Presentation on how to chat with PDF using ChatGPT code interpreter
computer forensics
1. FINAL YEAR DEGREE PROJECT
Objective Settings Proforma
Student’s Name: Lisa Jarrett
First Assessor: Keith Verheyden
Second Assessor: Paula Thomas
Project Title:
Create and design a realistic case study investigation scenario for use by academia in a
computer forensics training program
"Murder of an entrepreneur”
Project Objectives & Deliverables
Objectives
1. To investigate and examine the current educational resources (Case Studies
and forensics datasets) used by Universities in terms of development
standards and implementation.
2. To investigate and examine the current training resources (Case Studies and
forensics datasets) used by accredited companies conducting forensic
training in terms of development standards and implementation.
3. Gain an understanding and insight into the students’ competencies with
computer systems and evaluate their capabilities of using various software
tools when conducting a digital evidence investigation.
4. To propose and develop a competency framework that can be used as an
educational teaching resource for Computer Forensic investigation training.
Deliverables
A literature review of digital forensics training resources available for academic
purposes
A report based on a study of the skills and knowledge gap of current undergraduate
students (?)
2. Contents
Title - Create a framework for Computer Forensics students ................................. 3
Statement of Originality .......................................................................................... 3
Abstract .................................................................................................................. 3
Project Introduction................................................................................................. 3
Issues associated with its design and development ............................................... 4
Clear Aims and Objectives ..................................................................................... 4
Literature Review ....................................................................................................... 5
Overview................................................................................................................. 5
What is Computer Forensics .................................................................................. 5
Why do we need it? ................................................................................................ 5
Crimes .................................................................................................................... 5
Digital Evidence...................................................................................................... 6
Characteristics of computer forensics curriculum in Academia............................... 6
Current Pedagogy strategies .................................................................................. 6
Characteristics of industry based computer forensics programs ............................ 8
1. Frameworks, Standards, Certification, Accreditation?................................... 8
2. Training methods .......................................................................................... 8
3. Content ......................................................................................................... 8
4. Resource materials ....................................................................................... 8
5. Digital forensic software applications and tools............................................. 8
Part 2 - Design Phase ................................................................................................ 8
Summary Chapter................................................................................................... 9
References ............................................................................................................. 9
Bibliography............................................................................................................ 9
Appendices............................................................................................................. 9
4. Title - Create a framework for Computer Forensics students
Statement of Originality
Abstract
In this report an investigation into the evolution and importance of computer crime
with computer forensics, at the same time discuss the crisis of computer forensics
and the challenges faced by the Academics in the newest forensic science discipline.
There has been much research and study into key topics and relevant subjects
needed to design a curriculum framework to train and educate students to become
Computer Forensic Investigators and prepare them for the real world. The main
objective of this report has been to propose and develop a competency framework
that can be used as an educational teaching resource for Computer Forensic
investigation training in Academia, proposing different approaches and directions to
better reflect the disciplines present-day objectives.
There will be a focus on the technical aspects of producing teaching repositories and
provide an insight of students understandings of the curriculum and the challenges
and unique issues they are up against in such a fast paced technological career.
Project Introduction
This report is a review of the current CF educational resources, forensic tools and
training programs’ content, it also outlines the deductions made from studying the
many different literatures and research papers. The results and conclusions made
from this review will be the basis for the new framework and outline different
proposals for academics that train and educate students to become CF investigators
and make considerations regarding different pedagogic approaches depending on
the crime being investigated.
5. Issues associated with its design and development
Clear Aims and Objectives
The overall aim of the project is to develop a digital crime case study resource based
on a crime (murder) and facilitate the practicum teaching of computer forensics in
academia. Digital forensic investigators will require an in-depth understanding and
knowledge of Information Technology which requires specialised training.
Recruitment in the high tech crime industry resembles every other, they want and
require experience. Like most industries they are unable to spare time or have
access to large funds of money for training graduate students without previous know-
how. The development of this framework will involve a full investigation and analysis
of digital evidence involved in the case study scenario in addition to producing
reports of any probative digital evidence found. The main objective will be to close
the skills gap and provide students with relevant experience whilst preparing for the
importance of managing electronic evidence cases. Furthermore graduate students
can demonstrate their skills and capabilities when dealing with a specific digital crime
scenario to prospective employers and illustrate their contribution in the
investigation. The research study indicated that the development of certain practicum
and pedagogy is much needed to cope with the current challenges faced in
computer forensics.
Despite the economic recession that we are currently experiencing and the new HE
policy introduced by the UK government, the computer forensics discipline has
benefitted with HE institutions are compelled to address the employability of students
and expected to achieve a more transitional balance from academia to industry.
