MN624 Digital Forensics Assignment Help

Assessment Details and Submission Guidelines

Tri

mester

T2, 2024

Unit Code

MN624

Unit Title

Digital Forensics

Assessment Type

Group Assignment (Maximum 4 Students in a group)

Assessment Title

Digital forensics analysis and recommendations

Purpose of the  assessment (with ULO  Mapping)

This assignment is designed to assess student’s knowledge and skills related  to the following learning outcomes:

a. Apply socio-technical contexts in analyzing digital forensic evidence c. Investigate the nature and extent of a network intrusion d. Demonstrate competence in applying industry-standard forensic analysis  techniques

Weight

20% of the Total Assessment

Total Marks

100

Word limit

See instructions section

Due Date

25 September 2024, 11:55 PM

Submission

Guidelines

∙ All work must be submitted on Moodle by the due date along with a  completed Assignment Cover Page.

∙ The demonstration video must include the presenters’ video. It must be  created using the Zoom app.

∙ The assignment must be in MS Word format, 1.5 spacing, 11-pt Calibri  (Body) font and 2 cm margins on all four sides of your page with  appropriate section headings.

∙ Reference sources must be cited in the text of the report, and listed  appropriately at the end in a reference list using IEEE referencing style for School of Business and School of Information Technology and  Engineering respectively.

Extension

If an extension of time to submit work is required, a Special Consideration  Application must be submitted directly in AMS. You must submit this  application three working days prior to the due date of the assignment.  Further information is available at:

Academic Misconduct

Academic Misconduct is a serious offense. Depending on the seriousness  of the case, penalties can vary from a written warning or zero marks to  exclusion from the course or rescinding the degree. Students should make  themselves familiar with the full policy and procedure available at: For  further information, please refer to the Academic Integrity Section in your  Unit Description.

 

Use of

Generative Artificial Intelligence

(Gen AI) in

Assessments

More information about the use of Gen AI in student assessment can be found in the full policy and procedure available at

Further support can be found in the MIT Lib Guide: Using Gen AI at  MIT

Gen AI is permitted to be used as a research tool only and should not be  included in the assignment.

Assignment Description

Tasks:

There are two parts to this assignment, i.e. part A and part B.

A. Write a group report on one of the following topics listed in Part A. Your tutor will allocate  you a group number (maximum of four students in a group) and your topic. (65 Marks) B. Demonstration. Make a group video demonstration of three digital forensics tools.  (35 Marks)

Part A description:

Topic 1 – Internet of Things Forensics: Challenges and approaches

Today is the era of the Internet of Things (IoT), millions of machines such as cars, smoke detectors,  watches, glasses, webcams, and other things that have the ability to connect, collect and exchange  data over a wired and wireless network are being connected to the internet. The number of machines  that possess the ability of remote access to monitor and collect data is continuously increasing. This  development makes, on one hand, human life more comfortable, and convenient, but it also raises  other hand issues on security and privacy. However, this development also raises challenges for the  digital investigator when IoT devices are involved in crime scenes. Your report should cover the  following points.

∙ History and background of Internet of Things Forensics: Provide an overview of the  emergence and evolution of IoT forensics, including its historical and technological  background.

∙ Comparison of traditional digital forensics vs. IoT forensics: Highlight the key differences  between traditional digital forensics and IoT forensics, including the unique challenges  posed by IoT devices in terms of data collection, storage, and analysis.

∙ Forensic approaches for IoT devices: Describe the different forensic approaches and  methodologies used in investigating IoT devices, including the collection and  preservation of digital evidence from IoT devices.

∙ Issues in IoT forensics: Address the security, privacy, and legal issues associated with IoT  forensics, including the potential risks and challenges involved in investigating crimes  involving IoT devices.

∙ Type of evidence and challenges in IoT forensics: Discuss the types of evidence that  could be found in IoT forensics investigations, as well as the challenges in collecting and analyzing such evidence, including issues related to data integrity, authenticity, and  encryption.

∙ Significance of digital forensics for the IoT ecosystem: Analyze and discuss the  significance of digital forensics in the context of the IoT ecosystem, including its role in  ensuring trust, security, and accountability in IoT deployments.

∙ Existing techniques for IoT forensics: Review and analyze the existing techniques and  methodologies used in IoT forensics, and identify the best technique based on their  strengths, limitations, and applicability to different IoT devices and scenarios.

