UniNA ITEE PhD program Ad hoc course http://itee.dieti.unina.it UNIVERSITÀ DEGLI STUDI DI NAPOLI FEDERICO II DOTTORATO DI RICERCA / PHD PROGRAM IN INFORMATION TECHNOLOGY AND ELECTRICAL ENGINEERING Ad hoc course announcement Title: Digital Forensics’ methods, practices and tools Lecturer: Dr. Giovanni Cozzolino University of Naples Federico II Department of Electrical Engineering and Information Technology (DIETI) Giovanni Cozzolino is a fixed term assistant professor at the Department of Electrical Engineering and Information Technology (DIETI) of the University of Naples Federico II. He received the Ph.D. in Information Technology and Electrical Engineering from the University of Naples Federico II, in 2019. His main research interests include in the areas of Digital Forensics, data integration, knowledge management and embedded systems. Credits: 3 Overview As Information Technology systems are involved in almost all daily activities (related to business and industrial purposes, safety systems, education or entertainment, etc.), humans continuously generate digital traces that may be deemed to be of value, for industrial or legal purposes, or even as a resource for cyber-criminals. Whatever the motivation, the examination of digital evidences falls within the realm of Digital Forensics (DFs). The goal of this module is to present an overview of DFs practices, with particular regards on Computer, Network and Mobile Forensics. More in detail, the course will cover the regulatory aspects to be compliant with, the methodology to identify, collect and analyse evidences, the different hardware and software tools used to collect the data, the challenges to face for correlation of data coming from different devices and to avoid antiforensic techniques. There will be a final assessment, where students are requested to provide a good quality presentation about the potential application of DFs methodology and techniques in the context of their research field. Student’s presentations will take place in the last lesson. Details about the presentation will be given during the course. Lectures’ schedule Lecture Date Time Topics 1 03/11 17:00/19:00 Intro to DFs, regulation and standards, Digital Evidence definition, methodology for a DFs investigation, ethics concerns. 2 05/11 17:00/19:00 Static Digital Forensics. imaging, file system analysis, collecting evidence. Data Carving, Data Recovery, Data Analysis. Tools. 3 06/11 17:00/19:00 Live Digital Forensics: memory analysis, network traffic, cloud providers. Tools 4 09/11 17:00/19:00 Mobile Forensics: logical and physical acquisition of a mobile devices, app analysis, rooted devices. Tools. 5 10/11 17:00/19:00 Correlation and reporting of evidence, Incident response, documentation. Antiforensics tecniques, data protection and password cracking. TBD TBD Assessment test Microsoft Teams – Team code: rjjjn6i Contacts for additional info: Dr. Giovanni Cozzolino – [email protected]

Title: Digital Forensics’ methods, practices and tools

Download PDF Report

Upload
others
View
1
Download
0

Embed Size (px)

Citation preview

Page 1: Title: Digital Forensics’ methods, practices and tools

UniNAITEEPhDprogram Adhoccourse http://itee.dieti.unina.it

UNIVERSITÀ DEGLI STUDI DI NAPOLI FEDERICO IIDOTTORATO DI RICERCA / PHD PROGRAM IN

INFORMATION TECHNOLOGY AND ELECTRICAL ENGINEERING

Adhoccourseannouncement

Title: DigitalForensics’methods,practicesandtools

Lecturer: Dr.GiovanniCozzolinoUniversityofNaplesFedericoIIDepartmentofElectricalEngineeringandInformationTechnology(DIETI)

GiovanniCozzolinoisafixedtermassistantprofessorattheDepartmentofElectricalEngineeringandInformationTechnology(DIETI)oftheUniversityofNaplesFedericoII.HereceivedthePh.D.inInformationTechnologyandElectricalEngineeringfromtheUniversityofNaplesFedericoII,in2019.HismainresearchinterestsincludeintheareasofDigitalForensics,dataintegration,knowledgemanagementandembeddedsystems.

Credits: 3

OverviewAs Information Technology systems are involved in almost all daily activities (related tobusinessand industrialpurposes, safetysystems,educationorentertainment,etc.),humanscontinuouslygeneratedigitaltracesthatmaybedeemedtobeofvalue,forindustrialorlegalpurposes, or even as a resource for cyber-criminals. Whatever the motivation, theexaminationofdigitalevidencesfallswithintherealmofDigitalForensics(DFs).ThegoalofthismoduleistopresentanoverviewofDFspractices,withparticularregardsonComputer,NetworkandMobileForensics.Moreindetail,thecoursewillcovertheregulatoryaspectstobecompliantwith,themethodologytoidentify,collectandanalyseevidences,thedifferent hardware and software tools used to collect the data, the challenges to face forcorrelationofdatacomingfromdifferentdevicesandtoavoidantiforensictechniques.There will be a final assessment, where students are requested to provide a good qualitypresentation about the potential application of DFs methodology and techniques in thecontext of their research field. Student’s presentations will take place in the last lesson.Detailsaboutthepresentationwillbegivenduringthecourse.Lectures’scheduleLecture Date Time Topics

1 03/11 17:00/19:00 IntrotoDFs,regulationandstandards,DigitalEvidencedefinition,methodologyforaDFsinvestigation,ethicsconcerns.

2 05/11 17:00/19:00 StaticDigitalForensics.imaging,filesystemanalysis,collectingevidence.DataCarving,DataRecovery,DataAnalysis.Tools.

3 06/11 17:00/19:00 LiveDigitalForensics:memoryanalysis,networktraffic,cloudproviders.Tools

4 09/11 17:00/19:00 MobileForensics:logicalandphysicalacquisitionofamobiledevices,appanalysis,rooteddevices.Tools.

5 10/11 17:00/19:00 Correlationandreportingofevidence,Incidentresponse,documentation.Antiforensicstecniques,dataprotectionandpasswordcracking.

TBD TBD Assessmenttest

MicrosoftTeams–Teamcode:rjjjn6iContactsforadditionalinfo:Dr.GiovanniCozzolino–[email protected]