Open Source Digital Forensics

Course Description

Open Source Digital Forensics (OSDF) explores forensic investigation using freely redistributable, open source software tools. This class is ideal for law enforcement or commercial investigative organizations seeking to gain a digital forensics capability without paying expensive license fees. This course focuses on analysis of PCs, though some discussion of other platforms is included.

Course ID: DEF 4611P
Course Format: Classroom

Available Classroom Sections

Start Date End Date Registration Deadline Format Location Cost CRN
Section Details May 15, 2018 May 16, 2018 May 15, 2018 Classroom Atlanta, GA $1,295 18268
View previous sections
View Previous Sections
CRN Start date End date Format Location Cost
15846 Dec 1, 2015 Dec 2, 2015 Classroom Atlanta, GA $1,195
16283 Aug 9, 2016 Aug 10, 2016 Classroom Atlanta, GA $995
17026 May 16, 2017 May 17, 2017 Classroom Atlanta, GA $1,295

Special Discounts

GTRI employees are eligible for a discount on this course.  If you are a GTRI employee, please go to https://webwise.gtri.gatech.edu/talent-management/organizational-development and look under “GT Professional Development” for a coupon code to use when checking out.

Note: Coupon codes must be applied during checkout and cannot be redeemed after your checkout is complete. Only one coupon code can be used per shopping cart.

Who Should Attend

Students already familiar with evidence acquisition and handling policy and technique but new to digital forensics will benefit the most. Additionally, law enforcement or commercial investigative organizations seeking to gain a digital forensics capability without paying license fees for the most common commercial software will find this course invaluable.

How You Will Benefit

  • Understand the primary activities and goals of digital forensics
  • Explore data types and digital representations of data
  • Overview data acquisition processes and constraints
  • Use freely-available open-source software (OSS) tools for forensic purposes
  • Acquire forensic data
  • Ingest (extract) evidence
  • Examine disk images
  • Analyze evidence

Content

  • Overview
  • “State of the Art” and current problems
  • Foundations
  • System preservation
  • Uses of DF
  • Data concepts
  • Data acquisition
  • Detailed walkthrough of tools alongside test cases for students in Lecture/Lab
  • Evidence extraction
  • Data ingest
  • Exploration of Open Source Forensics Tools
  • Detailed walkthrough of Autopsy with example case in Lecture/Lab
  • Lab using example case
  • Assessment based on results of lab with example case

Materials

Provided

  • Software
  • Example system images
  • Slidebook

For Course-Related Questions

Please contact the course administrator: Renita Folds

Instructors