Escolar Documentos
Profissional Documentos
Cultura Documentos
Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course August 31, 2012
Forensics SECTION 1: Computer Forensics Part I: Background on Information Security Part II: Computer Forensics Overview - Chapters 1, 2, 3, 4, 5 Part III: Computer Forensics Tools Chapters 6, 7, 8 Part IV: Computer Forensics Analysis - Chapters 9, 10 Part V Applications Chapters 11, 12, 13
- Richardson Police Department - North Texas FBI - Digital Forensics Company in DFW area
Course Work
Two exams 20 points each Term paper 12 points Programming project: 20 points Digital Forensics project: 16 points Four assignments each worth 8 points, total: 32 points
Tentative Schedule
Assignment #1 due date: September 21, 2012 (September 28,
2012) Assignment #2: due date: September 28, 2012 (new date: October 12, 2012) Term paper #1: October 12, 2012 (October 26, 2012) Exam #1: October 19, 2012 Assignment #3: October 26, 2012 (November 30, 2012) Assignment #4: November 2, 2012 (November 30, 2012) Digital Forensics Project: November 16, 2012 (November 30) Programming Project: November 30, 2012 Exam #2: December 14, 2012
- Intrusion detection - Ontology management for digital forensics - Representing digital evidence in XML - Search for certain key words
Course Rules
Unless special permission is obtained from the instructor, each
the Computer Science department and any other committees as advised by the department
Contact
For more information please contact
Dr. Bhavani Thuraisingham Professor of Computer Science and Director of Cyber Security Research Center Erik Jonsson School of Engineering and Computer Science EC31, The University of Texas at Dallas Richardson, TX 75080 Phone: 972-883-4738 Fax: 972-883-2399 Email: bhavani.thuraisingham@utdallas.edu http://www.utdallas.edu/~bxt043000/
Assignments for the Class: Hands-on projects from the text book
Assignments #1
W. Hamlen, Latifur Khan: Insider Threat Detection Using Stream Mining and Graph Mining. SocialCom/PASSAT 2011: 1102-1110
Learn the details of one forensics tool
Steganography (9/28/2012)
(0.5) Lecture 16: Detection and Analysis of Database Tampering (1) Lecture 17: Virtualization Security (0.5) Lecture 18: Guest Lecture Mr. Satyen Abrol Lecture 19: Smartphone Malware detection (Dr. Zhou) (1) Lecture 20: Dr. Lin Lecture (1) Lecture 21: Selective and Intelligence Imaging, Nicholas Charlton (0.5) Lecture 22: XIREF, Antonio Guzman (0.5) Lecture 23: Timestamps. Kirby Flake (0.5)
Nate Bleaker (0.5) Lecture 29: Forensics Feature Extraction and cross drive analysis, David Pederson (0.5) Lecture 30: Advanced Evidence Collection and Analysis of Web Browser Activity, Jeff (0.5) Lecture 31: Secure Cloud Computing (0.5)
Thuraisingham, Amar Gupta: Selective and Authentic ThirdParty Distribution of XML Documents. IEEE Trans. Knowl. Data Eng. 16(10): 1263-1278 (2004)
Abhijith Shastry, Murat Kantarcioglu, Yan Zhou, Bhavani M.
Thuraisingham: Randomizing Smartphone Malware Profiles against Statistical Mining Techniques. DBSec 2012: 239-254 (this paper will be posted on e-learning. It is the lecture given by Dr. Yan Zhou)
"Tamper Detection in Audit Logs," In Proceedings of the International Conference on Very Large Databases, Toronto, Canada, AugustSeptember 2004, pp. 504515. Tamper Detection in Audit Logs Did the problem occur? (e.g. similar to intrusion detection) Kyri Pavlou and Richard T. Snodgrass, "Forensic Analysis of Database Tampering," in Proceedings of the ACM SIGMOD International Conference on Management of Data (SIGMOD), pages 109-120, Chicago, June, 2006. Who caused the problem (e.g., similar to digital forensics analysis)
http://dfrws.org/2006/proceedings/8-Turner.pdf Selective and intelligent imaging using digital evidence bags http://dfrws.org/2006/proceedings/9-Lee.pdf Detecting false captioning using common-sense reasoning
- http://dfrws.org/2006/proceedings/10-Garfinkel.pdf
A correlation method for establishing provenance of timestamps in
digital evidence http://dfrws.org/2006/proceedings/13-%20Schatz.pdf FORZA Digital forensics investigation framework that incorporate legal issues - http://dfrws.org/2006/proceedings/4-Ieong.pdf A cyber forensics ontology: Creating a new approach to studying cyber forensics - http://dfrws.org/2006/proceedings/5-Brinson.pdf Arriving at an anti-forensics consensus: Examining how to define and control the anti-forensics problem http://dfrws.org/2006/proceedings/6-Harris.pdf
Robert Erdely, Thomas Kerle, Brian Levine, Marc Liberatore and Clay Shields. http://www.dfrws.org/2010/proceedings/2010-311.pdf
Android Anti-Forensics Through a Local Paradigm.