The course introduces students to methods and tools used in investigating cyber incidents and securing digital evidence. The teaching combines theoretical principles with hands-on laboratory exercises and covers topics such as creating forensic images, analyzing system artifacts and logs, recovering deleted data, mobile and network forensics, detecting steganography, tracking blockchain transactions, applying OSINT, and working within anonymous environments such as the dark web. The course also addresses the recognition of anti-forensic techniques and the preparation of investigative reports. Upon completion, students will be able to independently apply acquired knowledge and procedures in the field of digital forensic analysis.
Literature
1. Fundamental of Digital Forensics, Kavrestad, Joakim. 2020, SPRINGER NATURE.
2. Digital Forensics and Incident Response: Incident response techniques and procedures to respond to modern cyber threats, 2nd Edition, Johansen, Gerard, 2020, Packt Publishing.
Advised literature
1. Intelligence-Driven Incident Response: Outwitting the Adversary, Roberts, Scott J., 2017, O'Reilly Media.
2. Digital Forensics Basics: A Practical Guide Using Windows OS, Hassan, Nihad A., 2019. Apress
Digital Forensics and Incident Response: Incident response techniques and procedures to respond to modern cyber threats, 2nd Edition, Johansen, Gerard, 2020, Packt Publishing.