CS459 - Digital Forensics
| TIMETABLE | TEACHING MATERIAL |
| Credits | 20 |
| Level | 4 |
| Semester | Term 2 |
| Availability | Available as an optional class to participants taking UG Graduate and Degree Apprenticeship programmes, e.g. BSc Hons IT: Software Development, and BSc Hons Digital and Technology Solutions. |
| Prerequisites | CS354 Computer Networks or CS323 Computer Networks. |
| Learning Activities Breakdown | 12 tutorials, online study and preparation for the coursework assignment and class test. |
| Assessment | The class will be assessed 40% via an individual coursework assignment and 60% via a class test. |
| Lecturer | Jeff Yan |
Aims and Objectives
The aim of the class is to enable participants to understand issues associated with the nature of cybercrime, digital evidence, detection methods and proof, in a variety of digital forensic contexts, including computers, networks and portable digital devices.
Learning Outcomes
After completing this class participants will be able to:
- Understand the varieties and impact of cybercrime.
- Understand how to undertake digital forensic examinations, where evidence is collected to support or oppose a hypothesis.
- Understand the role of the file system in detecting and mapping user activity.
- Understand network-based detection techniques.
- Understand the nature of anti-forensics.
Syllabus
Indicative topics
- Context, Legal and Practical Considerations
- Cybercrime; Forensic process; Legal process and law enforcement; ACPO guidelines; Digital evidence; Incident response
- Computer Forensics
- File Systems (File system organisation, Memory, Registry, System logs); Disk imaging; Programs and their traces; Searching and analysis; Investigative tools (Open Source and Proprietary)
- Network Forensics
- Intrusion detection; Attack trace-back; Packet inspection; Log analysis
- Anti-Forensics and Hostile Code
- Other topics
- Mobile devices, Virtual forensics
Recommended Reading
This list is indicative only – the class lecturer may recommend alternative reading material. Please do not purchase any of the reading material listed below until you have confirmed with the class lecturer that it will be used for this class.
Digital Forensics and Incident Response: Incident Response Techniques and Procedures to Respond to Modern Cyber Threats, 2nd Edition, Johansen, Gerard, 2020, ISBN: 9781838649005, Packt Publishing, Limited
Last updated: 2022-12-15 15:08:42