6. Literature Review
Overview
A review of areas relating to recent advances and current issues, laboratory
exercises to improve technical experiences, hands on experience in hardware and
software tools develop active learning modules. Computer forensics is a unique discipline of science, and in
many areas it requires a different approach, different tools, as well as specialised education and training. While the distinctive position of
computer forensics is generally accepted, the formal recognition of computer forensics as a section of forensic science has not yet eventuated.
What is Computer Forensics
Computer forensics involves the preservation, identification, extraction and
documentation of digital evidence in magnetic, optical, or electronic forms hard drive,
disk drives, USB drive, Zip drive),on stored media unlike paper evidence (Craiger).
When computer systems are seized, forensic specialists perform their investigation
analysis and also protect the systems and any components in the likelihood it is be
needed for criminal or civil proceedings.
Why do we need it?
Computer Crimes have been a prevalent topic in the media for several years,
although the first computer crime committed was in 1820, it is only since the
This new forensic science disciple is fast becoming progressively popular as the
proliferation of advancing technology is enterprising the criminals illegal activities.
Crimes
To assist and for the simplicity in the understanding of computer crime the following
classifications are proposed:
Criminal activity targets computer systems, networks or media storage,
a tool to facilitate a new style of crime
Assisted by computer systems, a new way to commit traditional crimes
(harassment, fraud).
Computer systems that are secondary to the crimes but utilise their facilities
as a replacement for conventional tools (drug dealers tick list) using software
accounting packages.
7. The classification used here is only to support and understand the context of a
complex subject. Computer crime has directly led into efforts for fighting it, computer
forensics was born. The obvious attraction to computer crime is blatantly obvious. At
the turn of the century, criminals would have found it difficult to steal the filing cabinet
and its contents, but nowadays it has been made much easier by simply
downloading the entire contents onto a usb stick or emailing the information to
storage somewhere in the cloud.
Digital Evidence
Virtually every computer device incriminated in digital media investigations and court
cases rely on digital evidence obtained from them since they nearly always leave a
digital footprint (Locards Principle).The procedures in paper evidence cases are
instinctively clear, but digital evidence is invisible to the human eye so the specific
tools that have been developed to find this evidence are used and the paper
evidence procedures are mimicked. The procedure also involves the documentation
“an audit trail”, required for the integrity and authenticity of the evidence. More
importantly this documentation provides the method used by the expert and can be
used for third parties to repeat the process and arrive at the same conclusion and
provide explanations for use in court prosecutions.
Characteristics of computer forensics curriculum in Academia
Current Pedagogy strategies
Ref: Analysing teaching design repositories
Danyu Zhang, Rafael Calvo, Nicholas Carroll, John Currie
Ref http://docs.moodle.org/24/en/Pedagogy
1. Use of Simulation techniques -
2. Reusable learning object approach
3. Hands on experience – work based
4. Individual project lab exercises
5. Team Project lab exercises
6. Use a real to life crime scene house / unit
7. Case Study Scenarios
(i) Frameworks, standards, certification and accredidation?
(ii) Content and learning outcomes
9. Characteristics of industry based computer forensics programs
Frameworks, Standards, Certification, Accreditation?
Training methods
Content
Resource materials
Digital forensic software applications ,tools and techniques
Part 2 - Design Phase
Proposed Design of a Teaching Repositories
(i) Key Objectives
(ii) Testing / Evaluation
(iii) Forensic Image
(iv)System and Material Requirements
(v) Case Scenario Plan
(vi)Story Board, Timeline, Character Roles
(vii) Secondary Data Sources
(viii) Creating the artefacts
(ix)Methodology - Hiding the Artefacts
(x) Answer Key and Master Artefact sheet
(xi)Implementation
(xii) Testing / Evaluation
(xiii) Implementation
11. Leads
Journal – IEEE
A Comparative Study of Forensic Science and Computer Forensics
Developing a computer forensics program in police higher education
Developing an Innovative Baccalaureate Program in Computer Forensics
A Framework to Guide the Implementation of Proactive Digital Forensics in
Organisations
Pedagogy and Overview of a Graduate Program in Digital Investigation
Management
Science Direct
Current issues confronting well-established computer-assisted child
exploitation and computer crime task forces
Bringing science to digital forensics with standardized forensic corpora
The future of forensic and crime scene science: Part II. A UK perspective
on forensic science education Volume 157, Supplement, Pages S1-S20
(14 March 2006)
Forensic science on trial—still! Response to “Educating the next
generation” [Science and Justice, 48 (2008) 59–60]
http://www.sleuthkit.org/sleuthkit/docs/framework-docs/basics_page.html
http://zeltser.com/cheat-sheets/
Neil C. Rowe, Testing the National Software Reference Library, Digital
Investigation, Volume 9, Supplement, August 2012, Pages S131-S138, ISSN
1742-2876, 10.1016/j.diin.2012.05.009.
