News
Early Bird News: Tutorial PreferencesWritten on 24.03.25 by Roman Wetenkamp Hi all, thanks for your interest in the IT Forensics lecture! Given the high number of registrations we already have, I would kindly ask you to help me a bit with the tutorial organization: Please indicate using one of the registrations on your CMS personal page if you either ...
Hi all, thanks for your interest in the IT Forensics lecture! Given the high number of registrations we already have, I would kindly ask you to help me a bit with the tutorial organization: Please indicate using one of the registrations on your CMS personal page if you either ...
Your registration is not binding at all and you can always change your opinions during the term, but it helps me to organize the course and its tutorials ahead of time. Thank you very much for your support! Looking forward to see you soon! Best regards, |
IT Forensics
Have you ever wondered how criminals are caught in the digital era?
What traces do all of us leave on IT systems while interacting with them?
What is the truth behind those CSI movies we all know?
This advanced lecture deals with finding and evaluating legal evidence in IT systems for criminal prosecution.
Contents
- History, Types and Processes of IT Forensics
- Digital Traces and their Classification
- Persistent Memory (HDD, SSD, USB, Cloud, ...)
- File Systems and their Analysis
- Post-mortem vs. Live Analysis
- Digital Investigations
- Role of Technical Experts in Court
- Relevant Laws and Jurisdiction
You will not only learn about these topics in theory, but also get some hands-on experience with forensic tools like Autopsy.
The lectures and tutorials will be taught in English.
Prerequisites
There are no formal prerequisites. We recommend a working knowledge of operating systems and system architectures.
Lectures
The lectures will be held online on Fridays from 10:15 to 11:45. The first lecture will take place on April 11, 2025.
Zoom Link:
https://fau.zoom-x.de/j/61369523237
Meeting-ID: 613 6952 3237
Code: 757065
If you are on campus or would like to learn with others, you can join the sessions (on your own device) in lecture hall 001 in E1.3.
We will not record the lectures.
Tutorials
The weekly tutorials will be held on Thursdays from 14:15 to 15:45 in SR 107 in E1.3. The first tutorial will take place on April 17, 2025. The tutorials will be in a hybrid format and recorded.
Some tutorials will contain practical exercises, for those you need to bring a laptop. Installation requirements will be announced in the first tutorial.
Attending the tutorials is optional, but highly recommended. You will not only get the chance to ask questions and solve exam-like exercises, but also get practical experience.
Examination
Format
The course concludes with a written final exam on campus that determines your final grade. The dates of the main exam and the re-exam will be announced in the first weeks of the semester.
Admission
There will be 3 practical exercise sheets during the semester that you solve in groups of at most three. You need to achieve at least 70% of the total points to get admitted to the final exam.
We enforce a strict no-plagiarism and no-AI policy.
Contact
In case of questions, please reach out to Roman first. You find his email address on the Team page. He will forward messages if necessary. We value constructive feedback!