Computer Forensics
A.Y. 2024/2025
Learning objectives
The course aims to give students basic skills in the field of Computer Forensics including theoretical, technical, methodological and legal rules that those working in the sector must follow
Expected learning outcomes
At the end of the course the student will be able to perform the following operations: acquisition, storage, analysis and production of recovered digital data contained in media and network traffic, for their use in trials.
Lesson period: First four month period
Assessment methods: Esame
Assessment result: voto verbalizzato in trentesimi
Single course
This course can be attended as a single course.
Course syllabus and organization
Single session
Responsible
Lesson period
First four month period
Course syllabus
Introduction to Digital Forensics.
Methodology in Digital Forensics.
ISO standards in Digital Forensics.
ISO standard 27037: Guidelines for identification, collection, acquisition, and preservation of digital evidence
Disk forensics: technical issues, tools and challenges in acquisition and analysis.
Virtual machine as methodology/tool in Digital forensic analysis.
Mobile forensics: technical issues, tools and challenges in acquisition and analysis.
Network forensics: technical issues, tools and challenges in acquisition and analysis.
Embedded forensics: technical issues, tools and challenges in acquisition and analysis.
Methodology in Digital Forensics.
ISO standards in Digital Forensics.
ISO standard 27037: Guidelines for identification, collection, acquisition, and preservation of digital evidence
Disk forensics: technical issues, tools and challenges in acquisition and analysis.
Virtual machine as methodology/tool in Digital forensic analysis.
Mobile forensics: technical issues, tools and challenges in acquisition and analysis.
Network forensics: technical issues, tools and challenges in acquisition and analysis.
Embedded forensics: technical issues, tools and challenges in acquisition and analysis.
Prerequisites for admission
It is recommended to have passed the exam on operating systems and computer networks.
Teaching methods
Lectures and exercises.
Teaching Resources
Slides.
R. Murenec, Digital forensics, Egaf, 2024.
Other books and articles:
A. Marcella, F. Guillossou, Cyber Forensics: From Data to Digital Evidence, Wiley, 2012.
B. Carrier, File system forensic analysis, Addison-Wesley, 2005.
C. Maioli (a cura di), Questioni di Computer Forensics, Aracne, 2015. Pag. 239-261.
D. Farmer, W. Venema, Forensics discovery, Addison-Wesley, 2005
Department of Justice, Electronic crime scene investigation: a guide for first responders, NIJ Guide, 2001.
E. Casey, Handbook of Computer Crime Investigation, Academic Press, 2002.
G. Corasaniti, G. Corrias Lucente (a cura di), Cybercrime, responsabilità degli utenti, prova digitale, Cedam, 2009.
G. Ghirardini, G. Faggioli, Digital forensics, Apogeo, 2013.
G. Vaciago, Digital Evidence, Giappichelli, 2012.
J. Anastasi, The new forensics, Wiley, 2003.
J. Hoy, Forensic Radio Survey Techniques for Cell Site Analysis, Wiley, 2014
S. Aterno, P. Mazzotta, La perizia e la consulenza tecnica - con approfondimento in tema di Perizie Informatiche (analisi e schede tecniche di D. Caccavella), CEDAM, 2006
US Department of Justice, Federal Guidelines for Searching and Seizing Computer, 1995.
W.G. Kruse, J.G. Heiser, Computer Forensics, Incident Response Essentials, Addison-Wesley, 2002.
R. Murenec, Digital forensics, Egaf, 2024.
Other books and articles:
A. Marcella, F. Guillossou, Cyber Forensics: From Data to Digital Evidence, Wiley, 2012.
B. Carrier, File system forensic analysis, Addison-Wesley, 2005.
C. Maioli (a cura di), Questioni di Computer Forensics, Aracne, 2015. Pag. 239-261.
D. Farmer, W. Venema, Forensics discovery, Addison-Wesley, 2005
Department of Justice, Electronic crime scene investigation: a guide for first responders, NIJ Guide, 2001.
E. Casey, Handbook of Computer Crime Investigation, Academic Press, 2002.
G. Corasaniti, G. Corrias Lucente (a cura di), Cybercrime, responsabilità degli utenti, prova digitale, Cedam, 2009.
G. Ghirardini, G. Faggioli, Digital forensics, Apogeo, 2013.
G. Vaciago, Digital Evidence, Giappichelli, 2012.
J. Anastasi, The new forensics, Wiley, 2003.
J. Hoy, Forensic Radio Survey Techniques for Cell Site Analysis, Wiley, 2014
S. Aterno, P. Mazzotta, La perizia e la consulenza tecnica - con approfondimento in tema di Perizie Informatiche (analisi e schede tecniche di D. Caccavella), CEDAM, 2006
US Department of Justice, Federal Guidelines for Searching and Seizing Computer, 1995.
W.G. Kruse, J.G. Heiser, Computer Forensics, Incident Response Essentials, Addison-Wesley, 2002.
Assessment methods and Criteria
Written exam: 7 questions
IUS/20 - PHILOSOPHY OF LAW - University credits: 6
Lessons: 48 hours