(http://www.sciencedirect.com/science/article/pii/S1742287612000345)
Abstract: The National Software Reference Library (NSRL) is an essential
data source for forensic investigators, providing in its Reference Data Set
(RDS) a set of hash values of known software. However, the NSRL RDS has not
previously been tested against a broad spectrum of real-world data. The
current work did this using a corpus of 36 million files on 2337 drives
from 21 countries. These experiments answered a number of important
questions about the NSRL RDS, including what fraction of files it
recognizes of different types. NSRL coverage by vendor/product was also
tested, finding 51% of the vendor/product names in our corpus had no hash
values at all in NSRL. It is shown that coverage or “recall” of the NSRL
can be improved with additions from our corpus such as frequently-occurring
files and files whose paths were found previously in NSRL with a different
hash value. This provided 937,570 new hash values which should be
12. uncontroversial additions to NSRL. Several additional tests investigated
the accuracy of the NSRL data. Experiments testing the hash values saw no
evidence of errors. Tests of file sizes showed them to be consistent except
for a few cases. On the other hand, the product types assigned by NSRL can
be disputed, and it failed to recognize any of a sample of virus-infected
files. The file names provided by NSRL had numerous discrepancies with the
file names found in the corpus, so the discrepancies were categorized;
among other things, there were apparent spelling and punctuation errors.
Some file names suggest that NSRL hash values were computed on deleted
files, not a safe practice. The tests had the secondary benefit of helping
identify occasional errors in the metadata obtained from drive imaging on
deleted files in our corpus. This research has provided much data useful in
improving NSRL and the forensic tools that depend upon it. It also provides
a general methodology and software for testing hash sets against corpora.
Keywords: NSRL; Forensics; Files; Hash values; Coverage; Accuracy;
Extensions; Directories
http://cfed-ttf.blogspot.co.uk/
President Obama Expands “Educate to Innovate” Campaign for Excellence in Science,
Technology, Engineering, and Mathematics (STEM) Education.
For educators who want a view of some of the education materials already available, check
out stay safe online sponsored by the National Cybersecurity Alliance to learn more.
The National Science Foundation is working to build an information security workforce who
will play a critical role in implementing the national strategy to secure cyberspace through
several efforts including its Advanced Technology Education (ATE) program. Currently three
ATE Regional centers serve to increase the quality and quantity of the cybersecurity
workforce: the Cyber Security Education Consortium, Center for System Security and
Information Assurance, and CyberWatch.
o CyberWatch overview
The National Centers of Academic Excellence sponsored by NSA and the Department of
Homeland Security (DHS) promotes higher education and research in IA and helps to
increase the number of professionals with IA expertise in various disciplines
p
http://digitalforensicsisascience.blogspot.co.uk/2012/01/series-introduction-spring-
2012-anti.html
http://windowsir.blogspot.co.uk/p/little-black-book-of-windows-forensic.html
Welcome to ITALICS - Innovation in Teaching And
Learning in Information and Computer Sciences
Edited by Stephen Hagan, University of Ulster
This is a temporary home page until our exciting new website is constructed over the coming
months.
Welcome to ITALICS, Innovation in Teaching And Learning in Information and Computer Sciences, the electronic
journal of the Higher Education Academy for Information and Computer Sciences (ICS). ITALICS provides a
vehicle for members of the ICS communities to disseminate best practice and research on learning and teaching
within their disciplines.
13. Scope
ITALICS aims to highlight current issues in learning and teaching Information and Computer Sciences at the
Higher Education (HE) level including:
Innovative approaches to learning and teaching
Developments in computer-based learning and assessment
Open, distance, collaborative and independent learning approaches
The variety of contexts in which students in HE learn -
Including work-based learning, placements and study visits
Improving the student experience
Continuous professional development
The integration of theory and practice
Submissions
Submissions to be sent to Stephen Hagan.
Along with your article, please send us a signed copy of the contributor’s agreement. Please download this pdf
file, sign it and return the paper copy to Hazel White, The Higher Education Academy, Innovation Way,
Heslington York, YO10 5BR. We would also welcome scanned, signed copies sent by email to Hazel White but
please send your paper copy as well. In the event that your article is not accepted for publication, we shall
destroy this agreement.
Issues
There will be three issues of ITALICS each year, published in February, June and November. The journal will
include:
An editorial
Peer reviewed papers
Book reviews
Themed issues will be produced at least once a year and there will be opportunities for guest editors to take the
helm. If you are interested in contributing to a themed issue or becoming a guest editor for ITALICS, pleaseemail
us.
ITALICS, June 2012 issue
Volume 11
June 2012 issue
Editorial
Individual papers from the authors
Paper 1
Paper 2
14. Paper 3
Paper 4
Paper 5
Paper 6
Paper 7
Previous issues of ITALICS are available on ICS website, and will shortly be available from this page.
