Syllabus of Cyber Forensics (FACT and FACT Plus Syllabus)

ELECTIVE II: CYBER FORENSICS (FACT & FACT Plus 2022)

1) COMPUTER FORENSICS

a) Introduction to Computer Hardware – Various Components of a Computer, Motherboard, Processor, Memory, Storage Devices and Networking components. Understanding Computer Operating Systems (OS), Booting process of computers. Introduction to File Systems and types of File System.

b) Cyber Crime- Form of Cyber Crime, Internal and External Attacks, Crimes related to Social Media, ATM and Banking Frauds. Data Privacy issues, Packet sniffing, Spoofing, Web security.

c) First responder – role and toolkit. Procedure for search and seizure of digital evidences. Search and Seizure of Volatile and Non-volatile Digital Evidence. Imaging and Hashing Digital Evidence. Analyzing and Recovery of Deleted, Hidden and Altered files.

d) Windows Systems Artifacts: File Systems, Registry, Event logs, Shortcut files, Executables. Alternate Data Streams (ADS), Hidden files, Slack Space. Linux System and Artifacts: Linux file system: Ownership and Permissions, Hidden Files, User Accounts and Logs. Mac OS X systems and Artifacts: System Startup and Services, Network Configuration, Hidden Directories, System Logs and User Artifacts

e) Web Browsers: Cookies, Favourites or Bookmarks, Cache, Session Data and Plugins. Email: Types of Email and Protocols. Analysing the Header details and tracking the email, Spoofed Mails. Virtual Machine and Cloud Technology Forensics.

2) NETWORK FORENSICS

a) Computer Networking- Digital and Analog Signaling Methods, Network Types and Topologies, Overview of OSI Model and TCP/IP Protocol. Different types of IP Addresses and Classes, Subnet Masks, Subnetting and Supernetting. Network Hardware Devices and Client/Server Computing. Types of Networks – LAN, MAN and WAN. Routers and Routing Protocols.

b) Network threats and vulnerabilities, Types of network attacks- eavesdropping, spoofing, modification, Cross-site scripting, DNS Spoofing, Routing Table Poisoning, ARP Poisoning, Web Jacking. Attacks on Wireless Networks. Social Engineering Attacks and its types. Packet Sniffing, Types of authentication, Attacks on WEP, WPA and WPA-2 Encryption, fake hotspots.

c) IP security architecture, Security protocols, IPSec, Web Security – Firewalls, IDS, IDPS. Network Security Applications, Authentication Mechanisms: Passwords, Cryptographic authentication protocol, Kerberos, X.509 LDAP Directory. Digital Signatures. Web Security: Secure Socket Layer (SSL) Encryption, Transport Layer Security (TLS), Secure Electronic Transaction (SET) and Virtual Private Networks (VPN).

d) Monitoring of computer network and activities, Live Packet Capturing and Analysis. Searching and collection of evidences from the network. Network Intrusion Detection and Analysis. SQL Injection, Event Log analysis- tools and techniques. Investigating network attacks. Evidence collection from Routers other networking devices.

e) Cloud Technology and its various components – private, public and hybrid cloud. Cloud types; IaaS, PaaS, SaaS. Role of virtualization in enabling the cloud. Technologies and the processes required when deploying web services. Cloud Security Architecture, Secure Cloud based service, Identity and Access Management, Encryption and Key Management. Cloud Forensic – collection and analysis of evidence.

3) MOBILE AND WIRELESS DEVICE FORENSICS

a) Introduction to Mobile Technologies – Asynchronous Transfer Mode (ATM), Wireless Application Protocol (WAP). Cellular technologies – Advanced Mobile Phone System (AMPS), i-Mode, Time Division Multiple Access (TDMA), Code Division Multiple Access (CDMA) and Global System for Mobile Communications (GSM) and relative strengths. Subscriber Identity Module (SIM), International Mobile Equipment Identity (IMEI).

b) Functions of Bluetooth and security issues. Various Generation of Mobile Phone Technologies. Understanding of the mobile phone operating systems – Android, iOS, Windows. Understanding of SQLite Databases.

c) Phone Phreaking, Call tampering, Wireless Hack Walkthrough and Man-in-the-Middle-attacks. Overview of WEP attack. Attacks on WEP, WPA and WPA-2 Encryption, fake hotspots. Wireless Public Key Infrastructure. Securing WLAN, WEP Decryption script.

d) Overview of Mobile Forensics, Seizure and Preservation of mobile phones and PDA. Types of Evidence present in mobile phones – Files present in SIM card, external memory dump, and evidences in memory card. Mobile phone evidence extraction process, Data Acquisition Methods – Physical, File System, Logical and Manual Acquisition. Mobile Forensic Investigation Toolkit. Tracking of mobile phone location.

4) SOCIAL MEDIA FORENSICS AND CRYPTOGRAPHY

a) Introduction to Social Media, Security Issues in Social Media, Types of crimes of Social Media – Cyberbullying, Online Grooming, Cyberstalking. Social Media and its impact on Business, Politics, Law and Revolutions, Emerging Trends in social media,

b) Sources for social media evidence, Types of Data Available on Social Networking Sites, Different evidence collection methods from social networking sites, Intelligence gathering from Social Media- Tools and technique for intelligence gathering– indirect method, direct method with login, direct method without login.

c) Introduction to Cryptography, Symmetric and Asymmetric Cryptosystem Encryption Techniques– Substitutional Cipher and Transpositional Ciphers. Types of keys – Public Key and Private Key. Advanced Encryption Techniques and Security Issues. Various types of attacks including Cipher Text-Only attack, Known-Plaintext Attack, Chosen-Plaintext Attack, Chosen-Cipher text Attack.

d) Symmetric Cryptosystem – AES, DES, RC4, Blowfish. Asymmetric Cryptosystems – RSA, DSA, Elliptic Curve cryptography. Introduction to Cryptanalysis – Differential and Linear Cryptanalysis. Hashing Algorithms – MD5, SHA-1, SHA-2, SHA-3, One-Way Hash, Hash Message Authentication Code.

