Semester Hours: 3.0 Contact Hours: 3 Coordinator Ruinian Li Text: Network Forensics: Tracking Hackers through Cyberspace Authors: Sherri Davidoff & Jonathan Ham Year: 2012
SPECIFIC COURSE INFORMATION
Catalog Description
Principles and practices of network forensics. Introduction to network protocols; security and forensic components; and vulnerability and defense. Data formats, digital evidence provenance and image exchange. Forensics tools and techniques: live data forensics; database forensics; use of network logs and other datasets for incidence timelines, and subject/object associations. Prerequisite: Full Admission to MS in CS program or consent of department.
Course type: ELECTIVE
SPECIFIC COURSE GOALS
I can compare and contrast tools used in network forensics and security applications.
I can use certain tools (for example: network enabled forensics s/w agents; RAM analysis tools; others) to collect and analyze volatile and non-volatile data.
I can provide technical arguments for the integrity of a certain piece of evidence.
I can create a timeline of events and identify linkage b/w subjects and objects for synthetic and real datasets.
I can articulate mechanisms for recovering encrypted datasets and creating process logs.
I can explain the provenance of a piece of digital evidence.
I can explain and process forensic datasets in a variety of formats.
I can analyze relevant research and communicate my findings.
