Semester 3 / ECTS Credits: 5 ECTS

Course Description:

The main objective of this course is to give basic knowledge about open system computer forensics, the technical foundations of open system computer forensics and the principles and practices of open system computer investigation. Students will gain comprehensive knowledge of the topic covered with the open system computer forensics theories and practice.

Throughout this course students will learn different techniques and procedures that enable them to perform a open system computer investigation and explain the technical issues of preparing for and performing digital forensic analysis based on the investigator’s position and duty.

The objective of this course is to emphasize the importance of open system computer forensics, and to prepare students to conduct a open system computer investigation in an organized and systematic way. Students will learn best practices for general open system computer forensics with the tools and techniques to perform a full open system computer forensic investigation.

Learning Outcomes:

  1. Using the Linux operating system independently
  2. Conduct forensic analysis of the Linux operating system
  3. Identify and analyze encrypted data with Linux tools
  4. Conduct forensic analysis using Linux tools
  5. Create reports on the digitally forensic investigation of computers using Linux
  6. Making forensic copies of linux tools
  7. Use tools to save and analyze digital evidence on a Linux operating system

Course content lectures:

  1. Introduction Linux
  2. Digital Forensics and Linux Processes
  3. Computer forensics tools on Linux
  4. Digital forensic process stages and Linux
  5. Acquisition and processing of evidence on computers on Linux
  6. Acquisition and processing of internet evidence on Linux
  7. Acquisition and processing of digital photos on Linux
  8. Acquisition of digital evidence from the cloud on Linux
  9. Acquisition of digital traces of mobile devices on Linux
  10. Linux and a forensics of live data (live data)
  11. Digital Document Forensic Tools
  12. Digital forensic artifacts
  13. Linux artifacts
  14. Linux and artefacts of digital documents
  15. Anti-forensic and Linux techniques