| 1. Course Title | Network Forensics | |||||||
| 2. Code | 4ФЕИТ10З030 | |||||||
| 3. Study program | ТКИИ | |||||||
| 4. Organizer of the study program (unit, institute, department) | Faculty of Electrical Engineering and Information Technologies | |||||||
| 5. Degree (first, second, third cycle) | First cycle | |||||||
| 6. Academic year/semester | IV/7 | 7. Number of ECTS credits | 6 | |||||
| 8. Lecturer | D-r Marko Porjazoski | |||||||
| 9. Course Prerequisites |
Passed: Internet Technologies or Communication Technologies or Communication Technologies and Protocols in Power Engineering or Introduction to Digital Communications |
|||||||
| 10. Course Goals (acquired competencies): Introduction to different methods of investigation in the occurrence of crime in the communication networks. Candidates will be able to collect and analyze data, as well as prepare reports on the occurrence of crime in communication networks. | ||||||||
| 11. Course Syllabus: Introduction to Digital Forensics and Network Forensics. Basic Concepts of Internet Networking. Use of communication protocols for maliceous activities. Sources of evidence in communication networks. Network traffic as a source of evidence. Providing evidence through network traffic analysis. Use of statistical analysis of streams in network forensics. Forensics of wireless local area networks. Network intrusion detection and prevention systems. Forensics of switches, routers and firewalls. Proxy server forensics. Collection and analysis of event logs. Forensics of software defined networks. Cloud forensics. Mobile network forensics. | ||||||||
| 12. Learning methods: Lectures, auditory and laboratory exercises, individual work, project work and preparation of seminar papers | ||||||||
| 13. Total number of course hours | 3 + 1 + 1 + 0 | |||||||
| 14. Distribution of course hours | 180 | |||||||
| 15. Forms of teaching | 15.1. Lectures-theoretical teaching | 45 | ||||||
| 15.2. Exercises (laboratory, practice classes), seminars, teamwork | 30 | |||||||
| 16. Other course activities | 16.1. Projects, seminar papers | 30 | ||||||
| 16.2. Individual tasks | 30 | |||||||
| 16.3. Homework and self-learning | 45 | |||||||
| 17. Grading | 17.1. Exams | 15 | ||||||
| 17.2. Seminar work/project (presentation: written and oral) | 15 | |||||||
| 17.3. Activity and participation | 0 | |||||||
| 17.4. Final exam | 70 | |||||||
| 18. Grading criteria (points) | up to 50 points | 5 (five) (F) | ||||||
| from 51to 60 points | 6 (six) (E) | |||||||
| from 61to 70 points | 7 (seven) (D) | |||||||
| from 71to 80 points | 8 (eight) (C) | |||||||
| from 81to 90 points | 9 (nine) (B) | |||||||
| from 91to 100 points | 10 (ten) (A) | |||||||
| 19. Conditions for acquiring teacher’s signature and for taking final exam | Regular attendance at lectures, auditory and laboratory exercises | |||||||
| 20. Forms of assessment | Two partial exams during the semester lasting 120 minutes each or one written exam in an appropriate exam session lasting 120 minutes and preparation of a practical project task. The final grade includes exam points, project assignment points, homework points and laboratory exercise points. It is not allowed to use books, scripts, manuscripts or notes of any kind during the exam, as well as a calculator, mobile phone, tablet or any other electronic device. |
|||||||
| 21. Language | Macedonian and English | |||||||
| 22. Method of monitoring of teaching quality | Internal evaluations and surveys | |||||||
| 23. Literature | ||||||||
| 23.1. Required Literature | ||||||||
| No. | Author | Title | Publisher | Year | ||||
| 1 | Marko Porjazoski | Network Forensics | Faculty of electrical engineering and information technologies | 2021 | ||||
