Part A: Course Overview

Course Title: Computer and Internet Forensics

Credit Points: 12.00

Terms

Course Code	Campus	Career	School	Learning Mode	Teaching Period(s)
COSC2301	City Campus	Undergraduate	140H Computer Science & Information Technology	Face-to-Face	Sem 2 2006, Sem 2 2007, Sem 2 2009, Sem 2 2010, Sem 2 2011, Sem 2 2012, Sem 2 2013, Sem 2 2014, Sem 2 2015
COSC2301	City Campus	Undergraduate	171H School of Science	Face-to-Face	Sem 2 2018
COSC2301	City Campus	Undergraduate	175H Computing Technologies	Face-to-Face	Sem 2 2024
COSC2302	City Campus	Postgraduate	140H Computer Science & Information Technology	Face-to-Face	Sem 2 2006, Sem 2 2007, Sem 2 2008, Sem 2 2009, Sem 2 2010, Sem 2 2011, Sem 2 2012, Sem 2 2013, Sem 2 2014, Sem 2 2015
COSC2302	City Campus	Postgraduate	171H School of Science	Face-to-Face	Sem 2 2018
COSC2302	City Campus	Postgraduate	175H Computing Technologies	Face-to-Face	Sem 2 2024
COSC3079	RMIT University Vietnam	Undergraduate	175H Computing Technologies	Face-to-Face	Viet1 2025
COSC3080	RMIT Vietnam Hanoi Campus	Undergraduate	175H Computing Technologies	Face-to-Face	Viet1 2025

Course Coordinator: Mohammad Saidur Rahman

Course Coordinator Phone: +61 (449) 787067

Course Coordinator Email: mohammadsaidur.rahman@rmit.edu.au

Course Coordinator Location: City Campus

Course Coordinator Availability: by appointment

Pre-requisite Courses and Assumed Knowledge and Capabilities

Enforced Pre-Requisite Courses

Successful completion of the following course/s:

• INTE2633/INTE2634/INTE2625 Introduction to Cyber Security (Course ID 054986)
• COSC2803/COSC3056/COSC3057 Java Programming Studio (Course ID 054081)

Note: it is a condition of enrolment at RMIT that you accept responsibility for ensuring that you have completed the prerequisite/s and agree to concurrently enrol in co-requisite courses before enrolling in a course.

For information go to RMIT Course Requisites webpage.

 

If you have completed prior studies at RMIT or another institution that developed the skills and knowledge covered in the above course/s you may be eligible to apply for credit transfer.

Alternatively, if you have prior relevant work experience that developed the skills and knowledge covered in the above course/s you may be eligible for recognition of prior learning.

Please follow the link for further information on how to apply for credit for prior study or experience.

 

Assumed Knowledge:

A sound understanding of computer security and data communications, the structure and protocols of the Internet and details of computer storage. 

Course Description

This course introduces students to the principles and practice of computer and internet forensics. Students will explore issues related to security of computer systems, accessing and analyzing data, reconstructing events, surveillance, intrusion prevention, intrusion detection, and recovery from breaches. This course is particularly aimed at students who have a strong interest in computer and information security.

Topics include:

• Forernsically examining the state of desktop / mobile computer(s) left behind by an presumed offender to determine what happened.
• Determining internet presence and activity which may have forensic significance
• Learning the basics of evidence-gatehring and custody.
• Basic file reconstruction as evidence
• The use and limitations of visual evidence

If you are enrolled in this course as a component of your Bachelor Honours Program, your overall mark will contribute to the calculation of the Weighted Average Mark (WAM).

See the WAM information web page for more information.

