Skip Navigation
 

ISSC457 - Digital Forensics: Investigating Network Intrusions and Cybercrime Security

Course Details

Course Code: ISSC457 Course ID: 4413 Credit Hours: 3 Level: Undergraduate

The increase in the use of the Internet and ensuing growth in cybercrime have given rise to the field of digital forensics. Students will be introduced to advanced techniques in computer investigation and analysis with interest in generating potential legal evidence. This course examines computer related crime and abuse cases in order to gather all necessary information and evidence to support prosecution in a court of law. Collection of evidence, investigating information hiding, and intrusion response techniques will be explored. This course will examine network intrusions, network traffic, web attacks, DoS attacks and corporate espionage. Current literature will be examined on such topics.





Course Schedule

Registration Dates Course Dates Session Weeks
11/26/18 - 05/03/19 05/06/19 - 06/30/19 Spring 2019 Session I 8 Week session
12/31/18 - 05/31/19 06/03/19 - 07/28/19 Spring 2019 Session D 8 Week session
01/28/19 - 06/28/19 07/01/19 - 08/25/19 Summer 2019 Session B 8 Week session
02/25/19 - 08/02/19 08/05/19 - 09/29/19 Summer 2019 Session I 8 Week session
03/25/19 - 08/30/19 09/02/19 - 10/27/19 Summer 2019 Session D 8 Week session
04/29/19 - 10/04/19 10/07/19 - 12/01/19 Fall 2019 Session B 8 Week session

Current Syllabi

The successful student will fulfill the following learning objectives:

  1. Student should be able to interpret network forensics and investigation logs.
  2. Be able to identify web attacks such as cross-site scripting and SQL injection attacks.
  3. Discuss router forensics and the types of router attacks.
  4. Analyze e-mail tracking techniques and e-mail crime.
  5. Evaluate the process to prepare and conduct a computer investigation.
  6. Discuss the importance of search warrants and chain of custody in a forensic investigation.
  7. Identify corporate espionage and prevention techniques.
  8. Contrast the types of computer related crimes such as sexual harassment and child pornography and the laws.

The grading will be based on eight weekly assignments, eight weekly Forum postings, six weekly labs, an individual project paper with topic, outline, and presentation, and a case study.

  1. There will be eight assignments (3% each) counting a total of 24% of the final grade. The assignments will follow each of the major milestones of the course. These assignments will be problems or questions from the text. They are a combination of Lesson Reviews and Lesson Activities and/or Labs. They are selected to provide the student with information to understand the concepts discussed. Assignments should be prepared in Microsoft Word using the following file naming convention: ISSC457_Week#Assignment_First_Last.doc(x) (where the # is the week number, and first and last are your first and last names resp.) and submit the file in this assignments’ area and uploaded into the student folder by the due date. Any necessary Visio diagrams should be incorporated within the Word document as part of the document.
  2. There will be eight weekly Forum postings you will need to respond to. Answers should be 3-4 paragraphs with a topic sentence that restates the question and supporting sentences using the terms, concepts, and theories from the required readings. Each answer should be a minimum of 400 words (about 8 good sentences). You may attack, support or supplement other students’ answers using the terms, concepts and theories from the required readings. All responses should be a courteous paragraph that contains a topic sentence with good supporting sentences. You may respond multiple times with a continuous discussion with points and counter points. The key requirement is to express your idea and then support your position using the terms, concepts and theories from the required readings to demonstrate to me that you understand the material. The Forum postings will count as 20% (2.5% for each discussion posting) of the final grade.
  3. There will be a project paper (10%) with topic selection (2%), outline (4%), and presentation (6%), and a case study (10%) throughout the session, counting as 32% total of the final grade. Please practice using the same file naming convention established in this class for each of these files.
  4. There will be labs (4% each) a total 24% of the final grade. The labs will be online hands-on labs using the necessary tools required in digital forensics.

