1. GUC
  2. Course catalogue
  3. Student handbook
  4. Study plans 2016-2017
  5. Courses 2016-2017
  6. Avdeling for informatikk og medieteknikk
  7. IMT4505-PHS Forensic Tool Development

Forensic Tool Development
Study plans 2016-2017 - IMT4505-PHS - 10 ECTS

On the basis of

NCFI2 or similar, admission criteria for MISEB program and for all courses delivered by PHS (Politihøgskolen).

Expected learning outcomes

Knowledge
After completing the course, candidates will have knowledge of:

  • general programming concepts in both imperative and object-oriented paradigms
  • methods of forensic tool testing and validation
  • legal issues related to the admissibility of digital evidence in court proceedings both in the Nordic countries and internationally

Skills
After completing the course, candidates will be able to:

  • develop large-scale forensic applications
  • compare the performance of forensic tools
  • evaluate the validity of the results returned by forensic tools
  • present the results of new tools in the courtroom

General competence
After completing the course, candidates will be able to:

  • perform professional tasks in the role of digital forensic investigator with increased insight and confidence
  • see the role of digital forensics in a broader perspective during an investigation
  • identify ethical and legal issues during investigation

Topic(s)

The field of digital forensics and cybercrime investigation is expanding rapidly. The ability to develop software solutions to handle problems in these areas is of paramount importance in the continued success of these techniques in court proceedings. This course examines the means by which forensic tools are developed. Students will progress from basic programming, to the development of large-scale forensic solutions. As the ultimate aim of every case is its successful prosecution in a courtroom, students will see how the forensic tools are tested and validated using scientific methodologies, thus ensuring that any evidence acquired through the use of these tools will be admissible in court.

Teaching Methods

E-learning
Exercises
Other

Teaching Methods (additional text)

This course will be delivered on-line through a combination of lectures, exercises, quizzes and assignments.

The approximate duration of the module is 280 hours.

Students may choose to study at their own pace within the semester. However, it is expected that the course is completed within 4 months. Since software development is a practical skill, students will be presented with numerous exercises throughout the course to ensure that they have sufficient practical exposure.

Student support will be delivered via electronic means such as: email, discussion fora, chat and virtual classrooms.

An e-learning platform is used for the administration and implementation of the module (PHS It´s Learning/PingPong).

Form(s) of Assessment

Oral exam, individually
Other

Form(s) of Assessment (additional text)

The programme concludes with an examination consisting of two parts:

  • Submission of software development project
  • An oral examination based on the project
  • Both parts of the examination must be passed. An overall grade is given, which may be adjusted one step up or down based on oral examination.

Grading Scale

Alphabetical Scale, A(best) – F (fail)

External/internal examiner

1 or 2 external examiners. Evaluated by PHS.

Re-sit examination

The project must be retaken next time the course is running.

Coursework Requirements

  • Successful completion of up to 10 on-line MCQ tests throughout the course. Students may have multiple attempts at these tests if necessary.

Teaching Materials

Students will be examined on all material published in the lessons, and a number of specific web resources and research articles (both technical and legal) which are provided to students during the course. These form part of the mandatory reading requirements and will be examinable.

In addition, students may wish to refer to the following books:

  •  Lutz, M. (2013) Learning Python(5th Ed.), O'Reilly Media, ISBN: 1449355730
  • O'Connor, T. J. (2012)Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers.Syngress, ISBN: 1597499579
  • Downey, A. B. (2012),Think Python, O'Reilly Media, ISBN 144933072X

 Students may wish to refer to the following web resources:

Additional information

This will be delivered by PHS (Politihøgskolen), first time in academic year 2015/2016. Only available for students on the Experience-based master in information security, track Digital Forensics and Cybercrime Investigation.