0% found this document useful (0 votes)

177 views27 pages

In The Name of Allah, The Most Beneficent and The Most Merciful

This document provides information about an upcoming computer forensics course. It introduces the instructor, Dr. Zunera Jalil, and provides details about the course code, title, credit hours, schedule, and learning methodology. It outlines the assessment plan, grading scale, research project requirements, and recommended textbooks and resources. It also discusses some key trends in cybercrimes and digital forensics. Finally, it lists potential course contents and provides links for students to explore related topics.

Uploaded by

Faisal Shahzad

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

177 views27 pages

In The Name of Allah, The Most Beneficent and The Most Merciful

Uploaded by

Faisal Shahzad

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 27

In the name of Allah,

the most Beneficent and the most Merciful

Dr. Zunera Jalil
Email: zunera.jalil@mail.au.edu.pk

17th September, 2020

Course Information

Course Code: CY 620/ CY 825

Course Title: Computer Forensics/
Advanced Topics in Digital Forensics
Credit Hours: 03
Class Schedule: Thursday ( 4:40 – 7:30 pm)
Office Hours: To be announced

Google Class Room Joining Code: fgnjllg

Instructor Information

Dr. Zunera Jalil,

PhD (Computer Science), FAST-NUCES, 2010.
Co-PI (Computer Forensics), National Cybercrimes and Forensics Lab, National Center for Cyber Security.
Trainings: CHFI, Autopsy, AccessData FTK

Email: zunera.jalil@mail.au.edu.pk
Ext: 680

Research Interests:
Cyber attacks detection using deep learning, AI for audio, video and log data processing, criminal profiling,
digital forensics for cyber physical systems, and Digital Forensics as a Service (DfaaS)
Google Scholar Profile:
https://scholar.google.com.pk/citations?user=BlsdhzYAAAAJ&hl=en
Your Introduction

Name
Last Degree & Year
CGPA
Why Cyber Security?
Any work/training/skills in
digital forensics?
Text/Reference Books
Other Sources

• Guide to Computer Forensics and Investigations, by

Bill Nelson, Amelia Phillips and Christopher Steuart

• Computer Forensics: Computer Crime Scene Investigation, by

John R. Vacca

• Computer Forensics: Cybercriminals, Laws and Evidence, by

Marie-Helen Maras

• CHFI course ware

• Research Articles from reputed computer forensics journals
Learning Methodology in this course

• Lectures
• Reading Assignments
• Practical Assignments
• Research – Analysis/Problem solving
• Presentations
• Written Exams
Assessment Plan (Tentative)

Assessment Type Number Weightage

Quiz 04 10%
Assignments 04 10%
Research Project 01 (6 phases) 20%
Midterm Exam (8th Week) 01 20%
Final Exam (18th Week) 01 40%
Grading 10

Marks in %age Grades GPA

80 – 100 A 4.00
75 – 79.99 A- 3.67
70 – 74.99 B+ 3.33
65 – 69.99 B 3.00
60 - 64.99 B- 2.67
55 – 59.99 C+ 2.33
50 – 54.00 C 2.00
Below 50 F 0.00
Research Project 11

• Divided in 6 phases.
• Each phase will have its deadline and unique
requirements.
• Will be announced in third week of semester
• Group Work (Maximum 2 students in one group)
Remember

• In this course you will study concepts, acquire skills and learn about
principles of digital forensics.
• Open source forensics tools will be used and developed.
• Learn PYTHON if you are not familiar with it yet.
• Copied assignments or project reports will be awarded ZERO marks.
• Minimum 75% attendance is mandatory to appear in final exam.
• Keep your returned quizzes, assignments and mid-term exam safe with
you, no claim of any marks correction will be entertained without
them.
14
Cyber Attacks Landscape
Data presented below is based from the Check Point Threat Cloud
Cyber Threat Map between January and June 2020

GLOBAL
Asia & Pacific Region (APAC)
47%
34% 30%
20% 18%
8%

Europe, Middle East & Africa (EMEA)

38%
26% 23% 15% 15% 7%

38% North & South America

28% 27%
18% 18% 33% 24% 22% 14% 13%
7% 5%
Cybercrimes Trends in 2020
• Business' infrastructures moving online

