Syllabus of lectures
1. Introduction to digital forensic analysis
2. Digital forensic analysis technology (Cellebrite UFED, Oxygen Forensic Detective, Susteen Secure View, Micro Systemation XRY, ...)
3. Creation of evidence gathering environment, hardware tools
4. Methods and procedures for obtaining digital traces and providing evidence
5. Analysis of various types of evidence from digital media
6. Operating and file systems and startup processes
7. Recover deleted files and partitions on different operating systems
8. Techniques of steganography, detection of steganography, examination of graphic media
9. Techniques for breaking passwords and examining password-protected files
10. Various methods of ensuring the availability of logs and tools for their synchronization and storage, log research
11. Monitoring of web attacks
12. Detection of evidence from mobile devices
13. Anti-forensic techniques (data hiding, artifact wiping, trail obfuscation and attacks against computer forensics processes and tools, obfuscation, ...)
14. Elaboration of investigation and audit reports
Syllabus of tutorials
1. Introduction to digital forensic analysis and introduction of the laboratory
2. The process of forensic investigation of computer search and provision
3. Digital evidence and tools for obtaining it
4. Creation of own laboratory environment for providing evidence
5. Finding tracks and providing evidence in Windows OS
6. File systems and disc exploration
7. Data extraction and copying of analyzed environments
8. Recover deleted files and partitions
9. Steganography and its detection
10. Using tools for breaking passwords
11. Logging and analysis of network traffic and detection of attacks on wireless networks
12. Detection of attacks on web applications
13. Provision of e-mail communication, its investigation and detection of crime by e-mail
14. Elaboration of investigation reports
Project
The task of the students will be to analyze the provided virtual image of Windows system. The image prepared in this way will contain traces of a cyber attack. Student performs analysis according to instructions for elaboration of given version of assignment. The student will present the findings of the analysis in the form of an examination report.
1. Introduction to digital forensic analysis
2. Digital forensic analysis technology (Cellebrite UFED, Oxygen Forensic Detective, Susteen Secure View, Micro Systemation XRY, ...)
3. Creation of evidence gathering environment, hardware tools
4. Methods and procedures for obtaining digital traces and providing evidence
5. Analysis of various types of evidence from digital media
6. Operating and file systems and startup processes
7. Recover deleted files and partitions on different operating systems
8. Techniques of steganography, detection of steganography, examination of graphic media
9. Techniques for breaking passwords and examining password-protected files
10. Various methods of ensuring the availability of logs and tools for their synchronization and storage, log research
11. Monitoring of web attacks
12. Detection of evidence from mobile devices
13. Anti-forensic techniques (data hiding, artifact wiping, trail obfuscation and attacks against computer forensics processes and tools, obfuscation, ...)
14. Elaboration of investigation and audit reports
Syllabus of tutorials
1. Introduction to digital forensic analysis and introduction of the laboratory
2. The process of forensic investigation of computer search and provision
3. Digital evidence and tools for obtaining it
4. Creation of own laboratory environment for providing evidence
5. Finding tracks and providing evidence in Windows OS
6. File systems and disc exploration
7. Data extraction and copying of analyzed environments
8. Recover deleted files and partitions
9. Steganography and its detection
10. Using tools for breaking passwords
11. Logging and analysis of network traffic and detection of attacks on wireless networks
12. Detection of attacks on web applications
13. Provision of e-mail communication, its investigation and detection of crime by e-mail
14. Elaboration of investigation reports
Project
The task of the students will be to analyze the provided virtual image of Windows system. The image prepared in this way will contain traces of a cyber attack. Student performs analysis according to instructions for elaboration of given version of assignment. The student will present the findings of the analysis in the form of an examination report.