X

Digital Forensics

By Dr. Jeetendra Pande   |   Uttarakhand Open University, Haldwani
Learners enrolled: 3883
Computer forensics, or digital forensics, is a fairly new field. Computer forensics investigators, also known as computer forensics specialists, computer forensics examiners, or computer forensics analysts, are charged with uncovering and describing the information contained on, or the state or existence of, a digital artifact. Digital artifacts include computer systems, hard drives, CDs, and other storage devices, as well as electronic documents and files like emails and JPEG images. The fast-growing field of computer forensics includes several branches related to firewalls, networks, databases, and mobile devices. Digital forensics technicians can find work with many types of organizations: government (local, state, and federal), accounting firms, law firms, banks, and software development companies. Essentially, any kind of organization that has a computer system may have a need for a digital forensics specialist. Some digital forensics specialists opt to start their own businesses, giving them an opportunity to work with a variety of clients. Computer forensics investigators provide many services based on gathering digital information, from investigating computer systems and data in order to present information for legal cases to determining how an unauthorized user hacked into a system. A digital forensics examiner does many things in the course of these tasks – protects the computer system, recovers files (including those that were deleted or encrypted), analyses data found on various disks, and provides reports, feedback, and even testimony when required. The employment outlook for digital forensics examiners and investigators is favorable due to the rapid growth of crimes involving computers (cybercrime). Learning Outcomes After the successful completion of this course, the learner will be able to: A. Understand the importance of a systematic procedure for investigation of data found on digital storage media that might provide evidence of wrong-doing. B. Understand the file system storage mechanisms of the operating systems. C. Use tools for faithful preservation of data on disks for analysis. D. Find data that may be clear or hidden on a computer disk. E. Learn the use of computer forensics tools used in data analysis, such as searching, absolute disk sector viewing and editing, recovery of files, password cracking, etc. F. Understand how to present the results of disk data analysis in a court proceeding as an expert witness.
Summary
Course Status : Completed
Course Type :
Duration : 12 weeks
Category :
  • Computer Science and Engineering
Credit Points : 4
Level : Postgraduate
Start Date : 15 Aug 2022
End Date :
Exam Date :

Page Visits



Course layout

WEEK

TOPIC

MODULE




Week 1





Introduction to Digital Forensic

Definition of Computer Forensics

Cyber Crime

Evolution of Computer Forensics

Objectives of Computer Forensics

Roles of Forensics Investigator

Forensics Readiness

Steps for Forensics



Week 2



Computer Forensics Investigation Process

Digital Forensics Investigation Process

Digital Forensics Investigation Process-Assessment Phase

Acquire the Data

Analyze the Data

Report the Investigation


Week 3


Digital Evidence and First Responder Procedure

Digital Evidence

Digital Evidence Investigation Process

First Responders Toolkit

Issues Facing Computer Forensics

Types of Investigation

Techniques in digital forensics



Week 4



Understanding Storage Media and File System

The Booting Process

LINUX Boot Process

Mac OS Boot Sequence

Windows 10 Booting Sequence

File System

Type of File Systems






Week 5






Windows Forensics

Introduction to Windows Forensics

Windows Forensics Volatile Information

Windows Forensics Non- Volatile Information

Recovering deleted files and partitions

Windows Forensics Summary

Digital Forensics Road map: Static Data Acquisition from windows using FTK Imager

Live Data Acquisition using FTK Imager

FTK Imager

Installation of KALI Linux

RAM Dump Analysis using Volatility

Static Data Acquisition from Linux OS



Week 6



Recovering Deleted Files and Partitions

Digital Forensics Tools

Overview of EnCase Forensics

Deep Information Gathering Tool: Dmitry Page

Computer Forensics Live Practical by using Autopsy and FTK Imager






Week 7






Network Forensics

Introduction to Network Forensics

Network Components and their forensic importance

OSI internet Layers and their Forensic importance

Tools Introduction Wireshark and TCPDUMP

Packet Sniffing and Analysis using Ettercap and Wireshark

Network Forensics

Wireshark Packet Analyzer

Packet Capture using TCP DUMP

Website Penetration: WHOIS, nslookup




Week 8




Logs & Event Analysis

Forensic Analysis using AUTOPSY: Linux and Windows

Forensics and Log analysis

Compare and AUDIT Evidences using Hashdeep Page

Data Carving using Bulk Extractor: Kali Linux and Windows

Recovering Evidence from Forensic Images using Foremost



Week 9



Application Password Cracking

Introduction to Password Cracking

Password Cracking using John the Ripper

Password Cracking using Rainbow Tables

PDF File Analysis

Remote Imaging using E3 Digital Forensics






Week 10






Wireless and Web Attacks

WiFi Packet Capture and Password Cracking using Aircrack ng

Introduction to Web Attacks

Website Copier: HTTRACK

SQL Injection

Site Report Generation: Netcraft

Vulnerability Analysis: Nikto

Wayback Machine

Deep Information Gathering Tool: Dmitry

Image Metadata Extraction using Imago

Week 11

Email Forensics Investigation

Email Forensics Investigations



Week 12


Mobile Device Forensics

Mobile Forensics

Preparation for Digital Forensic investigation

Investigative reports, expert witness and cyber regulations

Introduction to Report Writing

Forensic Reports & Expert Witness

Demonstration of Some Forensics Tools

Demonstration of Some Forensics Tools


Books and references

https://www.uou.ac.in/progdetail?pid=MSCCS-21

Instructor bio

Dr. Jeetendra Pande

Uttarakhand Open University, Haldwani
Dr. Jeetendra Pande is working as an Associate Professor of Computer Science Department at Uttarakhand Open University, Haldwani. He has to his credit more than 15 research papers in International Journals, 12 papers in conference proceedings and 03 refereed books. His current area of interests is cyber security, computer forensics, component-based software development, Education Technology and Open Educational Resources. Dr. Pande has worked in the areas Component Based Software Development and Cyber Security. He has been involved in development of pliability metric for optimal component selection for component based software development. He has carried out many projects as a Principal Investigator sanctioned by Commonwealth Educational Media Center for Asia, USERC and Govt. of Uttarakhand.
Award and Fellowships: Gold Medal from Indira Gandhi National Open University (IGNOU) for Innovation in Open and Distance Learning (ODL)- 2018 by Hon'ble Vice President of India Shri Venkaiah Naidu in the 32nd Convocation held on April 3, 2019 at IGNOU Headquarters, Maidan Garhi, New Delhi. Asian Association of Open Universities (AAOU) International Inter- University Staff Exchange Fellowship- 2018 from Sukhothai Thammathirat Open University, Thailand. Asian Association of Open Universities (AAOU) International Inter- University Staff Exchange Fellowship- 2019 from Open University of Sri Lanka, Sri Lanka.


MHRD logo Swayam logo

DOWNLOAD APP

Goto google play store

FOLLOW US