MN624 - Digital Forensics

Credit Points: 20 credit points

Workload: 60 hours

Prerequisite: MN623 Cyber Security and Analytics

Co-requisite: N/A

Aims & Objectives

This is a core unit out of a total of 12 units in the Master of Networking (MNet). This unit addresses the MNet course learning outcomes and complements other courses in a related field by developing students’ specialised knowledge of forensic analysis of a digital storage device, discovery and intrusion investigation on data theft, also called data exfiltration. For further course information, refer to: 
http://www.mit.edu.au/study-with-us/programs/master-networking
This unit is part of the AQF level 9 MNet course.

Students will be able to develop an in-depth understanding of digital forensics principles as well as the tools and configurations available for the same. Students will also be able to perform ethical hacking and vulnerability testing on enterprise systems with demonstrated knowledge of network vulnerabilities and security protocols.

This unit will cover the following topics:

  • Security threats facing modern network infrastructures
  • Implementation of forensic analysis on network devices
  • Administration of effective security policies in social media
  • Penetration and intrusion testing (red teaming)
  • Collection of forensics materials for specialist analysis
  • Legal, ethical, and professional issues in information security
  • Information security architecture planning and governance

Learning Outcomes

4.1 Course Learning Outcomes
The Course learning outcomes applicable to this unit are listed on the Melbourne Institute of Technology’s website: www.mit.edu.au 

4.2 Unit Learning Outcomes
At the completion of this unit students should be able to:
a. Apply socio-technical contexts in analysing the digital forensic evidences 
b. Record, administer and document digital forensics in social media 
c. Investigate the nature and extent of a network intrusion
d. Demonstrate competence in applying industry-standard forensic analysis techniques
e. Implement forensically sound digital security practices in industry within the limits of relevant governance policies, laws and standards
 

Weekly Topics

This unit will cover the content below:

Week Topics
1 Socio-technical aspects of digital forensics
2 Assessing and Processing Crime and Incident Scenes
3 Digital Forensics Analysis and Validation
4 Virtual Machine Forensics, Live Acquisitions
5 Email, Social Media, Vulnerabilities in Web applications
6 Mobile Device Forensics and the Internet of Anything
7 Cloud Forensics
8 Vulnerabilities in Network Devices
9 System documentation, Expert Testimony in Investigations
10 Ethics for the Digital Forensic Examiner and Expert Witness
11 Information Security Planning and Governance
12 Review

Assessment

Assessment Task Due Date Release Date A B Learning Outcomes Assessed
Formative Assignment 1 Week 3 (10/4/2022) Week 1 5%   a
In-class test (On Campus, Face to Face) Week 7 (3/5/2022)     10% a-b
Assignment 2 Group Week 11 (1/6/2022) Week 6 25%   c-e
Class participation & contribution Week 2-11(7/6/2022) Week 2-11 10%   a-e
Final Examination (3 hours)       50% a-e
TOTALS     40% 60%  

Task Type: Type A: unsupervised, Type B: supervised.

Class Participation and Contribution
This unit has class participation and student contribution as an assessment. The assessment task and marking rubric will follow the Guidelines on Assessing Class Participation (https://www.mit.edu.au/about-us/governance/institute-rules-policies-and-plans/policies-procedures-and-guidelines/Guidelines_on_Assessing_Class_Participation). Further details will be provided in the assessment specification on the type of assessment tasks and the marking rubrics.

Textbook and Reference Materials

Textbook: 

  • B. Nelson, A. Phillips, C. Steuart, Guide to Computer Forensics and Investigations, Cengage Learning, 5th Ed., 2018

References:

  • C. Chio,‎ D. Freeman, Machine Learning and Security: Protecting Systems with Data and Algorithms, O’Reilly Media Inc., 1st Ed., 2018.
  • M. E. Whitman, H. J. Mattord, Principles of Information Security, Cengage, 6th Ed., 2018
  • A. Basta, N. Basta, M. Brown, Computer Security and Penetration Testing, Cengage, 2nd Ed., 2014
  • J. M. Kizza, Computer Network Security and Cyber Ethics, 4th ed., McFarland, 2014 
  • M. Manjikian, Cybersecurity Ethics: An Introduction, Routledge, Oxon, 2018
  • C. Easttom, System Forensics, Investigation, and Response Cengage learning, 2017
  • M. Manjikian, Cybersecurity Ethics: An Introduction, Routledge, Oxon, 2018

Internet references:
https://www.afp.gov.au/what-we-do/crime-types/cybercrime/digital-forensics (accessed on 8/5/18)

Journals:

  • Computer Forensics
  • Digital Forensics, Security and Law. Journal
  • IEEE Transactions on Information Forensics and Security
  • Information Security Journal: a Global Perspective
  • International Journal of Electronic Security and Digital Forensics
  • International Journal of Security and Networks

Adopted Reference Style: IEEE

Graduate Attributes

MIT is committed to ensure the course is current, practical and relevant so that graduates are “work ready” and equipped for life-long learning. In order to accomplish this, the MIT Graduate Attributes identify the required knowledge, skills and attributes that prepare students for the industry.
The level to which Graduate Attributes covered in this unit are as follows:

Ability to communicate Independent and Lifelong Learning Ethics Analytical and Problem Solving Cultural and Global Awareness Team work Specialist knowledge of a field of study

Legend

Levels of attainment Extent covered
The attribute is covered by theory and practice, and addressed by assessed activities in which the students always play an active role, e.g. workshops, lab submissions, assignments, demonstrations, tests, examinations.
The attribute is covered by theory or practice, and addressed by assessed activities in which the students mostly play an active role, e.g. discussions, reading, intepreting documents, tests, examinations.
The attribute is discussed in theory or practice; it is addressed by assessed activities in which the students may play an active role, e.g. lectures and discussions, reading, interpretation, workshops, presentations.
The attribute is presented as a side issue in theory or practice; it is not specifically assessed, but it is addressed by activities such as lectures or tutorials.
The attribute is not considered, there is no theory or practice or activities associated with this attribute.