Digital Forensics (in English)

• 26 hrs lectures
• 13 hrs laboratories
• 13 hrs projects

• 55 pts final exam (written part)
• 30 pts numeric exercises
• 15 pts projects

Student acquaints basic concepts and principles of computer forensics and skills in a computer forensic examination.

The aim is to understand principles of computer forensics and the basic concepts used in a computer forensics examination; introduces techniques required for conducting a forensic analysis of systems and data.

The course prepares students for the possible role of cyber attack investigator or forensic analyst within security teams.

Basic knowledge of operating systems, storage media, networks, and the ability to create simple programs.

• Nipun Jaswal: Hands-On Network Forensics: Investigate network attacks and find evidence using common network forensic tools,  Packt Publishing, 2019.
• Bruce Nikkel , Practical Linux Forensics, No Starch Press, 2021

• Daren Hayes, Practical Guide to Digital Forensics Investigations, Pearson IT Certification; 2nd edition, 2020.
• Gerard Johansen: Digital Forensics and Incident Response: Incident response techniques and procedures to respond to modern cyber threats, Packt Publishing; 2nd edition, 2020

1. Introduction to Forensic Investigation
2. Forensic Data Acquisition
3. Hands-on Lab: Forensic Data Acquisition and Analysis
4. Computer Forensic Examination
5. Hands-on lab: Web Browser Analysis
6. Network Forensics
7. Hands-on Lab: Network Forensics using Wireshark
8. Traffic Tunneling, VPNs, and Covert Channels
9. Hands-on Lab: Covert Channels Analysis
10. Malware Forensics
11. Hands-on Lab: Malware Forensics
12. Password Recovery 
13. Hands-on Lab: Password Recovery 

1. Forensic Data Acquisition and Analysis
2. Web Browser Analysis
3. Network Forensics using Wireshark
4. Covert Channels Analysis
5. Malware Forensics
6. Password Recovery 

Performing the investigation of the selected cases. Solving the cases and writing the report.

• Project (15 points).
• Hands-on labs (30 points). Missed labs can only be replaced if there is a serious obstacle in the study. 
• Final exam (55 points). Minimum of 20 points of the final exam is necessary to pass the course.

The course consists of lectures and related hands-on labs. Hands-on labs start with a short presentation of the problem to be solved. Then students have the time to solve the problem in the class. For each lab, the students are expected to write the report and submit it. Writing and submitting the report is the follow-up homework. 

Controlled activities include the project (15 points), hands-on labs (30 points), and the final exam (55 points). Missed labs can only be replaced if there is a serious obstacle in the study. 

As part of face-to-face activities. Possibilities of individual consultations during the teacher's consultation hours or at other times by appointment.