IST-454 Computer Forensics Objectives Understand the

IST-454 Computer Forensics

Objectives • Understand the different aspects of computer and cyber crime • Understand the basic concepts and issues of computer forensics • Understand tools and techniques for use in computer and cyber crime investigations • Perform basic computer and cyber forensic investigations • Understand the documentation need in performing forensic investigations

Your Instructor Dr Gerry Santoro • Founding Assoc. Prof. of IST • 40+ years IT, network and security experience • 301 -J IST Building • (814) 571 -8306 (SMS is OK)

About your instructor • Research Interests: – Cyber-crime, security management, cyber-warfare – Computer-Mediated Communications – Popular Culture and Technology 4

About your instructor • • Married (Suzi) 4 kids (Gerald, Travis, Brandi, Kelsey) Hobbies: Motorcycles, Guitar, Astronomy, Aikido (2’nd Dan) Advisor to: SRA Club, IST Interest House, Penn State Aikido Club 5

About your instructor • • Also one grandson – Logan And a granddaughter - Alice! 6

Teaching/Learning Assistants We will also have a teaching assistant for the class Tao Zhang – please only use Canvas e-mail to reach Tao

Syllabus • Located on class Canvas space • read it carefully! • make note of due dates! • contains • list of sessions • list of readings • quiz dates • due dates

Readings Nelson, B. , Phillips, A. , Enfinger, F. and Steuart, C. , Guide to Computer Forensics and Investigations, Fifth Edition. Thomson/Course Technology, 2014. ISBN-13: 978 -1 -285 -06003 -3 • Optional readings will also be provided • If there is an electronic copy of the text, that is OK.

Topics • Understanding the Digital Forensics profession and investigations • The investigator’s office and laboratory • Processing crimes and incident scenes • Working with Windows and CLI systems • Operating system fundamentals • Digital Forensics Tools

Topics (cont. ) • Linux and Mac File Systems • Recovering Graphic Files • Steganography • Analysis and validation • VM’s, live acquisitions and network forensics • E-mail and social media investigations • Malware Forensics • Mobile device Forensics • Cloud Forensics • Report writing • Expert testimony • Ethics

Class Resources • There will also be other (online) optional readings and occasional news items – These will be listed in the Syllabus • I urge you to examine the news articles that I post – there is a link to these on Canvas – It is important that the information security professional be aware of recent developments, attacks, vulnerabilities, etc. • I will post important Web links online – Vendor sites, documents, resources, etc. – There will be a link to this from Canvas 12

Emphasis of IST-454 is on Computer Forensics • Methods, techniques, standards, approaches, best practices etc. • Goal is to acquire evidence • Evidence must stand up to legal challenge • Job outlook is very positive This is as much an art as it is a science!

Course Policies • All due dates are listed in the syllabus • If you run into any problems please let me know ASAP! • Late assignments/labs will receive a 10% penalty unless prior approval is given No assignment will be accepted more than 1 week late without prior instructor approval

Course Policies • Course-related communication must use Canvas However you are free to call me or SMS me in the case of an emergency or simple question I promise to read Canvas daily and respond within 1 business day if not sooner

Integrity • You are required to abide by the Penn State Policy on Academic Integrity As posted in the syllabus • You are required to abide by the Penn State policy on nondiscrimination and respect Please respect each other – everyone has something to contribute although skill levels may vary

Lectures • Lectures have been prerecorded and are available from the class Canvas site • The corresponding slides (along with notes) are available in their entirety from the class Canvas site

Weekly Intro Videos • I will also provide a weekly introductory video A link to these will be on the RESOURCES page I make these from different locations around campus and the State College area

Deliverables • Quizzes (individual) (300 points) • Forensics labs (individual video and virtual) (300 points) • Team project (200 points) • Research essay (individual) (100 points) • Discussion Activity (individual) (50 points) • Self and Team Evaluation and Participation (individual) (50 points) Total (1000 points)

Quizzes (300 points) • There will be 8 quizzes this semester The lowest quiz score will be dropped for each student • You will have 20 minutes to complete each quiz Quiz dates are listed in the syllabus The quizzes are open-book and open-notes • Quizzes will cover required readings, material covered in lectures, and labs • The format will be multiple-choice, truefalse, and short answer • Your goal is to select or provide the BEST answer based on course material! Beware of semantics! • Each quiz will include one extra-credit question

Labs (300 points) • Five labs total (60 points each) • 4 labs are video-based, one is virtual • All labs are individual • The lab report documents for each lab will be on Angel • there is also an optional video lab on Linux

Team Project (200 points) • Develop forensics lab in report and with presentation • Document and rubrics are on Angel • Begin as soon as your teams are assigned and ask questions! • Project is in 5 parts • Contract, proposal, progress report, final document and Power. Point presentation

Discussion Activity (50 points) • You will develop a posting that describes an article related to computer forensics • Be sure to see the project description and rubric

Research Essay (100 points) • You will research an area related to computer forensics • it could be a technology, law, case, etc. • Be sure to read the project description and consult the project rubric

Evaluation (50 points) • Evaluation is 50 points A Self and Team Evaluation will be administered

Summary • Get familiar with Canvas • Use Canvas to read/send emails Team space will be provided • Find where the components are located • Read the syllabus and project descriptions • • You are responsible for knowing the information provided in the syllabus! (due dates, readings, etc. ) Look over the team problem descriptions

Tips for Success Use a personal calendar to plan your semester Stay on top of the readings Communicate with your team regularly! Be sure to check your grades Contact Dr. Santoro and our TA if you have any questions or problems Send Angel email to ‘all course faculty’

Tips for Success Read the assigned textbook chapters and other assigned readings View the lecture videos Do both of these before taking the quiz for the assigned topics Plan all projects and deliverables with enough slack time to cover you if an emergency arises

We want you to succeed! Your success is our success! Use the course as a launch pad for exploration Be careful not to do anything that breaks the law or Penn State Policy!