This is a core module in the Cyber Security and Digital Forensics field. You will apply methodologies for acquiring, preserving, analysing and documenting digital evidence discovered in the Cyber Crime and Digital Forensics module (CI4315), to network and mobile environments. This includes acquiring volatile digital evidence running on live computers, forensically processing data packets from networks and extracting digital evidence from mobile devices.
On successful completion of the module, students will be able to:
This module, being part of the innovative Cyber Security and Digital Forensics course, utilises a workshop-centered teaching and learning strategy, in which practical exercises and problem-centered technical challenges are supported by short participatory lectures and group discussions. Workshops are typically structured as a three-hour lab-based session, interspersed with 3 short (20 minute) participatory lecture sessions and are designed to encourage an open, collaborative and active student learning environment.
Content delivered in workshop sessions, are based on and reinforced by recommended reading, study guides and learning resources that are available on Canvas, which duly serves as a learning, sharing, feedback and communication hub for this module. Core teaching and learning strategies for this module are described as follows:
Definitive UNISTATS Category | Indicative Description | Hours |
---|---|---|
Scheduled learning and teaching | 75 x short (20-minute) participatory lectures 25 x three-hour laboratories | 100 |
Guided independent study | Independent and directed reading. Online learning materials and study notes. | 200 |
Total (number of credits x 10) | 300 |
To help students on this module achieve their full potential, formative assessment opportunities will be provided as appropriate throughout the module. Examples of formative assessments include worked exercises which emulate aspects of the major assessment and lab work. Feedback on coursework represents an additional opportunity for formative learning and will be given in writing and/or verbally. Formative feedback will be provided in various forms (eg. one-to-one short feedback sessions or group feedback). Formative feedback is designed to inform student preparation for summative assessments which may be within the same module or feed forward across the degree programme. The summative assessment for this module is 70% coursework, which typically consists of mobile forensics coursework (including case studies); and live and network forensic coursework (including case studies). Coursework will typically include demonstrable artefacts. The remaining 20% is allocated to a time limited practical exam, in which students undertake forensic investigations in the context of a given scenario, and then answer a series of questions based to their analysis and interpretations.
Learning Outcome | Assessment Strategy |
---|---|
1) Demonstrate knowledge and practical competence of using forensic tools and techniques to acquire, preserve and document live and network digital evidence. | Mobile forensic coursework. |
2) Demonstrate knowledge and practical competence of using forensic tools and techniques to acquire, preserve and document mobile digital evidence. | Live and network forensics coursework |
3) Analyse and interpret live, network and mobile digital evidence. | Practical exam |
Description of Assessment | Definitive UNISTATS Categories | Percentage |
---|---|---|
Mobile forensic coursework | Coursework | 35% |
Live and network forensics coursework | Coursework | 35% |
Practical exam | Practical exam | 30% |
Total (to equal 100%) | 100% |
It IS NOT a requirement that any element of assessment is passed separately in order to achieve an overall pass for the module.
Messier, R (2017). "Network Forensics", John Wiley & Sons
Reiber, L (2016). "Mobile Forensic Investigations: A Guide to Evidence Collection, Analysis, and Presentation", McGraw-Hill Education
Afonin, O et.al. (2016). "Mobile Forensics - Advanced Investigative Strategies". Packt Publishing.
Buchanan, W. J (2011). "Introduction to Security and Network Forensics", Taylor and Francis
Anson, S (2007). "Mastering Windows Network Forensics and Investigation". Sybex.
Mahalik, H et.al. (2016). "Practical Mobile Forensics". Packt Publishing.
Davisdoff, S (2012). "Network Forensics: Tracking Hackers Through Cyberspace". Prentice Hall
Lillard, T.V (2010). "Digital Forensics for Network, Internet, and Cloud Computing: A Forensic Evidence Guide for Moving Targets and Data". Syngress