NATIONAL TRAINING STANDARD

COLLEGE OF ARTS AND SCIENCES

DIVISION OF SCIENCE

COMPUTER SCIENCE PROGRAMCOURSE TITLE:

Special Topics in Digital ForensicsCOURSE NUMBER: CPSC 6622 CREDIT HOURS:

3.0INSTRUCTOR:

John BuengerOFFICE:

GMT Building Room 134PHONE:

708-235-2204EMAIL:

jbuenger@govst.eduOFFICE HOURS:

M-F 8AM 4:30PMSEMESTER:

Spring 2015CATALOG DESCRIPTION:

Discusses advanced topics in digital forensics using original research and innovative applications in the emerging discipline. Areas of coverage may include mobile device forensics, web browser forensics, network forensics, applications and investigative techniques.PREREQUISITE: CPSC 4540 or equivalent RATIONALE:Digital forensics is a fast-paced and ever-developing field. This course addresses special topics pertaining to digital forensics and the impact of this technology on society.INTENDED AUDIENCE:

Computer science and technologically experienced criminal justice and public administration students, and professionals who desire to keep pace with the field of digital forensics.GRADUATE PROGRAM OBJECTIVES:1. Integrate concepts, tools, and theories to find technology-based solutions to problems;

2. Apply professional skills to model, analyze, and design components or systems that meet technical specification;

3. Apply concepts of software architectures for different development projects;

4. Utilize concepts to dissect and identify system limitation in terms of threats and vulnerabilities;

5. Work and communicate effectively, either independently or in a team, to solve problems using computer science principles;

6. Demonstrate an understanding the broad social, ethical, and professional issues of contemporary computer science practice;

7. Prepare the students with the necessary research background in Computer ScienceEXPECTED STUDENT OUTCOMES:At the completion of this course, and given appropriate study, students will become competent in their knowledge and skills of the following:Course Outcome/ObjectiveGraduate Program Objectives

1. Examine current issues pertaining to digital forensics, privacy, and information security.

1,3,6,7

2. Describe technologies used is forensics investigations.

1,4

3. Differentiate the strength and weakness for different forensics tools and methods.

2,3,5,7

4. Demonstrate the ability to: properly research a topic, produce a paper which adheres to the APA format, and address the paper to the class through a presentation.

2,3,4,6,7

5. Describe some challenging problems in digital forensics.

5,6,7

INSTRUCTIONAL MODALITIES:

This course will be organized with research/lecture/discussion, computer demonstration, and hands-on laboratory exercises. Hands-on laboratory exercises are major activities for students.

Laboratory Availability:GMT Building, Room 104, Lab Open Hours:

ACTIVITIES/ASSIGNMENTS/REQUIREMENTS:

There will be written graded assignments and due dates.There will be in class lab assignments, case study assignments, exams and projects. Each student is required to present his/her projects and submit reports by the due dates.Case Studies

Students will be given three case studies on topics such as mobile forensics, network forensics and surveillance. Students are to submit a minimum 2-3 page paper for each case. Mid-Term and Final ExamsStudents will be given two 30-50 question exams to validate their knowledge.

Mid-Term and Final Presentation/ProjectsThis course will highlight several technologies. Students are to present their own case using available technology and techniques. The preference is for a presentation, but a research paper may be submitted with permission. All topics for presentations and papers must be approved by instructor. TEXTS/LEARNING MATERIALS:None: weekly readings will be assigned by the instructor.Optional: Steve Bunting. EnCase Computer Forensics The Official EnCE: Encase Certified Examiner Study Guide (3rd Edition). Indianapolis, IN: Wiley Publishing, Inc., 2012. ISBN: 978-0-470-90106-9Reference Books:Bill Nelson, Amelia Phillips, Christopher Steuart. Guide to Computer Forensics and Investigations (4th Edition). Boston, MA: Course Technology, 2009. ISBN: 9781435498839.COURSE OUTLINE AND TENTATIVE SCHEDULE:

WEEKTopicsExpected Student Outcome

Week 11/21Introduction and Course Objectives / Review of acquisition and analysis techniques1,2,3,4,5

Week 21/28Investigative Uses of Technology: Devices, Tools, and Techniques for mobile forensics sub-branch, Social media/browsers.1,2,3,4

Week 32/4Investigative Uses of Technology: Devices, Tools, and Techniques for network forensics sub-branch (Kali). - (Case Study/Research Paper #1 Due)2,3,4

Week 42/11Investigative Uses of Technology: Devices, Tools, and Techniques for network forensics (Kali) (Mid-term Presentation/Paper topic due)3,4,5

Week 52/18Discusses advanced topics in digital forensics: Devices, Tools, and Techniques for network forensics (Kali)3,4,5

Week 62/25 Discuss Mac acquisition techniques (Mid-Term Presentations)

(Case Study/Research Paper #2 Due)3,4,5

Week 73/4Mid-Term Presentations & Discuss Malware Forensics 3,4,5

Week 83/11Mid-Term Exam (Mid-term presentations or papers due)1,2,3,4,5,6,7

Week 93/18No Class Spring Break

Week 103/25Investigative Uses of Technology: devices, Tools and techniques for Database Forensics sub-branch (Case Study/Research Paper #3 Due)1,2,3

Week 114/1Investigative Uses of Technology: devices, tools and techniques for Forensic Data Analysis sub-branch. (surveillance technology & techniques) 2,3,4

Week 124/8Advanced Acquisition and Analysis Tools (EnCase) (Final Presentation/Paper topics due)2,3,4

Week 134/15Advanced Acquisition and Analysis Tools (EnCase) (Case Study/Research Paper #4 Due)2,3,4

Week 144/22Advanced Acquisition and Analysis Tools (EnCase) (Final Presentations)2,3,4

Week 154/29Final Presentations4,5,6,7

Week 165/6Final Exam1,2,3,4,5,6,7

COURSE EVALUATION:Final grade in the course will be based on the following:Midterm (Exam and Project/Presentation)35%

Final (Exam and Project/Presentation) 35%

Discussions / In-class Labs / Case Studies30%

After the numerical grade has been calculated, the letter grade will be determined as follows:

A90100% of the total percentage points possible

B8089.9% of the total percentage points possible

C7079.9% of the total percentage points possible

D6069.9% of the total percentage points possible

Fbelow 60% of the total percentage points possible

DISABILITY STATEMENT:

GSU is committed to providing all students equal access to all university programs and facilities. Students who have a documented physical, psychological, or learning disability and need academic accommodations, must register with Access Services for Students with Disabilities (ASSD). Please contact the Coordinator of ASSD in Room B1201 in person; by e-mail, assd@govst.edu; or by calling 708.235.3968. If you are already registered, please contact your instructor privately regarding your academic accommodations.

STATEMENT ON ACADEMIC HONESTY:

Students are expected to fulfill academic requirements in an ethical and honest manner. This expectation pertains to the following: use and acknowledgment of the ideas and work of others, submission of work to fulfill course requirements, sharing of work with other students, and appropriate behavior during examinations. These ethical considerations are not intended to discourage people from studying together or from engaging in group projects. The university policy on academic honesty appears in the catalog appendix, which can be found on the website at http://www.govst.edu/catalog/catback08.pdf#nameddest=appendix.1