20-21 IY5609: Digital Forensics
This module covers foundations and some theoretical background for the preservation, collection, examination, and analysis of digital evidence.
The course introduces principles of forensic science and sketches relevant aspects of general and UK legal and regulatory principles, but is not limited to digital forensics as used in courts of law since areas such as compliance monitoring and even the analysis of cyber security breaches ralso rely on these techniques and principles.
The module covers methods for the collection and analysis of digital evidence, highlighting limitations and fragility of evidence as well as susceptibility to malicious manipulation.
The module covers storage as well as network forensics technique, and emphasises host-based techniques for analysing memory and live system behaviour with an emphasis on Microsoft Windows and selected mobile platforms (Apple iOS and Google Android) with more limited coverage of Linux environments.
The course introduces principles of forensic science and sketches relevant aspects of general and UK legal and regulatory principles, but is not limited to digital forensics as used in courts of law since areas such as compliance monitoring and even the analysis of cyber security breaches ralso rely on these techniques and principles.
The module covers methods for the collection and analysis of digital evidence, highlighting limitations and fragility of evidence as well as susceptibility to malicious manipulation.
The module covers storage as well as network forensics technique, and emphasises host-based techniques for analysing memory and live system behaviour with an emphasis on Microsoft Windows and selected mobile platforms (Apple iOS and Google Android) with more limited coverage of Linux environments.