Network and mobile forensics

1.

Subject title

Network and mobile forensics

Мрежна и мобилна форензика

2.

Code

F23L3W133

3.

Study program

Примена на информациски технологии, Софтверско инженерство и информациски системи, Компјутерски науки, Компјутерско инженерство, Интернет, мрежи и безбедност, Информатичка едукација, Software engineering and information systems, Примена на информациски технологии, Софтверско инженерство и информациски системи, Компјутерски науки, Компјутерско инженерство, Интернет, мрежи и безбедност, Software engineering and information systems, Стручни студии за програмирање, Стручни студии за програмирање,

4.

Organizer of the study program (unit, institute, department, division)

Faculty of Information Sciences and Computer Engineering

5.

Study cycle (first, second, third)

Прв циклус

6.

Academic year / semester

4 / Зимски

7. Number of ECTS credits

6.0

8.

Instructor

проф. д-р Соња Филипоска

9.

Prerequisites for enrollment

Комјутерски мрежи или Компјутерски мрежи и безбедност

10.

Subject goals and competencies:

The student will acquire knowledge of applying methodologies for the collection, preservation, analysis and documentation of digital evidence found as a result of cybercrime in a networked and mobile environment. The student will know how to analyze and interpret live network mobile digital evidence.

11.

Subject content:

Lectures: 1. Introduction 2. Packet analysis 3. Analysis of malware 4. Analysis of wireless networks 5. Correlation of attacks 6. Introduction to mobile forensics 7. Collection of evidence 8. Mobile Forensics Tools 9. SIM cards 10. Other types of devices 11. Making reports 12. Invited lecture Exercises: 1. familiarization with the organization of the exercises 2. Network traffic analysis tools and log files 3. Deep Packet Inspection & flow analysis 4. Forensic analysis of working memory 5. Parallel analysis of traces from multiple sources (part 1) 6. Parallel analysis of traces from multiple sources (part 2) 7. Forensic analysis of email messages (part 1) 8. Forensic analysis of email messages (part 2) 9. iOS Forensics 10. Android Forensics Part 01 11. Android Forensics Part 02 12. Android Forensics Part 03

12.

Learning methods:

Предавања поддржани со презентации преку слајдови, интерактивни предавања, вежби (користење на опрема и софтверски пакети), тимска работа, пример случаи, поканети гости предавачи, самостојна изработка и одбрана на проектна задача и семинарска работа, учење во електронско опкружување (форуми, консултации).

13.

Total available time fund

6.0 ECTS x 30 hours = 180 hours

14.

Time distribution

30 + 45 + 15 + 15 + 75 = 180 hours

15.

Forms of teaching activities

15.1.

Lectures - theoretical teaching

30 hours

15.2.

Exercises (laboratory, classroom), seminars, team work

45 hours

16.

Other forms of activities

16.1.

Project tasks

15 hours

16.2.

Independent tasks

15 hours

16.3.

Homework

75 hours

17.

Grading method

17.1.

Tests

50 points

17.2.

Seminar work / project (presentation: written and oral)

15 points

17.3.

Activities and learning

10 points

17.4.

Final exam

50 points

18.

Grading criteria (points / grade)

up to 50 points

5 (five) (F)

from 51 to 60 points

6 (six) (E)

from 61 to 70 points

7 (seven) (D)

from 71 to 80 points

8 (eight) (C)

from 81 to 90 points

9 (nine) (B)

from 91 to 100 points

10 (ten) (A)

19.

Condition for signature and taking final exam

нема

20.

Language of instruction

македонски и англиски

21.

Quality assurance method

механизам на интерна евалуација и анкети

22.

Literature

22.1.

Mandatory literature

22.2.

Additional literature