Difference between revisions of "Fall 2025: Cyber Forensics"

From MKWiki
Jump to navigation Jump to search
 
(10 intermediate revisions by the same user not shown)
Line 6: Line 6:
  
 
== Course Overview ==
 
== Course Overview ==
* As per the Delhi University Course Guidelines
+
* As per the Delhi University Course [https://cs.du.ac.in/uploads/syllabus/NEP/pdfs2022/DSE/Cyber_Forensics.pdf Syllabus/Guidelines]
  
 
== Lectures ==
 
== Lectures ==
Line 51: Line 51:
 
* '''Test 2''' :
 
* '''Test 2''' :
  
==''' Labs'''==
+
==Labs==
  
 
'''Instructions'''
 
'''Instructions'''
Line 59: Line 59:
 
* Turn off'''(shut down) your assigned computer and arrange the chair''' before you leave the lab.
 
* Turn off'''(shut down) your assigned computer and arrange the chair''' before you leave the lab.
  
== '''Lab 1: ''' ( week of 18<sup>th</sup> August 2025 ) ==
+
== Lab 1: ( week of 18<sup>th</sup> August 2025 ) ==
{| class="wikitable" style="text-align: justify; width: 100%";  
+
{| class="wikitable" style="text-align: justify;  
 
|-
 
|-
 
! Task. No.   
 
! Task. No.   
 
! Task
 
! Task
! Assessment Period
+
! Assessment Period  
 
! Submission Deadline
 
! Submission Deadline
 
|-
 
|-
 
| style="width: 8%"  | 1  
 
| style="width: 8%"  | 1  
 
| style="width: 60%" | Study of Network related Commands (Linux)
 
| style="width: 60%" | Study of Network related Commands (Linux)
* Network Discovery: - '''''nmap, pig, arp'''''
+
* Network Discovery: - '''''Ping, Traceroute/Tracepath, Nmap, MTR'''''
* Traffic Analysis: - '''''tcpdump, iftop, bmon'''''
+
* Traffic Analysis: - '''''Tcpdump, Iftop/Bmon, Iperf'''''
* DNS/Domain Forensics: - '''''dig, host, nslookup, whois'''''
+
* DNS/Domain Forensics: - '''''Dig, Nslookup, Whois, Host'''''
* Route Analysis: - '''''traceroute, mtr, tracepath'''''
+
* Host configuration:- '''''Ifconfig/Ip, SS/Netstat, Ethtool, Hostname'''''
* System State: - '''''netstat, ss, ifconfig, ip'''''
+
* Address/Routing Analysis: - '''''ARP, Route, Iproute2'''''
* File Retrieval: - '''''wget, curl'''''
+
* Data Transfer/File Retrieval: - '''''wget, curl'''''
 
+
| style="width: 15%" |  18/08/2025 - 25/08/2025
| style="width: 15%" |   
+
26/08/2025
|
 
|}
 
 
 
== '''Lab 1:''' ( week of Jan 2025 ) ==
 
{| class="wikitable" style="text-align: justify; width: 100%";
 
|-
 
! Task No.
 
! Task
 
! Outcome 
 
! Remarks
 
|-
 
| style="width: 8%"  | 2
 
| style="width: 60%" | Problem Statement
 
| style="width: 15%" |  Chapter 1
 
|
 
|}
 
 
 
 
 
== '''Lab 2:''' ( week of Feb 2025 ) ==
 
{| class="wikitable" style="text-align: justify; width: 100%";
 
|-
 
! Task No.
 
! Task
 
! Outcome  
 
! Remarks
 
|-
 
| style="width: 8%"  | 3
 
| style="width: 60%" | Process Model
 
| style="width: 15%" | Chapter 2
 
|
 
|}
 
 
 
 
 
== '''Lab 3:''' ( week of Feb 2025 ) ==
 
{| class="wikitable" style="text-align: justify; width: 100%";
 
|-
 
! Task No.
 
! Task
 
! Outcome 
 
! Remarks
 
|-
 
| style="width: 8%"  | 4
 
| style="width: 60%" | Rquirement Analysis & Modelling
 
| style="width: 15%" | Chapter 3
 
|
 
|}
 
 
 
 
 
== '''Lab 4:''' ( week of Feb 2025 ) ==
 
{| class="wikitable" style="text-align: justify; width: 100%";
 
|-
 
! Task No.
 
! Task
 
! Outcome 
 
! Remarks
 
|-
 
| style="width: 8%"  | 5
 
| style="width: 60%" | Software Requirement Specification(SRS)
 
| style="width: 15%" |  Chapter 4
 
|
 
|}
 
 
 
 
 
== '''Lab 5:''' ( week of Feb 2025 ) ==
 
{| class="wikitable" style="text-align: justify; width: 100%";
 
|-
 
! Task No.
 
! Task
 
! Outcome 
 
! Remarks
 
|-
 
| style="width: 8%"  | 6
 
| style="width: 60%" | Estimations
 
| style="width: 15%" |  Chapter 5
 
|
 
|}
 
 
 
 
 
== '''Lab 6:''' ( week of March 2025 ) ==
 
{| class="wikitable" style="text-align: justify; width: 100%";
 
|-
 
! Task No.
 
