IST 454
This presentation is the property of its rightful owner.
Sponsored Links
1 / 22

Gerald M. Santoro, Ph.D. ([email protected]) College of Information Sciences and Technology PowerPoint PPT Presentation


  • 117 Views
  • Uploaded on
  • Presentation posted in: General

IST 454 Computer and Cyber Forensics. Gerald M. Santoro, Ph.D. ([email protected]) College of Information Sciences and Technology The Pennsylvania State University University Park, PA 16802 (slides developed by Prof. Chao-Hsien Chu). Theory  Practice. Learning by Doing.

Download Presentation

Gerald M. Santoro, Ph.D. ([email protected]) College of Information Sciences and Technology

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Gerald m santoro ph d gms psu college of information sciences and technology

IST 454

Computer and Cyber Forensics

Gerald M. Santoro, Ph.D. ([email protected])

College of Information Sciences and Technology

The Pennsylvania State University

University Park, PA 16802

(slides developed by Prof. Chao-Hsien Chu)

Theory

Practice

Learning

by

Doing


The needs for digital forensics

The Needs for Digital Forensics

  • Incident handling

  • Identifying policy violations.

  • Auditing.

  • Investigating crimes.

  • Reconstructing computer security incidents.

  • Troubleshooting operational problems.

  • Log monitoring.

  • Recovering from accidental system damage.

  • Acquiring and retaining data for future use.

  • Exercising due diligence / regulatory compliance.


Gerald m santoro ph d gms psu college of information sciences and technology

Personnel Security

Physical and Environmental Security

Procurement

Regulatory and Standards

Risk Management

Strategic Management

System and Application Security

Data Security

Digital Forensics

Enterprise Continuity

Incident Management

IT Security Training and Awareness

IT Systems Operations and Maintenance

Network Security and Telecommunications

IT Security EBK: 14 Competency Areas


It security ebk model

IT Security EBK: Model


Knowledge and skills needed

Knowledge and Skills Needed

  • Critical thinking and judgment. 69%

  • Communications (verbal and written). 68%

  • Technical knowledge. 66%

  • Teamwork and collaboration. 52%

  • Ability to lead change. 52%

  • Business knowledge/acumen. 40%

  • Cross functional influence. 35%

  • Influence. 33%

  • Facilitation. 24%

  • Mentoring and coaching. 19%

  • Strategic business planning. 22%

  • Industry participation. 13%

SANS

Institute

2005 Survey


Gerald m santoro ph d gms psu college of information sciences and technology

IST 451: Network Security

IST 452: Legal & Regulatory Issues

IST 453: Computer Forensics Law

IST 454: Computer & Cyber Forensics

IST 456: Security & Risk Management

SRA 111: Security & Risk Analysis

SRA 211:Threats of Crime & Terrorism

SRA 221: Overview of Information Security

SRA 231: Decision Theory

SRA 311: Risk Management

SRA 472: Integration of Privacy & Security

SRA 468: Visual Analytics for Intelligence & Security

Defense In Depth of Security

Feedback

Prediction

Prevention

Detection

Forensics

Response

  • Qualitative models

  • Quantitative models

  • Policy/Regulation

  • Firewall/DMZ

  • Access Control/VPN

  • Scanner

  • IDS

  • Data mining

  • Computer crime

  • Economic crime

  • Policies violation

  • Plans

  • Risk analysis

SRA 111

SRA 211

SRA 231

SRA 468

IST 452

SRA 221

IST 453

SRA 311

SRA 472

IST 451

IST 454

IST 456


Sra core curriculum

SRA Core Curriculum

Information, People

& Technology

111 Intro Security

& Risk Analysis

200 Statistics

110

221 Overview of

Information Security

211 Threat of

Terrorism & Crime

231 Decision

Theory & Analysis

(Vulnerabilities)

(Techniques)

(Modeling, Analysis)

(Problem Solving)

(Threats)

Legal, Ethical, and

Regulatory Issues

Risk Management:

Assessment & Mitigation

432

311

International Culture

Foreign Language

Emergency Planning

Crisis Management

Internship, Guest,

& field Experience

440


Sra major cyber security option

Intro People,

Information & Tech

Intro Security &

Risk Analysis

Statistics

Intro

Overview of

Information Security

Threat of Terrorism

& Crime

Decision Theory

& Analysis

Core

Core

Junior

Networking &

Telecommunications

Legal, Ethical, and

Regulatory Issues

Risk Management:

Assessment & Mitigation

Network Security

Computer &

Cyber Forensics

Security &

Risk Management

Option

(Elective)

(Elective)

(Elective)

