Network Forensics

By Dr. Seshu Babu Pulagara | NATIONAL INSTITUTE OF TECHNICAL TEACHERS TRAINING AND RESEARCH, CHENNAI

Learners enrolled: 174

This course in Network Forensics provides a comprehensive exploration of methodologies, tools, and challenges involved in investigating security incidents across modern digital networks. It begins with a review of core networking concepts and protocols before advancing to forensic principles, legal considerations, and their role in incident response. Learners gain hands-on expertise in data acquisition and analysis through tools such as Wireshark and TCP Dump, as well as advanced capture techniques like Promiscuous Mode and Network Port Mirroring. The course advances through a systematic analysis of forensic evidence across architectural layers, beginning with switch logs, MAC tables, and ARP tables at the Data Link and Physical layers. It then progresses to the Network layer with the examination of router, Wi-Fi, and firewall logs. We will lead you through engaging lectures, case studies, and interactive discussions, providing you with practical knowledge and actionable insights. Concluding with an assessment of real-world challenges such as encryption, spoofing, mobility, and privacy regulations, the course equips participants with both the practical skills and critical perspective required for effective and realistic network forensic investigations. By the end of this course, you will not only understand the fundamentals of Network Forensics but also be equipped with the skills and confidence to pursue opportunities and make a positive impact in this dynamic field.

Summary

Course Status :	Upcoming
Course Type :
Language for course content :	English
Duration :	12 weeks
Category :	Teacher Education
Credit Points :	4
Level :	Diploma
Start Date :	26 Jan 2026
End Date :	30 Apr 2026
Enrollment Ends :	28 Feb 2026
Exam Date :
Translation Languages :	English
NCrF Level	4.5 — 5.5
Industry Details :	Education and Training

Contact NC Support

Email id | swayam@nitttrc.edu.in, swayam@nitttrc.ac.in

Page Visits

Course layout

UNIT 1:

Review of Networking concepts and Protocols, Introduction to Network Forensics, various aspects of Network Forensics.

UNIT 2:

Introduction to Network Forensic Tools and techniques: Wireshark, TCP Dump, Syslog, NMS, Promiscuous Mode, Network Port Mirroring, snooping, scanning tools, etc.

UNIT 3:

Understanding and Examining Data Link Layer, Physical Layer, Ethernet Switch Logs, MAC Table, ARP Table, etc. Understanding and Examining Network Layer, Router Logs, WiFi Device logs, Firewall logs

UNIT 4:

Understanding audit features of OS and applications; Enabling and Examining Server logs, User activity logs, Browser history analysis, Proxy server logs, Antivirus logs, Email logs

UNIT 5:

Limitations and challenges of network forensics due to encryption, spoofing, mobility, storage limitations, privacy laws, etc.

Books and references

Manuals of OS, application software, network devices
RFCs of various networking protocols (https://www.ietf.org/)
https://www.sans.org/
https://www.cert-in.org.in/
Handbook of Digital Forensics and Investigation, Eoghan Casey, Elsevier Academic Press
Cyber Forensics, Albert Marcella and Doug Menendez, CRC Press
Computer Forensics (5 volume Set) mapping to CHFI (Certified Hacking Forensics Investigator), by EC-Council

Instructor bio

Dr. Seshu Babu Pulagara

NATIONAL INSTITUTE OF TECHNICAL TEACHERS TRAINING AND RESEARCH, CHENNAI

As an Assistant Professor at NITTTR, Chennai, I bring over Fifteen years of expertise in technical education, curriculum development, and digital transformation initiatives. My leadership advocating digital accessibility, and mentoring educators on emerging technologies reflects my dedication to innovation in education.

With a Ph.D. in Security and expertise, Artificial Intelligence, Mobile Ad hoc Networks, Machine Learning, and Network Security, I have guided numerous impactful projects and authored over 10 publications in prestigious journals and conferences. My comprehensive understanding of Network Forensics has enabled me to design and implement effective methodologies for capturing, analyzing, and interpreting network traffic to optimize incident investigation. This expertise extends to developing advanced strategies for packet inspection, log analysis, and correlation of multi-layer evidence to enhance the accuracy and efficiency of forensic examinations.

I align institutional goals with global priorities to foster excellence in education and research. My active participation in the Board of Studies and development of outcome-based frameworks reflects my dedication to empowering educators and advancing technical education in key technological domains.

Course certificate

"The SWAYAM Course Enrolment and learning is free. However, to obtain a certificate, the learner must register and take the proctored exam in person at one of the designated exam centres. The registration URL will be announced by NTA once the registration form becomes available. To receive the certification, you need to complete the online registration form and pay the examination fee. Additional details, including any updates, will be provided upon the publication of the exam registration form. For more information about the exam locations and the terms associated with completing the form, please refer to the form itself."

Grading Policy:

- Internal Assignment Score: This accounts for 30% of the final grade and is calculated based on the average of the best three assignments out of all the assignments given in the course.

- Final Proctored Exam Score: This makes up 70% of the final grade and is derived from the proctored exam score out of 100.

- Final Score: The final score is the sum of the average assignment score and the exam score.

Eligibility for Certification:

- To qualify for a certificate, you must achieve an average assignment score of at least 10 out of 30, and an exam score of at least 30 out of 70. If one of the 2 criteria is not met, you will not get the certificate even if the Final score >=40/100.
Certificate Details:

- The certificate will include your name, photograph, roll number, and the percentage score from the final exam. It will also feature the logos of the Ministry of Education, SWAYAM, and NITTTR.

- Certificate Format: Only electronic certificates (e-certificates) will be issued; hard copies will not be dispatched.

Once again, thanks for your interest in our online courses and certification. Happy Learning.

*********

SWAYAM Helpline / Support