Faculty of Health, Engineering and Science

School: Computer and Security Science

This unit information may be updated and amended immediately prior to semester. To ensure you have the correct outline, please check it again at the beginning of semester.

  • Unit Title

    Computer Forensics
  • Unit Code

    CSI6117
  • Year

    2015
  • Enrolment Period

    1
  • Version

    1
  • Credit Points

    20
  • Full Year Unit

    N
  • Mode of Delivery

    On Campus
    Online

Description

This unit is an introduction to many of the tools and techniques used in computer forensics. Computer evidence is often not accessible by usual access methods, so specialised software tools and techniques must be employed to recover this. Modern computer forensics involves the preservation, identification and analysis of computer based evidence stored in the form of magnetically encoded information on various devices and media.

Prerequisite Rule

Students must pass 2 units from CSI4102, CSI4207

Equivalent Rule

Unit was previously coded CSI5319

Learning Outcomes

On completion of this unit students should be able to:

  1. Analyse current legal issues in the field of computer forensics.
  2. Apply computer forensics tools and techniques to recover evidence from various scenarios.
  3. Demonstrate knowledge of computer forensics procedures and the reasons for their applications.
  4. Evaluate a computing environment for forensic including design and implementation of policy.
  5. Investigate current computer security and forensic issues.
  6. Research computer forensics and allied security problems.
  7. Research special computer forensics issues associated with computer networks, telecommunications and distributed systems.

Unit Content

  1. Current issues in computer forensics.
  2. Encryption, decryption, cryptoanalysis techniques and uses in computer forensics.
  3. Ethical and legal positions of computer forensics application.
  4. Future issues and trends.
  5. Management issues and policy determination in computer forensics.
  6. Physical, environmental and organisational considerations for deploying computer forensics.
  7. The forensic process.

Additional Learning Experience Information

Lectures, workshops, case studies, and practical exercises.

Assessment

GS1 GRADING SCHEMA 1 Used for standard coursework units

Students please note: The marks and grades received by students on assessments may be subject to further moderation. All marks and grades are to be considered provisional until endorsed by the relevant Board of Examiners.

ON CAMPUS
TypeDescriptionValue
Research PaperCurrent topic in forensics 40%
Case StudyForensic analysis and report40%
WorkshopLaboratory exercises 20%
ONLINE
TypeDescriptionValue
Research PaperCurrent topic in forensics 40%
Case StudyForensic analysis and report40%
WorkshopLaboratory exercises 20%

Text References

  • ^ Casey, E. (2011). Digital evidence and computer crime: Forensic science, computers, and the internet (3rd ed.). USA: Elvesier.
  • ^ Carvey, H. (2011). Digital forensics with open source tools (1st ed.). USA: Syngress.
  • Jones, K.J., Bejtlich, R., & Rose, C.W. (2006). Real digital forensics. Upper Saddle River, NJ: Addison-Wesley.
  • Carrier, B. (2005). File system forensic analysis (1st ed.). Boston, MA: Addison-Wesley.
  • Nelson, B., Phillips, A., & Steuart, C. (2009). Guide to computer forensics and investigations (4th ed.). Boston, MA: Course Technology.
  • Sammons, J. (2012). The basics of digital forensics: The primer for getting started in digital forensics (1st ed.). USA: Syngress.
  • Carvey, H. (2012). Windows forensic analysis toolkit: Advanced analysis techniques for windows 7 (3rd ed.). USA: Syngress.

^ Mandatory reference


Disability Standards for Education (Commonwealth 2005)

For the purposes of considering a request for Reasonable Adjustments under the Disability Standards for Education (Commonwealth 2005), inherent requirements for this subject are articulated in the Unit Description, Learning Outcomes and Assessment Requirements of this entry. The University is dedicated to provide support to those with special requirements. Further details on the support for students with disabilities or medical conditions can be found at the Access and Inclusion website.

Academic Misconduct

Edith Cowan University has firm rules governing academic misconduct and there are substantial penalties that can be applied to students who are found in breach of these rules. Academic misconduct includes, but is not limited to:

  • plagiarism;
  • unauthorised collaboration;
  • cheating in examinations;
  • theft of other students' work;

Additionally, any material submitted for assessment purposes must be work that has not been submitted previously, by any person, for any other unit at ECU or elsewhere.

The ECU rules and policies governing all academic activities, including misconduct, can be accessed through the ECU website.

