IF4003 Cyber Forensics Syllabus:

IF4003 Cyber Forensics Syllabus – Anna University PG Syllabus Regulation 2021

COURSE OBJECTIVES:

 Emphasise the importance of digital forensics
 Can conduct a digital investigation in an organised and systematic way
 Understand the in-depth concept of Network Forensics
 Understand the in-depth concept of Mobile and Cloud Forensics
 Understand and perform basic static and dynamic malware analysis

UNIT I FORENSIC FUNDAMENTALS

Legal aspects. Laws and regulations. Rules of evidence. Digital forensic fundamentals. A brief history. The digital forensic process. Identification. Preservation. Collection. Proper evidence handling. Chain of custody. Examination. Analysis. Presentation. Digital forensic lab. Physical security. Tools. Hardware. Forensics Investigation Process. Incident. Identification. Seizure. Imaging. Hashing. Analysis. Reporting. Preservation. Forensic Protocol for Evidence Acquisition. Digital Forensics Standards and Guidelines. Digital Evidence. Write Blockers. What Is a Forensic Triage?. What Is a Cybercrime?.

UNIT II NETWORK FORENSICS

Network Evidence – Types of Network Monitoring – Setting Up a Network Monitoring System – Network Data Analysis – Email Clients – Email Tracing – Internet Fraud – Spam Investigations, Network Security and Forensic Techniques – Reconnaissance techniques, Recovery of protected data – Encrypted media – Password cracking, Reporting.

UNIT III MOBILE FORENSICS

Acquisition Protocol- Unlocking with Face ID or Touch ID – Android Operating System. Rooting an Android Device – Android Debug Bridge- Methods for Screen Lock Bypass- Manual Extraction – Physical Acquisition. Tools for Image Extraction – Image Extraction of an Android Device – JTAG Chip-Off – Micro-read -Challenges in Mobile Forensics- iOS Operating System-iOS Device Boot Process-Jailbreak vs. No Jailbreak-iOS File System and Architecture- iTunes.

UNIT IV CLOUD FORENSICS

Cloud Forensics. Cloud Computing Models. Defining Cloud Forensics. Server-Side Forensics. Client-Side Forensics. Challenges in Cloud Forensics. Artifacts in Cloud Forensics. Log Files of Browsers. Physical Memory. Registry. For Mobile Devices. Use of Cloud Forensics.

UNIT V MALWARE FORENSICS

Malware analysis overview. Types of Malware. Viruses. Worms. Trojan. Rootkits. Spyware. Adware. Exploits. Ransomware. Bot. Static analysis. Dynamic analysis. Analysing malware. Static analysis. Pestudio. Remnux. Dynamic analysis. Process Explorer.

SUGGESTED ACTIVITIES:

1: Analysis Network Forensics
2: Implement forensics trace from mobile phone
3: Implement Forensics on Android and iPhone Mobiles
4: Implement Cloud Forensics on AWS and Azure
5: Implement Static and Dynamic Malware Forensics

COURSE OUTCOMES:

CO1: Can explain and properly document the process of digital forensics analysis.
CO2: Understand the network attacks and forensic tools used for network forensics.
CO3: understand and analyse the different methods used for data recovery, evidence collection and data seizure from the mobile devices
CO4: Analyzes the principles, theories, and practice of cloud forensics.
CO5: Understand and analyse malware behaviour, including launching, encoding, and network signatures.

TOTAL: 45 PERIODS

REFERENCES

1. Practical Cyber Forensics, Niranjan Reddy. Apress, First Edition, 2019
2. Digital Forensics and Incident Response, Gerard Johansen. Packt Publishing, Second Edition, 2020
3. Fundamentals of Digital Forensics, Kävrestad and Joakim. Springer, First Edition 2018
4. The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics by John Sammons, Second Edition, 2012
5. Digital Forensics, André Årnes. Wiley, 2017

Related posts:

  1. MP4291 Cyber Physical Systems Syllabus