MSc Computer Forensic Investigation

What will I cover in this module?

This module develops and nurtures a student research ethic and places a strong emphasis on engagement with important research areas within digital forensic investigation. Current and cutting edge research areas and topics are identified by the module team. These are presented to students who then identify a core area of research from this. The research areas is then developed over the duration of the module wherein students are required to present and share their findings at key milestones such as on completion of a literature survey, identification of current limitations of knowledge and establishment of the research question).

The research culminates in the development of a professional research paper which outlines key findings in that area. The research paper provides opportunity for joint publication by the module team and the student concerned.
The module may act as a 'spring board' for the further analysis and development of the research question at dissertation level.

LEARNING OUTCOME

1. Develop a unique piece of independent research from conception through to the development of a research paper that adheres to given standards outlining the findings.

INDICATIVE CONTENT / AREAS OF STUDY

The focus of this module is on new research areas and directions in digital forensic investigation, as such there is no rigidly defined curriculum for the module, however the following serves as a loose and indicative listing of areas that might be covered within the module and within individual research areas:

• Forensic Incident response and management
• Operating system and file system
• Real time forensics
• Anti-forensics and anti-anti-forensics
• Network forensics
• International and national digital forensic investigation infrastructures
• Remote investigation
• Cloud Forensics

How will I be assessed?

100% Coursework

A portfolio typically consisting of around 6000 words which may take the form of a professional report/essay/journal article which responds to a specific research question. The assignment rubric may be structured towards meeting the requirements of each programme.

How many credits is it worth?
20

What will I cover in this module?

This module aims to equip students with the advanced knowledge and understanding required to analyse complex security protocols. The module focuses on protocols required to ensure security over remote networks.

LEARNING OUTCOMES 

1. Be able to critically analyse and evaluate the functionality of security protocols under given case study problems and be able to apply and evaluate them under various constraints
2. Critically evaluate and analyse current research into Computer Security and be able to formulate critical academic and professional responses to given research exercises

INDICATIVE CONTENT / AREAS OF STUDY

Advanced Authentication techniques

• Kerberos 4 and Kerberos 5

Cryptographic algorithms

• First generation and second generation algorithms
• Analysis and evaluation of cryptographic algorithms (DES, AES, IDEA, MD5), Elliptic Curve Cryptography.
• Mathematical functions and concepts of encryption algorithms.

Analysis of key exchange algorithms

• Diffie Hellman
• Just Fast Keying
• Oakley
• IKE

Remote Security Protocols

• Analysis of session security protocols such as SSL/TLS
• Advanced understanding and analysis of IPSec and other Internet security protocols
  

Heuristic algorithms and Bayesian Filtering in popular filtering protocols

Current research topics in Network security protocols

How will I be assessed?

100% Coursework

Presentation of a 4,000 word professional report which responds to a specific research question. The assignment rubric may be structured towards meeting the requirements of each programme.

Students will be given opportunities, through both formative and summative assessments, to reflect on their learning to support professional and personal development.

How many credits is it worth?
20

What will I cover in this module?

This module explores the body of rules regulating the means by which facts may be proved in a court of law. The obtaining of evidence by the police, the court process and roles of judge, jury and witnesses will be examined. You will study both rules relating to the admissibility of evidence, and the extent to which exceptions to exclusionary rules exist. Assessment will take the form of coursework and related provision of witness evidence in the courtroom.

On successful completion of this module you'll be able to:

1. Demonstrate a critical understanding of court procedures and the roles of individuals involved, both in the obtaining of evidence and its introduction into the court process.
2. Consider and ascertain the reasoning behind the rules applicable in determining evidence which can be admissible in court and analyse the effectiveness of exclusionary rules.

You'll cover:

• The role of judge and jury in relation to court procedure
• Examination in chief, cross examination and re-examination
• Police conduct in obtaining evidence and role in the justice system
• Identification evidence
• Character evidence and similar fact evidence
• The hearsay rule, res gestae and other exceptions
• Opinion evidence.

How will I be assessed?
100% Coursework

How many credits is it worth?
20

What will I cover in this module?

This module examines the substantive law in relation to crimes and misuse of digital media. It will identifies and explores the behaviour which those monitoring or examining digital media for forensic or security purposes are attempting to combat. The module is set in a domestic, EU and international legal context.

LEARNING OUTCOMES

1. Know and understand the nature of crimes and other unlawful activity which are the subject of security and forensic activity; have a critical awareness of the constituent elements of such crimes and the technological means utilised in the commission of such crimes.
2. Be able to critically evaluate and reflect upon contemporary issues.

INDICATIVE CONTENT / AREAS OF STUDY

• History and context of digital media in law
• Viruses, worms, trojan horses
• Hacking, spamming, phishing and their legal implications
• Crime involving computer technology: theft ,identity theft, betting fraud, pump and dump
• Pornographic, grooming and other obscenity offences
• Harassment offences; cyber stalking, bullying
• Information warfare, hacktivism and cyberterrorism
• Organised crime: human trafficking, illegal immigration, money laundering
• Government and commercial espionage

How will I be assessed?

