Module 06-30016 (2017)
Forensics and Malware Analysis
|David Oswald||Semester 2||10 credits|
This module will teach students how to investigate and respond to cyber security incidents. This will include developing technical skills such as disk image and network log analysis, as well as high-level skills such as knowing what to do when investigating a system that might have been attacked.
The aims of this module are to:
On successful completion of this module, the student should be able to:
- analyse a disk image, including one that has been subject to partial erasure or overwriting.
- analyse a suite of logs from a mixed infrastructure and describe the events that have taken place.
- analyse malware samples and their effect on a computer system, applying techniques of digital forensics and program analysis.
- to write a report suitable for use as evidence.
Two 1-hour lectures a week.
Sessional: Examination (80%) Continuous Assessment (20%)
Supplementary (where allowed): Exam (100%)
Programmes containing this module
- MSc Cyber Security [504B]