CMPS 5443-4883: Computer Forensics

Summer semester 2014

Instructor: Dr. Nelson L. Passos
Office: Bolin Science Hall 126B
Office phone: 397-4129
E-mail: nelson.passos@mwsu.edu
Web page: http://cs.mwsu.edu/~passos
Office Hours: MTWR    1:00 - 3:00 pm
Class Hours:

MTWR  3  :00 - BO 127


Course Description:

Study of techniques used to identify attacks to computer systems and recover data to be used as evidence in any sort of investigation. Includes an introduction to criminal forensics, evaluation of security flaws, network attacks, information hiding, protection tools. It also includes an introduction to PERL scripts and data communication.

Text book:

Windows Forensic Analysis Toolkit, Third Edition: Advanced Analysis Techniques for Windows 7, by Harlan Carvey. (recommended)

Lecture Notes and Test Files:

CMPS 5443/4883-part 1

CMPS 5443/4883-part 2

CMPS 5443/4883-part 3

CMPS 5443/4883-part 4

CMPS 5443/4883-part 5

CMPS 5443/4883-part 6

CMPS 5443/4883-part 7

CMPS 5443/4883-part 8

CMPS 5443/4883-part 9

Data file

Tentative Agenda:

June          July        Grading

June


Jun  2-  

Introduction to computer forensics - Ethics

Jun  3- 

Introduction to computer forensics - Fundamentals

Jun  4- 

File Systems - Computer communication OSI and TCP/IP

Jun  5- 

Computer communication OSI and TCP/IP

Jun  9- 

Introduction to Perl and Powershell

Jun 10- 

Introduction to Perl and Powershell

Jun 11- 

Security incidents

Jun 12- 

Test # 1

Jun 16- -

Hiding data

Jun 17- 

Hiding data

Jun 18- 

Anticipating problems

Jun 19- 

Some tools

Jun 23- 

Rootkits and other clues

Jun 24- 

Scanners and Sniffers

Jun 25-

Scanners and Sniffers

Jun 26- 

Presentations/discussion

Jun 30-  Presentations/discussion



July


Jul  1- 

Test # 2

Jul  2- 

E-mail headers - Test review

Jul  3- 

[Finals]



Grading



Tests: 25 % (each)
Assignments: 25 %
Presentation/reports: 20 %
Class Participation: 5 %


E-mail address:

nelson.passos@mwsu.edu

Back to Dr. Passos Home Page