Digital Forensics Courses

For 610 International Cyber Conflicts (3)

Cyber Security is an international problem where the perpetrators and victims of attacks may be in completely disparate locations. Cyber attacks have morphed from cyber crime and amateur display of prowess into cyber warfare and espionage among nations. While the issues are international there is little consensus on how to investigate them, create universally acceptable norms, and create international laws across multiple countries to manage them. This course discusses some of these sensitive issues regarding information security and cyber warfare. The hope is to improve understanding between professionals and students across countries in order to foster cooperation in resolving cyber conflicts. The class will include cases and discussions that will touch on the sensitive security related topics.

For 611 Supervisory Control And Data Acquisition (SCADA) Forensics (3)

Supervisory Control And Data Acquisition (SCADA) systems are computer systems controlling large-scale, industrial equipment, often underlying important infrastructural assets such as power plants, water distribution facilities, and communication networks. This class is intended to familiarize students with how to forensically investigate and secure SCADA system. Due to the nature and impact of SCADA systems on human lives they typically have more requirements than standard systems. Because SCADA systems are imbedded into critical infrastructure it is vital to understand the regulatory compliance and system governance associated with these systems. As recent events, both domestically and internationally, have demonstrated, SCADA forensics skills are increasingly important and in demand today. Prerequisites: R CRJ 281, A MAT 108, or equivalent; recommended B FOR 201 and 202.

For 613 Multimedia Forensics (3)

This course prepares students to conduct digital forensic examinations on multimedia evidence, specifically images, videos and audio files. The course builds student knowledge from the basics of multimedia types to being able to recognize anomalies in the files and identify file creation attributes. Students will learn how to examine multimedia files manually and through automated processes utilized by digital forensic tools. Students will prepare written reports outlining their findings of analysis, in a professionally acceptable manner, pursuant to administrative, civil and criminal legal proceedings. Graduate students will be expected to do extra or more advanced assignments. Prerequisites: R CRJ 281, A MAT 108, or equivalent; recommended B FOR 201 and 202.

For 614 Cyber Threat Modeling (3)

This course is an introduction to cyber threat modeling from a variety of perspectives.  Included in the course are threat modeling, application of cyber threat intelligence, analysis of technical threats, 360-degree cyber threat analysis techniques, data and information sources that feed the threat analysis cycle and hands-on exercises using security data.  The course is heavily lab-oriented and each class will have a specific lab objective to be achieved by students working in teams of two.  Periodic quizzes will make up the testing portion of the course but instead of a mid-term and final exam there will be a final lab exercise that will involve all of the tools and techniques used during the course.  That final lab will be constructed from real world events occurring during the final half of the semester. Students also will prepare a research project and present it both as a formal paper to be turned in and a class presentation. Prerequisite: B FOR 203/Working knowledge of Networking (TCP/IP protocol stack).

For 615 Hacking for Penetration Testers (3)

This course teaches students to test the defenses of a network and identify the vulnerabilities in the system by deploying tools used by hackers to anticipate how hackers might compromise networks. The course starts with an overview of the network fundamentals including protocols at different levels of the network stack. It then takes the student through the various steps of network intrusion starting with gathering information of the target network from open source intelligence, conducting reconnaissance of the network, identifying the tools to exploit the vulnerabilities, and launching attacks. The attacks covered include, spoofing, session hijacking, denial-of-services, etc. This course cannot be taken if BFOR415 is taken.