News
Exam resultsGeschrieben am 05.09.19 von Christoph Sorge The results for the 2nd final exam should now be visible in the CMS. The exam inspection will take place in building C3.1, room 0.04. |
Exam inspectionGeschrieben am 04.09.19 von Christoph Sorge The exam inspection of the 2nd exam will take place next Tuesday, 11:00 - 12:00; room TBA (most likely in building C3.1 or nearby). |
Exam InspectionGeschrieben am 07.08.19 von Nils Olze The exam inspection will be next monday (12th August), 10:00 a.m., building C3.1, Room 0.01. Please do not forget your Student ID. |
Exam resultsGeschrieben am 30.07.19 von Christoph Sorge The exam results are now in the CMS. You should have received a corresponding e-mail. A couple of remarks:
The exam results are now in the CMS. You should have received a corresponding e-mail. A couple of remarks:
|
Additional exam informationGeschrieben am 25.07.19 von Christoph Sorge The data and time for the re-exam have been fixed: September 2, 13:30, Günter-Hotz-Hörsaal (same time and place as the first exam - not a typo). Both exams are scheduled to last 90 minutes. |
Exam DetailsGeschrieben am 18.07.19 von Nils Olze The main exam will take place on 26.07.2019, 13:30 at the Günter Hotz Lecture Hall (E 2.2). The use of cheat sheets is not allowed. Please be there at least 15 minutes ahead of time. The planned date for the reexam is 2.9.2019, but this is not fixed yet. |
Slides on Network MonitoringGeschrieben am 12.07.19 von Christoph Sorge Due to a misunderstanding, the slides for the network monitoring chapter were uploaded with a delay. They are now available in the CMS. |
No lecture tomorrowGeschrieben am 12.06.19 von Christoph Sorge The lecture tomorrow has to be cancelled. The tutorial will take place on Friday as usual. |
Lecture Instead Of Tutorial Next WeekGeschrieben am 01.06.19 von Nils Olze Next week there will be an additional lecture in the tutorial slot. The solutions of the mid term will be discussed in two weeks. |
Reminder: (Voluntary) mid-term exam todayGeschrieben am 31.05.19 von Christoph Sorge Just a quick reminder that we will have the mid-term exam in the tutorial today. The style is similar to the main exam, but participation is voluntary; it is mainly a tool for self-assessment. |
Exam registration deadline now strictGeschrieben am 22.05.19 von Christoph Sorge The dean for student affairs (in computer science) has asked the lecturers to communicate the following information (which applies to all lectures): The deadline for registering for exams in lectures is now a strict deadline. Late registrations after the deadline will only be processed by the… Weiterlesen The dean for student affairs (in computer science) has asked the lecturers to communicate the following information (which applies to all lectures): The deadline for registering for exams in lectures is now a strict deadline. Late registrations after the deadline will only be processed by the study coordination in case of duly justified exceptions, such as illness. |
No Lecture Today and Information about the Tutorial tomorrowGeschrieben am 16.05.19 von Nils Olze As already mentioned last week, there will be no lecture today. Next week, the Tutorial will probably be swapped with the lecture, i.e. Tutorial on thursday and lecture on friday within the usual time slots. In the Tutorial tommorrow, there will be practical exercises again. We will need… Weiterlesen As already mentioned last week, there will be no lecture today. Next week, the Tutorial will probably be swapped with the lecture, i.e. Tutorial on thursday and lecture on friday within the usual time slots. In the Tutorial tommorrow, there will be practical exercises again. We will need Volatility (https://www.volatilityfoundation.org/26) and the Test Image called "xp-laptop-2005-06-25.img" from this archive: https://www.cfreds.nist.gov/mem/memory-images.rar |
Practical Exercise InformationGeschrieben am 10.05.19 von Nils Olze We will need two Test Images from https://www.cfreds.nist.gov/dfr-test-images.html for the exercises in the tutorial today, namely the first one "DFR-01" in NTFS and "DFR-11" in NTFS format. Here are the corresponding download links: We will need two Test Images from https://www.cfreds.nist.gov/dfr-test-images.html for the exercises in the tutorial today, namely the first one "DFR-01" in NTFS and "DFR-11" in NTFS format. Here are the corresponding download links: DFR-11: https://www.cfreds.nist.gov/dfr-images/dfr-11-mft-ntfs.dd.bz2 |
Information about the Tutorial(s)Geschrieben am 02.05.19 von Nils Olze It has been decided that there will be no additional tutorial slot, therefore we relocate the tutorial to the lecture hall (0.05, CISPA) just like last week. Concerning the tutorial tomorrow, there will be no practical exercise yet, this is postponed to next week. Best, Nils |
Anecdote on forensic analysis of persistent dataGeschrieben am 18.04.19 von Christoph Sorge For the German-speaking students, the anecdote on https://kanzleiundrecht.wordpress.com/2016/04/27/darf-es-etwas-weniger-sein/ shows how not to do computer forensics |
IT Forensics
The lecture deals with finding and evaluating legal evidence in IT systems, both for criminal prosecution and civil action.
Focus areas include, among others:
Processes of IT forensics (with a focus on incident response)
Analysis of storage media and file systems
Retrieval and analysis of RAM contents (e.g., cold boot attacks)
Attacks on passwords
(Basics of) evidence in civial actions and criminal proceedings
Role of technical experts in court