Network Forensics (FCM 745)
Instructor Prof. Douglas Salane
- office: 4213N
- web site: http://web.math.jjay.cuny.edu
Class Meetings Section 01, Thurs., 6:20-8:20pm
Office Hours Tues. period 4 and Thurs. period 7
Text There is no required text; however, the following text will be referenced exensively. Most
required materials are available on-line. See the Resources section below.
- Richard BejtlichThe Tao of Network Security Monitoring:
Beyond Intrustion Detection, Addison-Wesley (2005).
Course Description(from catalogue)
Concerns the forensic security issues related to access to data stored on computer systems and the transmission of data
between systems. Topics include detecting and monitoring intrusions of networks and systems, authentication protocols,
viruses and worms, and management of intrusion response teams. The course includes laboratory work such as attack and defend
Students will understand the role of network forensic analysis in both
criminal and security investigations. They will learn to identify sources
of forensic data associated with and network devices and apply the
methods and tools needed in forensic investigations. They will become
familiar with some of the outstanding research challenges in network
forensics and proposed technical solutions. The will develop an
understanding of network designs that facilitate forensic discovery.
Students also will learn the legal guidelines that apply to
investigations as well as the technological consequences of recent
legislation and FCC rulings.
Syllabus FCM 745, Fall 2009
Forensic Texts, Web Sites and Papers
Exams/Grading Grades will be based on three, which will account
for about 40% of the final grade. In addition, readings from monographs and papers will be assigned weekly.
Assigned papers and class participation based on the readings will account for 60%.
Laboratory facilities Students will receive accounts on Linux computers
available in 4213 and via remote SSH login.
Academic Honesty You only learn if your work is your own.
Cheating on exams or copying assignments will not be tolerated.
Please review the College's policies on Plagiarism and Cheating.
Announcements (9/2/09) Please send me an email as soon as possible so I have your address. Have a
Course development sponsored in part by NSF grants 043044 and 0416494