Objectives/Learning Outcomes/Capability Development

Program Learning Outcomes

This course contributes to the program learning outcomes for the following program(s):

BP355 - Bachelor of Cyber Security
BP356 - Bachelor of Cyber Security (Professional)
Major - Cyber Security

• BP340P23 - Bachelor of Data Science
• BP348 - Bachelor of Data Science (Professional)
• BP162O - Bachelor of Information Technology (RMITO)
• BP162P23 - Bachelor of Information Technology
• BP349 - Bachelor of Information Technology (Professional)
• BP094P23 - Bachelor of Computer Science
• BP347 - Bachelor of Computer Science (Professional)

PLO 1    Knowledge -- Apply a broad and coherent set of knowledge and skills for developing user-centric information technology solutions for contemporary societal challenges.
PLO 2    Problem Solving -- Apply systematic problem solving and decision-making methodologies to identify, design and implement information technology solutions to real world problems, demonstrating the ability to work independently to self-manage processes and projects.
PLO 3    Cognitive and Technical Skill -- Critically analyse and evaluate user requirements and design systems employing software development tools, techniques and emerging technologies.
PLO 4    Communication --  Communicate effectively with diverse audiences, employing a range of communication methods in interactions to both computing and non-computing personnel.
PLO 6    Responsibility and Accountability -- Demonstrate integrity, ethical conduct, sustainable and culturally inclusive professional standards, including First Nations knowledges and input in designing and implementing information technology solutions. 

For more information on the program learning outcomes for your program, please see the program guide.

Upon successful completion of this course you should be able to:

1. Apply your knowledge and understanding of computer security to identify security weaknesses and propose possible entry using them;
2. Correctly isolate computer systems for investigation;
3. Duplicate data and analyze it to recover latent information and reconstruct events;
4. Trace and avoid entrapment by malicious internet activity;
5. Analyze email and other online activity trails, such as social network analysis;
6. Document and present gathered information in an appropriate manner for follow-up.

Overview of Learning Activities

The learning activities included in this course are:

• Workshop: Key concepts will be explained as short lectures in which course material will be presented and the subject matter will be illustrated with demonstrations and examples; These will be interspersed with practical sessions that will provide the opportunity to consolidate and deepen your knowledge. The sessions include practical analysis and group problem-solving exercises to enable you to analyse, compare, rank and trouble-shoot computer system components and designs.
• Private study: which should include working through the content as presented in classes and other learning materials, and gaining practice at solving conceptual and technical problems. It is essential to keep up to date with provided class exercises as well as doing your own broader reading on the topics covered.

Overview of Learning Resources

The course is supported by the Canvas learning management system which provides specific learning resources.  In addition, there are many relevant textbooks beyond the ones suggested here, and open-source software is available for download from their respective sites (advised within class), and a large amount of general documentation is available on the software site, as well as elsewhere on the web.  See the RMIT Library Guide at http://rmit.libguides.com/compsci for more.

BYOD requirement

Since this course is interactive, you will need to bring along a personal laptop to class that is powerful enough to handle the software used.  See below for the minimum useful specifications:

• Recent MS Windows 10 Professional with native ability to virtualize, or Windows 7+ with VirtualBox software (free), or MacOS with ability to virtualise
• 4GB of RAM minimum, 8GB+ preferred
• USB memory stick capability
• Ability to virtual-boot off USB memory stick is desirable
• 10GB free space on hard disk for the various software and virtual instances
• Reasonably powerful CPU, else everybody will be waiting for you.

Most recent laptops will have the above characteristics.

 

Overview of Assessment

Note: This course has no hurdle requirements.

 

Assessment tasks

Assessment Tasks 1:  Online Tests
Weighting 10%
This assessment task supports CLOs 1, 2, 3, 4, 5, 6 & 7

Assessment Task 2: Group Presentation
Weighting 10%
This assessment task supports CLOs 1-6.

Assessment Task 3: Group Presentation + Assignment
Weighting 30%
This assessment task supports CLOs 1, 2, 3, 4, 5 & 6

Assessment Task 4: Exam
Weighting 50%
This assessment task supports CLOs 1, 2 3, 4, 5, 6

If you have a long-term medical condition and/or disability it may be possible to negotiate to vary aspects of the learning or assessment methods. You can contact the program coordinator or Equitable Learning Services if you would like to find out more.