Course Home Page

Instructor:

Dr. Mike Mabey
mmabey@asu.edu

Office Hours:

Tuesdays 4:15 - 5:15 PM
in BYENG 423

TA:

Adam Oest
aoest@asu.edu

Office Hours:

Thursdays 12 - 1 PM
in BYENG 423

TA:

Sukwha Kyung
skyung1@asu.edu

Office Hours:

Wednesdays 1 - 2 PM
in BYENG 423

Key Links

Important Dates

  • 2019-01-08: First day of class

  • 2019-02-21: Midterm Exam

  • 2019-03-04—2019-03-08: Spring Break - No class

  • 2019-04-30: Final Exam

    • Cumulative

    • 2:30 - 4:20 PM in BYAC 150

Lecture Slides

Schedule & Lecture Recordings

The following schedule is tentative and may change as the semester progresses. Some ways to keep apprised of updates are:

  • Come to class. All changes will be announced in class.

  • Create a watch on my website’s repository on GitHub.

  • Make sure you have email notifications turned on in Piazza.

  • Manually check the website regularly.

Note

You may have to scroll horizontally (Shift + scroll) to view all columns of the table below.

#

Date

Topic(s)

Recording

Remarks

1

Jan 8

  • Topic 0: Course Overview

  • Topic 1: Forensics Intro

Link

2

Jan 10

  • Topic 1: Forensics Intro

Link

3

Jan 15

  • Topic 1: Forensics Intro

Link

Group formation due: Jan 16

4

Jan 17

  • Group Project Introduction

  • Topic 1.5: Python for Forensics

Link

5

Jan 22

  • Topic 2: Evidence Acquisition

Link

6

Jan 24

  • Topic 3: Drives, Volumes, and Files

Link

7

Jan 29

  • Topic 3: Drives, Volumes, and Files

Link

8

Jan 31

  • Topic 3: Drives, Volumes, and Files

Link

9

Feb 5

Guest speaker: Adam Oest, ASU

10

Feb 7

  • Topic 3: Drives, Volumes, and Files

  • Topic 4: File Systems

Link

I forgot to plug in the ethernet cable before starting the stream, so I apologize if the video quality isn’t very good.

11

Feb 12

  • Topic 4: File Systems

Link

12

Feb 14

  • Topic 4: File Systems

Link

HW2 due: Feb 15

13

Feb 19

Guest speaker: Special Agent Erin Gibbs, FBI

14

Feb 21

Midterm Exam

Covers Lectures 1-13

15

Feb 26

  • Midterm Review

Link

HW1 due: Feb 27

16

Feb 28

  • In-Class Lab 1

Mar 4-8

Spring Break!!

17

Mar 12

  • In-Class Lab 2

18

Mar 14

  • Topic 5: Image Forensics

Link

19

Mar 19

  • In-Class Lab 3

  • Topic 6: Email Forensics

Link

20

Mar 21

Guest speaker: Mike Lombardi, Mandiant

21

Mar 26

  • Topic 6: Email Forensics

  • Topic 7: Mobile Forensics

Link

22

Mar 28

  • In-Class Lab 4

  • Group Projects: Checkpoint Due

  • iPad.ad1

23

Apr 2

  • Topic 7.5: Malware Forensics

Link

24

Apr 4

  • Topic 8: Cloud and Web Forensics

Link

Paper Reports Due

25

Apr 9

Guest speaker: Jamie Winterton, ASU GSI

26

Apr 11

Paper Presentations:

  • Detecting file fragmentation point
    using sequential hypothesis testing
  • Windows operating systems agnostic
    memory analysis
  • Lest We Remember: Cold Boot
    Attacks on Encryption Keys

HW3 due: Apr 11

27

Apr 16

Paper Presentations:

  • Secure Audit Logs to Support
    Computer Forensics
  • Forensic carving of network packets
    and associated data structures
  • Towards Comprehensive and
    Collaborative Forensics on Email
    Evidence

28

Apr 18

Paper Presentations

  • Automatic Extraction of Secrets
    from Malware
  • Identification and recovery of JPEG
    files with missing fragments
  • Automated forensic analysis of
    mobile applications on Android
    devices

29

Apr 23

Paper Presentations

  • Welcome pwn: Almond smart home
    hub forensics
  • Who watches the watcher? Detecting
    hypervisor introspection from
    unprivileged guests
  • dbling: Identifying extensions
    installed on encrypted web thin clients

30

Apr 25

  • Topic 9: Semester Review

Link

Group Projects Due

31

Apr 30

Final Exam

Cumulative
2:30 - 4:20 PM in BYAC 150
(scheduled by ASU)