Learn about identifying intrusions, gathering information, and collecting legal evidence against network intruders.
This course covers the theoretical and practical aspects of the foundations of computer network security, incident response tools and techniques, and an overview of how criminals are using computer networks to commit crimes. This course will introduce students to the concept of “data in motion,” how networks are used to transfer data, communication protocols, and challenges associated with the capture and interpretation of this data. This course will provide an overview of tools and techniques to capture and analyze network data. Topics covered include forensics techniques, packet capture, log analysis, types of attacks, and artifact acquisition.
This course will consist of 7 modules and various assignments. Module availability is open. Communication will take place primarily via email and professor announcements. At the end of the course, you would have learned the key techniques required to conduct network-based forensic investigations.
Upon completing this course, students will be able to:
1. Evaluate the basics of network forensics.
2. Appraise the fundamental networking concepts and their protocols.
3. Analyze host-side artifacts.
4. Contrast the concepts related to packet capture and its processing for feature
5. Evaluate the different attacks types associated with networking.
6. Illustrate the importance of location awareness of acquired information.
7. Contrast appropriate event logging and preparing for attacks.
8. Analyze firewall and application logs for networking artifacts.
9. Evaluate the manner that attacks are correlated.
10. Evaluate the implications of encryption on network forensics.
Computer system experience
A week before classes begin
Alexander Pons, Ph.D.
Cybersecurity, IoT, Networking and Embedded Systems
Office: EC 3145
Phone: (305) 348-7253