BSc level basics in operating systems, data communication and network security.
Expected learning outcomes
Students are able to explain the fundamental principles of digital forensics. The students are able to survey a digital crime scene and to acquire, analyze and present digital evidence in a forensically sound manner. The students are further expected to be able to scientifically document theoretical and experimental results related to forensic investigations, and to evaluate the validity of evidence presented by another party.
- Digital investigations and evidence
- Chain of custody and forensic soundness
- Timeline analysis
- Live system forensics
- File system forensics
- Forensic reconstructions
- Internet and network forensics
- Cybercrime law
- Advanced topics if time permits
Form(s) of Assessment
Form(s) of Assessment (additional text)
Project report (40%)
Final exam (3 hours) (40%)
Final presentation (20%)
Alphabetical Scale, A(best) – F (fail)
For the final exam: Ordinary re-sit examination.
Dan Farmer and Wietse Venema: Forensic Discovery, Addison-Wesley, 2005 (ISBN 0-201-63497-x)
Presentation material and 8 selected papers
Knowledge of Linux is an advantage.
In case there will be less than 5 students that will apply for the course, it will be at the discretion of the head of the study program whether the course will be offered or not an if yes, in which form.