16. Bibliography
2003. Accreditation, quality control & assurance. Forensic Science International,
136, Supplement 1, 5-10.
ARMSTRONG, C. J. 2003. Mastering computer forensics. Security education and critical infrastructures, 125, 151.
ARMSTRONG, C. 2007. An Analysis of Computer Forensic Practitioners Perspectives on Education and Training
Requirements. Fifth World Conference on Information Security Education, 1-8.
ARMSTRONG, C. J. 2012. Computer Forensics (CF 601) Unit Outline Semester 1, 2012.
ARMSTRONG, H. & ARMSTRONG, C. 2007. The Role of Information Security Industry Training and Accreditation in
Tertiary Education. Fifth World Conference on Information Security Education, 137-140.
ARMSTRONG, C. J. 2005. Development of a Research Framework for Selecting Computer Forensic Tools. Curtin
University of Technology.
ARMSTRONG, C. J. & ARMSTRONG, H. L. Mapping information security curricula to professional accreditation
standards. 2007. IEEE, 30-35.
ARMSTRONG, C. 2003. Developing a framework for evaluating computer forensic tools. Evaluation in Crime
Trends and justice: Trends and Methods Conference in Conjunction with the Australian Bureau of Statistics,
Canberra Australia, 24-25.
ARMSTRONG, C. & JAYARATNA, N. 2004. Teaching computer forensics, uniting practice with intellect. Proceedings
of the 8th Colloquium for Information Systems Security Education, West Point New York.
AUSTIN, R. D. Digital forensics on the cheap: teaching forensics using open source tools. Proceedings of the 4th
annual conference on Information security curriculum development, 2007. ACM, 6.
BATTEN, L. & PAN, L. 2008. Teaching digital forensics to undergraduate students. Security & Privacy, IEEE, 6, 54-
56.
BECKETT, J. & SLAY, J. 2011. Scientific underpinnings and background to standards and accreditation in digital
forensics. Digital Investigation, 8, 114-121.
BEM, D. & HUEBNER, E. Computer forensics workshop for undergraduate students. 2008. Australian Computer
Society, Inc., 29-33.
BASSETT, R., BASS, L. & O’BRIEN, P. 2006. Computer forensics: An essential ingredient for cyber security. Journal of
Information Science and Technology, 3, 22-32.
BRILL, A. E., POLLITT, M. & WHITCOMB, C. M. 2006. The evolution of computer forensic best practices: an
update on programs and publications. Journal of Digital Forensic Practice, 1, 3-11.
BRINSON, A., ROBINSON, A. & ROGERS, M. 2006. A cyber forensics ontology: Creating a new approach to
studying cyber forensics. digital investigation, 3, 37-43.
CALOYANNIDES, M. A. 2003. Digital evidence and reasonable doubt. IEEE Security and Privacy, 1, 89-91.
CARBONE, A., MANNILA, L. & FITZGERALD, S. 2007. Computer science and IT teachers' conceptions of successful
and unsuccessful teaching: A phenomenographic study. Computer Science Education, 17, 275-299.
CARRIER, B. & SPAFFORD, E. H. An event-based digital forensic investigation framework. Digital forensic research
workshop, 2004.
17. CARRIER, B. & SPAFFORD, E. H. 2003. Getting physical with the digital investigation process. International Journal
of Digital Evidence, 2, 1-20.
CHEN, P. S., TSAI, L. M. F., YING-CHIEH, C. & YEE, G. Standardizing the construction of a digital forensics
laboratory. Systematic Approaches to Digital Forensic Engineering, 2005. First International Workshop on, 7-9
Nov. 2005 2005. 40-47.
CHI, H., JONES, E. L., CHATMON, C. & EVANS, D. Design and Implementation of Digital Forensics Labs.
CHU, H. C., LIN, W. D. & CHANG, K. H. 2010. Digital Forensics Core Curriculum Design in Higher Education in
Ubiquitous Computing Era. 淡江理工學刊, 13, 89-97.
COHEN, M., GARFINKEL, S. & SCHATZ, B. 2009. Extending the advanced forensic format to accommodate multiple
data sources, logical evidence, arbitrary information and forensic workflow. digital investigation, 6, S57-S68.
COLLINS, D. & MCGUIRE, T. 2008. Using the DC3 forensic challenge as a basis for a special topics digital forensics
upper level undergraduate course. Journal of Computing Sciences in Colleges, 23, 8-14.
CONGDON, C. B., FITZGERALD, S., KING, M. S., SEMMES, P. & CHAIRMAN-KAY, D. G. 2000. Teaching advice and
support for new and adjunct faculty (panel session): experiences, policies, and strategies. ACM SIGCSE Bulletin, 32,
414-415.
COOPER, P., FINLEY, G. T. & KASKENPALO, P. Towards standards in digital forensics education. Proceedings of
the 2010 ITiCSE working group reports, 2010. ACM, 87-95.
