Checking date: 08/06/2021

Course: 2021/2022

Computer Forensics
Study: Bachelor in Computer Science and Engineering (218)

Coordinating teacher: PERIS LOPEZ, PEDRO

Department assigned to the subject: Department of Computer Science and Engineering

Type: Electives
ECTS Credits: 6.0 ECTS


Requirements (Subjects that are assumed to be known)
Operating Systems. Computer Networks. Cryptography and Computer Security. Security Engineering.
The course covers forensics tools, methods, and procedures used for investigation of computer crime, techniques of data recovery, protection and gathering of evidences, and expert witness skills. Upon successful completion of this course, the student will be able to: (PO a, b, c, d, e, f, g, j, k) 1. Know and use the methodology commonly used in computer forensics investigations. 2. Know and use methods for evidence gathering. 3. Use and evaluate various techniques for evidence analysis in file systems, memory and networks. 4. Install, configure and use forensics tools. 5. Get acquainted with hardware devices used in computer forensics investigations. 6. Retrieve, manipulate and organize evidences systematically. 7. Work in team, write forensics reports and present them in public. 8. Know and use standards and legal regulations linked with computer forensics investigations.
Description of contents: programme
1. Module 1 a. Introduction b. Key technical concepts 2. Module 2 a. Labs and Tools b. Evidence collection and archiving 3. Module 3 a. Anti-forensics tools and techniques b. Internet and email 4. Module 4. a. Network forensics b. Mobile device forensics 5. Module 5. a. Standards and regulations b. Legal aspects
Learning activities and methodology
Lectures, where the main theoretical concepts of the subject will be described and explained. The students will be able to follow these lectures using the appropriate course material as well as the corresponding intranet tools and bibliography. References will help the students to further elaborate on any topic of their interest. Lab sessions in computer labs where the students will work with forensics tools. Real forensics cases will be introduced and the students will have to solve several exercises that will help them to strengthen their theoretical knowledge and get acquainted with forensics tools.
Assessment System
  • % end-of-term-examination 50
  • % of continuous assessment (assigments, laboratory, practicals...) 50
Calendar of Continuous assessment
Basic Bibliography
  • Brian Carrier. File System Forensic Analysis. Addison-Wesley.
  • Cory Altheide and Harlan Carvey. Digital Forensics with Open Source Tools. Syngress Media.
  • John Sammons. The Basics of Digital Forensics. . Syngress.
  • Nelson et al.. Guide To Computer Forensics and Investigations. . Cengage Learning.
Additional Bibliography
  • Eoghan Casey. Handbook of Digital Forensics and Investigation. Academic Press Inc.
  • Harlan Cavey. Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry. Syngress Media.

The course syllabus may change due academic events or other reasons.