CC6003 - Digital Crime Investigation (2017/18)
|Module specification||Module approved to run in 2017/18|
|Module title||Digital Crime Investigation|
|Module level||Honours (06)|
|Credit rating for module||30|
|School||School of Computing and Digital Media|
|Total study hours||300|
|Running in 2017/18||
Nowadays, digital crimes are far more sophisticated and harder to fight against. It is imperative to explore advanced detective and preventive technology in combating the ever-changing computer crimes. This module provides knowledge of how to detect and prevent digital crimes. In this module, students are also prepared for their career as a professional working in Computer Forensics and IT Security industry. It provides students with practical knowledge and skills needed to succeed in the certification of CompTIA Security+.
This module aims to provide students with the foundations and theoretical underpinnings for an understanding of the increasing complexity of digital crimes and their prevention and detection in the 21st century. It has been designed in conjunction with other BSc modules to:
- help students address relationships between the advances in digital technology and information hiding technique and their retrieval;
- identify appropriate methods for the collection and analysis of digital evidence;
- evaluate various approaches to revealing hidden digital data.
This module also prepares students for the CompTIA Security+ certification exam, which is a certification-for-life for students in the highly competitive IT market place.
• Introduction to digital crime evolution and cyber hacking
• The media and techniques involved in information hiding
• Data recovery and analysis, digital evidence collection and processing
• Data hiding and detection techniques at physical and operating system level
• Covert Channel Analysis and Data Hiding in TCP/IP
• Steganography in different types of media such as textual data, images, audio, and streaming media
• Steganalytical techniques for selected media types and approaches to traitor tracing
• Digital watermarking and media signature, detecting copying
• Data mining security, associated crime detection, and criminal behaviour
• Real-time analytical techniques for detecting security events on active systems and networks (eg intrusion detection)
• CompTIA Security+ Study Guide, which includes
- Network security
- Compliance and operational security
- Threats and vulnerabilities
- Application, data and host security
- Access control and identity management
Learning and teaching
Students will develop theoretical understanding and practically skills based on weekly lectures, tutorials and supervised workshops. The workshops, in particular, are provided to support students in gaining practical experience in the detection and prevention of digital crimes.
Appropriate blended learning approaches and technologies, such as, the University’s VLE and the tools used in steganalytical techniques and digital watermarking, will be used to facilitate and support student learning, in particular, to:
- deliver content;
- encourage active learning;
- provide formative and summative assessments, and prompt feedback;
- enhance student engagement and learning experience.
Students will be expected and encouraged to produce reflective commentaries on the learning activities and tasks that they carry out to complete their work.
On successful completion of the module students will be able to:
|LO1||identify and apply major developments in the digital crime investigation field|
|LO2||demonstrate an understanding of how advances in digital technology are related to criminal behaviour;|
|LO3||appreciate the relationships between the advances in digital technology and information hiding technique and their retrieval;|
|LO4||evaluate and select appropriate tools and techniques for the detection and prevention of digital crime;|
|LO5||perform a digital forensic analysis using suitable steganalytical methods for different types of media;|
|LO6||be familiar with the different approaches that can be applied to real-time cyber crime detection;|
|LO7||be prepared for the CompTIA Security+ certification exam|
Students are assessed by two compulsory assessments [LO1-7]
The first compulsory assessment [LO1-6] is an assignment based on the successful completion of a series of workshop tasks. It will allow students to demonstrate their awareness of the contexts in the prevention and detection of digital crimes. Students will produce a report (about 1500 words in total) detailing with their findings of an investigation into an area relating to theoretical understanding and explanation of new technology crimes, their detection and prevention, as well as the knowledge and skills necessary for handling digital evidence.
The second compulsory assessment [LO7], 1-hour exam, is designed to assess the practical knowledge and skills needed to succeed in the CompTIA Security+ certification.
The main learning resource is the complex of lecture notes, tutorial questions, workshop tasks, supporting software packages, and other teaching materials available as a Web site accessed through university’s Web site.
- Beebe, N., and Clark, J. (2006) Dealing with Terabyte Data Sets in Digital Investigations, Springer Boston, ISSN 1571-5736.
- Carrier, B. (2005) File System Forensic Analysis. Addison-Wesley.
- Casey, E. (2010) Digital evidence and computer crime, Third edition: forensic science, computers and the Internet, Academic Press.
- Cox, I.J., Miller, M., and Bloom, J. (2007) Digital Watermarking and Steganography, Morgan Kaufmann Publishers.
- Jones, K.J., Bejtlich, R., and Rose, C.W. (2006) Real Digital Forensics. Addison-Wesley.
- Prosise, C., and Mandia, K. (2003) Incident Response and Computer Forensics, 2 ed. Osborne McGraw-Hill.
- Robin, B., (2008) Investigating Digital Crime. Wiley
- Volonino, L., Anzaldua, R., and Godwin, J. (2007) Computer Forensics: Principles and Practices, Pearson Pretice hall, ISBN 0-13-154727-5.
- Mike Pastore and Emmett Dulaney (2006) CompTIA Security+TM Study Guide, Wiley