∙ Challenges and solutions in IoT forensics: Analyze the challenges faced by digital  investigators in IoT forensics, and propose or review a number of solutions that can be  taken to overcome these

Topic 2 – Mobile Forensics: Challenges and approaches

The proliferation of mobile devices such as smartphones and tablets in the consumer market has  resulted in a growing demand for forensic examination of these devices. Mobile devices often carry  sensitive data and can be easy targets for cybercriminals, making mobile security essential. Mobile  security testing aims to detect vulnerabilities and malicious apps on mobile devices. This research  survey will focus on the challenges in mobile forensics in cloud computing and analyze the most  recent solutions and developments in this area. The article should cover the following points:

∙ History and Background of Mobile Forensics: Provide an overview of the evolution of  mobile forensics, including its history and background. Discuss the emergence of mobile  devices and their increasing prevalence in the consumer market, leading to the need for  mobile forensics.

∙ Type of Evidence and Challenges in Mobile Computing: Describe the different types of  evidence that could be found in mobile devices, such as contacts, call history, message  data (SMS, MMS, and emails), media files, and other databases. Discuss the challenges  that digital forensic practitioners may face in extracting and analyzing this evidence from  mobile devices in cloud computing environments.

∙ Significance of Digital Forensics for Mobile Computing: Analyze and discuss the  significance of digital forensics in the context of mobile computing. Highlight the  importance of mobile forensics in investigating and prosecuting cyber crimes involving  mobile devices, and its role in ensuring data integrity, authenticity, and admissibility in  legal proceedings.

∙ Digital Forensics Tools for Mobile Investigations: Discuss the digital forensic tools that  could be useful for conducting mobile forensic investigations. Review popular mobile  forensic tools available in the market and discuss their features, capabilities, and  limitations in extracting and analyzing evidence from mobile devices.

∙ Overview of Capabilities of Three Popular Mobile Forensic Tools: Provide an overview of  the capabilities of three popular mobile forensic tools, specifically focusing on their  performance in three mobile phones based on Apple’s iOS and Google’s Android  operating systems. Discuss the features and functionalities of these tools and their  effectiveness in extracting and analyzing different types of evidence.

∙ Limitations of Mobile Forensic Tools: Describe the limitations of the three mobile  forensic tools in accessing contacts, call history, message data (SMS, MMS, and emails),  media files, and other databases on Apple’s iOS and Google’s Android. Discuss the  challenges and issues that digital forensic practitioners may face in using these tools,  including limitations in data extraction, data integrity, and data admissibility in legal  proceedings.

∙ Forensic Approaches for Mobile Forensics: Describe the forensic approaches that can be  used in mobile forensics, including logical, physical, and file system-level analysis.  Discuss the advantages, limitations, and best practices of these approaches in the  context of cloud computing environments.

∙ Mobile Forensics Issues and Challenges: Review the current issues and challenges in  mobile forensics, including the rapid evolution of mobile devices, frequent software  updates, encryption, cloud storage, anti-forensic techniques, and legal and ethical  considerations. Discuss the impact of these issues on the forensic investigation of mobile  devices and the difficulties faced by digital forensic practitioners.

∙ Issues in Mobile Computing Affecting Forensic Investigation: Describe the issues in  mobile computing that could affect the forensic investigation of mobile devices,  including device fragmentation, different operating systems, cloud storage, encryption,  and anti-forensic techniques. Discuss the challenges and limitations of mobile forensics  in addressing these issues and extracting accurate and reliable evidence.

∙ Performance Evaluation of Three Mobile Forensic Tools: Examine the performance of  three mobile forensic tools in terms of their accuracy, reliability, and efficiency in  extracting and analyzing evidence from mobile devices. Discuss the strengths and

weaknesses of these tools and provide recommendations for improving their  performance.

Topic 3 – Cloud Forensics: Challenges and approaches

Cloud computing may well become one of the most transformative technologies in the history of  computing. As a result of the technology and methods used in cloud computing, forensic  investigation techniques face different types of issues while inspecting the case. Write a research survey of the forensic challenges in cloud computing and analyze their most  recent solutions and developments. Your article should cover the following points. ∙ Describe forensic approaches for cloud forensics.

∙ Discuss the type of evidence that could be found with challenges in Cloud computing. ∙ Analyze and discuss the significance of digital forensics for Cloud computing.  ∙ Review the Cloud Forensics Issues & Challenges.

∙ Describe the issues in cloud computing that would affect the forensic investigation. ∙ List of challenges facing the cloud forensic investigation.

∙ List the digital forensics tools that could be useful for doing cloud forensics investigation.  ∙ Discuss technologies and techniques in the existing solutions and future works ∙ Propose/ Review a number of solutions that can be taken to overcome these challenges

Topic 4 – Email and Social Network Forensics: Challenges and approaches

Email and social networking applications such as Facebook, Twitter, and LinkedIn may be involved  in instances of misuse such as copyright infringement, data protection violations, defamation,  identity theft, harassment, and dissemination of confidential information and  malware that can affect both organizations and individuals. As a result of the technology and  methods used in Email and Social Network Forensics, forensic investigation techniques face  different types of issues while inspecting the case.

Write a research survey of the forensic challenges in Email and social networks and analyze their  most recent solutions and developments. Your article should cover the following points. ∙ Describe forensic approaches for Email and Social Network Forensics.

∙ Discuss the type of evidence that could be found with challenges in Email and Social  Network Forensics.

∙ Analyze and discuss the significance of digital forensics for Email and Social Network  Forensics.

∙ Review the Email and Social Network Forensics Issues & Challenges.

∙ Describe the issues in Email and Social Network Forensics that would affect the forensic  investigation.

∙ List of challenges facing the Email and Social Network Forensics investigation. ∙ List the digital forensics tools that could be useful for doing Email and Social Network  Forensics investigations.

∙ Discussion of technologies and techniques in the existing solutions and future works ∙ Propose/ Review a number of solutions that can be taken to overcome these challenges

Instructions:

Prepare your article as below:

1. Complete the assignment (minimum 6 and maximum 19 pages) including all the sections  below. The number of words will be counted thoroughly, and you must keep the minimum  number of words to avoid any penalties.

∙ Title (maximum 15 words) ∙ Abstract (200 – 250 words) ∙ Introduction (400 – 1000 words) ∙ Literature Review (1000 – 2000 words) ∙ Main body (500 – 1000 words) ∙ Results (200 – 500 words) ∙ Conclusion (200 – 500 words) ∙ Future Works (150 – 500 words) ∙ References (minimum 8 references)

2. The article must be a ‘Review’1 article, including at least 6 references and not more than 25.

Part B Description:

Make a group video demonstration of three digital forensics tools. Prepare slides (between 8 – 12 slides) for your video demonstration. As a team of four, create a 5-8 minutes video demo using the  Zoom application (along with the presenters’ video) addressing the following tasks:

1. Analyze and discuss the importance of your selected digital forensics tools  2. Perform three selected digital forensics tools

3. Identify and discuss the strengths and weaknesses of each digital forensics tool  4. Which digital forensics would you recommend? Justify your recommendation.

Submission Guidelines

∙ The assignment should be submitted on Moodle in two separate files:

o The report should be submitted as a Word file

o The demonstration should be submitted as a video file

∙ The demonstration video must include the presenters’ video.

∙ Do not use Wikipedia as a source or a reference.

∙ Make sure you properly reference any diagram/graphics used in the assignment.

Marking criteria:

Marking criteria for Assignment #2

Section to be

included in the

report

Detailed Description of the Criteria

Marks

Abstract

∙ A contextual sentence about the motivation behind your  research topic.

∙ Your thesis statements.

∙ A descriptive statement about the types of literature used in  the review.

∙ Summarize your findings.

∙ Conclusion(s) based upon your finding

5

Introduction and  background

Introduction about your selected topic:

∙ State the general topic and give some background.

∙ Provide a review of the literature related to the topic. ∙ Convince the reader that the research area is

significant/important/interesting.

∙ Define the terms and scope of the topic.

∙ Evaluate the current situation (advantages/ disadvantages)  and identify the gap.

10

Literature

review

Literature review of your topic:

∙ Discuss in your review the approaches, limitations, and  conclusions of past reviews.

∙ Discuss the type of evidence.

∙ Severe penalties apply for simple listing and describing. It  should be a logically supported analysis that reaches the review  conclusion that should be included at the end of the section.  Check word limit.

10

Main sections

∙ Information about your selected topic.

∙ A general purpose and all relevant methods are stated using  the correct scientific terminology.

10

Results

∙ Examined the performance of three digital forensic tools based on your selected topic.

10

 

∙ Figures and tables created should be created yourself and not  copied from elsewhere. For full marks, you should create at  least 2 figures and 2 tables.

∙ Findings and implications for digital forensic practitioners.

Conclusion

∙ A brief summary of the overall findings in relation to the  purpose of the study.

∙ Summary of thesis argument with concluding ideas that  impact the reader.

10

References

section and body  citation

∙ Must consider at least five current references from  journal/conference papers and books.

∙ Strictly follow the order and instructions by IEEE. Check  when/where to put the citation.

5

Report

presentation

∙ Writing is clear and relevant, with no grammatical and/or  spelling errors – polished and professional.

