Computer Science and Engineering CSE 4273 Introduction to Computer Crime and Forensics CREDIT/CONTACT HOURS: Credit Hours: 3, Contact Hours: 45 COORDINATOR: Dr. David A. Dampier TEXTBOOKS: Carrier, Brian, File System Forensic Analysis, Addison Wesley, 2005. Brodsky, Stanley, Testifying in Court: Guidelines and Maxims for the Expert Witness, American Psychological Association, 1991. a. Supplemental Material: No required material SPECIFIC COURSE INFORMATION: Catalog Description: Three hours lecture. Introduction to computer crime and the study of evide nce for solving computer-based crimes. Topics: computer crime, computer forensics and met hods for handling evidence. a. Prerequisites: Senior standing in CSE/SE/CPE/MIS/CJ b. Required/Elective Computer Science – Elective Software Engineering – Selected Elective Computer Engineering – Elective SPECIFIC GOALS OF THE COURSE: Specific Outcomes of Instruction: 1. Students will be able to recognize computer crime and how it relates to society. 2. Students will understand the fundamentals of how data is stored on a computer. 3. Students will be able to conduct rudimentary investigation of computer media to gather evidence of computer crimes. 4. Students will understand the implications of chain of custody and protection of evidence in the gathering of computer evidence. 5. Students will be able to recognize ways in which evidence can be hidden on a computer system. 6. Students will understand the importance of proper investigation and the implications to expert testimony. a. Criterion 3 Outcomes: Note: Parenthesized list indicates the ABET EAC and CAC outcomes addressed by e ach performance criteria. 1. Students will be able to coordinate the capture of digital evidence at a crime scene. (EAC: b,d; CAC: d,e) 2. Students will be able to understand the structure of a piece of digital media and analyze it using the proper tools. (EAC: b,e,k ; CAC: a,i ) 3. Students will be able to select the appropriate tool to conduct an analysis of digital evidence. (EAC: b,e,j,k ; CAC: b,e,i ) 4. Students will be able to interpret complex digital data and draw conclusions about actions that could cause that data to be created on computer media. (EAC: b,k ; CAC: i ) 5. Students will be able construct and present a report of findings that effectively communicates the evidence discovered and the implications of that evidence in a court of law.(EAC: f,g ; CAC: f ) TOPICS COVERED: Introduction To Computer Forensics Investigating Network Evidence Structure Of Storage Media Encryption Data Hiding Hostile Code Use of Forensic Tools Investigating File Systems Criminal Justice Fundamentals Chain Of Custody Preservation Of Evidence Testifying About Forensic Evidence Computer Law Test and Quizzes (Number of class hrs) 4 2 3 1 1 2 14 8 6 4