Course detail

Digital Forensics (in English)

FIT-DFAaAcad. year: 2023/2024

The course focuses on the role of computer forensics and the methods used in the investigation of computer crimes. The course explains the need for proper investigation and illustrates the process of locating, handling, and processing computer evidence. A detailed explanation of how to efficiently manage a forensics investigation and how to preserve and present evidence is covered.

Language of instruction

English

Number of ECTS credits

5

Mode of study

Not applicable.

Guarantor

doc. Ing. Ondřej Ryšavý, Ph.D.

Department

Department of Information Systems (UIFS)

Offered to foreign students

Of all faculties

Entry knowledge

Basic knowledge of operating systems, storage media, networks, and the ability to create simple programs.

Rules for evaluation and completion of the course

  • Project (15 points).
  • Hands-on labs (30 points). Missed labs can only be replaced if there is a serious obstacle in the study. 
  • Final exam (55 points). Minimum of 20 points of the final exam is necessary to pass the course.
 

Controlled activities include the project (15 points), hands-on labs (30 points), and the final exam (55 points). Missed labs can only be replaced if there is a serious obstacle in the study. 

Aims

The aim is to understand principles of computer forensics and the basic concepts used in a computer forensics examination; introduces techniques required for conducting a forensic analysis of systems and data.


Student acquaints basic concepts and principles of computer forensics and skills in a computer forensic examination.

Study aids

Not applicable.

Prerequisites and corequisites

Not applicable.

Basic literature

Daren Hayes, Practical Guide to Digital Forensics Investigations, Pearson IT Certification; 2nd edition, 2020. (EN)
Gerard Johansen: Digital Forensics and Incident Response: Incident response techniques and procedures to respond to modern cyber threats, Packt Publishing; 2nd edition, 2020 (EN)

Recommended reading

Bruce Nikkel , Practical Linux Forensics, No Starch Press, 2021 (EN)
Nipun Jaswal: Hands-On Network Forensics: Investigate network attacks and find evidence using common network forensic tools,  Packt Publishing, 2019. (EN)

Elearning

eLearning: currently opened course

Classification of course in study plans

  • Programme IT-MSC-2 Master's

    branch MGMe , 0 year of study, summer semester, compulsory-optional

  • Programme IT-MSC-2 Master's

    branch MBS , 0 year of study, summer semester, elective
    branch MPV , 0 year of study, summer semester, elective
    branch MIS , 0 year of study, summer semester, elective
    branch MIN , 0 year of study, summer semester, elective
    branch MGM , 0 year of study, summer semester, elective
    branch MBI , 0 year of study, summer semester, elective
    branch MSK , 0 year of study, summer semester, elective
    branch MMM , 0 year of study, summer semester, elective

  • Programme MIT-EN Master's 0 year of study, summer semester, compulsory-optional

  • Programme MITAI Master's

    specialization NISY , 0 year of study, summer semester, elective
    specialization NSPE , 0 year of study, summer semester, elective
    specialization NBIO , 0 year of study, summer semester, elective
    specialization NSEN , 0 year of study, summer semester, elective
    specialization NVIZ , 0 year of study, summer semester, elective
    specialization NGRI , 0 year of study, summer semester, elective
    specialization NADE , 0 year of study, summer semester, elective
    specialization NISD , 0 year of study, summer semester, elective
    specialization NMAT , 0 year of study, summer semester, elective
    specialization NSEC , 0 year of study, summer semester, elective
    specialization NISY up to 2020/21 , 0 year of study, summer semester, elective
    specialization NCPS , 0 year of study, summer semester, elective
    specialization NHPC , 0 year of study, summer semester, elective
    specialization NNET , 0 year of study, summer semester, elective
    specialization NMAL , 0 year of study, summer semester, elective
    specialization NVER , 0 year of study, summer semester, elective
    specialization NIDE , 0 year of study, summer semester, elective
    specialization NEMB , 0 year of study, summer semester, elective
    specialization NEMB up to 2021/22 , 0 year of study, summer semester, elective

  • Programme IT-MGR-1H Master's

    specialization MGH , 0 year of study, summer semester, recommended course

Type of course unit

 

Lecture

26 hod., optionally

Teacher / Lecturer

doc. Ing. Ondřej Ryšavý, Ph.D.
Ing. Radek Hranický, Ph.D.
M.Sc. Nelson Makau Mutua

Syllabus

  1. Investigation Techniques
  2. Data Acquisition
  3. Data Recovery and Analysis
  4. Windows System Forensics
  5. Microsoft 365 Forensics
  6. Web Browser Forensics
  7. Events and Logs
  8. Network Forensics
  9. Encryption Traffic Analysis
  10. Memory Forensics
  11. Malware Analysis
  12. Password Recovery
  13. Case Study

 

Laboratory exercise

13 hod., compulsory

Teacher / Lecturer

M.Sc. Nelson Makau Mutua
doc. Ing. Ondřej Ryšavý, Ph.D.
Ing. Radek Hranický, Ph.D.

Syllabus

Hands-on activities in the following areas:

  1. Investigation Techniques Basics
  2. Data Acquisition
  3. Data Recovery and Analysis
  4. Windows System Forensics
  5. Microsoft 365 Forensics
  6. Web Browser Forensics
  7. Events and Logs
  8. Network Forensics
  9. Encryption Traffic Analysis
  10. Memory Forensics
  11. Malware Analysis
  12. Password Recovery
  13. Case Study

Project

13 hod., compulsory

Teacher / Lecturer

doc. Ing. Ondřej Ryšavý, Ph.D.

Syllabus

Performing the investigation of the selected cases. Solving the cases and writing the report.

Elearning

eLearning: currently opened course