Advanced Digital Forensics ITP 475 (4 Units)



Similar documents
Security and Computer Forensics ITP 477 (4 Units)

Introduction to Computer Forensics ITP 499 (3 Units)

Network Security ITP 457 (4 Units)

Introduction to Information Technology ITP 101x (4 Units)

Macintosh, OSX, & ios Forensics ITP 445 (3 Units)

Computer and Network Forensics INF 528 (3 Units)

DESIGN FOR USER EXPERIENCE (ITP 310)

Data Warehouses and Business Intelligence ITP 487 (3 Units) Fall Objective

Social Games Workshop ITP499 (3 Units) Spring 2010 (2010-1)

Technologies for Interactive Marketing ITP499 (4 Units)

ITP 300: Database Web Development. Database Web Development (Monday section) Fall 2012 Course Units

Enterprise Information Systems ITP 320x (4 Units)

CE 460 Course Syllabus

CE 460 Course Syllabus

3D Modeling, Animation, and Special Effects ITP 215x (2 Units)

Mobile Application Technologies ITP 140 (2 Units)

Mobile App Project ITP 442x (4 Units)

Mobile App Design ITP 340x (3 Units)

3D Modeling, Animation, Compositing, and Special Effects ITP 215x (2 Units)

Mobile Application Development ITP 342 (3 Units)

Introduction to Cloud Technologies ITP 111x (2 Units)

Video Game Programming ITP 380 (4 Units)

Database Web Development ITP 300 (3 Units)

Interactive Web Development ITP 301 (4 Units)

PROJECT MANAGEMENT DSO 580 Fall 2014

Tentative: Subject to Change CHEM 205Lxg Chemical Forensics: the Science, and its Impact. Course Overview:

Mobile Application Development ITP 342 (3 Units)

Fundamentals of Computer Programming CS 101 (3 Units)

University of Central Oklahoma Spring 2012 Undergraduate Course Syllabus. "Transforming Academic Excellence into Professional Competence"

PSY 2012 General Psychology Sections 4041 and 1H85

Teaching Assistant: Ryan Essex Office Hours: 12pm- 1pm Tuesdays location: DNI 275, B5-6 (the Dornsife Neuroimaging Center)

BUAD 310 Applied Business Statistics. Syllabus Fall 2013

Multiplayer Game Programming ITP 484x (4 Units)

INF 203: Introduction to Network Systems (3 credit hours) Spring W1, Class number 9870

CMJ CRIME SCENE INVESTIGATION Spring Syllabus 2015

IOM433 Creative Information Systems Analysis and Design Spring 2006 T/Th 2-3:50 HOH406 (Labs meet in HOH401)

Fall 2015 GES 4120/5120 Internet GIS

GGR272: GEOGRAPHIC INFORMATION AND MAPPING I. Course Outline

Benjamin, L. and Baker, D. (2004) From Séance to Science: A History of the Profession of Psychology in America. Belmont, CA: Thomson Wadsworth

Psychological Testing (PSYCH 149) Syllabus

FORENSIC SCIENCE: BEYOND CRIME LAB CJUS 488 Online (Moodle): Fall, 2015

ACC 7145: ACCOUNTING SYSTEMS DESIGN AND CONTROL SYLLABUS FOR SUMMER SESSION 2014

SAMPLE ONLY. COMM 304 Interpersonal Communication Spring 2015 Tu/Th 11:00 12:20 ANN L101

Please see the course lecture plan (at the end of this syllabus) for more detailed information on the topics covered and course requirements.

ECON 351: Microeconomics for Business

ISE 515: Engineering Project Management

CS 464/564 Networked Systems Security SYLLABUS

Computer Science Spring 2012 Page 1. COURSE INFORMATION Introduction to Computers / COMSC / Online Section. kstanton@losmedanos.

CTC 328: Computer Forensics

GESM 160 Seminar in Quantitative Reasoning Wireless Computing Technologies for Medicine with Legal and Ethical Implications.

The objectives of the course are to provide students with a solid foundation in all aspects of internet marketing. Specifically my goals are:

Basic understanding of data security tools such as access control mechanisms, authentication tools and cryptographic constructs.