CRAIGER, J. P., POLLITT, M. & SWAUGER, J. 2005. Law enforcement and digital evidence. Handbook of Information
Security John Wiley & Sons (in Print).
CRAIGER, P., BURKE, P., MARBERRY, C. & POLLITT, M. 2008. A virtual digital forensics laboratory. Advances in
Digital Forensics IV, 357-365.
CRAIGER, P., PONTE, L., WHITCOMB, C., POLLITT, M. & EAGLIN, R. Master's Degree in Digital Forensics. 2007. IEEE,
264b-264b.
CRELLIN, J., ADDA, M. & DUKE-WILLIAMS, E. 2010. The use of simulation in digital forensics teaching.
CRELLIN, J., ADDA, M., DUKE-WILLIAMS, E. & CHANDLER, J. 2011. Simulation in computer forensics teaching: the
student experience.
CRELLIN, J. & KARATZOUNI, S. 2009. Simulation in digital forensic education.
DAVEY, J., ARMSTRONG, C. & ARMSTRONG, H. 2001. Teaching cyberwarfare tactics and strategy.
DINOLT, G., FARRELL, P., GARFINKEL, S. & ROUSSEV, V. 2009. Bringing Science to Digital Forensics with
Standardized Forensic Corpora. NAVAL POSTGRADUATE SCHOOL MONTEREY CA GRADUATE SCHOOL OF
OPERATIONAL AND INFORMATION SCIENCES.
18. DOWNS, J. C. U. & RANADIVE SWIENTON, A. 2012. Chapter 6 - Ethics Codes in Other Organizations: Structures
and Enforcement. In: DOWNS, J. C. U. & ANJALI RANADIVE, S. (eds.) Ethics in Forensic Science. San Diego:
Academic Press.
DURANTI, L. & ENDICOTT-POPOVSKY, B. 2010. Digital records forensics: A new science and academic program for
forensic readiness. Journal of Digital Forensics, Security and Law, 5.
ENDICOTT-POPOVSKY, B., FRINCKE, D. & POPOVSKY, V. 2004. Designing a Computer Forensics Course for an
Information Assurance Track. 8th Colloquium for Information Systems Security Education, West Point, NY.
ENDICOYTT-POPUVSKY, B. 2003. Ethics and teaching information assurance. Security & Privacy, IEEE, 1, 65-67.
FERGUSON-BOUCHER, K. & ENDICOTT-POPOVSKY, B. 2008. Digital Forensics and Records Management: What
We Can Learn from the Discipline of Archiving.
GARFINKEL, S. 2007. Anti-forensics: Techniques, detection and countermeasures. The 2nd International Conference
on i-Warfare and Security (ICIW), 77-84.
GARFINKEL, S. 2012. Lessons learned writing digital forensics tools and managing a 30TB digital evidence corpus.
Digital Investigation, 9, S80-S89.
GARFINKEL, S., FARRELL, P., ROUSSEV, V. & DINOLT, G. 2009. Bringing science to digital forensics with
standardized forensic corpora. digital investigation, 6, S2-S11.
GARFINKEL, S., WOODS, K., LEE, C. A., DITTRICH, D., RUSSELL, A. & KEARTON, K. 2011. Creating Realistic Corpora
for Security and Forensic Education. NAVAL POSTGRADUATE SCHOOL MONTEREY CA DEPT OF COMPUTER
SCIENCE.
GARFINKEL, S. L. 2007. Forensic corpora: a challenge for forensic research. Electronic Evidence Information Center.
GARFINKEL, S. L. 2010. Digital forensics research: The next 10 years. Digital Investigation, 7, S64-S73.
GARFINKEL, S. L. 2012. Methods for creating realistic disk images for forensics tool testing and education.
GOTTSCHALK, L., LIU, J., DATHAN, B., FITZGERALD, S. & STEIN, M. 2005. Computer forensics programs in higher
education: a preliminary study. ACM SIGCSE Bulletin, 37, 147-151.
GILLAM, W. B. & ROGERS, M. 2005. File Hound: A Forensics Tool for First Responders. Digital forensics research
workshop, New Orleans, LA. Retrieved from http://www. dfrws. org.
GOTTSCHALK, P., FILSTAD, C., GLOMSETH, R. & SOLLI-SÆTHER, H. 2011. Information management for
investigation and prevention of white-collar crime. International Journal of Information Management, 31, 226-233.
GUO, Y. & SLAY, J. 2010. Testing Forensic Copy Function of Computer Forensics Investigation Tools. Journal of
Digital Forensic Practice, 3, 46-61.
HAGGERTY, J. & TAYLOR, M. 2006. Managing corporate computer forensics. Computer Fraud & Security, 2006, 14-
16.