• Technological development at an ever

increasing pace

• Emerging new cyber threats

• Businesses and government agencies

vulnerable to cyber attacks and data breaches

• Political interference and state-sanctioned

cyber crimes
Source
Cybercrimes Trends in 2020… 17

• Increase in Ransomware Attacks

• Artificial Intelligence in Cybercrimes and Protection

• More Security Threats after development of 5G and Adoption of

IoT Devices

• Rise in Vehicle Hacking

• Cyber Security Skills Gap

• Mobile Devices prone to attacks

Source
Top Malicious Files Types – Email Vs Web

EMAIL WEB
68% 32%

.doc file extension 38% 36% .exe file extension

.exe file extension 25% 12% .pdf file extension
.rtf file extension 11% 9% .swf file extension
.xlsx file extension 6% 6% .doc file extension
Digital Forensics 19

Preservation, identification, extraction,

documentation, and interpretation of
computer media for evidentiary
and/or root cause analysis using
well-defined methodologies and
procedures.
Need for Digital Forensics 20

• The growth of the Internet and the worldwide proliferation of

computers have increased the need for digital investigations.

• Computers can be used to commit crimes, and crimes can be

recorded on computers, including company policy violations,
embezzlement, e-mail harassment, leaks of proprietary information,
and even terrorism.

• Law enforcement, network administrators, attorneys, and private

investigators now rely on the skills of professional digital forensics
experts to investigate criminal and civil cases.
Methodology 21

▪ Acquire the evidence without altering or

damaging the original.
▪ Authenticate that the recovered evidence is the
same as the original seized.
▪ Analyze the data without modifying it.
▪ Document and Report your findings
Course Contents in Brief 22

• Digital Forensics in Today’s World

• Data Acquisition and Forensics Investigation Process
• Study of File Systems and Storage- Data Recovery and carving
• OS Forensics –WINDOWS, LINUX, UNIX, MacOS, Android OS
• Information Hiding and anti-forensic methods
• Network Forensics
• Email Forensics
• Memory Acquisition and analysis
• Database Forensics
• Multimedia Forensics
• Smart Devices Forensics
• Case management, Documentation and Reporting
23
Home Task

Explore
Links to explore 26

• https://www.journals.elsevier.com/forensic-science-international-
digital-investigation

• https://link.springer.com/chapter/10.1007/978-981-15-1480-7_20

• https://www.nist.gov/news-events/news/2020/06/nist-digital-
forensics-experts-show-us-what-you-got

• https://www.computer.org/publications/tech-
news/research/digital-forensics-security-challenges-cybercrime
ANY QUESTIONS

