Computer Forensics

A.Y. 2023/2024
6
Max ECTS
48
Overall hours
SSD
ING-INF/05
Language
Italian
Learning objectives
The course aims to give students basic skills in the field of Computer Forensics including theoretical, technical, methodological and legal rules that those working in the sector must follow
Expected learning outcomes
At the end of the course the student will be able to perform the following operations: acquisition, storage, analysis and production of recovered digital data contained in media and network traffic, for their use in trials.
Single course

This course can be attended as a single course.

Course syllabus and organization

Single session

Responsible
Lesson period
Second semester
Course syllabus
Introduction to Digital Forensics.
Methodology in Digital Forensics.
ISO standards in Digital Forensics.
ISO standard 27037: Guidelines for identification, collection, acquisition, and preservation of digital evidence
Disk forensics: technical issues, tools and challenges in acquisition and analysis.
Virtual machine as methodology/tool in Digital forensic analysis.
Mobile forensics: technical issues, tools and challenges in acquisition and analysis.
Network forensics: technical issues, tools and challenges in acquisition and analysis.
Embedded forensics: technical issues, tools and challenges in acquisition and analysis.
Prerequisites for admission
It is recommended pass the exam of Operating systems.
Teaching methods
Lectures and exercises.
Teaching Resources
Slides.

A. Marcella, F. Guillossou, Cyber Forensics: From Data to Digital Evidence, Wiley, 2012.
B. Carrier, File system forensic analysis, Addison-Wesley, 2005.
B. Cunegatti, Manuale di diritto dell'informatica e delle nuove tecnologie a cura di Enrico Pattaro, CLUEB, 2002.
B. M. Gutiérrez, La tutela del diritto d'autore, Milano, Giuffré Editore, 2008
C. Maioli (a cura di), Questioni di Computer Forensics, Aracne, 2015. Pag. 239-261.
D. Farmer, W. Venema, Forensics discovery, Addison-Wesley, 2005
Department of Justice, Electronic crime scene investigation: a guide for first responders, NIJ Guide, 2001.
E. Casey, Handbook of Computer Crime Investigation, Academic Press, 2002.
G. Corasaniti, G. Corrias Lucente (a cura di), Cybercrime, responsabilità degli utenti, prova digitale, Cedam, 2009.
G. Ghirardini, G. Faggioli, Digital forensics, Apogeo, 2013.
G. Scorza, La tutela giuridica delle banche dati, in Computer Business Review Italy, 2006,
G. Vaciago, Digital Evidence, Giappichelli, 2012.
J. Anastasi, The new forensics, Wiley, 2003.
J. Hoy, Forensic Radio Survey Techniques for Cell Site Analysis, Wiley, 2014
S. Aterno, P. Mazzotta, La perizia e la consulenza tecnica - con approfondimento in tema di Perizie Informatiche (analisi e schede tecniche di D. Caccavella), CEDAM, 2006
US Department of Justice, Federal Guidelines for Searching and Seizing Computer, 1995.
W.G. Kruse, J.G. Heiser, Computer Forensics, Incident Response Essentials, Addison-Wesley, 2002.
Assessment methods and Criteria
Fast test with ten multiple choise questions + oral exam
ING-INF/05 - INFORMATION PROCESSING SYSTEMS - University credits: 6
Lessons: 48 hours
Professor: Ferrazzano Michele
Professor(s)