! Task
 
! Outcome 
 
! Remarks
 
|-
 
| style="width: 8%"  | 7
 
| style="width: 60%" | Scheduling
 
| style="width: 15%" | Chapter 6
 
|
 
|}
 
 
 
 
 
== '''Lab 7:''' ( week of March 2025 ) ==
 
{| class="wikitable" style="text-align: justify; width: 100%";
 
|-
 
! Task No.
 
! Task
 
! Outcome 
 
! Remarks
 
|-
 
| style="width: 8%"  | 8
 
| style="width: 60%" | Risk Management
 
| style="width: 15%" | Chapter 7
 
|
 
 
|}
 
|}
 
 
== '''Lab 8:''' ( week of April 2025 ) ==
 
{| class="wikitable" style="text-align: justify; width: 100%";
 
|-
 
! Task No.
 
! Task
 
! Outcome 
 
! Remarks
 
|-
 
| style="width: 8%"  | 9
 
| style="width: 60%" | Design
 
| style="width: 15%" |  Chapter 8
 
|
 
|}
 
 
 
== '''Lab 9:''' ( week of April 2025 ) ==
 
{| class="wikitable" style="text-align: justify; width: 100%";
 
|-
 
! Task No.
 
! Task
 
! Outcome 
 
! Remarks
 
|-
 
| style="width: 8%"  | 10
 
| style="width: 60%" | Coding
 
| style="width: 15%" |  Chapter 9
 
|
 
|}
 
 
 
== '''Lab 10:''' ( week of April 2025 ) ==
 
{| class="wikitable" style="text-align: justify; width: 100%";
 
|-
 
! Task No.
 
! Task
 
! Outcome 
 
! Remarks
 
|-
 
| style="width: 8%"  | 11
 
| style="width: 60%" | Testing
 
| style="width: 15%" |  Chapter 10
 
|
 
|}
 
 
 
== '''Final Lab:''' ( week of April 2025 ) ==
 
{| class="wikitable" style="text-align: justify; width: 100%";
 
|-
 
! Task No.
 
! Task
 
! Outcome 
 
! Remarks
 
|-
 
| style="width: 8%"  | 12
 
| style="width: 60%" | Project Presentations
 
| style="width: 15%" | 
 
|
 
|}
 
 
 
 
  
 
== Resources ==
 
== Resources ==

Latest revision as of 23:17, 25 August 2025

Logistics

  • Class Timings: Tuesdays and Thursdays 2:30 pm - 3:30 pm, Fridays 12:30 pm - 1:30 pm
  • Classroom: Tue and Thu: R2; Fri: CL-4
  • Lab Timings: Mondays 3:30 pm - 5:30 pm
  • Labs: CS Lab 5

Course Overview

Lectures

Lecture Topic Lecture Slides Readings
Unit-1 Digital Forensics:: [unit1.pdf] Chapter 1 (CB1)
Unit 2 Windows OS Forensics: [unit2.pdf] Chapter 2 (CB1)
Unit 3 Evidence Recovery: [unit3.pdf] Chapter 6 (CB1)
Unit 4 Investigation: [unit4.pdf] Chapter 4 (CB1)
Unit 5 Cyber Crimes and Cyber Laws: [unit5.pdf] Chapter 5 (CB1)

Assignments and Tests

Class Assignments

  • Assignment No. 1,
  • Assignment No. 2,

Tests and Quizzes

  • Test 1 :
  • Test 2 :

Labs

Instructions

  • Please be on time to avoid the Attendance Penalty.
  • Please put your mobile phone on Silent Mode.
  • Each lab assignment needs to be submitted in the Google Classroom for evaluation(will be notified in the GC lab-wise, submit before the deadline).
  • Turn off(shut down) your assigned computer and arrange the chair before you leave the lab.

Lab 1: ( week of 18th August 2025 )

Task. No. Task Assessment Period Submission Deadline
1 Study of Network related Commands (Linux)
  • Network Discovery: - Ping, Traceroute/Tracepath, Nmap, MTR
  • Traffic Analysis: - Tcpdump, Iftop/Bmon, Iperf
  • DNS/Domain Forensics: - Dig, Nslookup, Whois, Host
  • Host configuration:- Ifconfig/Ip, SS/Netstat, Ethtool, Hostname
  • Address/Routing Analysis: - ARP, Route, Iproute2
  • Data Transfer/File Retrieval: - wget, curl
 18/08/2025 - 25/08/2025 26/08/2025

Resources

References:

  • R1: Marjee T. Britz, Computer Forensics and Cyber Crime: An Introduction, Pearson Education, 2013.
  • R2: C. Altheide & H. Carvey Digital Forensics with Open Source Tools, Syngress, 2011.

Additional References:

  1. Computer Forensics: Investigating Network Intrusions and Cybercrime" by Cameron H. Malin, Eoghan Casey, and James M. Aquilina
  2. Online Course management System: https://esu.desire2learn.com/
  3. Computer Forensics, Computer Crime Investigation by John R,Vacca, Firewall Media, New Delhi.
  4. Computer Forensics and Investigations by Nelson, Phillips Enfinger, Steuart,CENGAGE Learning
  5. Real Digital Forensics by Keith j.Jones, Richard Bejitlich,Curtis W.Rose, AddisonWesley Pearson Education
Retrieved from "http://www.mkbhandari.com/mkwiki/index.php?title=Fall_2025:_Cyber_Forensics&oldid=2634"