The module will cover the following topics:


Introduction to Digital Forensics/The Scope of Computer Forensics

Digital Forensic based standards

Windows Operating and File Systems

Incidence response

Acquiring Evidence in a Computer Forensics Lab

Wider legal, social, ethical and related professional issues in forensic computing

Team based management, roles and processes in Digital Forensics

Online Investigations

Documenting the Investigation

Following models and requirements in the forensic investigation process

Admissibility of Digital Evidence

Sources of seminal digital forensic research

Utilise appropriate elements of mathematics in forensic investigation aspects

Appreciation of environmental and societal forensic investigation issues

Network Forensics

Mobile Forensics

Photograph Forensics

Video Forensics

Vehicle Forensics

Mac Forensics

EnCase, FTK Imager, Autopsy, XRY, Wireshark, as well as standard literary requirements.

Written Report – This will assess students understanding of the science of the digital forensics, methodologies, tools, techniques, and standards used in forensic investigations. As a forensic investigator, students will need to conduct a digital forensic investigation in the course of a criminal investigation of a given offence. They will be required to obtain and present any located evidence suggesting criminality, or any information of note e.g. account names, passwords, images, and files etc. (Learning Outcomes 1 to 3).

Examination - The examination will test the students knowledge of forensic practices, policies, procedures and legal requirements (Learning Outcome 4).

All teaching sessions will blend theory and practical learning. Students will be introduced to curriculum concepts and ideas and will then be able to apply theory to practical examples within the same sessions. In addition, students will be provided with a range of resources for independent study such as case studies, academic papers and industry stories. There will be a mixture of practical and theoretical formative (mock or practice) exercises which will help students build knowledge and confidence in preparation for summative (formal) assessment.

1. Discuss critically forensic computing concepts, guidelines, procedures, techniques and components in relation to a typical computer system.

Analysis,

Application,

Knowledge & Understanding


2. Critically document the locations of forensically significant data and the means to recover this information using a variety of advanced industrial standard techniques.

Analysis,

Application,

Problem Solving


3. Conduct a practical forensic investigation of a digital evidence source, utilising digital forensic guidelines to collect and present digital evidence, working within a team based context.

Knowledge & Understanding,

Learning,

Reflection,

Application


4. Understand and explain the legal requirements of a forensic examination to ensure that findings of examinations are admissible in court.

Application,

Knowledge & Understanding,

Reflection,

Learning

All texts and electronic resources will be updated and refreshed on an annual basis and available for students via the online Study Links resource platform. All reference materials will be collated and curated and aligned to Equality, Diversity & Inclusion indicators.


Madsen, T. (2022), Security Architecture – How & Why (River Publishers Series in Security and Digital Forensics), River Publishers; 1st edition

Holt, T, J et. al. (2022), Cybercrime and Digital Forensics: An Introduction, Routledge; 3rd edition

Johansen, G, (2022), Digital Forensics and Incident Response: Incident response tools and techniques for effective cyber threat response, 3rd Edition, Packt Publishing; 3rd edition

Oettinger, G. (2022), Learn Computer Forensics: Your one-stop guide to searching, analyzing, acquiring, and securing digital evidence, 2nd Edition, Packt Publishing; 2nd edition

Mullins, M. (2022), Cyber Security Awareness: Employee Handbook, Kindle Edition

Anderson, R. (2021), Security Engineering: A Guide to Building Dependable Distributed Systems, 3rd Edition, Wiley, 3rd Edition

Kävrestad, J. (2020) Fundamentals of Digital Forensics. Springer International Publishing.

Le-Khac, N. A., & Choo, K. K. R. (2020) Cyber and Digital Forensic Investigations. Springer International Publishing.

Casey, E. (2019) Handbook of digital forensics and investigation. Academic Press.

Sheward, M., (2018). Hands-on incident response and digital forensics. BCS Publishing

Hayes, D. R. (2020) A Practical Guide to Computer Forensics Investigations. Pearson Education.


IEEE Transactions on Information Forensics and Security

IEEE Security & Privacy

ScienceDirect - Forensic Science International: Digital Investigation

Wireshark

FTK Imager

EnCase

Autopsy

XRY

Machines and Devices for seizing and imaging

A digital forensic investigation is a special case of investigation where the procedures and techniques (and their use) that are used to gain evidence from target digital devices are critical in order that findings can be presented in a Court of Law. The analysis of digital evidence is a very structured and formal process. This module will allow learners to develop knowledge and understanding of digital forensics, focusing on different platforms (computers, mobile phones, smartphones, and vehicles). A key objective of this module is to introduce the principles of digital forensic investigation.