Page 1 of 10. Instructor. Michael Robinson Office Hours: Available upon request. Description

Similar documents
Instructor. Description. Learning Objectives. Grading

Instructor: Anna Miller

WEB ACCESSIBILITY. I. Policy Section Information Technology. Policy Subsection Web Accessibility Policy.

TCOM 663/CFRS Intrusion Detection and Forensics Department of Electrical and Computer Engineering George Mason University Fall, 2010

CPSC 4600 Biometrics and Cryptography Fall 2013, Section 0

ISM 324: Information Systems Security Spring 2014

A: 90% - 100% B: 80% - <90% C: 70% - <80% D: 60% - <70% F: < 60% Important Dates:

Syllabus Revised 01/03/2018

SYLLABUS POSTGRADUATE TRAINING FOR NORDIC COMPUTER FORENSIC INVESTIGATORS. Module 3E Windows Forensics 10 ECTS

ECONOMICS 5317: CONTEMPORARY GOVERNMENT AND BUSINESS RELATIONS

Syllabus Revised 08/21/17

WEB ACCESSIBILITY POLICY

HARFORD COMMUNITY COLLEGE 401 Thomas Run Road Bel Air, MD Course Outline Introduction to Networks [CISCO 1] ISS 111

ESET 349 Microcontroller Architecture, Fall 2018

IT 341 Fall 2017 Syllabus. Department of Information Sciences and Technology Volgenau School of Engineering George Mason University

RULES OF THE TENNESSEE ALCOHOLIC BEVERAGE COMMISSION CHAPTER RULES FOR PROFESSIONAL ALCOHOL SERVER TRAINING TABLE OF CONTENTS

INF 315E Introduction to Databases School of Information Fall 2015

MWF 9:00-9:50AM & 12:00-12:50PM (ET)

WAYLAND BAPTIST UNIVERSITY VIRTUAL CAMPUS SCHOOL OF BUSINESS SYLLABUS

ITSY Information Technology Security Course Syllabus Spring 2018

Linear Algebra Math 203 section 003 Fall 2018

Syllabus for CIT 442 Information System Security 3 Credit Hours Spring 2015

IST359 - INTRODUCTION TO DATABASE MANAGEMENT SYSTEMS

University Policies and Procedures ELECTRONIC MAIL POLICY

CPSC 5157G Computer Networks

Syllabus for HPE 099 Aerobic Proficiency 1 Credit Hour Fall 2012

CPS352 - DATABASE SYSTEMS. Professor: Russell C. Bjork Spring semester, Office: KOSC 242 x4377

RMU-IT-SEC-01 Acceptable Use Policy

Syllabus for HPE 120 Dance Aerobic Proficiency 0.0 Credit Hour Spring 2012

Syllabus for HPE 092 Exercise and Weight Control 1 Credit Hour Spring 2015

Syllabus for HPE 099 Aerobic Proficiency 1 Credit Hour Spring 2015

BMI 544: Databases Winter term, 2015

San José State University Computer Science Department CS49J, Section 3, Programming in Java, Fall 2015

Financial Planning Institute of Southern Africa SETTING THE STANDARD. Continuous Professional Development (Cpd) Policy

Syllabus: AIT Information Systems Infrastructure Lifecycle Management

The Linux Command Line: A Complete Introduction, 1 st ed., by William E. Shotts, Jr., No Starch Press, 2012.

Syllabus for HPE 021 Advanced Golf and Fitness 1 Credit Hour Fall 2014

Syllabus for HPE 451 Directed Study 1-3 Credit Hours Spring 2014

Syllabus for HPE 034 Varsity Cheerleading and Fitness 1 Credit Hour Fall 2014

Spring 2018 El Camino College E. Ambrosio. Course Syllabus

CPS352 Database Systems Syllabus Fall 2012

CS 200, Section 1, Programming I, Fall 2017 College of Arts & Sciences Syllabus

Web II CE 2413C 01 CE 2414N 01 Fall 2013

Syllabus Revised 03/05/2015

COSC 115: Introduction to Web Authoring Fall 2013

Common Syllabus revised

ITSY Y1 Information Technology Security Course Syllabus _ Page 1 COURSE SYLLABUS. Course Name INFORMATION TECHNOLOGY SECURITY

