Digital Forensics

Credit: 3

Objective

 

  • To understand the basic digital forensics and techniques for conducting the forensic examination on different digital devices.

  • To understand how to examine digital evidences such as the data acquisition, identification analysis.

 

Unit -I

Computer forensics fundamentals, Benefits of forensics, computer crimes, computer forensics evidence and courts, legal concerns and private issues.

 

Unit- II

Understanding Computing Investigations – Procedure for corporate High-Tech investigations, understanding data recovery work station and software, conducting and investigations.

 

Unit-III

Data acquisition- understanding storage formats and digital evidence, determining the best acquisition method, acquisition tools, validating data acquisitions, performing RAID data acquisitions, remote network acquisition tools, other forensics acquisitions tools.

 

Unit-IV

Processing crimes and incident scenes, securing a computer incident or crime, seizing digital evidence at scene, storing digital evidence, obtaining digital hash, reviewing case.

 

Unit-V

Current computer forensics tools- software, hardware tools, validating and testing forensic software, addressing data-hiding techniques, performing remote acquisitions, E-Mail investigations- investigating email crime and violations, understanding E-Mail servers, specialized E-Mail forensics tool.

 

Outcome

 

  • Know how to apply forensic analysis tools to recover important evidence for identifying computer crime.

  • To be well-trained as next-generation computer crime investigators.

 

Text Books:

  1. Warren G. Kruse II and Jay G. Heiser, “Computer Forensics: Incident Response Essentials”, Addison Wesley, 2002.

  2. Nelson, B, Phillips, A, Enfinger, F, Stuart, C., Guide to Computer Forensics and Investigations, 2nd ed., Thomson Course Technology, 2006, ISBN: 0-619-21706-5.

Reference Books:

  1. Vacca, J, Computer Forensics, Computer Crime Scene Investigation, 2nd Ed, Charles River Media, 2005, ISBN: 1-58450-389.