Digital Forensics Course Logistics / Contents Preview
No ratings yet
Digital Forensics Course Logistics / Contents Preview
61 pages
CF Lecture 05-Disk Boot and File System
No ratings yet
CF Lecture 05-Disk Boot and File System
62 pages
Forensics - Lab 6
No ratings yet
Forensics - Lab 6
4 pages
Cyber Check Manual Version 3.0
No ratings yet
Cyber Check Manual Version 3.0
316 pages
CF Lecture 03-Digital Evidence and Forensic Investigation Process
No ratings yet
CF Lecture 03-Digital Evidence and Forensic Investigation Process
41 pages
Guide To Computer Forensics and Investigations: Data Acquisition
No ratings yet
Guide To Computer Forensics and Investigations: Data Acquisition
13 pages
Windows Forensics Fundamentals
No ratings yet
Windows Forensics Fundamentals
10 pages
CF Lecture 06-File System and OS
No ratings yet
CF Lecture 06-File System and OS
43 pages
Virtualization - Dark Web Forensics Using Csi Linux: Deborah K. Wells, Lecturer, CWU
No ratings yet
Virtualization - Dark Web Forensics Using Csi Linux: Deborah K. Wells, Lecturer, CWU
48 pages
Digital Evidence Acquisition Guide
100% (1)
Digital Evidence Acquisition Guide
65 pages
Exploring NTFS
No ratings yet
Exploring NTFS
47 pages
(FINAL) Digital Forensics - Windows Forensic Investigations-200224
No ratings yet
(FINAL) Digital Forensics - Windows Forensic Investigations-200224
10 pages
Module 02 - Computer Forensics Investigation Process - AG - 25
No ratings yet
Module 02 - Computer Forensics Investigation Process - AG - 25
53 pages
Data Recovery and Evidence Collection SYMCA
No ratings yet
Data Recovery and Evidence Collection SYMCA
16 pages
FTK Ug
No ratings yet
FTK Ug
378 pages
CH 6
No ratings yet
CH 6
38 pages
Week 9 - Computer Forensics - Registery Editor Autopsy
No ratings yet
Week 9 - Computer Forensics - Registery Editor Autopsy
49 pages
Cyber Forensics
100% (1)
Cyber Forensics
16 pages
Digital Forensics for Windows OS
No ratings yet
Digital Forensics for Windows OS
62 pages
Lec8 Image Forensics
No ratings yet
Lec8 Image Forensics
24 pages
1 Introduction To Cyber Forensics
100% (1)
1 Introduction To Cyber Forensics
6 pages
CF Lecture 09 - Anti Forensics Techniques Part 2
0% (1)
CF Lecture 09 - Anti Forensics Techniques Part 2
38 pages
DigitalForensics 06 FEB2011
No ratings yet
DigitalForensics 06 FEB2011
84 pages
CHFI v10 Study Guide - CHFI v10
No ratings yet
CHFI v10 Study Guide - CHFI v10
5 pages
Autopsy Forensic Tool Guide
100% (1)
Autopsy Forensic Tool Guide
14 pages
Virtual Machine Forensics Guide
No ratings yet
Virtual Machine Forensics Guide
36 pages
Computer Hacking Forensic Investigator Chfi v9
0% (2)
Computer Hacking Forensic Investigator Chfi v9
5 pages
Digital Forensics
No ratings yet
Digital Forensics
52 pages
CF Lecture 07-Memory Forensics
100% (2)
CF Lecture 07-Memory Forensics
54 pages
Design and Implementation of Digital Forensics Labs
No ratings yet
Design and Implementation of Digital Forensics Labs
22 pages
Digital Forensics for Investigators
No ratings yet
Digital Forensics for Investigators
34 pages
Forensic Analysis of A Windows 2000 Server Operating System: Joshua Young CS585F - Fall 2002
No ratings yet
Forensic Analysis of A Windows 2000 Server Operating System: Joshua Young CS585F - Fall 2002
63 pages
Digital Forensics and Incident Response (DFIR)
No ratings yet
Digital Forensics and Incident Response (DFIR)
11 pages
Digital Forensics: Investigating NIST Data Leakage Case
No ratings yet
Digital Forensics: Investigating NIST Data Leakage Case
140 pages
Comprehensive Study of Digital Forensics Branches and Tools
No ratings yet
Comprehensive Study of Digital Forensics Branches and Tools
7 pages
Chapter 01
No ratings yet
Chapter 01
54 pages
CHFIv9 STUDY GUIDE - NEW
No ratings yet
CHFIv9 STUDY GUIDE - NEW
75 pages
WWW Hackingarticles in
No ratings yet
WWW Hackingarticles in
21 pages
Forensic Aquisition
No ratings yet
Forensic Aquisition
42 pages
Forensic USB Analysis Guide
No ratings yet
Forensic USB Analysis Guide
10 pages
Sec535 PR PDF
No ratings yet
Sec535 PR PDF
23 pages
T.Y.B.Sc.C.S. Sem-VI Cyber Forensics
No ratings yet
T.Y.B.Sc.C.S. Sem-VI Cyber Forensics
16 pages
Swap Files Anti-Forensics On Linux
No ratings yet
Swap Files Anti-Forensics On Linux
7 pages
Digital Forensics in Crime Solving
No ratings yet
Digital Forensics in Crime Solving
1 page
Itec413 15
100% (1)
Itec413 15
33 pages
Question 1
No ratings yet
Question 1
23 pages
Bash Scripting
No ratings yet
Bash Scripting
22 pages
Example of An Expert Witness: By: Vincenzo Crawford BS. FORENSIC SCIENCE, University of Technology (U-Tech), Jamaica
No ratings yet
Example of An Expert Witness: By: Vincenzo Crawford BS. FORENSIC SCIENCE, University of Technology (U-Tech), Jamaica
