Digital Forensics
MGS 410/610 – Spring 2018
Instructor:
David Murray
Email: djmurray@buffalo.edu Skype:
djmurrayub
Office:
Jacobs 284 Phone:
645-3249
Office
hours: Thursday 1:30 - 3:15 (or by appointment)
Web
Site: http://mgt2.buffalo.edu/departments/mss/djmurray/mgs610
Course
Objectives:
This course provides students with an introduction to
Digital Forensic Science and the systematic process of acquiring,
authenticating and analyzing digital evidence.
Technical and managerial topics will be explored, providing students
with both theoretical and practical hands-on experience using forensic equipment
and software. The additional topics of
E-Discovery, Data Retention, Data Disposal, Litigation, Internal
Investigations, Regulatory Compliance and Incident Response will also be
discussed within the context of Digital Forensics. Students will have an opportunity to work
with commercial and open source forensic software programs.
As future managers in this digital world, you need to be
familiar with Digital Forensics in order to make knowledgeable decisions to
mitigate a variety of risks and facilitate compliance. The course accomplishes this by:
Course
Materials:
·
Guide
to Computer Forensics and Investigations 5th Edition, Nelson, Phillips, Steuart,
Cengage Learning, 2015
Homework
Assignments:
There are six homework assignments designed to help
reinforce the material that has been covered in the lecture. Completion of these assignments is crucial to
your success in the class. Homework
assignments should always be submitted at the beginning of lecture on the due
date. Late assignments are not accepted and will receive a score of 0. Any questions pertaining to your homework
grades must be addressed within 2 weeks of the assignment due date.
Exams:
There will be a midterm exam during the semester and a
non-cumulative final exam administered during finals week. There are no make-up exams except under
exceptional circumstances.
Final
Team Project:
You will work in teams to research, write and present a term
paper on a topic related to Digital Forensics.
Further details will be given in lecture.
Sleiman
Forensic Lab:
The forensic lab is located in Jacobs 323 and may be
accessed with your UB Card. Commercial
and open source forensic tools are available on the forensic systems. Hardware write blockers are also available
which can be used to properly acquire the digital evidence.
Course
Conduct:
You are required to observe the rules of academic integrity
and classroom conduct established by the University at
Assignments
and Grading:
Assignment |
Points |
Homework Assignments (6) |
65 |
Final Project |
40 |
Midterm Exam |
40 |
Final Exam |
40 |
Response Papers (8) |
15 |
Total |
200 |
A course grade of A is 190 points and above, A- is 180
points and above, B+ is 175 points and above, B is 170 points and above, B- is
160 points and above, C+ is 155 points and above, C is 150 points and above, C-
is 140 points and above, D is 130 points and above and a grade of F is earned
if you receive fewer than 130 points.
Depending on the overall class performance, I reserve the right to
adjust the scale. My decision to adjust
the scale will only be made at the end of the semester once all of the course
grades are in.
According to University Regulations, a grade of Incomplete
can only be given if the student is currently passing the course and
circumstances prevent them from completing the semester. Incomplete grades will not be given once the
student has taken the final exam. **April
20th is the last day to resign the course.
Tentative
Course Schedule:
Date
|
Ch
|
Topics
|
Assignments |
2/1 |
|
Course Introduction |
|
|
|
Forensics Lab Introduction and Tour |
|
|
1 |
Understanding the Digital Forensics Profession and
Investigations |
|
|
2 |
The Investigator’s Office and Laboratory |
|
2/8 |
|
Guest Speaker - Detective Michael Hockwater from
Cheektowaga Police Department |
Homework
1 due |
|
4 |
Processing Crime and Incident Scenes |
|
2/15 |
|
Guest Speaker - Christopher Nickson from Wilder & Linneball LLP (4:00) |
Homework
2 due |
|
3 |
Data Acquisition |
|
2/22 |
No Class. Conference Travel |
||
3/1 |
|
Group Project Introduction and Brainstorming |
Homework
3 due |
|
|
Guest Speaker - Michael McCartney from DIGITS LLC (4:00) |
|
|
5 |
Working with Windows and CLI Systems |
|
3/8 |
5 |
Working with Windows and CLI Systems (cont.) |
|
|
|
Solid State Drives and Hard Drive Comparison |
Project
Proposal |
3/15 |
Midterm Exam (Chapters 1-5) |
||
3/22 |
No Class. Spring Break |
||
3/29 |
|
Guest Speakers - Jason Schroeder from Phillips Lytle and
Brad Bartram |
Homework
4 due |
|
9 |
Digital Forensics Analysis and Validation |
|
4/5 |
|
Guest Speaker - Catherine Ullman from UB |
|
4/12 |
|
Guest Speakers - Krishnan Ramachandran and Rob Bolstad from Deloitte |
Homework
5 due |
|
8 |
Recovering
Graphics Files
|
|
4/19 |
|
Guest
Speaker - Special Agent from FBI (4:00)
|
|
4/26 |
|
Guest Speaker - Special Agent from IRS |
|
|
10 |
Virtual Machine Forensics, Live Acquisitions and Network
Forensics |
|
5/3 |
|
Guest
Speaker - Kris Meier from M&T
|
Homework
6 due |
|
11 |
E-mail
and Social Media Investigations
|
|
5/10 |
|
Project
Presentations
|
|
TBA |
Final Exam (Chapters 8-11) |