Description
This module examines the technology and techniques used to investigate cybercrime. A methodology for investigation is presented. Approaches to planning and implementing a comprehensive computer forensic investigation are introduced with a particular focus on evidence collection and the reconstruction of events therefrom.
Aims
The aim of this Module is to provide the student with the ability to carry out and critically evaluate computer forensic investigations and appraise forensic software with a view to develop appropriate investigation strategies in the light of emerging digital technologies.
Learning Outcomes
By the end of this module the student should be able to:
1. Critically appraise a request for computer forensic investigation with respect to the legal definitions of computer misuse.
2. Devise an appropriate professional level plan for a forensic investigation and carry out this plan within a context of a specific scenario.
3. Critically analyse and evaluate the results of a computer forensic investigation.
Indicative Content
1 Computer Crime
Types of computer crime; legislation concerning computer crime.
2 File Systems as a source of forensic evidence
Structure of NTFS, FAT, FAT32, and Linux file systems.
3 Data Acquisition
Procedures for acquiring disk images; collection of evidence from crime scenes, integrity of evidence, write blockers
4 Computer Forensics Tools
Command line tools; Linux tools; Windows tools; Tool Development
5 Computer Forensic Analysis
Digital forensic toolkits; data hiding techniques; anti-forensics
6 Email and Browser Evidence
Identifying email and browser-derived evidence; examining email headers; using specialist email forensic tools; examining browser histories and cookies.
7 Working with MS-Windows Systems
File system; investigation of the Registry; recovering deleted files; working with forensic boot disks.
8 Database Forensics
Investigating embedded databases
9 Investigating Social Media
Visualising links
10 Cloud forensics
Cloud forensics
Teaching and Learning Work Loads
| Teaching and Learning Method | Hours |
| Lecture | 12 |
| Tutorial/Seminar | 0 |
| Practical Activity | 39 |
| Assessment | 60 |
| Independent | 89 |
| Total | 200 |
Guidance notes
SCQF Level - The Scottish Credit and Qualifications Framework provides an indication of the complexity of award qualifications and associated learning and operates on an ascending numeric scale from Levels 1-12 with SCQF Level 10 equating to a Scottish undergraduate Honours degree.
Credit Value – The total value of SCQF credits for the module. 20 credits are the equivalent of 10 ECTS credits. A full-time student should normally register for 60 SCQF credits per semester.
Disclaimer
We make every effort to ensure that the information on our website is accurate but it is possible that some changes may occur prior to the academic year of entry. The modules listed in this catalogue are offered subject to availability during academic year 2021/22 , and may be subject to change for future years.