INFS 2150 (Section A) Fall 2018

Computer Information Technology 240 Networking Fall 2013 Sections 1 & 2

Syllabus. Course Title: Cyber Forensics Course Number: CIT 435. Course Description: Prerequisite Courses: Course Overview

Syllabus Revised 08/15/2018

COSC 115A: Introduction to Web Authoring Fall 2014

Acceptable Use Policy

Course Syllabus - CNT 4703 Design and Implementation of Computer Communication Networks Fall 2011

Syllabus for HPE 076 Varsity Volleyball (Women) Sports 1 Credit Hour Fall 2014

Syllabus for HPE 038 Scuba Open Water II and Fitness.5-1 Credit Hour Spring 2014

COURSE NUMBER: ISS 214 COURSE NAME: Connecting Networks - Cisco 4 SEMESTER CREDIT HOURS: 4.

Virginia Commonwealth University School of Medicine Information Security Standard

Course Syllabus. Course Information

COMPUTER FORENSICS (CFRS)

1. Textbook #1: Our Digital World (ODW). 2. Textbook #2: Guidelines for Office 2013 (GFO). 3. SNAP: Assessment Software

South Portland, Maine Computer Information Security

CSE 240 Introduction to Computer Architecture

Pellissippi State Community College Master Syllabus ACCESSIBLE WEB DESIGN AND COMPLIANCE WEB 2401

FERPA & Student Data Communication Systems

Linux Systems Administration Brigham Young University Hawaii Winter 2012 (Jan 09 Apr 11)

ESET 369 Embedded Systems Software, Fall 2017

Computer Science Technology Department

Computer Science Department CSC 1050 CRN Introduction to Unix and C Programming Fall Term 2016 Main Campus

Course Syllabus Internal Control And Auditing ACNT 2331

Cleveland State University

Database Security MET CS 674 On-Campus/Blended

II.C.4. Policy: Southeastern Technical College Computer Use

G r a p h i c D e s i G n i Fall 2007

FOUNDATIONS OF INFORMATION SYSTEMS MIS 2749 COURSE SYLLABUS Fall, Course Title and Description

Course Title: Computer Networking 2. Course Section: CNS (Winter 2018) FORMAT: Face to Face

MET CS 674 C1/EL Spring 2017: DATABASE SECURITY SYLLABUS

Policy: EIT Accessibility

CENTRAL TEXAS COLLEGE ITCC 1440 CCNA 2: Routing and Switching Essentials. Semester Hours Credit: 4

Syllabus for HPE 021 Advanced Golf and Fitness 1 Credit Hour Spring 2016

IB Event Calendar Please check regularly for updates Last Update: April 30, 2013

Syllabus for HPE 016 Beginning Badminton and Fitness 1 Credit Hour Spring 2014

Exam Proctoring Procedure Policy Number: Applies to: students, faculty, staff

Meetings This class meets on Mondays from 6:20 PM to 9:05 PM in CIS Room 1034 (in class delivery of instruction).

IST659 Fall 2018 M004 Class Syllabus. Data Administration Concepts and Database Management

San José State University Computer Science Department CS157A: Introduction to Database Management Systems Sections 5 and 6, Fall 2015

COLLEGE OF DUPAGE CIS 2542 Advanced C++ with Data Structure Applications Course Syllabus

THE UNIVERSITY OF TEXAS AT AUSTIN MIS373 e-discovery and Digital Forensics SPRING 2015 Unique#: (03665) VERSION: 2_011718

Syllabus for HPE 042 Creative Aerobics and Fitness Credit Hour Spring 2013

In this course, you need to use Pearson etext. Go to "Pearson etext and Video Notes".

