Below you will find the syllabi for all the courses that are part of the Telecommunications Management curriculum. To see a list of the syllabi of all the courses that are taught at the Howe School, click here.
| TM 665 |
Network Forensics |
|---|
Overview |
| Network forensics involves the identification, preservation, and analysis of evidence of attacks in order to identify the attackers and document their activity with sufficient reliability to justify appropriate technological, business, and legal responses. This course, however, only focuses on the technological and not on the legal components of the topic. The emphasis is on the network traffic analysis aspect, not on the host aspect. The technical aspect addresses analysis of intruder types and the intrusion process, review of network traffic logs (pcap, flow records) and profiles and their types, identification of attack signatures and fingerprints, application of data mining techniques, study of various traceback methods, and the extraction of information (e.g. from malware, including botnet traffic) acquired through the use of network analysis tools and techniques. The class will not only cover the subjects in theory but instead also provide the students with an extensive hands-on experience. The class will involve a fair amount of programming. |
Download Syllabus |
