CRMJ – 465 (Tentative) Computer Forensics Fall / Spring TBD
Mr. Edwin Lugo – Visiting Professor Office: Capers Hall 404
Office Hours: after class and by appointment only Cell: 410-660-9167 (Cell phone – Text Only) Email: [email protected]
Classes: XXXX -XXXX (0X30 – 1x45 Hrs.) Thompson Hall Rm. 220 (TBD).
Course Description:
This course will introduce the student to the best practices for seizing and securing digital evidence as it pertains to Computer Forensics and the complicated legal issues surrounding digital evidence within the area of Cyber-Crime Investigation to include Cyber-Terrorism. The course will cover evidence and issues relative to file meta-data for various types of mass-Storage devices, cell phones and electronic storage. Also covered will be quantifying / qualifying, seizing and protecting electronic information. The course will also cover the exploitation of Mass Storage equipment and other technologically oriented devices used as a vehicle for criminal activity.
Computer Forensics is studied from basic theoretical concepts to the application of the basic elements for prosecution of criminal cases.
Included are several studies of electronic crime scene investigation, white collar crime, organized crime and cyber-terrorism. While this class focuses on Computer Forensic policies and
procedures in the United States, it offers a global perspective and will require incorporating examples of Computer Forensic applications from different parts of the world.
TEXT: Computer Forensics: Principles and Practices: Volonino, Anzaldua, Godwin ISBN-10: 0131547275 • ISBN-13: 9780131547278, Prentice Hall, Published 2006
Companion Site: http://wps.prenhall.com/bp_security_2006_1/36/9363/2397143.cw/index.html Supplemental Readings
Course supplemental readings will be posted on our learning management system CitLearn and announced in class. Readings will be posted at least two weeks prior to the relevant class. Many readings will be available in portable document format (PDF) for your individual, educational use only (in accordance with copyright law). If you don’t already have the PDF reader software you can download this for free at www.adobe.com. I may also ask you to locate a specific article using your web browser or The Citadel library system.
Course Requirements:
•
Internet connection (DSL, LAN, or cable connection)
Course Structure:
•
This course is designed as a lecture class setting.
•
In addition there will be self-paced and group activities using CitLearn and other Web
sites. Activities will consist of Investigative report writing and data warehousing of investigative and crime scene images, notes and reports.•
Classes will be held at The Citadel, Thompson Hall 220 on Tuesday & Thursday
(xxxx – xxxx) Hrs.). During the rest of the week you may be required to review and participate within CitLearn.CitLearn Access:
To access parts of this course on CitLearn you will need access to the Internet and a supported browser (Internet Explorer, Firefox and Safari). You will be routed to CitLearn through access to the Lesesne Gateway. To ensure that you are using a supported browser and have
required plugins please run the Check system / Check browser from Lesesne Gateway login page (check under login area) or your CitLearn course area. Refer to the Lesesne Gateway options or maintenance area for instructions.
Technical Assistance:
Visit the Lesesne Gateway Information Technology Spotlight Area for help or Hotline access.
Important Note: This syllabus, along with course assignments and due dates, are subject to change. It is the students’ responsibility to check CitLearn for corrections or updates to the syllabus. Any changes will be noted through CitLearn.
Course Objectives:
Upon completion of this course, students should be able to:
1. To examine the history of Computer Forensics (language, process, protocols and tools). 2. To understand the principals, goals, challenges and constraints of Computer Forensics. 3. To be able to complete a Computer Forensics Examination from start to finish.
4. To develop a basic understanding of best policies and within the ever-changing field of Computer Forensics
You will meet the objectives listed above through a combination of the following activities in this course:
Activity: Number: Lecture Participation 13 (anticipated)
Assignments 6 (2 to 4 pages or Instructor assigned) Midterm Exam 1
Final Exam 1 Course Calendar: (Specific Due Dates may vary during semester)
1 Syllabus / Course Communication / Operating Systems and Data Transmission Basics for Digital Investigations Chapter 6 Assignment #1 Cyber Investigator job descriptions Companion Text Web Site (In class Binary Code)
2 Federal Rules and Criminal Codes The Law – Search and Seizure Chapter 12 Assignment #2-Freeware Vs. Proprietary (Advantages and Pitfalls / In-Class) Crime Scene #1 Assignment # 1 TBD by 2400 hrs.
