UNIVERSITY OF MASSACHUSETTS LOWELL

 

DEPARTMENT OF COMPUTER SCIENCE

 

91.460.203 -- Selected Topics: Cyber Crime Investigation

 

Fall 2015

 

Instructor:

Dr. Xinwen Fu

Office

203 Olsen Hall

Phone

(978) 934-3623

E-Mail

xinwenfu@cs.uml.edu         

Homepage

http://www.cs.uml.edu/~xinwenfu

Office Hours:

Tu. 2:00PM ~ 3:30PM

 

Course Name:

91.460.203 -- Selected Topics: Cyber Crime Investigation

Credits:

3.00

Duration:

Sep 1, 2015- Dec 9, 2015

Time:

Tu 5:30PM - 8:00PM

Location:

TBD

 

TA:

TBD

Email:

TBD

 

COURSE DESCRIPTION

This class introduces students to computer forensics and network forensics, which are two major components of digital forensics. The class will cover topics including introduction to criminology, legal compliance, applicable laws, affidavits, root cause analysis, case law, chain of custody, digital Investigations, authentication of evidence, metadata, using virtual machines for analysis, how to testify, E-Discovery, HIPAA / FERPA, computer cecurity act, Sarbanes - Oxley Act, Gramm - Leach - Bliley Act, Children's Online Privacy Protection Act (COPPA), payment card industry data security standard (PCI DSS), state, US and international standards / jurisdictions, laws and authorities, US Patriot Act, Bring Your Own Device (BYOD) issues, Americans with Disabilities Act, Section 508, forensic imaging and analysis, packet capture and analysis, intrusion detection and prevention, summary statistics, graphing/charts, spreadsheet functions, problem solving, log-file analysis, interlacing of device and network forensics.

 

COURSE PREREQUISITES:

 

DESCRIPTION OF INSTRUCTIONAL METHODS:

 

COURSE REQUIREMENTS

 

Class Attendance Policy

Students should attend the class in the classroom.

 

Cheating and Plagiarism Policy

All forms of academic dishonesty will result in an F for the course and notification of the Academic Dishonesty Committee.  Academic dishonesty includes (but is not limited to) plagiarism, copying answers or work done by another student (either on an exam or assignment), allowing another student to copy from you, and using unauthorized materials during an exam.

 

Make-up Exams

 

COURSE GOALS

 

 EVALUATION PROCEDURES

 Components of Course Grade:

Attendance

10%

Assignments (5~10)

20%

Midterm Exam

30%

Final Exam

30%

Term Project

10%

 

Grade Scale: A+(4.0), A(4.0), A-(3.7), B+(3.3), B(3.0), B-(2.7), C+(2.3), C(2.0), and F (0.0)

A

85 ~ 100

B

70 ~ 84.9

C

60 ~ 69.9

D

50 ~ 59.9

F

below 50

 

Homework Assignments

 

Exams

 

Projects

 

UNIVERSITY DEADLINES: Please refer to the university calendar.

 

EARLY ALERT STATEMENT

Academic Success Support

As your professor, I am personally committed to supporting YOUR academic success in this course.  For that reason, if you demonstrate any academic performance or behavioral problems which may impede your success, I will personally discuss and attempt to resolve the issue with you.  If the situation persists, I will forward my concern to the Student Development Office and your academic advisor to seek their support and assistance in the matter.  My goal is to make your learning experience in this course as meaningful and successful as possible.

 

Americans with Disabilities Act (ADA) Statement

The University is committed to serving all students with disabilities as defined by the Rehabilitation Act of 1973 and the Americans with Disabilities Act of 1990. A qualified person with a disability means: an individual with a disability who, with or without reasonable modifications to rules, policies, or practices, the removal of architectural, communication or transportation barriers, or the provision of auxiliary aids and services, meets the essential eligibility requirements for the receipt of services or the participation in programs or activities provided by a public entity.

 

Questions concerning services for people with learning and physical disabilities should be directed to

Jody Goldstein, MSSW

Student Disability Services

One University Avenue

Cumnock Hall C6

Lowell, MA 01854

978-934-4574

E-mail: Disability@uml.edu

http://www.uml.edu/STUDENT-SERVICES/disability/default.html

 

TENTATIVE CLASS SCHEDULE

The schedule may be adjusted based on the actual progress in the semester.

Week 1 Textbook Introduction to criminology  
Week 2 Computer Forensics and Investigations Chapter 1 Legal Compliance Lab/Project Students shall be able to use one or more common DF tools, such as EnCase, FTK, ProDiscover, Xways, SleuthKit.
Chapter 1 Applicable Laws
Chapter 1,P13 Affidavits
Supplementary Root Cause Analysis Writing Assignment Students will be able to describe the steps in performing digital forensics from the initial recognition of an incident through the steps of evidence gathering, preservation and analysis, through the completion of legal proceedings.
Chapter 1, P8 Case Law
Chapter 1 Chain of custody
Week 3 Computer Forensics and Investigations Chapter 2 Digital Investigations
Week 4 Computer Forensics and Investigations Chapter 5: indentifying Digital Evidence Authentication of Evidence
Week 5 Computer Forensics and Investigations Chapter 6:P210 metadata in NTFS Metadata
Week 6 Computer Forensics and Investigations Chapter 11 Using Virtual Machines for Analysis
Week 7 Computer Forensics and Investigations Chapter 15 How to Testify
E-Discovery
Week 8 Mid-term
Week 9 Elementary Information Security Chapter 4.5.2 HIPAA / FERPA Writing Assignment Students shall be able to discuss the rules, laws, policies, and procedures that affect digital forensics
Chapter 17.3 Computer Security Act
Chapter 4.5.2 Sarbanes – Oxley
Chapter 4.5.2 Gramm – Leach – Bliley
Supplementary Privacy (COPPA)
Chapter 4.5.2 Payment Card Industry Data Security Standard (PCI DSS)
Chapter 1.6 State, US and international standards / jurisdictions
Supplementary Laws and Authorities
Supplementary US Patriot Act
Supplementary Bring Your Own Device (BYOD) issues
Supplementary Americans with Disabilities Act, Section 508
Week 10 Network Forensics Chapter 1 ecblank,ecblank,ecblank,ecblank,ecblank,ecblank
Forensic Imaging and Analysis
ecblank
Week 11 Network Forensics Chapter 4 Packet Capture and Analysis Writing Assignment Students will be able to describe the methodologies used in network forensics.
Week 12 Network Forensics Chapter 7 Intrusion Detection and Prevention Lab/Project Students will be able to analyze and decipher network traffic, identify anomalous or malicious activity, and provide a summary of the effects on the system.
Week 13 From papers Supplementary ecblank,ecblank,ecblank
Summary statistics
Supplementary Graphing/Charts
Supplementary ecblank
Spreadsheet Functions
Supplementary ecblank
Problem Solving
Week 14 Network Forensics Chapter 8 Log-file Analysis 8.5 Case Study ecblank
Apply standard statistical inference procedures to draw conclusions from data
Week 15 Network Forensics Chapter 9 Interlacing of device and network forensics