Information Package / Course Catalogue
Forensic Information Engineering and Reporting
Course Code: MIS513
Course Type: Area Elective
Couse Group: Second Cycle (Master's Degree)
Education Language: Turkish
Work Placement: N/A
Theory: 3
Prt.: 0
Credit: 3
Lab: 0
ECTS: 7
Objectives of the Course

The aim of this course is to obtain information about the selection, planning, correct structuring of the information systems and necessary security measures to identify and prevent attacks. It is aimed to collect the evidence related to cyber crimes, to take the forensic copies, to analyze and to report them, and to evaluate the cases encountered in legal terms.

Course Content

Introduction to cybercrime, forensic information technologies, data recovery from disk and file systems, evidence collection, ownership verification, data validation, storage and protection, recognition and identification, operating system architectures, analysis of file structures, network analysis, system analysis, forensic information methodology, current developments in forensics.

Name of Lecturer(s)
Lec. Türkay HENKOĞLU
Learning Outcomes
1.Knows the concepts of cyber crimes and informatics crimes.
2.Gains knowledge of legal regulations related to collection, classification and analysis of evidence related to cyber crime.
3.Gains knowledge of technical processes related to collection, classification and analysis of evidences related to cyber crimes
4.Has technical knowledge and skills in creating forensic copies
5.Knows reporting methods and techniques
Recommended or Required Reading
1.Sam Brown, Forensic Engineering: An Introduction to the Investigation, Analysis, Reconstruction, Causality, Risk, Consequence, and Legal Aspects of the Failure of Engineered Products, 1995, US
2.Türkay Henkoğlu, Adli Bilişim: Dijital Delillerin Elde Edilmesi ve Analizi, Pusula Yayıncılık, 2011, İstanbul
Weekly Detailed Course Contents
Week 1 - Theoretical
The basic concepts of forensic engineering
Week 2 - Theoretical
Information crimes and forensic information technologies
Week 3 - Theoretical
Evidence collection, ownership verification, data validation
Week 4 - Theoretical
Data recovery from disk and file systems
Week 5 - Theoretical
Storage, protection, recognition and identification
Week 6 - Theoretical
Analysis of file structures
Week 7 - Theoretical
Network analysis
Week 8 - Theoretical
Autonomous system analysis
Week 9 - Intermediate Exam
Midterm Exam
Week 10 - Intermediate Exam
Midterm Exam
Week 11 - Theoretical
Operating systems analysis
Week 12 - Theoretical
Configuration of start disks and configuration analysis
Week 13 - Theoretical
Preserving the nature of evidence of information on information
Week 14 - Theoretical
Current developments in forensic computing
Week 15 - Final Exam
Final Exam
Week 16 - Final Exam
Final Exam
Assessment Methods and Criteria
Type of AssessmentCountPercent
Midterm Examination1%40
Final Examination1%60
Workload Calculation
ActivitiesCountPreparationTimeTotal Work Load (hours)
Lecture - Theory132365
Assignment132026
Term Project120222
Individual Work132026
Quiz20510
Midterm Examination19110
Final Examination112113
TOTAL WORKLOAD (hours)172
Contribution of Learning Outcomes to Programme Outcomes
Fatal error: Uncaught SoapFault exception: [WSDL] SOAP-ERROR: Parsing WSDL: Couldn't load from 'https://ws2.adu.edu.tr/LDAP/Bilgipaketi.asmx?WSDL' : failed to load external entity "https://ws2.adu.edu.tr/LDAP/Bilgipaketi.asmx?WSDL" in D:\wwwpages\bilgipaketi.adu.edu.tr\httpdocs\includes\engine.php:586 Stack trace: #0 D:\wwwpages\bilgipaketi.adu.edu.tr\httpdocs\includes\engine.php(586): SoapClient->SoapClient('https://ws2.adu...') #1 D:\wwwpages\bilgipaketi.adu.edu.tr\httpdocs\includes\modules\programme-detail.php(670): DerseGoreDersCiktiGetir('29078') #2 D:\wwwpages\bilgipaketi.adu.edu.tr\httpdocs\index.php(226): include('D:\wwwpages\bil...') #3 {main} thrown in D:\wwwpages\bilgipaketi.adu.edu.tr\httpdocs\includes\engine.php on line 586