General Psychology PSY110 Winter Session 2011

Introduction to Psychology 100 On-Campus Fall 2014 Syllabus

Academic Calendar

CPSC 4550 Computer Networks Fall 2012, Section 0

Course Syllabus CRIJ Introduction to Criminal Justice Spring 2012 Tuesday & Thursday 2:50-4:05pm

California State University, Chico Department of Health & Community Services

Technology and Online Computer Access Requirements: Lake-Sumter State College Course Syllabus

CRIJ 1301 Introduction to Criminal Justice Course Syllabus: Summer 2015

Building the High Tech Startup ITP 499x (4 Units)

University of Southern California Marshall School of Business Administration Management and Organization Dept. MOR NEGOTIATION and PERSUASION

Department of Geography Program in Planning, Faculty of Arts and Science University of Toronto GGR 273 H1S: GIS II Course Outline Winter 2015

EC-Council Ethical Hacking and Countermeasures

This four (4) credit hour. Students will explore tools and techniques used penetrate, exploit and infiltrate data from computers and networks.

Cybercrime CCJS 418B Spring 2014

BUS4 118S Big Data San José State University Fall 2014

ITSY1342 Section 151 (I-Net) Information Technology Security

San José State University College of Engineering/Computer Engineering Department CMPE 206, Computer Network Design, Section 1, Fall 2015

International University of Monaco 27/04/ :55 - Page 1. Monday 30/04 Tuesday 01/05 Wednesday 02/05 Thursday 03/05 Friday 04/05 Saturday 05/05

CIT 212 Microsoft Networking II Windows Server 2012 R2 Administration Fall 2015

Syllabus -- CIS Computer Maintenance / A+ Certification

ITNW 1337 Introduction to the Internet Course Syllabus: Spring 2015

Criminology CRJU 2004 B Department of Criminal Justice College of Arts & Letters University of North Georgia

CRJU Introduction to Criminal Justice (CRN 20933) Course Syllabus Spring 2015

How To Teach Social Media Management

Incident Response and Computer Forensics

Clinical Psychology Syllabus 1

Tuskegee University Department of Computer Science Course No: CSCI 390 (Computer Forensics) Fall MWF 1:00-2:300, BRIM 301

Forensic Biology 3318 Syllabus

Psychology 314L (52510): Research Methods

ISM 4113: SYSTEMS ANALYSIS & DESIGN

Rutgers University, Department of Psychology Developmental Psychology Winter Office Hours Office Phone

How To Pass Physics 161

Course Outline. Business 110

CSC 341, section 001 Principles of Operating Systems Spring 2015 Monday/Wednesday 1:00 PM 2:15 PM

COLLEGE OF BUSINESS MGT8112 Leadership Skills Spring nd Eight Weeks

HARFORD COMMUNITY COLLEGE 401 Thomas Run Road Bel Air, MD Course Outline

GGR272: GEOGRAPHIC INFORMATION AND MAPPING I. Course Outline

Transcription:

Advanced Digital Forensics ITP 475 (4 Units) Description In 2007, the FBI reported that over 200 major companies reported a loss of over 60 million dollars due to computer crime. Computers are becoming more of a threat today than ever before. From cyber-terrorism to identity theft, the digital age has brought about a change in the way that crime is being committed. The usage of computers in crime has led to the emerging field of computer forensics. Objective Prerequisites/ Recommended Preparation Instructor Contacting the Instructor This course is designed as an advanced course in computer forensics focusing on Windows systems. According to marketshare.hitslink.com, Windows still comprises over 85% of operating systems used worldwide. The course assumes that students have either satisfied the prerequisite of ITP 375 Digital Forensics, or instructor approval. Students will engage in advanced topics in windows operating system analysis, including Windows Server, Exchange Server, and IIS servers. Upon completing this course, students will: - Be able to investigate Windows workstations and Servers - Understand how the Windows Operating system works for the purposes of collecting evidence - Understand Windows file systems, FAT and NTFS - Research upcoming topics in digital forensics - Complete a variety of case studies in digital forensics ITP 375 or Department Approval Joseph Greenfield joseph.greenfield@usc.edu 213-740-4542 Office Hours Monday & Wednesday, 9:00 10:00 Tuesday & Thursday, 3:00 5:00 Office Location OHE 412 Lecture/Lab Tuesday & Thursday, 5:00 6:50 Required Windows Forensic Analysis, DVD Toolkit, 2nd Edition. Carvey Textbooks ISBN: 1597494224 Recommended Hacking Exposed Computer Forensics, Second Edition Textbook ISBN: 0071626778 Web Site All course material will be on Blackboard at blackboard.usc.edu Grading Grading will be based on percentages earned in assignments. The scheduled class time will involve a combination of lectures and structured labs. Students are expected to spend time at home completing the assignments. Labs & Cases 75% Final Case 25% Total 100%

