IF4003 Cyber Forensics Syllabus:
IF4003 Cyber Forensics Syllabus – Anna University PG Syllabus Regulation 2021
COURSE OBJECTIVES:
Emphasise the importance of digital forensics
Can conduct a digital investigation in an organised and systematic way
Understand the in-depth concept of Network Forensics
Understand the in-depth concept of Mobile and Cloud Forensics
Understand and perform basic static and dynamic malware analysis
UNIT I FORENSIC FUNDAMENTALS
Legal aspects. Laws and regulations. Rules of evidence. Digital forensic fundamentals. A brief history. The digital forensic process. Identification. Preservation. Collection. Proper evidence handling. Chain of custody. Examination. Analysis. Presentation. Digital forensic lab. Physical security. Tools. Hardware. Forensics Investigation Process. Incident. Identification. Seizure. Imaging. Hashing. Analysis. Reporting. Preservation. Forensic Protocol for Evidence Acquisition. Digital Forensics Standards and Guidelines. Digital Evidence. Write Blockers. What Is a Forensic Triage?. What Is a Cybercrime?.
UNIT II NETWORK FORENSICS
Network Evidence – Types of Network Monitoring – Setting Up a Network Monitoring System – Network Data Analysis – Email Clients – Email Tracing – Internet Fraud – Spam Investigations, Network Security and Forensic Techniques – Reconnaissance techniques, Recovery of protected data – Encrypted media – Password cracking, Reporting.
UNIT III MOBILE FORENSICS
Acquisition Protocol- Unlocking with Face ID or Touch ID – Android Operating System. Rooting an Android Device – Android Debug Bridge- Methods for Screen Lock Bypass- Manual Extraction – Physical Acquisition. Tools for Image Extraction – Image Extraction of an Android Device – JTAG Chip-Off – Micro-read -Challenges in Mobile Forensics- iOS Operating System-iOS Device Boot Process-Jailbreak vs. No Jailbreak-iOS File System and Architecture- iTunes.
UNIT IV CLOUD FORENSICS
Cloud Forensics. Cloud Computing Models. Defining Cloud Forensics. Server-Side Forensics. Client-Side Forensics. Challenges in Cloud Forensics. Artifacts in Cloud Forensics. Log Files of Browsers. Physical Memory. Registry. For Mobile Devices. Use of Cloud Forensics.
UNIT V MALWARE FORENSICS
Malware analysis overview. Types of Malware. Viruses. Worms. Trojan. Rootkits. Spyware. Adware. Exploits. Ransomware. Bot. Static analysis. Dynamic analysis. Analysing malware. Static analysis. Pestudio. Remnux. Dynamic analysis. Process Explorer.
SUGGESTED ACTIVITIES:
1: Analysis Network Forensics
2: Implement forensics trace from mobile phone
3: Implement Forensics on Android and iPhone Mobiles
4: Implement Cloud Forensics on AWS and Azure
5: Implement Static and Dynamic Malware Forensics
COURSE OUTCOMES:
CO1: Can explain and properly document the process of digital forensics analysis.
CO2: Understand the network attacks and forensic tools used for network forensics.
CO3: understand and analyse the different methods used for data recovery, evidence collection and data seizure from the mobile devices
CO4: Analyzes the principles, theories, and practice of cloud forensics.
CO5: Understand and analyse malware behaviour, including launching, encoding, and network signatures.
TOTAL: 45 PERIODS
REFERENCES
1. Practical Cyber Forensics, Niranjan Reddy. Apress, First Edition, 2019
2. Digital Forensics and Incident Response, Gerard Johansen. Packt Publishing, Second Edition, 2020
3. Fundamentals of Digital Forensics, Kävrestad and Joakim. Springer, First Edition 2018
4. The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics by John Sammons, Second Edition, 2012
5. Digital Forensics, André Årnes. Wiley, 2017