Support

International Culture

Foreign Language

Emergency Planning

Crisis Management

Internship, Guest,

& field Experience

Capstone

SRA Major - Cyber Security Option


Sra minor 21 cr

IST 110: Intro People,

Information & Tech

SRA 111: Intro Security

&Risk Analysis

Stat 200: Statistics

Intro

SRA 221: Overview of

Information Security

SRA 211: Threat of

Terrorism& Crime

SRA 231: Decision

Theory& Analysis

Core

Risk Management

IST 452: Legal, Ethical,

& Regulatory Issues

SRA 311: Risk Mgmt:

Assessment & Mitigation

IST 220: Networking &

Telecommunications

IST 453: Cyber

Forensics Laws

IST 456: Security &

Risk Management

Cyber Security

Digital Forensics

Electives (6 cr.)

IST 451: Network

Security

IST 454: Computer &

Cyber Forensics

IST 402: Wireless

Design & Security

SRA Minor (21 cr.)


Gerald m santoro ph d gms psu college of information sciences and technology

Dr. Hank Foleys, Dean

College of Information Sciences and Technology

Dr. Chao H. Chu, Executive Director

Center for Information Assurance

Certificate of Accomplishment

The Center for Information Assurance

at the Pennsylvania State University,

through its curricula, certify that

Your Name Here

has acquired the knowledge and skills that meet the National Training Standard NSTISSI-4011 for the

Information Systems Security (INFOSEC) Professionals, established by the Committee on National Security Systems (CNSS) and the National Security Agency (NSA),

on December 2005


Gerald m santoro ph d gms psu college of information sciences and technology

IST 454 focuses on computer and cyber forensics. Students will learn different aspects of computer and cyber crime and ways in which to uncover, protect, exploit, and document digital evidence. Students will be exposed to different types of tools (both software and hardware), techniques and procedure, and be able to use them to perform rudimentary forensic investigations.


Course objectives

Course Objectives

  • Understand the different aspects of computer and cyber crime.

  • Understand the basic concepts and issues of computer forensics

  • Understand what tools and techniques to use in computer and cyber crime investigations

  • Perform basic computer and cyber forensic investigations

  • Understand the documentation need in performing forensic investigations


Terminology

Terminology

  • Computer Forensics

  • Computer and Network Forensics

  • Computer and Cyber Forensics

  • Cyber Forensics

  • Digital Forensics

  • Digital Forensic Sciences

  • Forensic Sciences


Gerald m santoro ph d gms psu college of information sciences and technology

Overview

  • Digital / Computer / Cyber Forensics

  • Context of Computer Forensics

  • Knowledge and Skills Needed

18 Readings

Search,

Seizure &

Investigation

  • Data Acquisition – Imaging / Tools

  • Data Authentication / Tools

  • Data Search & Analysis / Tools

  • Forensic Policies and Procedures

11 Quizzes /

Assignments

Media &

File Systems

Analysis

  • Operating Systems / File Structure

  • Investigating Window Systems

  • Investigating Linux Systems

  • Data Hiding Techniques / Steganography

1-3 Guess

Lectures

Modules

Web / Internet

Forensics

  • Overview of Web Forensics

  • Spam, Phishing, E-mail Tracing

  • PDA Forensics

8 Hands-on

Exercises

Network &

Malware

Forensics

  • Intrusion Detection

  • Honeynet / Network Monitoring

  • Worm Forensics

Term Project:

Report &

Presentation

Legal &

Criminal Justice

Systems

  • Legal and Ethical Issues

  • Criminal Justice Systems

  • Expert Witness


Theory and practice

Problem Solving Skills

Interpersonal Skills

Team Work

Managerial Issues

Programming Skills

Information Technology

Technical Issues

Emerging Information Technologies

Theory and Practice

Practice

Theory

Hand-on Experience

Learning By Doing


Learning by doing

Learning By Doing

I Hear and I Forget !

I see and I Remember !

I Do and I Understand !

Confucius (Kung Chiu)

5th - 6th Century, B. C.

Chinese Philosopher


Albert einstein

Albert Einstein

Imagination

is more important than

Knowledge


Gerald m santoro ph d gms psu college of information sciences and technology

? ? ?

Learning Capability

is more important than

Knowledge


Teaching philosophy and principles

Teaching Philosophy and Principles

  • Bridging the gaps between theoryand practice

  • Learning by doing (hand-on experience)

  • Learning capability is more important than knowledge

  • Covering both technicaland managerial aspects


Teamwork the key to winning

Teamwork - The Key to Winning


We are all in the same boat

We Are All in the Same Boat


  • Login