All assignments, Forum question responses, and the labs are due by 11:55 Eastern Time Sunday of the week assigned.

Project Paper (Topic, Outline, PowerPoint Presentation, and Paper) Topics:
Week 2: Topic selection due

Week 4: Outline due

Week 6: PowerPoint Presentation due

Week 7: Paper due

Topics: Acceptable topics unless I have already approved one:

  • Corporate Espionage
  • Computer Crimes
  • Impacts of Computer Technology on Law Enforcement
  • Computer Forensics
  • Cyberbullying
  • Software Piracy
  • Digital Crime and Digital Terrorism
  • Computer Hacking
  • Cyber Terrorism
  • How to Investigate Cybercrime
  • Network Security

Details of Project Paper (10%): You must include at least ten references.
Prepare a 10-15 page paper in Microsoft Word (counts as 10% of the final grade) in APA format (see writing expectations in the Policies section) (350 words per page). The paper should be between 3500 to 5300 words excluding the title page content and the references page content. At a minimum include the following:

  • Detailed description of the area researched
  • Technology involved in the area
  • Future trends in the area
  • Example companies involved in the area
  • Regulatory issues surrounding the area
  • Global implications for the area
  • References (minimum of 10)

You may use resources from the APUS Online Library, any library, government library, or any peer-reviewed reference (Wikipedia and any other publicly-reviewed source is not accepted). The paper must be at least 10 pages double-spaced, 1" margin all around, black 12 point font (Times New Roman or Arial) with correct citations of all utilized references/sources, (pictures, graphics, etc... are extra - allowed but extra for the minimum page count). The title page and references are also required but don't count in the minimum page count. A minimum of 10 references are required.

The paper will be subjected to checking against plagiarism. The paper must follow acceptable originality criteria (no more than 15% max total, and 2% per individual source match are allowed).

Save the file using the following file naming convention: ISSC457_Project_First_Last.doc(x) (where first and last are your first and last names resp.) and submit the file in this assignment area

Here are the originality report requirements:

  1. The originality report must be less than 15% match
  2. No single source shall be above 2%
  3. You must submit the originality report with your paper to your AMU classroom

If you don't follow these three requirement instructions you will get a 0 for your project paper assignment. I will give you the chance to rework your papers until an acceptable level of match is achieved.

At the end of the class, if you have not submitted your paper to turnitin.com, I will submit it anyways even after you'd get a 0, to see the level of plagiarism found, if any. If turnitin.com matches more than 40% you will be subject to academic reporting.

Case Study (10%): You are hired by JLA Enterprise to conduct a Forensic Examination after a network intrusion occurs at their corporate office. Your job is to determine the source of the network intrusion and provide as much information regarding the attack as possible. Here are some things to consider when explaining what happened during the network intrusion:

  • What time did the attack happen?
  • How did the hacker get into the network?
  • What computers were compromised?
  • What computers were accessed?
  • What data was extracted from the network?
  • What type of attack was conducted?
  • How long did the attacker have access to the network?
  • Is there any persistence on the network for future attacks?

You are asked to conduct a forensics examination of the network and provide a forensic report explaining what happened during the attack and what corporate data was compromised. The report should cover the above information, as well as create a timeline that shows the attack from the initial stages of the attack to when the data was extracted from the network.

Your submission should be about 3 to 5 pages (not including the title page and the references page) long in APA format with proper citations and references if you are using them. It will be subjected to checking against plagiarism. The final product must follow acceptable originality criteria (no more than 15% max total, and 2% per individual source match are allowed).

Save the file using the following file naming convention: ISSC457_CaseStudy_First_Last.doc(x) (where first and last are your first and last names resp.) and submit the file in this assignment area

NameGrade %
Assignments 20.00 %
Assignment 1 2.50 %
Assignment 2 2.50 %
Assignment 3 2.50 %
Assignment 4 2.50 %
Assignment 5 2.50 %
Assignment 6 2.50 %
Assignment 7 2.50 %
Assignment 8 2.50 %
Project Paper Topic 2.00 %
Wk2 Project Paper Topic 2.00 %
Labs 18.00 %
Wk2 Lab 1 3.00 %
Wk3 Lab 2 3.00 %
Wk4 Lab 3 3.00 %
Wk5 Lab 4 3.00 %
Wk6 Lab 5 3.00 %
Wk7 Lab 6 3.00 %
Project Paper Outline 4.00 %
Project Paper Outline 4.00 %
Project Powerpoint 6.00 %
Wk6 Project PowerPoint Presentation 6.00 %
Project Paper 10.00 %
Wk7 Project Paper 10.00 %
Case Study 10.00 %
Wk8 Case Study 10.00 %
Forums 20.00 %
Forum 1 2.50 %
Forum 2 2.50 %
Forum 3 2.50 %
Forum 4 2.50 %
Forum 5 2.50 %
Forum 6 2.50 %
Forum 7 2.50 %
Forum 8 2.50 %
Quizzes 10.00 %
Week 1 and 2 Quiz 2.50 %
Week 3 and 4 Quiz 2.50 %
Week 5 and 6 Quiz 2.50 %
Week 7 and 8 Quiz 2.50 %

Web-based Readings – if these links are no longer available, conduct a web search on the topics

FBI. (2012). Computer Intrusions. Retrieved from http://www.fbi.gov/about-us/investigate/cyber/computer-intrusions

Gragido, W., & Pirc, J. (2011). Cyber Crime and Espionage: An Analysis of Subversive Multi-Vector Threats [electronic resource]. Retrieved from http://library.books24x7.com.ezproxy1.apus.edu/toc.asp?bookid=41844

Kerr, O. (2005). Search Warrants in an ERA of Digital Evidence. Retrieved from http://www.olemiss.edu/depts/ncjrl/pdf/02-KERR.pdf

Mehan, J. (2008). Cyberwar, cyberterror, cybercrime [electronic resource]. Retrieved from http://site.ebrary.com/lib/apus/Doc?id=10438090

Newsbytes.ph (2012). 80% of cyber attacks in 2012 came from legit sites. Retrieved from http://manilastandardtoday.com/2012/12/08/80-of-cyber-attacks-in-2012-came-from-legit-sites/

Software Requirements

  1. Microsoft Office (MS Word, MS Excel, MS PowerPoint)
  2. Adobe Acrobat Reader (Click here for free download)

Selected Bibliography

Computer Forensics: Investigating Network Intrusions and Cybercrime. (2010). Published by: Cengage Learning. ISBN: 1-4354-8352-9 or 978-1-4354-8352-1

Cyber Safety. (2010). Published by: Cengage Learning. ISBN: 1-4354-8371-5 or 978-1-4354-8371-2

FBI. (2012). Computer Intrusions. Retrieved from http://www.fbi.gov/about-us/investigate/cyber/computer-intrusions

Gragido, W., & Pirc, J. (2011). Cyber Crime and Espionage: An Analysis of Subversive Multi-Vector Threats [electronic resource]. Retrieved from http://library.books24x7.com.ezproxy1.apus.edu/toc.asp?bookid=41844

Kerr, O. (2005). Search Warrants in an ERA of Digital Evidence. Retrieved from http://www.olemiss.edu/depts/ncjrl/pdf/02-KERR.pdf

Mehan, J. (2008). Cyberwar, cyberterror, cybercrime [electronic resource]. Retrieved from http://site.ebrary.com/lib/apus/Doc?id=10438090

Newsbytes.ph (2012). 80% of cyber attacks in 2012 came from legit sites. Retrieved from http://manilastandardtoday.com/2012/12/08/80-of-cyber-attacks-in-2012-came-from-legit-sites/

Book Title:Various resources from the APUS Library & the Open Web are used. Links provided inside the classroom in the Lessons section.
Author: No Author Specified

Previous Syllabi

Not current for future courses.