100% CW 

• CW1: 50% weighting:  Learning outcome to be assessed 1.
  A report of approximately 3,000 words
• CW2: 50% weighting:  Learning outcome to be assessed 2.
  A report of approximately 3,000 words

A report of approximately 3,000 words

How many credits is it worth?
20

What will I cover in this module?

The management of the security process is a crucial part of the successful implementation of any security process or technique. This module looks at the fundamental and core network and security management issues that affect businesses including the often conflicting organisational goals that can lead to difficult trade-offs between affordability and effective protection.

On successful completion of this module you'll be able to:

1. Analyse and discuss core business security policy issues that ensure the delivery of good and workable security policies
2. Critically evaluate and analyse the security requirements of an organisation.

You'll cover:

• The role of a CISO
• Security, techniques for infrastructure protection
• Security policy formulation
• Business continuity and disaster recovery planning. Backups, cold sites, 
• Access Control and Privilege Management. Biometrics
• Formal Risk Management strategies
• Personnel management, change Management, security training/awareness, administrative responsibilities
• Balancing internal and external threats and protection
• Physical security
• National critical infrastructure protection
• Network monitoring systems. User monitoring.
• Intrusion detection systems, Anomaly based detection systems, host vs network based IDS, honeypots
• Firewalls
• Malware, anti virus, spam filtering.

How will I be assessed?

100% Coursework

A detailed research task and an application of the research to a given case study. The report will be approximately 5,000 words long.

You will be given opportunities, through both formative and summative assessments, to reflect on your learning to support professional and personal development.

How many credits is it worth?
20

What will I cover in this module?

This module provides the opportunity for students to consolidate upon and extend their understanding, skills and knowledge of Forensic Computing as developed through PG Cert Level and PG Dip Level of the programme. Through this module students will demonstrate their knowledge, understanding and skills at the master's level. The aim is to ensure that students are able to formulate and tackle real world, commercial problems competently, efficiently, independently, and with relevance to a particular problem and/or application which should draw upon knowledge and experience from the students' first degree or equivalent experience.

A dissertation of between 12,000 and 18,000 words will provide the main means of assessment, together with a deliverable quality 'product'. A product may be a piece of software, a detailed design for a system or a feasibility study. Other deliverables, as agreed with the supervisor, will be considered. Students must demonstrate their ability to apply what they have learnt on the course in an independent and rigorous fashion.

LEARNING OUTCOMES:

On successful completion of this module the student will be able to:-

1. Critically assess contributions in the literature of a range of academic concepts/paradigms and analyse their relevance to the field of Forensic Computing in a range of academic and business contexts, leading to the creation and justification of a methodologically sound research programme.
2. Undertake methodologically sound research into a significant forensic computing issue, demonstrating their ability to devise, recommend and / or implement innovative solutions to the area under investigation, and to be able to present these solutions coherently
3. Adopt a self critical approach and reflect on the processes of planning and undertaking a significant piece of independent research.

INDICATIVE CONTENT:

• Choosing a topic and narrowing it down to a concise set of research objectives
• Continual reading for research about the chosen topic and about research methods
• Thinking about and selecting an appropriate research design/methodology
• Writing a critical literature review
• Collecting both secondary and primary data
• Creating an appropriate artefact
• Analysing data
• Drawing conclusions and assessing their significance in relation to existing work
• Writing up the final dissertation.
  
  

How will I be assessed?

100% Coursework

The assessment of the Independent Study module is by a final report (approx 12,000 to 18,000 words) in the form of a dissertation and is intended to address all learning outcomes.

How many credits is it worth?
60

What will I cover in this module?

The module aims to develop your ability to study at masters level and to develop, plan, execute a research project.

On successful completion of this module you'll be able to:

1. Research, review and critically evaluate current academic literature within a specific context in order to identify the key issues and gaps within current knowledge
2. Demonstrate a critical understanding of research design and methodological enquiry and to propose an appropriate research plan. Reflective evaluation of the impact of ethical values on academic research will be demonstrated
3. Systematically analyse and synthesise researched data and theories.

You'll cover:

• Studying at Masters Level (Literature Review, Critical evaluation concepts and practices, Sources, Search Strategies, Communication of ideas and results)
• Research Project Development (Principles of planning projects and project lifecycles, Identifying tasks and estimating timescales, Risk analysis. Ethical, social and professional issues)
• Analysis and Synthesis of Data and Information (Experiment design, Methodologies for quantitative and qualitative investigations, System modelling concepts and constraints)

How will I be assessed?

100% Coursework

Assessment will be by means of a portfolio of written work demonstrating the achievement of all learning outcomes totalling between 4000 and 5000 words. There will be a strong component of rapid, formative assessment during the delivery of that part of the module relating to learning outcome 1 which will be linked to summative assessment.

How many credits is it worth?
20