Presentation is loading. Please wait.

Presentation is loading. Please wait.

91.580.203 Computer & Network Forensics Introduction Xinwen Fu.

Similar presentations

Presentation on theme: "91.580.203 Computer & Network Forensics Introduction Xinwen Fu."— Presentation transcript:

1 91.580.203 Computer & Network Forensics Introduction Xinwen Fu

2 BIS@DSU By Dr. Xinwen Fu2 About Instructor  Dr. Xinwen Fu, assistant professor of CS@UML Homepage: Email: Phone: (978) 934-3623 Office: 203 Olsen Hall Office hours:  Mon. Wed. 3:30PM ~ 6:30PM 91.580.203

3 BIS@DSU By Dr. Xinwen Fu3 Textbook and Handouts  Recommended textbook Chris Prosise, Kevin Mandia, Matt Pepe, Incident Response and Computer Forensics, Second Edition (Paperback), ISBN: 007222696X Amelia Phillips, Bill Nelson, Frank Enfinger, Chris Steuart, Guide to Computer Forensics and Investigations, Second Edition (Paperback), ISBN: 0619217065 Warren G. Kruse II, Jay G. Heiser, Computer Forensics : Incident Response Essentials (Paperback), ISBN: 0201707195 91.580.203

4 BIS@DSU 4 Course Objectives  Computer forensics The science of obtaining and analyzing evidence from computers Evidence acquisition: Storage devices, such as hard drives  Network forensics The science of obtaining and analyzing evidence from networks Evidence acquisition: Traces of activity on computer networks  Investigate legal and ethical issues involving computer forensics By Dr. Xinwen Fu 91.580.203

5 BIS@DSU By Dr. Xinwen Fu5 Course Styles  Descriptive: what is out there  Critical: what is wrong with...  Both knowledge and skill oriented  Interactive: discussion and questions encouraged  Information sharing: home page and email exchange  A lot of hands-on exercise 91.580.203

6 BIS@DSU By Dr. Xinwen Fu6 Course Outline Incident occurs: Point-in-Time or Ongoing pre-incident preparation pre-incident preparation Detection of Incidents Detection of Incidents Initial Response Initial Response Formulate Response Strategy Formulate Response Strategy Data Collection Data Collection Data Analysis Data Analysis Reporting Investigate the incident Resolution Recovery Implement Security Measures Resolution Recovery Implement Security Measures CSIRT: Computer Security Incident Response Team 91.580.203

7 BIS@DSU By Dr. Xinwen Fu7 Lab Exercises  Form a Team within two weeks A team can have just graduates, or just undergraduates, or both graduates and undergraduates: Each group has at least 3, at most 4 members  Finish most of assignment in the lab Can be remotely done (maybe) Can be group assignments or individual assignments  One semester long exercise 91.580.203

8 BIS@DSU By Dr. Xinwen Fu8 Prerequisites  Knowledge and skills in Windows, Linux and Networking  Programming in C, Java or others 91.580.203

9 BIS@DSU By Dr. Xinwen Fu9 Grading  I reserve the right to change this distribution during the course after notification  The final grades are computed according to the following rules A[90, 100] B[70, 89.9] C[60, 69.9] D[50, 59.9] F[0, 49.5] Assignments (5~10)50% Take-home/In-class midterm 20% Projects/Presentation30% 91.580.203

10 BIS@DSU By Dr. Xinwen Fu10 Policies on incomplete grades and late assignments  Turn in assignments on or before the due date and time What if the campus network is down?  An assignment turned in up to 24-hours late will be reduced by 10% of the assignment’s worth, more than 24 hours late will be reduced 100%  The due date and time for each assignment will be specified on assignment postings  All assignments are to be turned in through email 91.580.203

11 BIS@DSU By Dr. Xinwen Fu11 Policies on absences and scheduling makeup work  Make-up exams will only be given in case of serious need and only when the instructor is notified prior to the exam time. If this is not done, the grade is automatically zero for that exam/quiz  Written verification for the student’s inability to take an exam will be required  The make-up exams will be different from those given to the class 91.580.203

12 BIS@DSU By Dr. Xinwen Fu12 Academic Integrity  Finish assignments individually and independently. Should two or more students turn in substantially the same solution or program, in the judgment of the instructor, the assignment will be given a grade of zero. A second such incident will result in an F grade for the course  All other forms of academic dishonesty will result in an F for the course and notification of the Academic Dishonesty Committee demic_dishonesty.htm demic_dishonesty.htm  Copy from the Internet is not allowed  Advice: put away the references and use your own language 91.580.203

13 BIS@DSU By Dr. Xinwen Fu13 Policy on working with students with disabilities  The University is committed to serving all students with disabilities as defined by the Rehabilitation Act of 1973 and the Americans with Disabilities Act of 1990. A qualified person with a disability means: an individual with a disability who, with or without reasonable modifications to rules, policies, or practices, the removal of architectural, communication or transportation barriers, or the provision of auxiliary aids and services, meets the essential eligibility requirements for the receipt of services or the participation in programs or activities provided by a public entity.  Questions concerning services for people with learning and physical disabilities should be directed to Dr. Chandrika Sharma, Ed. D. in The Office of Student Disability Services, O'Leary 240, UML South, 61 Wilder St, Lowell, MA 01854-3092, (978)-934- 4574.Dr. Chandrika Sharma, Ed. D.  Questions about services for students with psychiatric disabilities should be directed to the Counseling Center (978) 934-4338. 91.580.203

14 BIS@DSU By Dr. Xinwen Fu14 Check for details! 91.580.203

Download ppt "91.580.203 Computer & Network Forensics Introduction Xinwen Fu."

Similar presentations

Ads by Google