3 Forensic Evidence and Crime Investigation
Chapter 1 Assignment #3- Understanding scams and the “Criminal Boiler Room”. Assignment #2 TBD Crime Scene #1 DUE TBD
4 Computer Forensics and Digital Detective Work
Chapter 2 Chapter 3 Assignment #4 – Reporting Criminal Activity Crime Scene #2 Assignment #3 5 Conducting Cyber Investigations: Vice Crimes – Drug Trafficking, Hacking, Cyber Terrorism Chapter 4 Assignment #4 Due TBD
6 On the Hunt – Tracking and Tracing
Cell Phones & Data Devices
Chapter 5 Review for Midterm
Crime Scene # 3
Crime Scene #2
Due - TBD
7 Online Child Enticement – Pedophiles – Human Trafficking Chapter 7 Assignment #5 Understanding the Movie "Disconnect" 8
MIDTERM Crime Scene
#3 Due TBD 9 Intelligence Gathering
(Email)
Chapter 8 Assignment # 5
Due (In class TBD)
10 Internet and Network Forensics and Intrusion
Chapter 9 Assignment # 6 “The Digital Crime Scene – Track and Trace”
Assignment #6 Due TBD
11 Tools of the trade – Tracking Down Those Who Intend to Do Harm on a Large Scale
Chapter 10 REVIEW
FINAL EXAM
12 Fraud and Forensic Accounting
Investigation
Ethical and Professional Responsibility in Testimony Chapter 11 Chapter 13 Final Exam TBD
Course Grading Breakdown:
Points Description
20 Lecture / Participation
40 (8 X 5 Points) Assignments (Crime Scene)
20 Midterm
20 Final
100 Total
Late Work Policy:
Be sure to pay close attention to deadlines—there will be no make-up reports or quizzes, or late work accepted without a serious and compelling reason.
Viewing Grades in CitLearn:
Points you receive for graded activities will be posted to the CitLearn Grade Book. Click on the My Grades link on the left navigation to view your points.
Instructor will update the online grades each time a grading session has been complete—
typically 4 days following the completion of an activity. You will see a visual indication of new grades posted on your CitLearn home page under the link to this course.
Letter Grade Assignment
Final grades assigned for this course will be based on the percentage of total points earned and are assigned as follows:
Letter Grade Total Points
A 90 - 100
C 70 - 79
D 60 - 69
F 59 or below
Course Policies:
Students are expected to attend all classes and participate in all requirements as listed on the course calendar. I expect you to contribute to discussions and offer your comments and insights. Sharing your individual perspectives on the complex issues we discuss is essential to making this class an enjoyable experience. In class I will often pose questions to the class and ask for
reflection on a specific study area or investigative procedure or process. I will take note of the level and quality of your participation throughout the class. In class discussion should reflect constructive thought and intellectual honesty. To receive a high grade you will need to enter our classroom motivated and participate actively and consistently throughout the term.
This class values diversity and stresses the importance of listening to others with respect. Regarding Reports and Assignments for every day an assignment or project is late, it is reduced by a full letter grade. No incomplete grades will be given in the course except under the most exigent circumstances and those in compliance with The Citadel policies. If, for some reason, you do not complete all course requirements at the conclusion of the semester, you will receive a grade based on the assignments and research completed. All other academic policies of The Citadel will be adhered to as written.
Foods and beverages are strictly prohibited in carpeted multimedia classrooms. Clear water only may be consumed in the classroom. Reading materials, other than those used in the course (i.e., newspapers, magazines, novels, materials for other courses, etc.), are not to be read while the class is in session. Note that we are simulating investigative process and procedure a spilled drink, careless bump or the contamination of any file or electronic evidence will be taken as seriously as it would in a real-world environment.
ADDITIONAL INFORMATION:
For additional information on this course or Citadel academic policies visit the sites listed below: With regard to submitting your work, I expect you will turn in your reports, on time, in the proper Word Docx format. I will expect you to keep a (Flash Drive or emailed back-up) copy of your work in the event something happens to the copy you submit.
Do not wait to the last minute to complete your work (Assignments). CLASS ISSUES:
Citadel final exam policy - http://www.citadel.edu/root/aa-exams
at this point a
comprehensive Final Exam is scheduled for Tuesday December 10th 2015, 1300 hrs. ACADEMIC CALENDAR:Latest Academic calendar is posted on the Lesesne Gateway. ACADEMIC DISHONESTY:
Cheating consists of offering another person’s work as one’s own, stealing a class examination, or misrepresentation of the independent originality of a work product. That can be in the form of improperly collaborating with others on assignments where an individual independent work product is required, or misrepresenting the independent originality of one’s work (i.e., submitting the same paper twice, etc.).
Plagiarism is a form of academic dishonesty that consists of representing the writing or ideas or another as your own without providing proper recognition to the originator. Papers which are plagiaristic and/or which paraphrase the original author too closely will not be accepted. If you are unsure about the originality or authorship of an idea, thought, premise, hypothesis, or writing--give the appropriate original author credit through citation, as indicated by the style manual being used.
Neither cheating nor plagiarism in any form will be tolerated. I maintain a zero tolerance policy on matters of academic dishonesty and will pursue disciplinary action to the fullest extent available under The Citadel policy, without exception, against any student engaging in any semblance of cheating or plagiarism.
ACADEMIC ACCOMMODATION:
Students who require academic accommodations or support (i.e., disability, tutorial assistance, mentoring, etc.) should contact the Citadel Academic Support Center, Room 107 Thompson Hall (953-5305/ [email protected]). Other support services are also available in the Citadel
Writing Center in Thompson Hall. Students requiring academic accommodation on examinations or assignments must provide the professor with official documentation from the Academic Support Center.
OFFICE HOURS: After Class or by appointment. If it is an emergency or something that cannot wait until the next day or class, you may contact me at [email protected]. Cell: 410-660-9167 (emergency text message only) my office is located in Capers Hall Rm. 404.
NOTE:
It is possible that changes to the syllabus may occur. Notification of any changes will be
provided during class sessions. It is your responsibility to find out if changes have occurred when you miss a class session.