CSI6117|1|1

Faculty of Health, Engineering and Science

School: Computer and Security Science

This unit information may be updated and amended immediately prior to semester. To ensure you have the correct outline, please check it again at the beginning of semester.

  • Unit Title

    Computer Forensics
  • Unit Code

    CSI6117
  • Year

    2015
  • Enrolment Period

    2
  • Version

    1
  • Credit Points

    20
  • Full Year Unit

    N
  • Mode of Delivery

    On Campus
    Online

Description

This unit is an introduction to many of the tools and techniques used in computer forensics. Computer evidence is often not accessible by usual access methods, so specialised software tools and techniques must be employed to recover this. Modern computer forensics involves the preservation, identification and analysis of computer based evidence stored in the form of magnetically encoded information on various devices and media.

Prerequisite Rule

Students must pass 2 units from CSI4102, CSI4207

Equivalent Rule

Unit was previously coded CSI5319

Learning Outcomes

On completion of this unit students should be able to:

  1. Analyse current legal issues in the field of computer forensics.
  2. Apply computer forensics tools and techniques to recover evidence from various scenarios.
  3. Demonstrate knowledge of computer forensics procedures and the reasons for their applications.
  4. Evaluate a computing environment for forensic including design and implementation of policy.
  5. Investigate current computer security and forensic issues.
  6. Research computer forensics and allied security problems.
  7. Research special computer forensics issues associated with computer networks, telecommunications and distributed systems.

Unit Content

  1. Current issues in computer forensics.
  2. Encryption, decryption, cryptoanalysis techniques and uses in computer forensics.
  3. Ethical and legal positions of computer forensics application.
  4. Future issues and trends.
  5. Management issues and policy determination in computer forensics.
  6. Physical, environmental and organisational considerations for deploying computer forensics.
  7. The forensic process.

Additional Learning Experience Information

Lectures, workshops, case studies, and practical exercises.

Assessment

GS1 GRADING SCHEMA 1 Used for standard coursework units

Students please note: The marks and grades received by students on assessments may be subject to further moderation. All marks and grades are to be considered provisional until endorsed by the relevant Board of Examiners.

ON CAMPUS
TypeDescriptionValue
Research PaperCurrent topic in forensics 40%
Case StudyForensic analysis and report40%
WorkshopLaboratory exercises 20%
ONLINE
TypeDescriptionValue
Research PaperCurrent topic in forensics 40%
Case StudyForensic analysis and report40%
WorkshopLaboratory exercises 20%

Text References

  • ^ Casey, E. (2011). Digital evidence and computer crime: Forensic science, computers, and the internet (3rd ed.). USA: Elvesier.
  • ^ Carvey, H. (2011). Digital forensics with open source tools (1st ed.). USA: Syngress.
  • Jones, K.J., Bejtlich, R., & Rose, C.W. (2006). Real digital forensics. Upper Saddle River, NJ: Addison-Wesley.
  • Carrier, B. (2005). File system forensic analysis (1st ed.). Boston, MA: Addison-Wesley.
  • Nelson, B., Phillips, A., & Steuart, C. (2009). Guide to computer forensics and investigations (4th ed.). Boston, MA: Course Technology.
  • Sammons, J. (2012). The basics of digital forensics: The primer for getting started in digital forensics (1st ed.). USA: Syngress.
  • Carvey, H. (2012). Windows forensic analysis toolkit: Advanced analysis techniques for windows 7 (3rd ed.). USA: Syngress.

^ Mandatory reference


Disability Standards for Education (Commonwealth 2005)

For the purposes of considering a request for Reasonable Adjustments under the Disability Standards for Education (Commonwealth 2005), inherent requirements for this subject are articulated in the Unit Description, Learning Outcomes and Assessment Requirements of this entry. The University is dedicated to provide support to those with special requirements. Further details on the support for students with disabilities or medical conditions can be found at the Access and Inclusion website.

Academic Misconduct

Edith Cowan University has firm rules governing academic misconduct and there are substantial penalties that can be applied to students who are found in breach of these rules. Academic misconduct includes, but is not limited to:

  • plagiarism;
  • unauthorised collaboration;
  • cheating in examinations;
  • theft of other students' work;

Additionally, any material submitted for assessment purposes must be work that has not been submitted previously, by any person, for any other unit at ECU or elsewhere.

The ECU rules and policies governing all academic activities, including misconduct, can be accessed through the ECU website.

CSI6117|1|2