CC6003 - Digital Crime Investigation (2022/23)
|Module specification||Module approved to run in 2022/23|
|Module title||Digital Crime Investigation|
|Module level||Honours (06)|
|Credit rating for module||30|
|School||School of Computing and Digital Media|
|Total study hours||300|
|Running in 2022/23(Please note that module timeslots are subject to change)||No instances running in the year|
Nowadays, digital crimes are far more sophisticated and harder to fight against. It is imperative to explore advanced detective and preventive technology in combating the ever-changing computer crimes. This module provides knowledge of how to detect and prevent digital crimes. In this module, students are also prepared for their career as a professional working in Computer Forensics and IT Security industry. It provides students with practical knowledge and skills needed to succeed in the external exam from the certification of CompTIA Security+.
Prior learning requirements
Successful completion of level 5 or equivalent
• Introduction to digital crime evolution and cyber hacking LO1,LO2,LO3
• The media and techniques involved in information hiding LO2,LO3
• Data recovery and analysis, digital evidence collection and processing LO4,LO5
• Data hiding and detection techniques at physical and operating system level LO3
• Covert Channel Analysis and Data Hiding in TCP/IP LO4,LO6
• Steganography in different types of media such as textual data, images, audio, and streaming media LO3,LO4,LO5
• Steganalytical techniques for selected media types and approaches to traitor tracing LO3,LO4,LO5
• Digital watermarking and media signature, detecting copying LO3,LO5
• Data mining security, associated crime detection, and criminal behaviour LO3,LO5
• Real-time analytical techniques for detecting security events on active systems and networks (eg intrusion detection) LO6
• CompTIA Security+ Study Guide, which includes LO7
Network security LO7
Compliance and operational security LO7
Threats and vulnerabilities LO7
Application, data and host security LO7
Access control and identity management LO7
Balance of independent study and scheduled teaching activity
• A process of personal development planning takes place throughout the course to help students to think about and make sense of what is being learnt and why, plan ahead and relate to what has been learned and their own future.
• Students will be expected and encouraged to produce such as reflective commentaries and graduation statements on the learning activities and tasks that they carry out to complete their work.
• Students are invited to include PDP via learning journals, case books, annotated sketchbooks, and/or blog environment.
On successful completion of the module students will be able to:
LO1. identify and apply major developments in the digital crime investigation field;
LO2. demonstrate an understanding of how advances in digital technology are related to criminal behaviour;
LO3. appreciate the relationships between the advances in digital technology and information hiding technique and their retrieval;
LO4. evaluate and select appropriate tools and techniques for the detection and prevention of digital crime;
LO5. perform a digital forensic analysis using suitable steganalytical methods for different types of media;
LO6. be familiar with the different approaches that can be applied to real-time cyber crime detection;
LO7. be prepared for the CompTIA Security+ certification exam.
Students are assessed by two compulsory assessments [LO1-7] and an optional assessment [LO7] which is organised externally by the CompTIA, a leading provider of vendor-neutral certifications in the world.
The first compulsory assessment [LO1-6] is an assignment based on the successful completion of a series of workshop tasks. It will allow students to demonstrate their awareness of the contexts in the prevention and detection of digital crimes. Students will produce a report (about 1500 words in total) detailing with their findings of an investigation into an area relating to theoretical understanding and explanation of new technology crimes, their detection and prevention, as well as the knowledge and skills necessary for handling digital evidence.
The second compulsory assessment [LO7], 1-hour exam, is designed to assess the practical knowledge and skills needed to succeed in the CompTIA Security+ certification exam, which will provide students with the confidence and competence in the external CompTIA Security+ accreditation exam.
• Robin, B., (2008) Investigating Digital Crime. Wiley
• David L. Prowse (2017) CompTIA Security+ SY0-501 Cert Guide (4th Edition) (Certification Guide), Pearson
• Casey, E. (2010) Digital evidence and computer crime, Third edition: forensic science, computers and the Internet, Academic Press.
• Carrier, B. (2005) File System Forensic Analysis. Addison-Wesley.
• Jones, K.J., Bejtlich, R., and Rose, C.W. (2006) Real Digital Forensics. Addison-Wesley.
• Steve Anson, Steve Bunting, Ryan Johnson, and Scott Pearson, 2012,Mastering Windows Network Forensics and Investigation, SYBEX
• Michael Gregg, Build Your Security LAB a field guide for network testing, 2008, Wiley
• Cox, I.J., Miller, M., and Bloom, J. (2007) Digital Watermarking and Steganography, Morgan Kaufmann Publishers
• International Conference on IT Security Incident Management & IT Forensics, Proceedings/International Conference on IT Security Incident Management & IT Forensics, Los Alamitos, Calif. IEEE Computer Society
• IEEE transactions on information forensics and security, IEEE Signal Processing Society, 2006 Quarterly
• Digital forensics magazine [electronic resource], TR Media, Quarterly, Began with Issue 01 (Nov. 2009)
• Digital investigation, ScienceDirect (Online service), Kidlington & Elsevier, eJournal/eMagazine
Social Media Sources: N/A