Basics of computer forensics 2102-M-Z3POIS-IP
Basic concepts of computer forensics (definitions, needs, requirements, legal bases, ethical aspects).
Computer forensics and information security (security of information systems). Data encryption. Basics of data encryption. Public key cryptography.
Identification of electronic evidence, securing evidence at crime scene and in a research laboratory, securing evidence. Software and technical tools for computer forensics.
System boot processes, boot disks, boot partitions, sectors and boot programs, creating CD / DVD and USB boot images, and using CD / DVD and USB drives for non-invasive access to the system under test.
File systems. Recognition of file types. Hiding data on media outside the visible structure of the file system. Hiding data in the file system. Best practices - places to look for digital evidence.
Investigative analysis - browsers, messengers, keywords. Evidence acquisition and analysis from mobile devices. Internet search for evidence.
Cybercrime in Poland and in the world.
Activities of authorities responsible for security in the area of computer forensics.
Type of course
Learning outcomes
After completing the classes at the conservatory, the student has the following knowledge, skills and social competences:
1. Classifies determinants, goals, tasks and mission of computer forensics.
2. Describes methods of non-invasive access to information systems.
3. Characterizes the trends in the development of cybercrime.
4. Knows and compares the parameters that have a fundamental impact on the security of ICT systems.
5. Has the ability to present individual stages of securing electronic evidence.
6. Understands the principles of operation of individual types of data carriers and file systems.
7. Understands the mechanisms of forensic analysis related to Internet activities.
8. Knows the methods of data encryption and the operation of security measures using private / public key cryptography.
Assessment criteria
The subject ends with a grade in the form of a written knowledge test. The final grade is issued in accordance with the scoring system according to ECTS system. The credit threshold is 50% - below the threshold the student is not credited.
The sum of points that can be obtained during the seminar is 100, including:
80 points - written test;
10 points - activity during the conservatory;
10 points - presence, including:
0 or 1 absence - 10 points
2 absences - 5 points
3 and more absences - 0 points
The final grade will be determined on the basis of the total number of points:
0-40 points: - score 2.0
50-60 points: rating 3.0
61-80 points: rating 3.5
71-80 points: rating 4.0
81-90 points: rating 4.5
91-100 points: rating 5.0
Practical placement
Not expected.
Bibliography
Basic literature:
Artur Kalinowski – Metody Inwigilacji i Elementy Informatyki Śledczej, CHS 2011
Cory Altheide, Harlan Carvey – Informatyka śledcza. Przewodnik po narzędziach open source, Helion 2014
Supplementary literature:
Jerzy Kosiński - Przestępczość teleinformatyczna 2016, WSPol w Szczytnie 2017
Harlan Carvey – Analiza śledcza i powłamaniowa. Zaawansowane techniki prowadzenia analizy w systemie Windows 7. Wydanie III, Helion 2013
Jerzy Kosiński - Paradygmaty cyberprzestępczości, Difin 2015
Additional information
Additional information (registration calendar, class conductors, localization and schedules of classes), might be available in the USOSweb system: