Lecture: 2 hours/week
Seminar: 2 hours/week
The methods of instruction for this course lectures, seminars, demonstrations, and hands-on assignments/projects (group work may be involved).
- Introduction to Mobile Forensics
- Challenges in mobile Forensics
- Seizure, preparation, and protection of digital devices at the scene
- Toolbox Forensics: Multiple-Tool Approach
- Mobile Forensic Tool Overview
- Environment preparation for evidence collection
- Collection of a Mobile Device: Considerations and Actions
- SIM Cards Analysis
- Android file structure
- Android Forensic Setup and Pre-Data Extraction Techniques
- Android Data Extraction Techniques
- Android Data Analysis and Recovery
- Android Malware, and Reverse Engineering
At the end of this course, a successful student will be able to:
- Discuss Mobile Forensics and its challenges
- Conduct a proper initial investigation including preparing, seizing and packaging of evidence
- Develop the skills to preserve, process and analyze the data stored on mobile devices using Multiple-Tool approach
- Prepare the environment to extract and analyze data
- Carry out processing and collection of a mobile device
- Analyze digital data from mobile devices storage media and internal flash
- Analyze the data within the device files and folders including SIM cards
- Analyze and explain Android file structure
- Demonstrate the process of setting up Android forensic and pre-data extraction techniques
- Demonstrate data extraction techniques for Android
- Analyze and compare data extraction techniques for Android
- Implement and explain the data analysis and recovery techniques for Android
- Identify how mobile malware is detected
- Explain the spread, impact and infection of Android malware
- Describe the protection and removal of Android malware
- Demonstrate the usage of Reverse Engineering in digital forensics
Assessment will be in accordance with the ÁñÁ«ÊÓƵ Evaluation Policy.
Assignments and Labs |
10% - 15% |
Research Project |
20% - 25% |
Midterm Exam * |
30% - 35% |
Final Exam * |
30% - 35% |
Total |
100% |
* Practical hands-on computer exam
In order to pass the course, students must, in addition to receiving an overall course grade of 50%, also achieve a grade of at least 50% on the combined weighted examination components (including quizzes, tests, exams).
Students may conduct research as part of their coursework in this class. Instructors for the course are responsible for ensuring that student research projects comply with College policies on ethical conduct for research involving humans, which can require obtaining Informed Consent from participants and getting the approval of the ÁñÁ«ÊÓƵ Research Ethics Board prior to conducting the research.
Course Materials to be provided by the instructor and/or approved textbooks from the department.
References:
- Mobile Forensic Investigations: A Guide to Evidence Collection, Analysis, and Presentation by Lee Reiber, McGraw-Hill Education, latest edition
- Practical Mobile Forensics by Rohit Tamma, Oleg Skulkin , Heather Mahalik, Satish Bommisetty, Packt Publishing, latest edition
Min grade of C in CSIS 3175, 3160, and 3560
Courses listed here must be completed either prior to or simultaneously with this course:
- No corequisite courses
Courses listed here are equivalent to this course and cannot be taken for further credit:
- No equivalency courses