Grading Scale The following is the grading scale to be used for the final grades at the end of the semester 93% and above A 90% 93% A- 87% 90% B+ 83% 87% B 80% 83% B- 77% 80% C+ 73% - 77% C 70% 73% C- 67% 70% D+ 63% 67% D 60% 63% D- Below 60% F Policies - Projects turned in after the deadline will automatically have 5% deducted per day. Projects will not be accepted after 1 week beyond the project s deadline - No make-up exams (except for medical or family emergencies) will be offered nor will there be any changes made to the Final Exam schedule. - It is your responsibility to submit your project on or before the due date. It is not the responsibility of the lab assistant. Do not turn in anything to your lab assistant! - All projects will be digitally submitted through blackboard except where specifically specified. Always keep a backup copy of your labs Academic Integrity The use of unauthorized material, communication with fellow students during an examination, attempting to benefit from the work of another student, and similar behavior that defeats the intent of an examination or other class work is unacceptable to the University. It is often difficult to distinguish between a culpable act and inadvertent behaviour resulting from the nervous tension accompanying examinations. When the professor determines that a violation has occurred, appropriate action, as determined by the instructor, will be taken. Although working together is encouraged, all work claimed as yours must in fact be your own effort. Students who plagiarize the work of other students will receive zero points and possibly be referred to Student Judicial Affairs and Community Standards (SJACS). Students with All students should read, understand, and abide by the University Student Conduct Code listed in SCampus, and available at: http://www.usc.edu/student-affairs/sjacs/nonacademicreview.html Any student requesting academic accommodations based on a disability is - 2 -

Disabilities required to register with Disability Services and Programs (DSP) each semester. A letter of verification for approved accommodations can be obtained from DSP. Please be sure the letter is delivered to me (or to your TA) as early in the semester as possible. DSP is located in STU 301 and is open 8:30 a.m. - 5:00 p.m., Monday through Friday. The phone number for DSP is (213) 740-0776. - 3 -

Advanced Digital Forensics ITP 475 (4 Units) Week 1 Digital Forensics Review Course Outline Outline subject to change throughout the semester - Investigative Process - Analysis methodologies - Tools and techniques Reading: Instructor Notes Week 2 Lab Setup and Network Overview - Setting up the investigative software - Establishing remote connection to server Reading: Instructor Notes Case 1: Windows Review (Windows standalone) case Week 3 FAT32 File Systems - History & background of FAT - Allocation Tables - Directory Entries - Bitmaps - Deleted files and unallocated space Reading: Chapter 5 Lab 1: FAT analysis Week 4 NTFS File Systems - History & background of NTFS - Master File Table (MFT) - MFT Entries - Deleted entries Lab 2: NTFS analysis Week 5 Filesharing and Peer-to-Peer - Popular file sharing protocols and applications - Filesharing logs - Network logs - Advanced BitTorrent Analysis Reading: Instructor Notes Lab 3: BitTorrent Lab Case 2: BitTorrent Case Week 6 Executable File Analysis - Static Analysis - 4 -

- Dynamic Analysis - Virtualization Reading: Chapter 6 Week 7 Viruses, Rootkits and Rootkit Detection - The virus defense - Malware - Rootkits - Rootkit analysis Reading: Chapter 7 Lab 4: Rootkits Case 3: Compromised System Analysis Week 8 Advanced E-mail and Internet analysis Week 9 MIDTERM - Web cache, history, bookmarks, etc. - Mail header analysis - E-mail server analysis - Building timelines Case 4: Employee Investigation Week 10 Windows Registry - Networking 101 o Topologies and designs o Protocols o Enterprise setups - Introduction to network forensics - Decrypting Logs! Reading: Chapter 4 Lab 6: Registry Analysis Week 11 Incident Response and Live Analysis - Live analysis of systems - Collecting volatile data - Analyzing Log Files Reading: Chapters 1 & 2 Case 5: Moot court case Week 12 Memory Analysis - Dumping physical memory - Analyzing physical memory Reading: Chapter 3 Lab 7: Live analysis & memory analysis - 5 -

Week 13 Court and Deposition - The game of court - Court documents - Interacting with attorneys Week 14 Law enforcement and forensics - Role of digital forensics in law enforcement - Guest speakers from various agencies Week 15 Preparing for the final case Week 15 Mock Trial - Time and location TBA - 6 -

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information