19. HANKINS, R., UEHARA, T. & LIU, J. A comparative study of forensic science and computer forensics. 2009. IEEE,
230-239.
HANNAN, M., FRINGS, S., BROUCEK, V. & TURNER, P. Forensic Computing Theory & Practice: Towards developing
a methodology for a standardised approach to Computer misuse. 1st Australian Computer, Network and
Information Forensics Conference, Perth, WA, Australia, 2003.
HARRISON, W. 2006. A term project for a course on computer forensics. Journal on Educational Resources in
Computing (JERIC), 6, 6.
HIBSHI, H., VIDAS, T. & CRANOR, L. Usability of forensics tools: a user study. IT Security Incident Management
and IT Forensics (IMF), 2011 Sixth International Conference on, 2011. IEEE, 81-91.
HUANG, J., YASINSAC, A. & HAYES, P. J. Knowledge Sharing and Reuse in Digital Forensics. 2010. IEEE, 73-78.
HUEBNER, E., BEM, D. & BEM, O. 2007. Computer Forensics–Past, Present And Future. Information security
Technical report, 8, 32-46.
HUEBNER, E., BEM, D. & CHEUNG, H. 2010. Computer Forensics Education–the Open Source Approach. Open
Source Software for Digital Forensics, 9-23.
HUEBNER, E., BEM, D. & RUAN, C. Computer forensics tertiary education in Australia. 2008. IEEE, 1383-1387.
HUEBNER, E., BEM, D. & WEE, C. K. 2006. Data hiding in the NTFS file system. digital investigation, 3, 211-226.
HUEBNER, E. & ZANERO, S. 2010. Open source software for digital forensics, Springer
HUNTON, P. 2012. Managing the technical resource capability of cybercrime investigation: a UK law enforcement
perspective. Public Money & Management, 32, 225-232.
IRONS, A., STEPHENS, P. & FERGUSON, R. 2009. Digital Investigation as a distinct discipline: A pedagogic
perspective. Digital Investigation, 6, 82-90.
J CRELLIN, J., ADDA, M. DUKE-WILLIAMS, E. Virtual Worlds for Simulation in Computer Forensics Teaching. 2011.
JIGANG, L. Developing an Innovative Baccalaureate Program in Computer Forensics. 2006. 1-6.
KABAY, M. E. 2003. Crime, Use of Computers in. In: EDITOR-IN-CHIEF: HOSSEIN, B. (ed.) Encyclopedia of
Information Systems. New York: Elsevier.
KESSLER, G. C. & HAGGERTY, D. Pedagogy and Overview of a Graduate Program in Digital Investigation
Management. Hawaii International Conference on System Sciences, Proceedings of the 41st Annual, 2008. IEEE,
481-48
KESSLER, G. C. & SCHIRLING, M. E. 2006. The design of an undergraduate degree program in computer & digital
forensics. Journal of Digital Forensics, Security, and Law, 3, 37-50.
LACEY, T. H., PETERSON, G. L. & MILLS, R. F. The Enhancement of Graduate Digital Forensics Education via the
DC3 Digital Forensics Challenge. System Sciences, 2009. HICSS '09. 42nd Hawaii International Conference on, 5-8
Jan. 2009 2009. 1-9.
20. LAWRENCE, K. R. & CHI, H. Framework for the design of web-based learning for digital forensics labs.
Proceedings of the 47th Annual Southeast Regional Conference, 2009. ACM, 76.
LEE, J., UN, S. & HONG, D. Improving Performance in Digital Forensics: A Case Using Pattern Matching Board.
Availability, Reliability and Security, 2009. ARES'09. International Conference on, 2009. IEEE, 1001-1005.
LIN, Y. C. 2008. Study of computer forensics from a cross-cultural perspective: Australia and Taiwan. Ph. D.
Dissertation, University of South Australia.
LISTER, R., BERGLUND, A., BOX, I., COPE, C., PEARS, A., AVRAM, C., BOWER, M., CARBONE, A., DAVEY, B. & DE
RAADT, M. Differing ways that computing academics understand teaching. 2007. Australian Computer Society,
Inc., 97-106.
LIU, J. Developing an innovative baccalaureate program in computer forensics. 2006. IEEE, 1-6.
LIU, J. 2010. Implementing a baccalaureate program in computer forensics. Journal of Computing Sciences in
Colleges, 25, 101-109.
LIU, J. & UEHARA, T. Computer forensics in Japan: a preliminary study. 2009. IEEE, 1006-1011.
LIU, J., UEHARA, T. & SASAKI, R. 2011. Development of digital forensics practice and research in Japan. Wireless
Communications and Mobile Computing, 11, 240-253.
LOGAN, P. Y. & CLARKSON, A. Teaching students to hack: curriculum issues in information security. ACM SIGCSE
Bulletin, 2005. ACM, 157-161.
