Skip to content

asiamina/ttuwikiset

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Course Update

(May 2022) Analysis of digital forensics concepts required for the project and creating modules for the content.

(June 2022) Practical implementation of project work on a local computer and creating a web interface for the whole content.

(July 2022) Tested the website and deployed on github. Upon feedback from Professor, Educator and Students, enhanced few sections in each module.

Instructional Materials for the Digital Forensics Course

Texas Tech University, Computer Science Department

Designed and Taught by: Dr. Akbar Namin

A CTF project on "Digital Forensics" designed and offered in the Computer Science Department at Texas Tech University

This repository contains the instructional modules and course materials developed by Dr. Akbar Namin, Associate Professor of Computer Science at Texas Tech University to teach Digital Forensics. The materials were prepared, developed during 2022, and it is evolving. This course initiallay was developed as a graduate-level university course. But it can also be used for undergraduate students. The lecture notes were prepared by the insturctor of the course, the lab and hands-on experiences were developed by students taking the course.

About the Course

Digital forensics has become a must-have skillset for IT professionals and in particular for security experts. Digital forensics and incident response play key roles in detecting and analyzing malware, security breaches, possible countermeasures, and tracing online criminal activities. Digital forensics, malware detection and analysis, and incident responses techniques are very wide and system-dependent. For instance, the techniques and tools used in detecting malware in Windows operating system are quite different than those used in Linux and Mac. Nevertheless, the security expert and more importantly ethical hackers need to be aware of the core and basic general topics and cocepts as well as platform-dependent techniques in order to be able to conduct penetration testing more effectively.

This course introduces the basic concepts and techniques usually employed in digital forensics and malware analysis. The contents are primarily divided into the following major topics:

  1. Mobile Forensics

These topics constitute the skeleton of security incidents and challenges. The security and forensics challenges usually exercised at the major hacking conferences such as DEFCON and Black Hat usually require in-depth knowledge of these four major topics when performed in different platforms.

The course is completely practical supported with hands-on experiences and formal lectures. Students taking this course will be able to:

  • Demonstrate in-depth knowledge of cyber evidence and digital forensics
  • Demonstrate the knowledge of using forensics tools
  • Learn about the state-of-the-art in malware detection and analysis research
  • Practical malware analysis
  • Developing Android Application using Android Studio
  • Injecting malware into source code of APK file

The tentative topics and tools to be covered include:

  • Setting up a virtual device in emulator of android studio
  • Setting up a python web server
  • Creating APK file and JKS keystore file along with self signed certificate inside it
  • Modifying APK file source code and injected malware into it

Documentation on Setup of this website with files available in this repository

Procedure with all steps involved in setting up the website are provided in a document "WikiSet_ProjectSite_GitHub_v1.docx" present in this repository for reference.

Learning Outcomes

The following are the expected learning outcomes of the course:

  • Masters of Science Degree:
  1. Catch the flags in given modules and try answering assessments after hands-on implementation (LO 1)
  2. Engage in life-long learning and self-critique (LO 2)
  3. Function independently on self-directed projects or research where appropriate (LO 4 )
  • Doctor of Philosophy Degree:
  1. Catch the flags in given modules and try answering assessments after hands-on implementation (LO 1 )
  2. Engage in life-long learning and self-critique (LO 2 ).
  3. Function in a multi-disciplinary, and culturally diverse environment with cross-functional teams (LO 3)

Textbooks

There are four sections, each would require a separate textbook. Here is the list of books used for each section:

  1. Mobile Forensics

Additional Hacking Textbooks

  1. The Hacker Play Book 2: Practical Guide to Penetration Testing, Author: Peter Kim
  2. Hacking: The Art of Exploitation, Author: Jon Erickson

Additional References

WikiSET is a portal, called Wiki for Security Training and Education, that lists useful materials and tutorials for teaching and learning digital forensics.

Course Team-based Project

To stimulate learning, four team and competition-based projects are defined. The four projects will allow students and each team practice the necessary skillsets for each section (i.e., reverse engineering, etc.). For each project, each team plays the role of both blue and red teams and thus is responsible to build an artifact with some secret item that will be discovered by the other team.

For instance, in disk forensics, each team will create a disk dump file with some hidden secret recipes hiden in different sectors, and the other team's job is to discover the secret recipes.

Acknowledgements

In preperation of this course including lecture notes, lab assignments, case studies, and hands-on experiences many graduate students involved. In particular, these graduate students contributed to the development of the course through donating their created artifacts:

  • Prathyush Turaga (diamond contributor: contributed to 1) Modules creation, 2) Website development, 3) Designing questions for assessment)

Source Reference & Special Thanks

  1. (https://samsclass.info/128/proj/p9-decom.htm)