DIFO - Digital Forensics

Requirements

Minst 60 hp inom området data- och systemvetenskap, varav minst 3 hp datasäkerhet och 3 hp operativsystem eller motsvarande.

Aim

The course main goal is to expose the student on an introductory level to the discipline of digital forensics, the relevant subject areas, the dependencies and the cross-fertilization with other disciplines such as computer science, law, sociology, ethics, economics, and political science. The students would attain this goal by meeting the following objectives:

  1. Understanding and knowledge of the theoretical framework of digital forensics,
  2. Recognize the need for rigorous and scientifically validated forensic examination,
  3. Identify, evaluate and use some of the basic hardware and software tools,
  4. To be aware of more complex digital forensics problems, adequate demanding forensic procedures, and sophisticated tools to solve them,
  5. Know the basics and understand the Internet architecture to be able to subject them to elementary digital forensic analysis in order to determine the value of the dynamic evidence, and
  6. Appreciate the power and the ubiquity of small scale digital devices and be able to use tools for logical and physical extraction of digital evidence.

Syllabus

It is almost a truism to say that the contemporary world we live in is qualified as a digital one. Indeed, from the games we play to the movies we watch, from the lectures we take and messages we exchange, almost everything today is in a digital form including the evidence and data about who we are and what we do. Hence, one may presume that in a digital world even an unlawful behavior either as an object of or as a subject for has a strong digital flavor. The intent of the course is to provide you with an insight in the area of digital forensics that ranges from investigating the impact of the technological crimes (in our case it refers mainly to information and communications sciences) to mining data whose eventual analysis would show you whether and how an arbitrary system (such as a network or even the Internet) works. Digital forensics covers a wide spectrum of disciplines such as operating and networking systems (the Internet as well), digital archives including working storage, disks, memory dongles, the operation of small scale digital devices (PDAs and mobile phones), digital signatures and profiling, detection and prevention of intrusion systems, policies and laws, ethical standards, intellectual property rights, digital rights management, risk analysis and compliance, and the principles of information warfare and cyber-terrorism. It is expected that the students would be provided with the affordances of a dedicated lab with state –of-the-art equipment for Cyber Scene Investigations (CSI lab) where they would have the opportunity to use a variety of professional-grade forensic tools and carry out independent group projects. We do hope that this blend of computer science, information system security, legal issues, search mechanisms for e-evidence, and intelligent procedures for data discovery would be a challenging experience in the possibilities and the pitfalls of the Digital world, where even our human prints are in a digital form. Digital forensics is among the “hottest” technological and scientific areas at the moment that provide a fairly large variety of professional positions in corporations, various governmental agencies such as financial, low enforcement, legal, and wherever there is a need for fusion of core computer and systems science with the economic and social aspects of living and working in a Digital world. It is a unique opportunity to engage in variety of possibilities such as becoming digital investigators and detectives , court experts, guardians of corporate and institutional compliance, and in general be on the first lines preventing the world around you moving into the direction of digital calamities.

DIFO (last edited 2011-11-21 15:56:29 by sm@dsv.su.se)