Module Descriptors
ADVANCED CYBERCRIME FORENSICS ANALYSIS
COCS70382
Key Facts
Faculty of Computing, Engineering and Sciences
Level 7
15 credits
Contact
Leader: Hatem Tammam
Email: H.Tammam@staffs.ac.uk
Hours of Study
Scheduled Learning and Teaching Activities: 36
Independent Study Hours: 114
Total Learning Hours: 150
Assessment
- COURSEWORK weighted at 100%
Module Details
Module Special Admissions Requirements
Prior study of CE01229-7 Cybercrime Forensic Analysis or equivalent
Module Resources
Access to the Digital Forensic Lab
Forensic Analysis tools suchs as EnCase and FTK
Access to Digital Forensic hardware (fastblock write blocking kits)
Forensic Analysis tools suchs as EnCase and FTK
Access to Digital Forensic hardware (fastblock write blocking kits)
Module Indicative Content
Performing incident response and preparing the suspect devise for examination
Implementing quality assurance related to evidence handling
Evaluation of computer system
Identifying encryption and data obfuscation
Performing hash analysis
Rebuilding the registry from restore points
Accessing and examining entries in the registry using forensic tools such as EnCase
Examination of Mobile Phone devices, Smart devices such as IPads and Satellite Navigation systems
Implementing quality assurance related to evidence handling
Evaluation of computer system
Identifying encryption and data obfuscation
Performing hash analysis
Rebuilding the registry from restore points
Accessing and examining entries in the registry using forensic tools such as EnCase
Examination of Mobile Phone devices, Smart devices such as IPads and Satellite Navigation systems
Module Texts
Nelson B, A. Phillips, et. al, Guide to Computer Forensics and Investigations, 2010, Thompson, ISBN: 1435498836
Sammes T, B. Jenkinson, Forensic Computing: A Practitioners Guide, Second Edition 2010, Springer-Verlag, ISBN: 184996596X
Carvey, H, Windows Forensic Analysis DVD Toolkit 2nd Edition, Syngress, 2010 ISBN: 9781597494229
Good Practice Guide for Computer based evidence, version 7, Association of Chief Police Officers (ACPO) of England, Wales and Northern Ireland
Sammes T, B. Jenkinson, Forensic Computing: A Practitioners Guide, Second Edition 2010, Springer-Verlag, ISBN: 184996596X
Carvey, H, Windows Forensic Analysis DVD Toolkit 2nd Edition, Syngress, 2010 ISBN: 9781597494229
Good Practice Guide for Computer based evidence, version 7, Association of Chief Police Officers (ACPO) of England, Wales and Northern Ireland
Module Additional Assessment Details
Coursework weighted at 100%. Learning outcomes 1-3.
Practical based assignment (3000 words)
Assignment will be an investigation scenario where students are required to find incriminating evidence on a digital system using analysis methods and techniques.
Practical based assignment (3000 words)
Assignment will be an investigation scenario where students are required to find incriminating evidence on a digital system using analysis methods and techniques.
Module Learning Strategies
Practical based scenarios and tutorials will be used to re-enforce and apply theory to encourage an analytical problem based approach to forensic investigation. 1 lecture and 2 practical per week, which could be combined in a 3 hour session.
(1:n)1 (1,20)2
(1:n)1 (1,20)2