Computer Forensics

A.Y. 2024/2025
6
Max ECTS
48
Overall hours
SSD
ING-INF/05
Language
Italian
Learning objectives
The course aims to give students basic skills in the field of Computer Forensics including theoretical, technical, methodological and legal rules that those working in the sector must follow
Expected learning outcomes
At the end of the course the student will be able to perform the following operations: acquisition, storage, analysis and production of recovered digital data contained in media and network traffic, for their use in trials.
Single course

This course can be attended as a single course.

Course syllabus and organization

Single session

Responsible
Lesson period
Second semester
Course syllabus
Introduction to Digital Forensics.
Methodology in Digital Forensics.
ISO standards in Digital Forensics.
ISO standard 27037: Guidelines for identification, collection, acquisition, and preservation of digital evidence
Disk forensics: technical issues, tools and challenges in acquisition and analysis.
Virtual machine as methodology/tool in Digital forensic analysis.
Mobile forensics: technical issues, tools and challenges in acquisition and analysis.
Network forensics: technical issues, tools and challenges in acquisition and analysis.
Embedded forensics: technical issues, tools and challenges in acquisition and analysis.
Prerequisites for admission
It is recommended to pass exams on operating systems.
Teaching methods
Lectures and exercises.
Teaching Resources
Slides.
R. Murenec, Digital forensics, Egaf, 2024.

Other books and articles:
A. Marcella, F. Guillossou, Cyber Forensics: From Data to Digital Evidence, Wiley, 2012.
B. Carrier, File system forensic analysis, Addison-Wesley, 2005.
C. Maioli (a cura di), Questioni di Computer Forensics, Aracne, 2015. Pag. 239-261.
D. Farmer, W. Venema, Forensics discovery, Addison-Wesley, 2005
Department of Justice, Electronic crime scene investigation: a guide for first responders, NIJ Guide, 2001.
E. Casey, Handbook of Computer Crime Investigation, Academic Press, 2002.
G. Corasaniti, G. Corrias Lucente (a cura di), Cybercrime, responsabilità degli utenti, prova digitale, Cedam, 2009.
G. Ghirardini, G. Faggioli, Digital forensics, Apogeo, 2013.
G. Vaciago, Digital Evidence, Giappichelli, 2012.
J. Anastasi, The new forensics, Wiley, 2003.
J. Hoy, Forensic Radio Survey Techniques for Cell Site Analysis, Wiley, 2014
S. Aterno, P. Mazzotta, La perizia e la consulenza tecnica - con approfondimento in tema di Perizie Informatiche (analisi e schede tecniche di D. Caccavella), CEDAM, 2006
US Department of Justice, Federal Guidelines for Searching and Seizing Computer, 1995.
W.G. Kruse, J.G. Heiser, Computer Forensics, Incident Response Essentials, Addison-Wesley, 2002.
Assessment methods and Criteria
Written exam, 7 questions
ING-INF/05 - INFORMATION PROCESSING SYSTEMS - University credits: 6
Lessons: 48 hours
Professor: Ferrazzano Michele
Professor(s)