SYLLABUS. Departmental Syllabus

Audit and Assurance Overview

JOHNSON COUNTY COMMUNITY COLLEGE COURSE SYLLABUS WEB CRN Web Scripting: JavaScript I

Syllabus for HPE 007 Basic First Aid and CPR and Fitness 1 Credit Hour Spring 2016

CENTRAL TEXAS COLLEGE ITCC 1414 CCNA 1: Introduction to Networks. Semester Hours Credit: 4

THE UNIVERSITY OF TEXAS AT AUSTIN MIS373 e-discovery and Digital Forensics SPRING 2015 Unique#: (03883) VERSION: 1/23/2015

TCOM 608 Optical Communications Cross-listed as ECE 590 Optical Communications

ACCESSIBILITY POLICY. Adopted: [ ]

KOMAR UNIVERSITY OF SCIENCE AND TECHNOLOGY (KUST)

ITEC 4200 Cyber Security II, Network Security, Firewalls and VPNs Syllabus Fall 2017

Transcription:

Page 1 of 10 George Mason University CFRS 762 Mobile Device Forensics CRN 73856, Sec 001 Fall 2014, August 29 December 12, Fridays, 7:20-10:00PM ENGR 5358 Instructor Michael Robinson mrobinsv@gmu.edu Office Hours: Available upon request Description This course will familiarize students with mobile devices and technology used by carriers. Students will identify data that can be retrieved from mobile devices, such as cell phones, smart phones, and GPS devices. Recovered and analyzed data will include address books, call logs, text messages, video files, audio files, and Internet history. Students will correlate data with records from Network Service Providers, e.g., call phone service carriers. Students will apply industry best practices to evidence collection and analysis with hands-on exercises using current tools. Learning Objectives Upon completing the course, students will be able to: Produce a forensic report that includes the steps in the collection, handling, and preservation of digital evidence from mobile devices, such as cell phones. Construct a forensic acquisition plan for mobile devices that will account for various scenarios and the limitations of cell phone technology. Validate data obtained from the forensic acquisition of mobile devices with current tools. Analyze data retrieved from mobile devices with current tools. Assess the differences between cellular network architectures and identify their impact on forensic data. Analyze data provided from network service providers and cross-reference the results with data obtained from mobile devices. Required Materials Students are to bring the following materials to class: At least one USB flash drive (formatted with the FAT32 file system) The following texts will be used for the class. Casey, E. (ed.) (2010). Handbook of Digital Forensics and Investigations. Elsevier Academic Press. Burlington, MA.

Page 2 of 10 Forensics. Special Publication 800-101. Revision 1. National Institute of Standards and Technology. Gaithersburg, MD. http://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-101r1.pdf Jansen, W. and Delaitre, A. (2009, October). Mobile Forensic Reference Materials: A Methodology and Reification. National Institute of Standards and Technology Interagency Report (NISTIR) 7617. National Institute of Standards and Technology. Gaithersburg, MD. http://csrc.nist.gov/publications/nistir/ir7617/nistir-7617.pdf Jansen, W., Delaitre, A., and Moenner, L. (2008, January). Overcoming Impediments to Cell Phone Forensics. National Institute of Standards and Technology. Gaithersburg, MD. http://csrc.nist.gov/groups/sns/mobile_security/documents/mobile_forensics/impedimentsformatted-final-post.pdf Graded Material Each assignment, quiz, project, and exam will be graded on a 0-100 point scale. The final average is calculated by the following weights. s... 20% Quizzes... 20% Midterm... 25% Hands-on Exercises... 15% Final Exam... 20% Total... 100% The following criteria will be used for the assignment of letter grades A 92-100 A- 90-91 B+ 87-89 B 83-86 B- 80-82 C 70-79 F 0-69 The course will adhere to the university s policies on grading. Due Dates All assignments are to be submitted by the due dates listed in the syllabus. Work will not be accepted late. s are to be submitted via Blackboard.

