Digital Forensics

By Dr. Jeetendra Pande | Uttarakhand Open University, Haldwani

Learners enrolled: 3883

Computer forensics, or digital forensics, is a fairly new field. Computer forensics investigators, also known as computer forensics specialists, computer forensics examiners, or computer forensics analysts, are charged with uncovering and describing the information contained on, or the state or existence of, a digital artifact. Digital artifacts include computer systems, hard drives, CDs, and other storage devices, as well as electronic documents and files like emails and JPEG images. The fast-growing field of computer forensics includes several branches related to firewalls, networks, databases, and mobile devices. Digital forensics technicians can find work with many types of organizations: government (local, state, and federal), accounting firms, law firms, banks, and software development companies. Essentially, any kind of organization that has a computer system may have a need for a digital forensics specialist. Some digital forensics specialists opt to start their own businesses, giving them an opportunity to work with a variety of clients. Computer forensics investigators provide many services based on gathering digital information, from investigating computer systems and data in order to present information for legal cases to determining how an unauthorized user hacked into a system. A digital forensics examiner does many things in the course of these tasks – protects the computer system, recovers files (including those that were deleted or encrypted), analyses data found on various disks, and provides reports, feedback, and even testimony when required. The employment outlook for digital forensics examiners and investigators is favorable due to the rapid growth of crimes involving computers (cybercrime). Learning Outcomes After the successful completion of this course, the learner will be able to: A. Understand the importance of a systematic procedure for investigation of data found on digital storage media that might provide evidence of wrong-doing. B. Understand the file system storage mechanisms of the operating systems. C. Use tools for faithful preservation of data on disks for analysis. D. Find data that may be clear or hidden on a computer disk. E. Learn the use of computer forensics tools used in data analysis, such as searching, absolute disk sector viewing and editing, recovery of files, password cracking, etc. F. Understand how to present the results of disk data analysis in a court proceeding as an expert witness.

Summary

Course Status :	Completed
Course Type :
Language for course content :	English
Duration :	12 weeks
Category :	Computer Science and Engineering
Credit Points :	4
Level :	Postgraduate
Start Date :	15 Aug 2022
End Date :
Exam Date :

Page Visits

Course layout

WEEK	TOPIC	MODULE
Week 1	Introduction to Digital Forensic	Definition of Computer Forensics
		Cyber Crime
		Evolution of Computer Forensics
		Objectives of Computer Forensics
		Roles of Forensics Investigator
		Forensics Readiness
		Steps for Forensics
Week 2	Computer Forensics Investigation Process	Digital Forensics Investigation Process
		Digital Forensics Investigation Process-Assessment Phase
		Acquire the Data
		Analyze the Data
		Report the Investigation
Week 3	Digital Evidence and First Responder Procedure	Digital Evidence
		Digital Evidence Investigation Process
		First Responders Toolkit
		Issues Facing Computer Forensics
		Types of Investigation
		Techniques in digital forensics
Week 4	Understanding Storage Media and File System	The Booting Process
		LINUX Boot Process
		Mac OS Boot Sequence
		Windows 10 Booting Sequence
		File System
		Type of File Systems
Week 5	Windows Forensics	Introduction to Windows Forensics
		Windows Forensics Volatile Information
		Windows Forensics Non- Volatile Information
		Recovering deleted files and partitions
		Windows Forensics Summary
		Digital Forensics Road map: Static Data Acquisition from windows using FTK Imager
		Live Data Acquisition using FTK Imager
		FTK Imager
		Installation of KALI Linux
		RAM Dump Analysis using Volatility
		Static Data Acquisition from Linux OS
Week 6	Recovering Deleted Files and Partitions	Digital Forensics Tools
		Overview of EnCase Forensics
		Deep Information Gathering Tool: Dmitry Page
		Computer Forensics Live Practical by using Autopsy and FTK Imager
Week 7	Network Forensics	Introduction to Network Forensics
		Network Components and their forensic importance
		OSI internet Layers and their Forensic importance
		Tools Introduction Wireshark and TCPDUMP
		Packet Sniffing and Analysis using Ettercap and Wireshark
		Network Forensics
		Wireshark Packet Analyzer
		Packet Capture using TCP DUMP
		Website Penetration: WHOIS, nslookup
Week 8	Logs & Event Analysis	Forensic Analysis using AUTOPSY: Linux and Windows
		Forensics and Log analysis
		Compare and AUDIT Evidences using Hashdeep Page
		Data Carving using Bulk Extractor: Kali Linux and Windows
		Recovering Evidence from Forensic Images using Foremost
Week 9	Application Password Cracking	Introduction to Password Cracking
		Password Cracking using John the Ripper
		Password Cracking using Rainbow Tables
		PDF File Analysis
		Remote Imaging using E3 Digital Forensics
Week 10	Wireless and Web Attacks	WiFi Packet Capture and Password Cracking using Aircrack ng
		Introduction to Web Attacks
		Website Copier: HTTRACK
		SQL Injection
		Site Report Generation: Netcraft
		Vulnerability Analysis: Nikto
		Wayback Machine
		Deep Information Gathering Tool: Dmitry
		Image Metadata Extraction using Imago
Week 11	Email Forensics Investigation	Email Forensics Investigations
Week 12	Mobile Device Forensics	Mobile Forensics
	Mobile Device Forensics	Preparation for Digital Forensic investigation
	Investigative reports, expert witness and cyber regulations	Introduction to Report Writing
	Investigative reports, expert witness and cyber regulations	Forensic Reports & Expert Witness
	Demonstration of Some Forensics Tools	Demonstration of Some Forensics Tools

Books and references

https://www.uou.ac.in/progdetail?pid=MSCCS-21

Instructor bio

Dr. Jeetendra Pande

Uttarakhand Open University, Haldwani

Dr. Jeetendra Pande is working as an Associate Professor of Computer Science Department at Uttarakhand Open University, Haldwani. He has to his credit more than 15 research papers in International Journals, 12 papers in conference proceedings and 03 refereed books. His current area of interests is cyber security, computer forensics, component-based software development, Education Technology and Open Educational Resources. Dr. Pande has worked in the areas Component Based Software Development and Cyber Security. He has been involved in development of pliability metric for optimal component selection for component based software development. He has carried out many projects as a Principal Investigator sanctioned by Commonwealth Educational Media Center for Asia, USERC and Govt. of Uttarakhand.

Award and Fellowships: Gold Medal from Indira Gandhi National Open University (IGNOU) for Innovation in Open and Distance Learning (ODL)- 2018 by Hon'ble Vice President of India Shri Venkaiah Naidu in the 32nd Convocation held on April 3, 2019 at IGNOU Headquarters, Maidan Garhi, New Delhi. Asian Association of Open Universities (AAOU) International Inter- University Staff Exchange Fellowship- 2018 from Sukhothai Thammathirat Open University, Thailand. Asian Association of Open Universities (AAOU) International Inter- University Staff Exchange Fellowship- 2019 from Open University of Sri Lanka, Sri Lanka.

SWAYAM Helpline / Support