CS 483

Digital Forensics

Spring 2008

 

Syllabus

 

 Assignments:

Assignment 1

Assignment 2

Assignment 3

Project Phase 1

Project Phase 2

 

 Project Resources:
Helix Forensic Tools

Peer Evaluation form

Sample Language ... Affidavits to Search and Seize Computers

Sample Affidavit

Contents of an Affidavit

Forensics Pages:

Northwest Regional Computer Forensics Laboratory (NWRCFL)

The Scientific Working Group on Digital Evidence (SWGDE)

 

Lecture Material

 

Lecture 1

Lecture 2

Lecture 3

Lecture 4

Note 1 Examples

Lecture 5

Lecture 6

Lecture 7

Lecture 8

Note 2 Examples

Lecture Helix

Midterem Exam Review

Lecture 9

 

Lecture 10

Lecture 11

Lecture 12

End of Coursse Info

Final Exam Review

Lecture 13

Lecture 14

A Framework of Distributed Agent-based Network Forensics System, Dr. Ren Wei

Note 2 Examples

Note 3 Examples

Counter-Forensic by Matthew Geiger

Cross-drive Analysis by Simson L. Garfinkel

Steganography and Data Hiding, Steve Russelle

Information Hiding - A Survey

Covert Channels in the TCP/IP Protocol Suite , Craig H. Rowland

F5—A Steganographic Algorithm, Andreas Westfeld

 

Papers and Links

Crypto Gram - interesting current news stories on computer crime, security, cryptography
Forensic Analysis of Internet Explorer Activity Files by Keith J. Jones
Forensics on the Windows Platform, Part One, Jamie Morris
Forensics on the Windows Platform, Part Two, Jamie Morris
Freeware Forensics Tools for Unix, Derek Cheng
Win32 - Evidence Gathering, Adrian Leuenberger, Apr 2004
Windows Forensics - A Case Study: Part One, Stephen Barish, SecurityFocus InFocus Article, Dec 2002
Windows Forensics - A Case Study: Part Two, Stephen Barish, SecurityFocus InFocus Article, Mar 2003
Computer Forensics: Introduction to Incident Response and Investigation of Windows NT/2000, Norman Haase, December 4, 2001
Digital ForensicsCompilation Page I
Digital Forensics Compilation Page II