Page 3 of 10 Class Attendance Attendance is mandatory. A number of classes will involve the hands-on use of forensics tools, which will be used in the classroom. In the event that a student cannot attend class due to an emergency or crisis, the student is to contact the instructor as soon as possible. Responsible Use of Computing Policy Use of computer equipment, including Internet connections within the classroom will be conducted in accordance with the University s Responsible Use of Computing (RUC) Policy. This applies to all academic and operational departments and offices at all university locations owned or leased. The policies and procedures provided herein apply to all Mason faculty, staff, students, visitors, and contractors. The university provides and maintains general computing services, including web and Internet resources, and telecommunication technology to support the education, research, and work of its faculty, staff, and students. At the same time, Mason wishes to protect all users rights to an open exchange of ideas and information. This policy sets forth the responsibilities of each member of the Mason community in preserving the security, confidentiality, availability, and integrity of Mason computing resources. To accomplish these ends, this policy supports investigations of complaints involving Mason computing abuse, including sexual harassment, honor code, federal, state, applicable industry, and local law violations. University faculty and staff members, as state employees, are subject to the Freedom of Information Act, 2.2-3700, et seq., of the Code of Virginia, and all applicable state and federal rules and regulations. While this policy endeavors to maintain user confidentiality, it cannot create, nor should faculty or staff members presume, any expectation of privacy. Violations of this policy may result in revocation of access, suspension of accounts, disciplinary action, or prosecution. Evidence of illegal activity will be turned over to the appropriate authorities. It is the responsibility of all users of Mason computing resources to read and follow this policy and all applicable laws and procedures (user sign-on agreement). For more information regarding the RUC Policy, consult the student handbook. University Policies This course will be taught in compliance with George Mason University policies, which can be found online at http://universitypolicy.gmu.edu/ Important Dates Last day to drop with no tuition penalty September 2 Last day to drop with a 33% tuition penalty September 16 Last day to drop with a 67% tuition penalty September 26 Thanksgiving Break November 26-30 Final Exams December 10-17

Page 4 of 10 The full calendar maintained by the University Registrar can be found online at: http://registrar.gmu.edu/calendars/2013fall/ Office of Disability Services The Office of Disability Services (ODS) is available to serve all students with disabilities, including those with cognitive (e.g., learning, psychological, and closed head injury), sensory, mobility, and other physical impairments. The Office of Disability Services serves qualified students with disabilities to ensure equal access to the university s programs and services. A qualified student with a disability is a student with a disability, who meets the academic and technical standards required for admission or participation in the university s educational program and services. As defined in the Americans with Disabilities Act (ADA), and section 504 of the Rehabilitation Act of 1973, a person has a disability if he/she: Has a physical or mental impairment which substantially limits one or more major life activities, or Has a record of such impairment, or Is regarded as having such impairment Students requesting assistance should contact the Office of Disability Services at http://ods.gmu.edu/

Page 5 of 10 Course Outline The following is the course outline. It is subject to revision. Week 1 8/29 Introduction to Cell phone forensics Handbook of Digital Forensics and Investigations. pp. 537-542. Forensics. Special Publication 800-101. Revision 1. pp. 48-50. Introduction.pptx The Growth of Mobile: Stats and figures that will shock you! http://www.youtube.com/watch?v=0auqlipdtg8 Week 2 9/5 Mobile Device Usage and Data Artifacts Forensics. Special Publication 800-101. Revision 1. pp. 3-7. Handbook of Digital Forensics and Investigations. pp. 529-532. Week 3 9/12 s Carrier Technologies Usage_and_Data.pptx #1 Current Events Due on September 5 by 7:00PM Forensics. Special Publication 800-101. Revision 1. pp. 10-14. ETSI. Mobile technologies GSM. http://www.webcitation.org/5yrqjyd8w ETSI. Cellular History. http://www.etsi.org/website/technologies/cellularhistory.aspx TelecomSpace. CDMA http://www.telecomspace.com/cdma.html Antipolis, S. (2012, June 1.) New SIM card format for slimmer, smaller phones. Retrieved from the ETSI website: http://www.etsi.org/news-events/news/398-news-release-1-june- 2012

Page 6 of 10 Jansen, W. and Ayers, R. (2007, May). Guidelines on Cell Phone Forensics. Special Publication 800-101. Revision 1. pp. 7-10. Carriers.pptx #2 Data Contained on Mobile Devices Due on September 12 by 7:00PM Quiz Quiz 1 (Material from weeks 1 and 2) Week 4 9/19 Network Service Provider Infrastructure Handbook of Digital Forensics and Investigations. pp. 517-526. Week 5 9/26 Procedures Infrastructure.pptx #3 Carrier Technology Due on September 19 by 7:00PM Forensics. Special Publication 800-101. Revision 1. pp. 27-47. Ayers, R., Wayne, J., Cilleros, N., and Daniellou, R. (2005). Cell Phone Forensic Tools: An Overview and Analysis. p. 5. Procedures.pptx Cellebrite Demonstration http://www.youtube.com/watch?v=ket-f_3xud8 SIM Card Seizure Demonstration http://www.youtube.com/watch?v=ffmpucrvuo Hands-on demonstrations with phones and tools Paraben Device Seizure Instructions #4 Infrastructure Due on September 26 by 7:00PM Quiz Quiz 2 (Material from weeks 3 and 4)

