APPLIED DIGITAL FORENSICS

SHE Level 4
SCQF Credit Points 20.00
ECTS Credit Points 10.00
Module Code MHI124462
Module Leader Omair Uthmani
School School of Computing, Engineering and Built Environment
Subject Cyber Security and Networks
Trimester
  • B (January start)

Pre-Requisite Knowledge

Ethical Hacking or equivalent Digital Forensics Investigation or equivalent

Summary of Content

The security/forensics landscape continues to evolve. With the increasing prevalence of mobile devices, there is a demand for the skills required to identify the vulnerabilities and recovery potential sources of evidence. This module develops a more advanced level of analysis of digital forensics, focusing specifically on mobile devices. This module strengthens a student's knowledge and deepens understanding and reasoning by introducing them to alternative environments (mobile devices). From an analysis perspective, this module examines the future of digital crime and the forensic response to these threats, together with evolving techniques. Aspects of pertinent ethical and professional issues/requirements of the Digital Forensics practitioner are incorporated throughout the syllabus.

Syllabus

Emerging Digital Technologies - A review of digital technology from a forensic perspective; forensic handling of digital devices and new technologies (i.e., mobile devices and tablets); core forensic methodology as it relates to mobile devices when conducting a manual triage inspection; logical forensic examination, and in-depth forensic analysis of physical memory; overview of memory, data storage and manipulation; dealing with password protection, encryption and removable media. Advanced Data Analysis Methodologies - Conduct analysis of acquired data, live data, log files, database structures and source code; utilise a variety of tools to extract relevant data quickly and effectively from complex technical sources. Mobile Security, Malware & Penetration Testing - Evaluation of mobile device technologies focusing on their potential security flaws. Review the possible threats affecting mobile devices and identify how attacks are performed through these systems. Assessment of mobiles security through penetration testing. Investigate the effect of malware targeted at mobile Operating Systems. Legal & Ethical Issues - Reinforce understanding and application of law, legal and ethical issues related to forensic science.

Learning Outcomes

On successful completion of this module a student should be able to:Demonstrate a critical understanding of the technical concepts, implementations and restrictions of mobile devices.Demonstrate detailed knowledge and understanding of advanced digital forensic examination and analysis techniques of mobile devices through the use of appropriate tools whilst preserving evidential integrity.Consider ethical issues involved and critically evaluate professional requirements of a security and forensic practitioner.

Teaching / Learning Strategy

Learning and teaching will take place through a variety of mechanisms, including lectures and practical sessions, research into current developments and issues, and case studies. This module emphasises an active "hands-on" approach to learning. Case studies will be used formatively in tutorials throughout the module in order to promote the application of knowledge to specific problems and to facilitate discussion. Topics will be introduced in lectures and discussed through guided inquiry learning activities. Key concepts of knowledge and understanding will be re-enforced and consolidated through the critical analysis and discussion of case studies that are designed to explain and elaborate both on lecture and laboratory content. Additionally, directed learning will reinforce essential theory and place understanding into context. Independent study will be encouraged to satisfy the student's own interests. A Virtual Learning Environment (VLE) will also be used that will provide access to a range of relevant learning resources and materials to enhance the teaching strategy. Managed blended learning environments will be used to consider material and provide the capability for reflection on material related to learning outcomes. The subject discipline is continuously developing, evolving and changing and as a result students will be expected to keep up to date with developments through independent research. Students will be encouraged to adopt an independent learning style, acquiring and applying knowledge through their own research and enquiry, supported by a series of guided activities and exercises. Students will be encouraged to share findings of their research through discussions and participation in on-line forums.

Indicative Reading

Casey (2011) Digital Evidence and Computer Crime, Third Edition, ACADEMIC PRESS (0123742684) Androulidakis (2012) Mobile Phone Security and Forensics, SPRINGER (9781461416494) Morrissey (2010) iOS Forensic Analysis for iPhone, iPad & iPod Touch, APRESS (1430233427) Hogg & Strzempka (2011) iPhone and iOS Forensics, SYNGRESS (1597496596) Hogg (2011) Android Forensics, SYNGRESS (9781597496513) In addition to the references above, several online resources (blogs, journals, websites, etc.), which reflect up to date understanding in the field, will be provided to students.

Transferrable Skills

C1 - Logical thinking and problem solving. C2 - Critical analysis. D1 - Communication skills (electronic, written, oral and listening) necessary to make effective presentation of a technical nature (information, ideas, problems and their solutions) to a range of audiences. E2 - Creativity, innovation and independent thinking. E5 _ Entrepreneurial, independence and risk taking E6 - Ability to prioritise tasks and time management (organising and planning work). -709 E7 - Interpersonal skills, the ability to work as a member of a team (work with and relate effectively to others) recognising the different roles within a team and different ways of organising teams (leadership).

Module Structure

Activity Total Hours
Tutorials (FT) 12.00
Independent Learning (FT) 120.00
Practicals (FT) 24.00
Lectures (FT) 24.00
Assessment (FT) 20.00

Assessment Methods

Component Duration Weighting Threshold Description
Exam (Exams Office) 2.00 60.00 35% Unseen written exam
Coursework 1 2.00 40.00 35% Practical based assignment