MANZANO, Y. Software Forensics Overview.
MANSON, D., CARLIN, A., RAMOS, S., GYGER, A., KAUFMAN, M. & TREICHELT, J. Is the open way a better way?
Digital forensics using open source tools. System Sciences, 2007. HICSS 2007. 40th Annual Hawaii International
Conference on, 2007. IEEE, 266b-266b.
MAXWELL, K. D., LOKAN, C., WRIGHT, T., HILL, P. R., STRINGER, M., HEIRES, J. T., FOGLE, S., LOULIS, C.,
NEUENDORF, B. & THOMAS, G. C. Benchmarking Software Organizations.
MCGUIRE, T. J. & MURFF, K. N. 2006. Issues in the development of a digital forensics curriculum. J. Comput. Sci.
Coll., 22, 274-280.
MENNELL, J. 2006. The future of forensic and crime scene science: Part II. A UK perspective on forensic science
education. Forensic science international, 157, S13-S20.
MEYERS, M. 2005. Computer Forensics: Towards Creating A Certification Framework. M. Sc. Diss., Centre for
Education and Research in Information Assurance and Security, Purdue University, West Lafayette, IN.
MEYERS, M. 2005. CERIAS Tech Report 2005-28 COMPUTER FORENSICS: TOWARDS CREATING A CERTIFICATION
FRAMEWORK.
EYERS, M. & ROGERS, M. 2004. Computer forensics: the need for standardization and certification. International
Journal of Digital Evidence, 3, 1-11.
21. MEYERS, M. & ROGERS, M. 2005. Digital forensics: meeting the challenges of scientific evidence. Advances in
Digital Forensics, 43-50.
NANCE, K., ARMSTRONG, H. & ARMSTRONG, C. Digital forensics: Defining an education agenda. 2010. IEEE, 1-10.
OWEN, P. & THOMAS, P. 2011. An analysis of digital forensic examinations: Mobile devices versus hard disk drives
utilising ACPO & NIST guidelines. Digital Investigation, 8, 135-140.
OSTERBURG, J. W. & WARD, R. H. 2010. Chapter 13 - Reconstructing the Past: Methods, Evidence, Examples.
Criminal Investigation (Sixth Edition). Boston: Anderson Publishing, Ltd.
PASHEL, B. A. Teaching students to hack: ethical implications in teaching students to hack at the university level.
Proceedings of the 3rd annual conference on Information security curriculum development, 2006. ACM, 197-200.
PETERSON, G., RAINES, R. & BALDWIN, R. Graduate Digital Forensics Education at the Air Force Institute of
Technology. System Sciences, 2007. HICSS 2007. 40th Annual Hawaii International Conference on, 2007. IEEE,
264c-264c.
PETERSON, G. L., RAINES, R. A. & BALDWIN, R. O. Graduate Digital Forensics Education at the Air Force Institute of
Technology. System Sciences, 2007. HICSS 2007. 40th Annual Hawaii International Conference on, Jan. 2007
2007. 264c-264c.
PHILIP, C., LUCILLE, P., CARRIE, W., MARK, P. & RONALD, E. Master's Degree in Digital Forensics. System Sciences,
2007. HICSS 2007. 40th Annual Hawaii International Conference on, Jan. 2007 2007. 264b-264b.
POLLITT, M., CALOYANNIDES, M., NOVOTNY, J. & SHENOI, S. 2004. Digital forensics: operational, legal and
research issues. Data and Applications Security XVII, 393-403.
POLLITT, M., NANCE, K., HAY, B., DODGE, R. C., CRAIGER, P., BURKE, P., MARBERRY, C. & BRUBAKER, B. 2008.
Virtualization and digital forensics: a research and education agenda. Journal of Digital Forensic Practice, 2, 62-73.
POLLITT, M. M. 1995. Principles, practices, and procedures: an approach to standards in computer forensics.
Second International Conference on Computer Evidence, 10-15.
ROGERS, M. 2003. Computer forensics: Science or fad. Security Wire Digest, 5.
ROGERS, M. 2003. The role of criminal profiling in the computer forensics process. Computers & Security, 22, 292-
298.
ROGERS, M. & MEYERS, M. 2010. Digital Forensics: Meeting the Challenges of Scientific Evidence. IFIP
International Federation for Information Processing, 194.
ROGERS, M. K. The Future of Digital Forensics: Challenges and Opportunities.
ROGERS, M. K. & SEIGFRIED, K. 2004. The future of computer forensics: a needs analysis survey. Computers &
Security, 23, 12-16.
SAHAMI, M., ROACH, S., CUADROS-VARGAS, E. & REED, D. Computer science curriculum 2013: reviewing the
strawman report from the ACM/IEEE-CS task force. Proceedings of the 43rd ACM technical symposium on
Computer Science Education, 2012. ACM, 3-4.