Page 7 of 10 Week 6 10/3 Impediments to Cell Phone Forensics Jansen, W., Delaitre, A., and Moenner, L. (2008). Overcoming Impediments to Cell Phone Forensics. Proceedings of the 41 st Hawaii International Conference on System Sciences. National Institute of Standards and Technology. http://www.forensicswiki.org/images/9/9c/jensencellphones.pdf Impediments.pptx #5 Procedures Due on October 3 by 7:00PM Week 7 10/10 Week 8 10/17 Mid-term Comparison and Contrast of Current Industry Toolsets Ayers, R., Jansen, W., Moenner, L., and Delaitre, A. (2007). Cell Phone Forensic Tools: An Overview and Analysis Update. NISTIR 7387. Forensics. Special Publication 800-101. Revision 1. pp. 15-26. Handbook of Digital Forensics and Investigations. pp. 410-412. Forensic_Tools.pptx Chip-off_Forensics.pptx Hands-on Exercises/Acquisitions to be conducted Week 9 10/24 Acquisition I #6 Recommendations Due on October 17 by 7:00PM Forensics. Special Publication 800-101. Revision 1. pp. 50-52. UFED_Acquisition.pptx DS_Acquisition.pptx

Page 8 of 10 BitPim_Acquisition.pptx Hands-on Exercises/Acquisitions to be conducted Week 10 10/31 Acquisition II # 7 Forensic Tools Recommendations Due on October 24 by 7:00PM Forensics. Special Publication 800-101. Revision 1. pp. 27-47. Kindle.pptx SIM Acquisition.pptx TomTom-GPS.pptx Bourne SIM clone http://www.youtube.com/watch?v=3_eymfggkq0 Paraben s SIM Card Seizure software demo http://www.youtube.com/watch?v=ffmpucprvuo Hands-on Exercises/Acquisitions to be conducted Quiz Quiz 3 (Material from weeks 8 and 9) Week 11 11/7 Legal Interception of Data Handbook of Digital Forensics and Investigations. pp. 542-556. Legal_Interception.pptx Hands-on Exercises/Acquisitions to be conducted Week 12 11/14 Call Detail Records (CDRs) and other Data from Network Service Providers Forensics. Special Publication 800-101. Revision 1. pp. 52-55. Handbook of Digital Forensics and Investigations. pp. 527-528. NSP-data.pptx Tower_Info.pptx

Page 9 of 10 Geolocating.pptx EXIF_Data.pptx Other Fun Stuff Analyzing EXIF Data #8 FISA Due November 14 by 7:00PM Quiz Quiz 4 (Material from weeks 10 and 11) Week 13 11/21 Interpreting Recovered Data Handbook of Digital Forensics and Investigations. pp. 517-526. Mapped_CDR.pptx Cell_Site_Analysis.pptx Hands-on Exercises/Acquisitions to be conducted Week 14 12/5 Mobile Malware #9 Cell Tower (.pptx) Due on November 21 by 7:00PM Android Developers. (2011, June 7). Security Permissions. http://developer.android.com/guide/topics/security/security.html (Anonymous). (2011, March 20). Breaking out of Android Sandbox. http://pfalcon-oe.blogspot.com/2011/03/breaking-outof-android-sandbox.html McMillan, R. (2011, January 17). "Coming Soon: A New Way to Hack into Your Smartphone." http://www.pcworld.com/businesscenter/article/216842/coming_s oon_a_new_way_to_hack_into_your_smartphone.html Morgan, B. (2002, November 15). J2ME Security: Now and in the Future. http://www.informit.com/articles/article.aspx?p=30029 Knudsen, J. (2003, February). Understanding MIDP 2.0 s Security Architecture. http://developers.sun.com/mobility/midp/articles/permissions/

Page 10 of 10 Malware on Exploits.pptx Malware on Mobile Platforms.pptx Project Due by December 5 by 7:00PM Week 15 12/12 Final Exam

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback