There are no prerequisites.
Introduction and legal basis:
digital evidence and computer crime
technology and legal framework: European perspective, North American perspective
investigating procedure and reconstruction
modus operandi, motifs and technology
a digital evidence and a court of law
basics: operation, data representation, file systems, encryption
forensic science and computers: authorization, recognition, documentation, collecting and saving data, investigation and analysis, reconstruction
forensic analysis of Windows systems: file system, collecting data from the computer, registry, logs, traces of files, network access, programs
forensic analysis of Unix systems: file system, collecting data from the computer, registry, logs, traces of files, network access, programs
forensic analysis of Mac computers: file system, collecting data from the computer, registry, logs, traces of files, network access, programs
forensic analysis of palm computers: memory, Palm OS, Windows CE, RIM Blackberry, mobile phones
basics: layers and their services with protocols
forensic science and networks: recognition, documentation, collecting and saving data, data filtering and event matching
digital evidences on a physical layer
digital evidences on a link layer
digital evidences on a network layer
digital evidences in Internet: web, e-mail, chats, use of Internet as an investigation tool
Investigation of a computer crime:
intrusion and reconstruction
digital evidence as an alibi
a) Digital Evidence and Computer Crime, Second Edition, Eoghan Casey, Academic Press (2004), ISBN-10: 0121631044, ISBN-13: 978-0121631048
b) Cyber Crime: The Investigation, Prosecution and Defense of a Computer-Related Crime. 2nd Edition. Edited by Clifford, R., Carolina Academic Press, ISBN 159460150X
c) Computer Forensics: Incident Response Essentials, Kruse, W., &, Heiser, J, Addison Wesley, ISBN 201707195
Student learns how to use knowledge and skills of Computer Science in forensic procedures.
After the successful completion of the course the student will be able to:
- understand basic terms in forensic science,
- explain details of computer systems, and
- combine knowledge from both areas.
Lectures, exercises, lab work, assignments, seminars, consulting.
Continuing (homework, midterm exams, project work)
Final (written and oral exam)
grading: 5 (fail), 6-10 (pass) (according to the Statute of UL)
Pet najpomembnejših del:
BRODNIK, Andrej, IACONO, John. Unit-time predecessor queries on massive data sets. Lect. notes comput. sci., part 1, str. 133-144. [COBISS-SI-ID 8178260]
BRODNIK, Andrej, GRGUROVIČ, Marko. Speeding up shortest path algorithms. V: 23rd international symposium, 23rd international symposium, ISAAC 2012, (Lecture notes in computer science, ISSN 0302-9743, 7676), 2012, str. 156-165. [COBISS-SI-ID 1024498772]
TRČEK, Denis, BRODNIK, Andrej. Hard and soft security provisioning for computationally weak pervasive computing systems in e-health. IEEE wireless communications, ISSN 1536-1284. [Print ed.], Aug. 2013, vol. 20, no. 4. [COBISS-SI-ID 10091092]
BRODAL, Gerth Stølting, BRODNIK, Andrej, DAVOODI, Pooya. The encoding complexity of two dimensional range minimum data structures. 21st Annual European Symposium: proceedings, (Lecture notes in computer science, ISSN 0302-9743, Theoretical computer science and general issues, 8125). [COBISS-SI-ID 10148692]
KRIŽAJ, Dejan, BRODNIK, Andrej, BUKOVEC, Boris. A tool for measurement of innovation newness and adoption in tourism firms. International journal of tourism research, ISSN 1522-1970, 2014, vol. 16, no. 2, str. 113-125. [COBISS-SI-ID 1500126]
Celotna bibliografija je dostopna na SICRISu: http://sicris.izum.si/search/rsr.aspx?lang=slv&,id=5281.