22. SALT, D. W., LALLIE, H. S. & LAWSON, P. STUDYING FIRST YEAR FORENSIC COMPUTING: MANAGING THE
STUDENT EXPERIENCE.
SHINDER, L. & CROSS, M. 2008. Chapter 16 - Building the Cybercrime Case. Scene of the Cybercrime (Second
Edition). Burlington: Syngress.
SIMMONS, M. & CHI, H. Designing and implementing cloud-based digital forensics hands-on labs. Proceedings
of the 2012 Information Security Curriculum Development Conference, 2012. ACM, 69-74.
SIMON, M. & SLAY, J. Forensic Computing Training, Certification and Accreditation: An Australian Overview. Fifth
World Conference on Information Security Education, 2007. Springer, 105-112.
SIMPSON, J., SIMPSON, M., ENDICOTT-POPOVSKY, B. & POPOVSKY, V. 2010. Secure Software Education: A
Contextual Model-Based Approach. International Journal of Secure Software Engineering (IJSSE), 1, 35-61.
SOMMER, P. 1997. Downloads, logs and captures: Evidence from cyberspace. Journal of Financial Crime, 5, 138-
151.
SOMMER, P. 1998. Digital footprints: Assessing computer evidence. Criminal Law Review, 12, 61-78.
SOMMER, P. 2002. Downloads, Logs and Captures: Evidence from Cyberspace. CTLR-OXFORD-, 8, 33-42.
SOMMER, P. 2004. The future for the policing of cybercrime. Computer Fraud & Security, 2004, 8-12.
SOMMER, P. 2004. The challenges of large computer evidence cases. Digital Investigation: The International
Journal of Digital Forensics & Incident Response, 1, 16-17.
SOMMER, P. 2010. Forensic science standards in fast-changing environments. Science & Justice, 50, 12-17.
SOMMER, P. 2011. Certification, registration and assessment of digital forensic experts: The UK experience. Digital
investigation, 8, 98-105.
SZEŻYŃSKA, M., HUEBNER, E., BEM, D. & RUAN, C. 2009. Methodology and Tools of IS Audit and Computer
Forensics–The Common Denominator. Advances in Information Security and Assurance, 110-121.
TAYLOR, C., ENDICOTT-POPOVSKY, B. & FRINCKE, D. A. 2007. Specifying digital forensics: A forensics policy
approach. digital investigation, 4, 101-104.
TAYLOR, C., ENDICOTT-POPOVSKY, B. & PHILLIPS, A. Forensics education: Assessment and measures of
excellence. 2007. IEEE, 155-165.
THOMAS, P., TRYFONAS, T. & SUTHERLAND, I. AN ANALYSIS OF THE CURRICULUM COMPONENTS OF
COMPUTER FORENSICS UNDERGRADUATE COURSES IN THE UNITED KINGDOM. ITALICS Volume 8 (1) February
2009, 39.
TU, M., CRONIN, K., XU, D. & WIRA, S. On the Development of Digital Forensics Curriculum.
WANG, Y., CANNADY, J. & ROSENBLUTH, J. 2005. Foundations of computer forensics: A technology for the fight
against computer crime. Computer Law & Security Review, 21, 119-127.
23. WASSENAAR, D., WOO, D. & WU, P. 2009. A certificate program in computer forensics. Journal of Computing
Sciences in Colleges, 24, 158-167
WHITE, J. H., LESTER, D., GENTILE, M. & ROSENBLEETH, J. 2011. The utilization of forensic science and criminal
profiling for capturing serial killers. Forensic Science International, 209, 160-165.
WOODS, K., LEE, C., GARFINKEL, S., DITTRICH, D., RUSSELL, A. & KEARTON, K. 2011. Creating realistic corpora for
forensic and security education. 2011 ADFSL conference on digital forensics, security and law. Richmond, VA:
Elsevier.
WOODS, K., LEE, C. A. & GARFINKEL, S. Extending digital repository architectures to support disk image
preservation and access. 2011. ACM, 57-66.
WOODS, K., LEE, C. A., GARFINKEL, S., DITTRICH, D., RUSSELL, A. & KEARTON, K. 2011. Creating Realistic Corpora
for Security and Forensic Education. DTIC Document.
YASINSAC, A. & BURMESTER, M. 2005. Centers of academic excellence: a case study. Security & Privacy, IEEE, 3,
62-65.
YASINSAC, A., ERBACHER, R. F., MARKS, D. G., POLLITT, M. M. & SOMMER, P. M. 2003. Computer forensics
education. Security & Privacy, IEEE, 1, 15-23.
ZHOU, Y. & JIANG, K. An Analysis System for Computer Forensic Education, Training, and Awareness. Computing,
Measurement, Control and Sensor Network (CMCSN), 2012 International Conference on, 2012. IEEE, 48-51.