Cyber Forensics

GANPAT UNIVERSITY

FACULTY OF ENGINEERING AND  TECHNOLOGY

Programme

Bachelor of Technology

Branch/Spec.

Computer Science & Engineering (CS)

Semester

VII

Version

1.0.0.1

Effective from Academic Year

2022-23

Effective for the batch Admitted in

June 2019

Subject  code

2CSE707

Subject Name

CYBER FORENSICS

Teaching scheme

Examination scheme (Marks)

(Per week)

Lecture(DT)

Practical(Lab.)

Total

CE

SEE

Total

L

TU

P

TW

Credit

3

0

1

0

4

Theory

40

60

100

Hours

3

0

2

0

5

Practical

30

20

50

Pre-requisites:

Computer Networks, Ethical Hacking, basic knowledge on Windows, Mac and Linux OS

Objectives of the Course:

After successful completion of the course students should be able to

• Understand the fundamental of Cyber Forensics
• Analyze and validate the forensics data
• Work with different tools and techniques associated with Cyber Forensics
• Understand the document prepared  for the Forensics investigation 

Theory syllabus

Unit

Content

Hrs

1

 Cyber Forensics

Cybercrime, Basics of cyber forensics, cyber forensics investigation processes, digital evidence, challenges in cyber forensics, skills required for cyber forensics expert

4

2

OS Forensics

Digital Evidence in Windows, File system, Timeline analysis, challenges

Digital Evidence on Macintosh, Digital Evidence on UNIX 

8

3

Network Forensics

Forensics Footprints, Seizure of Networking Devices, Network Forensics Artifacts, ICMP Attack

7

4.

Mobile Forensics

Acquisition Protocol, Android Operating System, Manual Extraction, Physical Acquisition, Challenges in Mobile Forensics

7

5.

Cloud Forensics and Web Attack Forensics and Email Forensics

Introduction, Artifacts in Cloud Forensics, Challenges, Forensics as a service.

Intrusion forensics, database forensics, Preventive Forensics

8

6.

Solid State Device (SSD) Forensics

SSD Components, SSD concept, Forensics Analysis of an SSD

4

7.

Report Writing for High-Tech Investigation

Understanding and importance of Reports, Guidelines

4

Practical content:

Study of different tools used for forensic investigation and perform different operations like recover the lost files, extract the information of the attacker, etc.

Text Books:

1.

Practical Cyber Forensics: An incident- Based Approach to Forensic Investigations, by Niranjan Reddy

2.

Digital evidence and computer crime: Forensic science, computers and the internet by Casey, E, Academic Press

Reference Books:

1.

CyberForensics - Understanding Information Security Investigation by Jennifer Bayuk

2.

Handbook of Digital Forensics and Investigation By Eoghan Casey 1st Edition

3.

Casey, E. Handbook of digital forensics and investigation. Academic Press

4.

Cyber Forensics from Data to Digital Evidence by Albert J. Marcella, Jr.,PHD, CISA, CISM Frederic Guillossou, CISSP, CCE

5.

Nelson, B., Phillips, A., & Steuart, C. (2014). Guide to computer forensics and investigations. Cengage Learning.

Course Outcomes:

COs

Description

CO1

Understand the fundamental of Cyber Forensics

CO2

Analyze and validate the forensics data

CO3

Work with different tools and techniques associated with Cyber Forensics

CO4

Understand the document prepared  for the Forensics investigation 

Mapping of CO and PO: