Cyberforensics Core Courses
- CNIT 556 - Basic Computer Forensics - 13485 - CNIT 55600 - 001 - Rogers - 1:30 pm - 2:20 pm MW, Lab 1:30 pm - 3:20 pm F + Individual Study
Covers the fundamentals of the maturing discipline of computer forensics. The focus of the course is on gaining a broad understanding of the field of study and how technology and law interact to form this forensic science. Emerging standards and current and future issues related to the field are also explored. Examines law and public policy, the computer forensic methodology, report presentation, and expert witness testimony, as well as anti-forensic techniques that can be used to obfuscate evidence. Students are exposed to theory and practice with lab exercises, thought and term papers, and a practical, as well as written, final exam.
- CNIT 557 - Advanced Research Topics In Cyber Forensics - 45535 - CNIT 55700 - 001 - Rogers - 3:30 pm - 5:20 pm T + Individual Study
Provides students at the advanced degree level the opportunity to expand their knowledge of cyber forensics. Students are expected to have fundamental understanding of cyber forensics and digital forensic science. The emphasis is on directed learning and scholarly inquiry. Possible research topics range from law and public policy to software and/or hardware development. Permission of instructor required.
- CNIT 581 - Cyber Frn Cloud/Virtual Enviro - 69894 - CNIT 58100 - CFC - Hansen - 8:30 am - 11:20 am R
There are various architectures of virtual and cloud technology environments placing different emphasis on storage, transmission, and processing of information. The student will develop skills and abilities in evaluating the patterns of evidence within this domain. This course examines the identification and acquisition of digital evidence, residing on hosts or in transmission between hosts, from different network topologies, and protocols. This course will also examine the techniques or processes by which information can be hidden, exposed, examined, and processed in a forensics manner. The fundamental principles of forensics are applied to virtual operating environment and networks.
- CNIT 581 - Cyber Forensics Of File Sys - 69783 - CNIT 58100 - CFF - Liles - 8:30 am - 11:20 am T
The plethora of strategies to store information in different formats continues to expand. This course examines the various media and strategies of storing information and the processes of documenting the collection, imaging, and processing of forensic evidence. Topics include file formats, file systems, hardware, and software involved in forensic investigation. The overall pattern of forensic evidence in file systems will be examine along with the acquisition, analysis, and reporting of evidence artifacts found in file systems. Permission of instructor or graduate standing required.
- CNIT 581 - Cyberforensics Of Malware - 69893 - CNIT 58100 - CFM - Liles - 8:30 am - 11:20 am W
Consumer technologies are rapidly moving forward with items integrating processing, storage, and transmission into their base functionality. The enterprise issues with bring your own device has rapidly expanded requirements on forensics investigators to address a plethora of mobile device types. Whether it is the automobile black box or a home thermostat there are various elements of interesting evidence possible to be gained. As a simplistic example the wireless home thermostat tracks when there is activity in a house. The forensic possibilities of being able to attribute presence via the thermostat or geo-location by a cellphone are of interest to forensics investigators. This is a classic example of a device as a witness. The embedded and consumer device pantheon is developing as an important area of forensic science.