Forensic investigation is the process of detecting hacking attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks. Computer forensics is simply the application of computer investigation and analysis techniques in the interests of determining potential legal evidence. Evidence might be sought in a wide range of computer crime or misuse, including but not limited to theft of trade secrets, theft of or destruction of intellectual property, and fraud. Forensic investigators can draw on an array of methods for discovering data that resides in a computer system, or recovering deleted, encrypted, or damaged file information.

This course consists of the following modules – Computer Forensics in Todays World, Law and Computer Forensics, Computer Investigation Process, First Responder Procedures, CSIRT, Computer Forensic Lab, Understanding File Systems and Hard Disks, Digital Media Devices, Windows, Linux and Macintosh Boot Processes, Windows Forensics, Linux Forensics, Data Acquisition and Duplication, Computer Forensic Tools, Forensics Investigations Using Encase, Recovering Deleted Files and Partitions, Image Files Forensics, Steganography, Application Password Crac kers, Network Forensics and Investigating Logs, Investigating Network Traffic, Investigating Wireless Attacks, Investigating Web Attacks, Router Forensics, Investigating Denial of Service Attacks, Investigating Internet Crime, Tracking E-mails and Investigating E-mail Crimes, Investigating Corporate Espionage, Investigating Trademark and copyright infringement, Investigating Sexually Harassment Incidents, Investigating Child Pornography Cases, PDA Forensics, I-pod Forensics, Blackberry Forensics, Writing Investigative Reports, Becoming an Expert Witness.

The duration of this course is 12 weeks with 40 instructor contact hours.

There will be 2 assignments and one exam in this course.

Assignment 1 -----------      20 marks
Assignment 2 -----------      40 marks
Course Exam ------------     40 marks
Total --------------------     100 marks

• Computer Forensics in Todays World
• Law and Computer Forensics
• Computer Investigation Process
• First Responder Procedures
• CSIRT
• Computer Forensic Lab
• Understanding File Systems and Hard Disks
• Digital Media Devices
• Windows, Linux and Macintosh Boot Processes
• Windows Forensics
• Linux Forensics
• Data Acquisition and Duplication
• Computer Forensic Tools
• Forensics Investigations Using Encase
• Recovering Deleted Files and Partitions
• Image Files Forensics
• Steganography
• Application Password Crackers
• Network Forensics and Investigating Logs
• Investigating Network Traffic
• Investigating Wireless Attacks
• Investigating Web Attacks
• Router Forensics
• Investigating Denial of Service Attack
• Investigating Internet Crime
• Tracking E-mails and Investigating E-mail Crime
• Investigating Corporate Espionage
• Investigating Trademark and copyright infringement
• Investigating Sexually Harassment Incidents
• Investigating Child Pornography Cases
• PDA Forensics
• I-pod Forensics
• Blackberry Forensics
• Writing Investigative Reports
• Becoming an Expert Witness

Assignment 1

• Investigating Network Intrusions and Computer Forensics Assignment 1

Assignment 2

• Investigating Network Intrusions and Computer Forensics Assignment 2

FINAL EXAM