None

Access to software emulators and open source tools

Diognes, Y, and Ozkaya, E. (2018) Cybersecurity - Attack and Defense Strategies: Infrastructure security with Red Team and Blue Team tactics, PACKT Publishing, ISBN: 1788475291.

Nelson, B. and Steuart, C. (2015) Guide to Computer Forensics and Investigations, 5th Edition, Course Technology Publishers, ISBN: 1285060032.

Anson, S., Bunting. S., Johnson, R., Pearson, S. (2012) Mastering Windows Network Forensics and Investigation, 2nd Edition, Sybex, ISBN: 1118163826.

Ligh, M., Case, A., Levy, J., and Walters A., (2014) The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory, Wiley, ISBN: 1118825098.

As a distance learning module, there will not be a traditional lecture every week. The main learning environment that will be used is our Virtual Learning Environment (VLE). Students will work through the module material provided on the VLE at a pace suggested by the instructors. The Instructors will monitor student progress, providing their expertise where necessary for assisting in solving problems. Students will be encouraged to discuss relevant aspects within discussion forums that are part of the VLE. The forums will allow discussion with a student's peer group as well as the module tutor.

An ASSIGNMENT weighted at 100%.
A practical based assignment of 3000 words.

As part of the practical elements of the assignment, there will be an investigation scenario where students are required to find incriminating evidence on a digital system using industry approved and open source tools. Findings will be written up in an evaluative report.
(Learning Outcomes 1 to 4).

This module covers the main aspects and concepts of digital devices and the significance of implementing forensic techniques to collect digital artefacts from individual and networked computer systems.
In particular it will address :
- Performing incident response and preparing the suspect device for examination
- Implementing quality assurance related to evidence handling
- Cyber warfare and its implication and impact on society, critical infrastructure and policies
- Evaluation of cybercrime within modern society
- Analysis of modern applications and social networks

1. DEVELOP CRITICAL AWARENESS OF COMPOUND FILE STRUCTURES, WHILST CRITICALLY EVALUATING METHODS OF EVIDENCE HANDLING (WHERE DIGITAL EVIDENCE COULD BE OVERLOOKED OR MISINTERPRETED).
Problem Solving
Analysis

2. CRITICALLY ANALYSE CYBER WARFARE AND EMERGENT THREATS AND EVALATE IMPLICATIONS, IMPACTS AND INFLUENCES OF CYBER ATTACKS ON CYBER INFRUSTRUCTURE AND SECURITY POLICIEIS AND PROCEDURES.
Application

3. CRITICALLY ANALYSE AND EVALUATE RECOVERED DIGITAL EVIDENCE TO DETERMINE A HISTORY OF EVENTS LEADING UP TO THE EVIDENCE BEING CREATED.
Application

4. DEMONSTRATE A SYSTEMATIC LEVEL OF KNOWLEDGE IN USING DIGITAL ANALYSIS TOOLS AND TECHNIQUES AND ASSOCIATED SCIENTIFIC RISKS (WITH PROPER USE OF ACPO GUIDELINES TO MAINTAIN A CHAIN OF CUSTODY AND THUS HANDLING DIGITAL EVIDENCE EFFICIENTLY).
Communication

This module covers the main aspects of cybercrimes and, the risks and impacts of cyber warfare to modern society, e-services and critical infrastructure. Furthermore, digital forensic tools and methodologies in investigations are discussed to give you an understanding of the effectiveness of different tools on identifying, analysis and presenting of digital evidence and different artefacts from cybercrimes.