 |
| Detailed information |
| Original study plan |
Master's programme Computer Science 2013W |
| Objectives |
Students understand the basic concpets of computer forensics, its technical likmitations as well as the related legal issues. They know typical problems and possess knowledge regarding securing evidence as well as extracting, observing resp. reconstructing data from various sources.
|
| Subject |
Technical part: Securing evidence (imaging hard disks as well as collecting data from live systems), analysis of file systems (finding resp. reconstructing deleted data), recovering web browsing- and E-Mail activities, tracing back E-Mails.
Legal part: Mandatory data retention as well as interception/searches/seizure, regulating internet usage at work as well as protection of access control systems (hard- and software), privacy, criminal law in the IT area, e.g. data destruction and computer fraud.
|
| Criteria for evaluation |
Written exam
|
| Methods |
Lecture and discussion
|
| Language |
English |
| Study material |
Presentation slides
Additional optional basic literature:
- Carrier, B.: File System Forensic Analysis. Addison-Wesley, New York, 2005.
- Jones, K. J.; Bejtlich, R.; Rose, C.: Real Digital Forensics. Computer Security and Incident Response. Addison-Wesley, New York, 2005.
- Geschonneck, A.: Computerforensik. Systemeinbrüche erkennen, ermitteln, aufklären. dpunkt-Verlag, Heidelberg, in der aktuellen Auflage.
- Sammes, A. J.; Jenkinson, B.: Forensic Computing. A Practitioner's Guide. Springer, London, in der aktuellen Auflage.
- Sonntag, M.: Einführung in das Internetecht. Linde 2010.
|
| Changing subject? |
No |
| Further information |
https://www.jku.at/en/institute-of-networks-and-security/
|
| Corresponding lecture |
(*)INMNPVOIRCF: VO IT-Recht und Computerforensik (3 ECTS)
|
|
