Course co-ordinator(s): Dr Ryad Soobany (Dubai).
Aims:
• Impart a deep understanding of common attack scenarios to students.
• Improve students’ critical analysis skills in computer security and allow them to identify incidents artefacts in a systematic way.
• Provide the student with in-depth understanding of digital forensics concepts and methodologies.
Detailed Information
Course Description: Link to Official Course Descriptor.
Pre-requisites: none.
Location: Dubai.
Semester: 2.
Syllabus:
• Legal aspects: investigation limitations (territorial and jurisdictional), inchoate offences.
• Search and seizure: consent, warrant, evidence seizure.
• Analysis: things to consider, analysis Process, evidence guidelines, order of evidence importance.
• Forensic toolkits: hardware features, software features, common software tools.
• Windows OS artefacts: event log, registry, prefetch, volume shadow copies, shell bags, jumplists, boot, services.
• Linux OS artefacts: “etc” folder, logs, home folder, nautilus, accounts and login history, grub, services.
• Malware persistence mechanisms: auto-startup, cron jobs.
• Malware analysis.
• Reverse Engineering.
• Storage Media: types overview, file Systems overview.
• Common applications’ artefacts: web browsers, chat clients, servers (Apache, mysql), cross-platform applications.
Learning Outcomes: Subject Mastery
At the end of this course, the students will be able to:
• Understand the technical and legal aspects of the digital forensics process.
• Identify and explain the role of different types of digital artefacts.
• Critically review the security of Windows and Linux systems.
• Identify suspicious activities and combine them into attack scenarios.
• Assess the security of an IT infrastructure.
Learning Outcomes: Personal Abilities
At the end of this course, the students will:
• Develop a set of ethical and legal best practices needed for a digital forensics career.
• Be able to critically appraise the security of an IT infrastructure.
• Show initiative, creativity and team working skills in shared digital forensics investigation environments.
• Build on initial skills and knowledge by independent research using online resources.
Assessment Methods: Due to covid, assessment methods for Academic Year 2020-21 may vary from those noted on the official course descriptor. Please see the Computer Science Course Weightings and the Maths Course Weightings for 2020-21 Semester 1 assessment methods.
SCQF Level: 11.
Credits: 15.