Course objectives
After completing this course, students will be able to:
- Understand the fundamental principles of digital forensics
- Learn to conduct thorough digital investigations
- Acquire skills in data acquisition, analysis, and reporting
- Identify and analyze digital evidence
- Apply forensic tools and techniques to investigate cybercrimes
- Understand legal and ethical considerations in digital forensics
Course outlines
- 1. Fundamentals of Computer Forensics
- Introduction to digital forensics
- Legal and ethical considerations
- Digital evidence and its admissibility
- Forensic investigation process
- Chain of custody
- 2. Data Acquisition and Analysis
- Data acquisition techniques (live and dead analysis)
- Forensic imaging tools and techniques
- Data recovery techniques
- File system analysis
- Disk imaging and analysis
- 3. Windows Forensics
- Windows file system structure
- Registry analysis
- Event log analysis
- User activity tracking
- Malware analysis
- 4. Linux and Mac Forensics
- Linux file system structure
- Linux command-line tools
- Mac OS X file system structure
- Mac OS X forensic analysis tools
- 5. Network Forensics
- Network protocols and packet analysis
- Network traffic capture and analysis
- Incident response and intrusion detection
- Network intrusion analysis
- 6. Mobile Device Forensics
- Mobile device architecture and operating systems
- Data acquisition from mobile devices
- Mobile device analysis tools
- Cloud forensics
- 7. Malware Analysis
- Malware types and behavior
- Malware analysis techniques (static and dynamic)
- Reverse engineering malware
- Malware detection and prevention
- 8. Dark Web and Cybercrime Investigations
- Dark web and its role in cybercrime
- Investigating cybercrime cases
- Tracking cybercriminals
- 9. Advanced Forensic Techniques
- Memory forensics
- Encrypted data analysis
- Anti-forensics techniques