Suggested Readings

1. Bolle R.M., Connell J.H., Pankanti S., Ratha N.K. and Senior A.W. (2004), Guide to Biometrics, Springer publications.

2. Goyal R.M. and Pawar M.S. (1994), Computer crimes- concept, control and prevention, Sysman Computer Pvt. Ltd.

3. Jain A.K., Flynn P. and Ross A.A. (2008), Handbook of Biometrics Springer Publications, Springer.

4. Joakim Kävrestad. Guide to Digital Forensics: A Concise and Practical Introduction, Springer 2017

5. John D.W. and Nicholas M.O. (2002), Biometrics: Identity Assurance in the Information age, McGraw Hill.

6. Lee Reiber. Mobile Forensic Investigations: A Guide to Evidence Collection, Analysis, and Presentation, 1st edition, McGraw-Hill 2016

7. Maria P. and Costas P. (2010), Image Processing: The Fundamentals, Wiley.

8. Marie-Helen Maras. Computer Forensics: Cybercriminals, Laws, and Evidence, 2nd edition, Jones & Bartlett Learning 2015

9. NCJRS Library collection, Best practices for seizing electronic evidence v.3: A Pocket Guide for First Responders, US department of Homeland Security.

10. Robert Moore. Cybercrime: Investigating High-Technology Computer Crime, 2nd edition, Routledge 2015

11. Special Report (2nd Edition), Electronic Crime Scene Investigation: A Guide for First Responders, NIJ publication.

12. Special Report, Forensic Examination of Digital Evidence: A Guide for Law Enforcement, NIJ Publication.

13. Sridhar S. (2011), Digital Image Processing, Oxford University Press.

14. Stern D.L. (1993), Preventing Computer fraud, Computing Mcgraw-Hill.

15. Tewari R.K., Sastry P.K. and Ravikumar K.V. (2003), Computer Crime & Computer Forensics, Select Publisher, New Delhi.

16. Veerakumar T., Jayaraman S. and Esakkirajan S. (2009), Digital Image Processing, McGraw Hill. 17. Wold G.H. and Shriver R. (1993), Computer Crime techniques Prevention, New Delhi Galgotia Book Source.

Mad Honey: A Comprehensive Overview
Table of Contents (Mad Honey) IntroductionOrigin and Production of Mad HoneyCharacteristics of …
The Intersection of Medicine and Forensic Toxicology
Introduction Medicine and forensic toxicology are two closely related fields that intersect …
What is Behavioural Toxicology?
Behavioural Toxicology? The study of behavioural modifications brought on by exposure to …
Drug-related Glossary
A – E A2Street name of class of drugs called Synthetic Piperazines.AcidFrom …
Synthetic Cathinones (Bath Salts)
What are synthetic cathinones? Synthetic cathinones, often known as bath salts, are …
Designer Drugs and Their Effects
Introduction Natural vs. Designer Drugs Definition of Designer Drugs 1. Synthetic Cannabinoids …
Benzodiazepines Drug & Overdose
Benzodiazepines improve the impact of the neurotransmitter GABA, which functions primarily to …
Ten Most Poisonous Animals in the World
The majority of the time, these creatures employ the toxin or poison …
Usual Lethal Dose of Common Toxic Substance
● Acetyl salicylic acid (Aspirin) : 15 to 20 gm ● Cyanide …
Illicit Drugs: Types and Effects
Illicit drugs include highly addictive and illegal substances such as heroin and …
Mercury Poisoning
Introduction ● Mercury also known as Quicksilver and Liquid silver. ● Mercury …
Carbolic acid Poisoning
Other Names- Hydroxybenzene; Phenol; Benzenol; Phenyl alcohol Nature Carbolic acid is Colourless, …
Cocaine poisoning
Introduction Cocaine is an alkaloid derived from plant Erythroxylon coca. It is …
Nicotine and it’s effect on your body
Introduction Tobacco (tambakhu) is used throughout the world for smoking in cigarettes, …
Lead Salts Poisoning
Introduction of Lead Salts Lead is a heavy metal poison.It is the …
DDT Poisoning
Introduction DDT- Dichlorodiphenyltrichloroethane ● DDT is one of the Organochlorine pesticides. ● …
Caustic Alkali Poisoning
Caustic Alkali Commonly caustic alkalis encountered in poisoning include ammonia (usually in …
Chloral Hydrates Poisoning
Nature Chloral hydrate is one of the inebriant poisons. These types of …
Barium carbonate Poisoning
Nature Barium carbonates is an inorganic poison.It is also known as witherite.It …
What happens if you take too many sleeping pills?
Introduction Sleeping pills are a drug that helps to treat insomnia by …
error: Content is protected !!

Discover more from Forensic's blog

Subscribe now to keep reading and get access to the full archive.

Continue reading