8 pages
Se161148 Lab2 3.2,4,6.1
No ratings yet
Se161148 Lab2 3.2,4,6.1
34 pages
Lab 1 Investigating Digital Evidence With ProDiscover-2
No ratings yet
Lab 1 Investigating Digital Evidence With ProDiscover-2
18 pages
Digital Forensics Lab Guide
No ratings yet
Digital Forensics Lab Guide
64 pages
Digital Forensics Insights
No ratings yet
Digital Forensics Insights
23 pages
Article CHFI v8
No ratings yet
Article CHFI v8
3 pages
TYCS SEM - 6 P - 5 ETHICAL HACKING UNIT - 1 Introduction To Information Security
100% (1)
TYCS SEM - 6 P - 5 ETHICAL HACKING UNIT - 1 Introduction To Information Security
11 pages
Cyber Security
No ratings yet
Cyber Security
3 pages
IS & F Lecture #29 30 - Computer Forensics-Data Acquisition
No ratings yet
IS & F Lecture #29 30 - Computer Forensics-Data Acquisition
17 pages
INT250
No ratings yet
INT250
2 pages
Method of Digital Forensic
100% (1)
Method of Digital Forensic
6 pages
Cloud Forensics
No ratings yet
Cloud Forensics
33 pages
Module 1 Introduction To Computer Forensic
No ratings yet
Module 1 Introduction To Computer Forensic
40 pages
CF Lecture 11 - Smart Devices Forensics
No ratings yet
CF Lecture 11 - Smart Devices Forensics
59 pages
Digital Forensics for Investigators
100% (1)
Digital Forensics for Investigators
43 pages
CF Lecture 12 - Windows Forensics
100% (2)
CF Lecture 12 - Windows Forensics
53 pages
CF Lecture 08 - Anti Forensics Techniques Part 1
No ratings yet
CF Lecture 08 - Anti Forensics Techniques Part 1
16 pages
CF Lecture 10 - Email Forensics
100% (1)
CF Lecture 10 - Email Forensics
55 pages
Cryptography and Network Security - Assignment No. 05
No ratings yet
Cryptography and Network Security - Assignment No. 05
16 pages
Project Name: Personality Prediction Using Mbti
No ratings yet
Project Name: Personality Prediction Using Mbti
16 pages
How To Defend The Faith Without Raising Your Voice
100% (5)
How To Defend The Faith Without Raising Your Voice
139 pages
GEMS SCHOOL - Parent Handbook
No ratings yet
GEMS SCHOOL - Parent Handbook
33 pages
Vocabulary UNIT 3 PDF
No ratings yet
Vocabulary UNIT 3 PDF
8 pages
Lara - Amicus - As-Filed
No ratings yet
Lara - Amicus - As-Filed
34 pages
School Resume
No ratings yet
School Resume
1 page
Chain of Custody Rule in Drug Cases (RA 9165)
100% (7)
Chain of Custody Rule in Drug Cases (RA 9165)
23 pages
Advt English
No ratings yet
Advt English
15 pages
PHD Reserch Proposal - Developing A Sustainable Ecotourism Approach For Costa Rica - Brian M Touray MSC
0% (1)
PHD Reserch Proposal - Developing A Sustainable Ecotourism Approach For Costa Rica - Brian M Touray MSC
6 pages
5 Employee Performance Management Tips For Startups
No ratings yet
5 Employee Performance Management Tips For Startups
3 pages
Basic Capacity Definitions
No ratings yet
Basic Capacity Definitions
54 pages
Alternative GPA Calculation Method
No ratings yet
Alternative GPA Calculation Method
8 pages
Using Group Work As A Learning Strategy of Laplace Transform by Engineering Students
No ratings yet
Using Group Work As A Learning Strategy of Laplace Transform by Engineering Students
14 pages
Table of Contents
No ratings yet
Table of Contents
6 pages
Florida Bar Complaint Against Sheriff Gualtieri
No ratings yet
Florida Bar Complaint Against Sheriff Gualtieri
17 pages
For PR Oofreading: Aljeh V1 N1
No ratings yet
For PR Oofreading: Aljeh V1 N1
8 pages
Modernization Theory and Dependency Theory
100% (4)
Modernization Theory and Dependency Theory
3 pages
Contract of Employment For Call Center Agent
No ratings yet
Contract of Employment For Call Center Agent
10 pages
21 Co Publishing Contract
No ratings yet
21 Co Publishing Contract
1 page
Titan Watches Brand Repositioning: Submitted by Amit Gour MBA 4 Semester
No ratings yet
Titan Watches Brand Repositioning: Submitted by Amit Gour MBA 4 Semester
61 pages
HR Practices in US-Bangla Airlines
100% (4)
HR Practices in US-Bangla Airlines
29 pages
Lawsuit Against Subdivision
100% (2)
Lawsuit Against Subdivision
17 pages
Blaquera v. Alcala
No ratings yet
Blaquera v. Alcala
3 pages
National Association For Music Education 2015 Study
No ratings yet
National Association For Music Education 2015 Study
38 pages
LESSON PLAN IN MATHEMATICS IV Jem
No ratings yet
LESSON PLAN IN MATHEMATICS IV Jem
8 pages
Fraction Teaching in Flanders
No ratings yet
Fraction Teaching in Flanders
11 pages
SOP Hassan
No ratings yet
SOP Hassan
2 pages
Measuring Employee Performance by Using Productivity Metrics
100% (1)
Measuring Employee Performance by Using Productivity Metrics
2 pages
Personality Type & Career Guide
No ratings yet
Personality Type & Career Guide
3 pages
Tugas Bahasa Inggris 1
No ratings yet
Tugas Bahasa Inggris 1
4 pages