module specification

CC6003 - Digital Crime Investigation (2017/18)

Module specification Module approved to run in 2017/18
Module title Digital Crime Investigation
Module level Honours (06)
Credit rating for module 30
School School of Computing and Digital Media
Total study hours 300
219 hours Guided independent study
81 hours Scheduled learning & teaching activities
Assessment components
Type Weighting Qualifying mark Description
Coursework 50%   CW (1500 words) - online submission
Unseen Examination 50%   1-hour exam, designed for CompTIA Security+ certification
Running in 2017/18
Period Campus Day Time Module Leader
Year North Monday Morning

Module summary

Nowadays, digital crimes are far more sophisticated and harder to fight against. It is imperative to explore advanced detective and preventive technology in combating the ever-changing computer crimes. This module provides knowledge of how to detect and prevent digital crimes. In this module, students are also prepared for their career as a professional working in Computer Forensics and IT Security industry. It provides students with practical knowledge and skills needed to succeed in the certification of CompTIA Security+.

Module aims

This module aims to provide students with the foundations and theoretical underpinnings for an understanding of the increasing complexity of digital crimes and their prevention and detection in the 21st century. It has been designed in conjunction with other BSc modules to:

  • help students address relationships between the advances in digital technology and information hiding technique and their retrieval;
  • identify appropriate methods for the collection and analysis of digital evidence;
  • evaluate various approaches to revealing hidden digital data.

This module also prepares students for the CompTIA Security+ certification exam, which is a certification-for-life for students in the highly competitive IT market place.


• Introduction to digital crime evolution and cyber hacking
• The media and techniques involved in information hiding
• Data recovery and analysis, digital evidence collection and processing
• Data hiding and detection techniques at physical and operating system level
• Covert Channel Analysis and Data Hiding in TCP/IP
• Steganography in different types of media such as textual data, images, audio, and streaming media
• Steganalytical techniques for selected media types and approaches to traitor tracing
• Digital watermarking and media signature, detecting copying
• Data mining security, associated crime detection, and criminal behaviour
• Real-time analytical techniques for detecting security events on active systems and networks (eg intrusion detection)
• CompTIA Security+ Study Guide, which includes

  • Network security
  • Compliance and operational security
  • Threats and vulnerabilities
  • Application, data and host security
  • Access control and identity management
  • Cryptography

Learning and teaching

Students will develop theoretical understanding and practically skills based on weekly lectures, tutorials and supervised workshops.  The workshops, in particular, are provided to support students in gaining practical experience in the detection and prevention of digital crimes.

Appropriate blended learning approaches and technologies, such as, the University’s VLE and the tools used in steganalytical techniques and digital watermarking, will be used to facilitate and support student learning, in particular, to:

  • deliver content;
  • encourage active learning;
  • provide formative and summative assessments, and prompt feedback; 
  • enhance student engagement and learning experience.

Students will be expected and encouraged to produce reflective commentaries on the learning activities and tasks that they carry out to complete their work.

Learning outcomes

On successful completion of the module students will be able to:

LO1 identify and apply major developments in the digital crime investigation field
LO2 demonstrate an understanding of how advances in digital technology are related to criminal behaviour;
LO3 appreciate the relationships between the advances in digital technology and information hiding technique and their retrieval;
LO4 evaluate and select appropriate tools and techniques for the detection and prevention of digital crime;
LO5 perform a digital forensic analysis using suitable steganalytical methods for different types of media;
LO6 be familiar with the different approaches that can be applied to real-time cyber crime detection;
LO7 be prepared for the CompTIA Security+ certification exam


Assessment strategy

Students are assessed by two compulsory assessments [LO1-7]

The first compulsory assessment [LO1-6] is an assignment based on the successful completion of a series of workshop tasks. It will allow students to demonstrate their awareness of the contexts in the prevention and detection of digital crimes. Students will produce a report (about 1500 words in total) detailing with their findings of an investigation into an area relating to theoretical understanding and explanation of new technology crimes, their detection and prevention, as well as the knowledge and skills necessary for handling digital evidence.

The second compulsory assessment [LO7], 1-hour exam, is designed to assess the practical knowledge and skills needed to succeed in the CompTIA Security+ certification.


The main learning resource is the complex of lecture notes, tutorial questions, workshop tasks, supporting software packages, and other teaching materials available as a Web site accessed through university’s Web site.

Main Reference:

  • Beebe, N., and Clark, J. (2006) Dealing with Terabyte Data Sets in Digital Investigations, Springer Boston, ISSN 1571-5736.
  • Carrier, B. (2005) File System Forensic Analysis. Addison-Wesley.
  • Casey, E. (2010) Digital evidence and computer crime, Third edition: forensic science, computers and the Internet, Academic Press.
  • Cox, I.J., Miller, M., and Bloom, J. (2007) Digital Watermarking and Steganography, Morgan Kaufmann Publishers.
  • Jones, K.J., Bejtlich, R., and Rose, C.W. (2006) Real Digital Forensics. Addison-Wesley.
  • Prosise, C., and Mandia, K. (2003) Incident Response and Computer Forensics, 2 ed. Osborne McGraw-Hill.
  • Robin, B., (2008) Investigating Digital Crime. Wiley
  • Volonino, L., Anzaldua, R., and Godwin, J. (2007) Computer Forensics: Principles and Practices, Pearson Pretice hall, ISBN 0-13-154727-5.
  • Mike Pastore and Emmett Dulaney (2006) CompTIA Security+TM  Study Guide, Wiley