5

Part II: Video

Demonstration

Description of the section

Marks

Digital forensics  tools

demonstration

1. Analyze and discuss the importance of your selected digital  forensics tools [5 Marks] 2. Perform three selected digital forensics tools [10 Marks] 3. Identify and discuss the strengths and weaknesses of each digital  forensics tool [5 Marks] 4. Which digital forensics would you recommend? Justify your  recommendation. [5 Marks]

25

Presentation

The information and technical knowledge are presented clearly and  effectively. Presentation marks will be awarded based on individual  performance and contributions to the video.

5

Teamwork and  Collaboration

Excellent teamwork and collaboration skills must be demonstrated

5

Total

Total Assignment Marks

100

Example Marking Rubric for Assignment #2:

Marking

Rubric

Criteria/

Grades

High

Distinction

(HD)

[Excellent]

>80%

Distinction

(D) [Very

Good]

70%-80%

Credits

(C) [Good]

60%-70%

Pass (P)

[Satisfactory] 50%-60%

Fail (N)

[Unsatisfactory]

<50%

Abstract /5

clearly stated

and

appropriately

focused;

clearly stated

but the focus

could have

been sharper

Abstract

phrasing tool

simple, lacks

complexity; or,  not clearly

worded

Abstract lacks a  clear objective

and/or does

not “fit” the

content of

essay

Abstract not evident

Introduction

and background

Exceptional

introduction that  grabs interest of

Proficient

introduction

Basic

introduction

Paper’s

purpose is

Weak or no introduction of  topic.

 

/10

reader and states  topic.

Thesis/topic is

exceptionally

clear, well

developed, and  a definitive

statement.

that is

interesting and  stated topic.

Thesis/topic is

clear and

arguable

statement of

position.

that states

topic but lacks

interest.

Thesis/topic is

somewhat

clear and

arguable.

unclear.

Thesis/topic is

weak or

missing.

Literature

review /10

Demonstrated

excellent ability  to think

critically and

sourced

reference

material

appropriately

Demonstrated

excellent

ability to think

critically but

did not source

reference

material

appropriately

Demonstrated

ability to think

critically and

sourced

reference

material

appropriately

Demonstrated

ability to think

critically and

did not source

reference

material

appropriately

Did not demonstrate

ability to think critically  and did not source

reference material

appropriately

Main sections

/10

All elements are  present and

very well

integrated.

Components

present with

good cohesive

Components

present and

mostly well

integrated

Most

components

present

Proposal lacks structure.

Results /10

Logic is clear

and easy to

follow with

strong

arguments

Consistency

logical and

convincing

Mostly

consistent

logical and

convincing

Adequate

cohesion and

conviction

Argument is confused and  disjointed

Conclusion /10

Excellent

summary of

thesis argument  with concluding  ideas that impact the reader.

Introduces no

new

information.

Good summary  of topic with

clear concluding  ideas.

Introduces no

new

information.

Basic summary  of topic with

some final

concluding

ideas.

Introduces no

new

information.

Lack of

summary of

topic.

Lacks consistency with

many errors

References

section and

body citation /5

Clear styles

with excellent

source of

references.

Clear

referencing

style

Generally good  referencing

style

Unclear

referencing

style

Lacks consistency with

many errors.

Report

presentation /5

Writing is clear

and relevant,

with no

grammatical

and/or spelling  errors –

polished and

professional.

Reference,

citations and

images are

properly

formatted.

Most ideas are  stated clearly

and are related  to the topic,

with only

minor

grammatical

and/or spelling  errors.

References,

citations and

images are

adequate.

Many ideas

require

clarification,

are off-topic or  have little

relevance to

the

assignment.

Paper does not  meet the

criteria for the

assignment

(too short or

incomplete, too  long, and/or

completely off

topic).

Writing is clear and

relevant, Many

grammatical and/or

spelling errors; very

challenging to read, poor  writing flow. Improper

references and/or

citations section.

 

Digital forensics  tools

demonstration

/25

An in-depth and  very clear

discussion

about Digital

forensics tools

Very clear

discussion

about Digital

forensics tools

Generally good  discussion

about Digital

forensics tools

A brief

discussion

about Digital

forensics tools

Irrelevant discussion

about Digital forensics

tools

Presentation /5

The

presentation

was a concise

summary of the  topic with all

questions

answered.

Comprehensive  and complete

coverage of

information.

The

presentation

was a good

summary of the  topic.

Most

important

information

covered; little

irrelevant info.

The

presentation

was informative  but several

elements went  unanswered.

Much of the  information

irrelevant;

coverage of  some of the major  points.

The presentation  was a brief look  at the topic but  many questions  were left

unanswered.

Majority of  information

irrelevant and  significant points  left out.

Inappropriate/disinterested  body language

Teamwork and

Collaboration

/5

Excellent

Very good

good

satisfactory

Unsatisfactory