dark nets, and how to resolve the problems caused by embedded cryptography.
Through lectures, seminars, and labs that will take place in the Cyber Scene Investigations (CSI) lab, the student should be able to learn about the advanced and complex cyber security problems, and how to deal and handle evidence in the cyber space and prevent the meltdown of the contemporary critical cyber infrastructure. The basic format of the lectures will be via seminar discussions. Some of the concepts and subjects addressed are:
- Mobile phone and GPS forensics
- eDiscovery or digital forensic in civil cases, especially in the corporate world
- Cyber frauds: counterfeiting of goods like medicine, drugs, spare parts
- Gathering and processing of intelligence in large-scale cybercrimes such as terrorism, DDOS and blackmailing
- Incident response to cyber attacks on critical infrastructure (especially e-Infrastructures based)
- New threats and difficulties for digital investigations such as BOTNets / Dark Nets / Embedded cryptography/Abuse of Social Nets including infringement on privacy and trust