NONE

Access to a Digital Forensic Lab
Computer case containing Digital storage
Digital Forensics Software (e.g. EnCase, FTK, and Open Source Tools)

This module covers the main aspects and concepts of digital devices and the significance of implementing forensic techniques to collect digital artefacts from individual and networked computer systems.
In particular it will address :
- Performing incident response and preparing the suspect device for examination
- Implementing quality assurance related to evidence handling
- Cyber warfare and its implication and impact on society, critical infrastructure and policies
- Evaluation of cybercrime within modern society
- Analysis of modern applications and social networks

1. DEVELOP CRITICAL AWARENESS OF COMPOUND FILE STRUCTURES, WHILST CRITICALLY EVALUATING METHODS OF EVIDENCE HANDLING (WHERE DIGITAL EVIDENCE COULD BE OVERLOOKED OR MISINTERPRETED).
Problem Solving
Analysis

2. CRITICALLY ANALYSE CYBER WARFARE AND EMERGENT THREATS AND EVALATE IMPLICATIONS, IMPACTS AND INFLUENCES OF CYBER ATTACKS ON CYBER INFRUSTRUCTURE AND SECURITY POLICIEIS AND PROCEDURES.
Application

3. CRITICALLY ANALYSE AND EVALUATE RECOVERED DIGITAL EVIDENCE TO DETERMINE A HISTORY OF EVENTS LEADING UP TO THE EVIDENCE BEING CREATED.
Application

4. DEMONSTRATE A SYSTEMATIC LEVEL OF KNOWLEDGE IN USING DIGITAL ANALYSIS TOOLS AND TECHNIQUES AND ASSOCIATED SCIENTIFIC RISKS (WITH PROPER USE OF ACPO GUIDELINES TO MAINTAIN A CHAIN OF CUSTODY AND THUS HANDLING DIGITAL EVIDENCE EFFICIENTLY).
Communication

Diognes, Y, and Ozkaya, E. (2018) Cybersecurity - Attack and Defense Strategies: Infrastructure security with Red Team and Blue Team tactics, PACKT Publishing, ISBN: 1788475291.
Nelson, B. and Steuart, C. (2015) Guide to Computer Forensics and Investigations, 5th Edition, Course Technology Publishers, ISBN: 1285060032.
Data Protection Act 2018 and GDPR 2018 ISO/IEC/IEEE 29148:2011
Good Practice Guide for Computer based evidence, Association of Chief Police Officers (ACPO) of England, Wales and Northern Ireland
ISO 8000-8:2015 Data quality -- Part 8: Information and data quality: Concepts and measuring
Johansen, G. (2017) Digital Forensics and Incident Response, Packt Publishing, ISBN13: 978-1787288683
Ligh, M. (2014) The art of memory forensics, Indianapolis, Ind.: Wiley. ISBN: 184996596
Nelson, B., Phillips, A. and Steuart, C. (2013) Guide to computer forensics and investigations, Boston: Course Technology, ISBN: 1435498836
Nikkel, B. (2016) Practical Forensic Imaging: Securing Digital Evidence with Linux Tools, No Starch Press, ISBN-13: 978-1-59327-793-2
Sammes, A. and Jenkinson, B. (2010) Forensic computing: A Practitioners Guide, 2nd edn. London: Springer, ISBN: 184996596

Practical based scenarios and tutorials will be used to re-enforce and apply theory to encourage an analytical problem based approach to forensic investigation.
Teaching delivery will consist of 13 hours of lectures and 26 hours practical/tutorial sessions.

A project report of 3,000 words weighted at 100%. (Learning Outcomes 1-4).

As part of the practical elements of the assignment, there will be an investigation scenario where students are required to find incriminating evidence on a digital system using industry approved and open source tools. Findings will be written up in an evaluative report.

This module covers the main aspects of cybercrimes and, the risks and impacts of cyber warfare to modern society, e-services and critical infrastructure. Furthermore, digital forensic tools and methodologies in investigations are discussed to give you an understanding of the effectiveness of different tools on identifying, analysis and presenting of digital evidence and different artefacts from cybercrimes.