K.P. Chow
Ao Shen
Digital forensics investigations have a variety of applications. The most common is to support or refute a hypothesis before criminal or civil proceedings. Digital forensics may also use in the private sector, such as internal corporate investigations or intrusion investigation.
The technical aspect of digital forensics and investigation is divided into several areas, relating to the type of digital devices involved, namely computer forensics, network forensics, forensic data analysis and mobile device forensics. The typical forensic process includes the seizure, forensic imaging (acquisition) and analysis of digital media and the production of a report.
| Course Learning Outcomes | Relevant Programme Learning Outcomes |
| CLO1. Able to master the basic techniques being used in today’s crime where computer or digital devices are being used | PLO.6, 7, 8, 9, 10, 11, 12, 13 |
| CLO2. Able to master the key technologies about digital investigation and be able to contrast similar technologies | PLO.3, 6, 7, 8, 9, 10, 11, 12, 13 |
| CLO3. Able to master the key technologies about digital forensics and be able to contrast similar technologies | PLO.4, 5, 6, 7, 8, 9, 10, 11, 12 |
| View Programme Learning Outcomes | |
| Course Content | No. of Hours | Course Learning Outcomes |
| 1. Introduction to computer crime and digital evidence | 6 | CLO1 |
| 2. Digital investigation | 6 | CLO2 |
| 3. Computer and file systems forensics | 9 | CLO3 |
| 4. Network and applications forensics | 9 | CLO3 |
| Description | Type | Weighting * | Examination Period ^ | Course Learning Outcomes |
| Labs | Continuous Assessment | 20% | - | CLO2 |
| Homework | Continuous Assessment | 30% | - | CLO3 |
| Written Examination | Written Examination | 50% | 8 - 23 December 2021 | CLO1 |
|
* The weighting of coursework and
examination marks is subject to approval ^ The exact examination date uses to be released when all enrolments are confirmed after add/drop period by the Examinations Office. Students must oblige to the examination schedule. Students should NOT enrol in the course if they are not certain that they will be in Hong Kong during the examination period. Absent from examination may result in failure in the course. There is no supplementary examination for all MSc curriculums in the Faculty of Engineering. |
||||
- E. Casey, Digital Evidence and Computer Crime, Third Edition: Forensic Science, Computers, and the Internet
- S. Davidoff and J. Ham, Network Forensics: Tracking Hackers through Cyberspace
- C. Altheide, H. Carvey, Digital Forensics with Open Source Tools
| Date | Time | Venue | Remark | |
| Session 1 | 2 Sep 2021 (Thu) | 7:00pm - 10:00pm | LE-3 | Face-to-face + Online |
| Session 2 | 9 Sep 2021 (Thu) | 7:00pm - 10:00pm | LE-3 | Face-to-face + Online |
| Session 3 | 16 Sep 2021 (Thu) | 7:00pm - 10:00pm | LE-3 | Face-to-face + Online |
| Session 4 | 23 Sep 2021 (Thu) | 7:00pm - 10:00pm | LE-3 | Face-to-face + Online |
| Session 5 | 30 Sep 2021 (Thu) | 7:00pm - 10:00pm | LE-3 | Face-to-face + Online |
| Session 6 | 7 Oct 2021 (Thu) | 7:00pm - 10:00pm | LE-3 | Face-to-face + Online |
| Session 7 | 21 Oct 2021 (Thu) | 7:00pm - 10:00pm | LE-3 | Face-to-face + Online |
| Session 8 | 28 Oct 2021 (Thu) | 7:00pm - 10:00pm | LE-3 | Face-to-face + Online |
| Session 9 | 4 Nov 2021 (Thu) | 7:00pm - 10:00pm | LE-3 | Face-to-face + Online |
| Session 10 | 11 Nov 2021 (Thu) | 7:00pm - 10:00pm | LE-3 | Face-to-face + Online |
| LE - Library Extension Building | ||||