Učni načrt predmeta

Predmet:
Digitalna forenzika II
Course:
Digital Forensics II
Študijski program in stopnja /
Study programme and level		 Študijska smer /
Study field		 Letnik /
Academic year		 Semester /
Semester
Informacijske in komunikacijske Napredne internetne tehnologij e 1 1
Information and Communication Advanced Internet Technologies 1 1
Vrsta predmeta / Course type
Izbirni
Univerzitetna koda predmeta / University course code:
IKT3-666
Predavanja
Lectures		 Seminar
Seminar		 Vaje
Tutorial		 Klinične vaje
work		 Druge oblike
študija		 Samost. delo
Individ. work		 ECTS
15 15 15 105 5

*Navedena porazdelitev ur velja, če je vpisanih vsaj 15 študentov. Drugače se obseg izvedbe kontaktnih ur sorazmerno zmanjša in prenese v samostojno delo. / This distribution of hours is valid if at least 15 students are enrolled. Otherwise the contact hours are linearly reduced and transfered to individual work.

Nosilec predmeta / Course leader:
doc. dr. Tomaž Klobučar
Sodelavci / Lecturers:
Jeziki / Languages:
Predavanja / Lectures:
slovenščina, angleščina / Slovenian, English
Vaje / Tutorial:
Pogoji za vključitev v delo oz. za opravljanje študijskih obveznosti:
Prerequisites:

Zaključen študij druge stopnje s področja informacijskih ali komunikacijskih tehnologij ali zaključen študij druge stopnje na drugih področjih z znanjem osnov s področja predmeta. Potrebna so tudi osnovna znanja matematike, računalništva in informatike.

Completed second cycle studies in information or communication technologies or completed second cycle studies in other fields with knowledge of fundamentals in the field of this course. Basic knowledge of mathematics, computer science and informatics is also requested.

Vsebina:
Content (Syllabus outline):

Uvod:
definicija osnovnih pojmov, forenzična tehnologija

Digitalna forenzika:
metodologije digitalne forenzike; digitalna forenzika in operacijski sistemi, pomnilniške naprave, prenosni sistemi, aplikacije in mrežni sistemi

Napredna orodja digitalne forenzike:
mobilni forenzični sistemi; komercialna in odprtokodna orodja za analizo datotečnih sistemov, živih sistemov, mobilnih naprav, aplikacij in omrežnih sistemov; zanesljivost orodij digitalne forenzike

Izbrana poglavja iz digitalne forenzike (npr. forenzika v oblaku)

Praktični vidiki in smernice razvoja:
praktični primeri postopkov digitalne forenzike; raziskovalno-tehnološki trendi informacijskih sistemov, nova tržišča; izzivi digitalne forenzike

Introduction:
definition of basic concepts, digital forensics technology

Digital forensics:
digital evidence, digital forensics methodologies, technology and legalization interrelations; digital forensic and operating systems, storage, mobile systems, applications and networked systems

Advanced digital forensics tools:
digital forensic laboratory, mobile digital forensic systems; commercial and open source forensic tools for analyses of file, live, mobile and network systems, and applications; tools dependability.

Selected topics in digital forensics (e.g. cloud computing forensics)

Practical aspects and future trends:
practical examples of digital forensic investigations; Information systems research and technology trends, new markets; digital forensics research issues

Temeljna literatura in viri / Readings:

Izbrana poglavja iz naslednjih knjig: / Selected chapters from the following books:
- J. Kävrestad, Fundamentals of Digital Forensics, Theory, Methods, and Real-Life Applications, Springer, 2020, ISBN 978-3-030-38953-6
- S. Davidoff and J. Ham, Network Forensics: tracking hackers through cyberspace. Prentice Hall, 2012, ISBN-13: 978-0132564717
- K. J. Jones, R. Bejtlich and C. W. Rose, Real Digital Forensics: Computer Security and Incident Response. Addison Wesley, 2005, ISBN: 0321240693

Izbrani znanstveni članki s področja digitalne forenzike, objavljeni npr. v Digital Investigation, IEEE Security and Privacy, IEEE Network Security, International Journal of Digital Evidence, International Journal of Electronic Security and Digital Forensics in Journal of Digital Forensic Practice.

Cilji in kompetence:
Objectives and competences:

Namen predmeta je študentom predstaviti napredne vidike digitalne forenzike.

Študenti bi morali biti sposobni:
- Uporabiti metodologije digitalne forenzike
- Izbrati in uporabiti ustrezna orodja digitalne forenzike
- Upoštevati zahteve in probleme digitalne forenzike v specifičnih okoljih, na primer v oblaku ali mobilnih sistemih
- Nadaljevati raziskovalno-razvojno delo na področju digitalne forenzike

The main objective of this course is to present advanced issues of digital forensics.

Students should be able to:
- Apply digital forensics methodology
- Select and use appropriate digital forensics tools
- Take into account the requirements and problems of digital forensics in specific environments, e.g. in cloud computing or mobile systems
- Continue research and development work in the area of digital forensics

Predvideni študijski rezultati:
Intendeded learning outcomes:

Študenti bodo z uspešno opravljenimi obveznostmi tega predmeta pridobili:
- Poznavanje metodologij digitalne forenzike
- Poznavanje naprednih orodij digitalne forenzike
- Poznavanje zahtev in problemov digitalne forenzike v specifičnih okoljih, na primer v oblaku ali mobilnih sistemih
- Poznavanje smernic raziskav in razvoja na področju digitalne forenzike
- Sposobnost priprave znanstvenih rezultatov na področju

Students successfully completing this course will acquire:
- Apply digital forensics methodology
- Select and use appropriate digital forensics tools
- Know requirements and problems of digital forensics in specific environments, e.g. in cloud computing or mobile systems
- Know future trends of digital forensics research and development
- Ability to provide research results in the field

Metode poučevanja in učenja:
Learning and teaching methods:

Predavanja, seminar, konzultacije, individualno delo

Lectures, seminar, consultations, individual work

Načini ocenjevanja:
Delež v % / Weight in %
Assesment:
Seminarska naloga
50 %
Seminar work
Ustni ali pisni izpit
50 %
Oral or written exam
Reference nosilca / Lecturer's references:
1. B. Jerman-Blažič, T. Klobučar, "Removing the barriers in cross-border crime investigation by gathering e-evidence in an interconnected society", Information & communications technology law. 2020, vol. 29, no. 1, pp. 66-81. ISSN 1360-0834.
2. B. Jerman-Blažič, T. Klobučar, "Investigating crime in an interconnected society: will the new and updated EU judicial environment remove the barriers to justice?"," International review of law computers & technology. 2020, vol. 34, no. 1, str. 87-107.
3. B. Jerman-Blažič, T. Klobučar, "A new legal framework for cross-border data collection in crime investigation amongst selected European countries", International journal of cyber criminology, 2019, vol. 13, no. 2, pp. 270-289, ISSN 0974-2891.
4. B. Jerman-Blažič, T. Klobučar, "Advancement in cybercrime investigation: the new European legal instruments for collecting cross-border E-evidence", v: A. Rocha (ur.), C. Ferras (ur.), M. Paredes (ur.). Information Technology Systems: proceedings of of ICITS 2019. Cham: Springer, 2019. Vol. 918, str. 858-867.
5. R. Kaur, D. Gabrijelčič, T. Klobučar, "Artificial intelligence for cybersecurity: literature review and future research directions", Information fusion. [Online ed.]. Sep. 2023, vol. 97, [article no.] 101804, str. 1-29.