Module Information

Module Identifier
Module Title
Academic Year
Semester 1
Only available to fourth year MEng students.
Other Staff

Course Delivery

Delivery Type Delivery length / details
Lecture At least 10 hours
Practical 20 hours


Assessment Type Assessment length / details Proportion
Semester Exam 2 Hours   50%
Semester Assessment Laboratory notebook and report  50%
Supplementary Assessment Will take the same form, under the terms of the Department's policy 

Learning Outcomes

On successful completion of this module students should be able to:

Analyze a computer for deleted and hidden information.

Detect vulnerabilities in a computer system using appropriate tools, and secure against.

Demonstrate an understanding of threats to computer systems and computer networks.

Demonstrate an understanding of the ethical concerns involved in forensics.

Distinguish between relevant and irrelevant materials at a crime scene.

Develop a strategy for defending a computer system against attack.


To provide an insight into the growing field of forensic computing and network security.

Brief description

The course will provide a practical and in-depth view of security of machines and networks, an overview of the tools available to monitor and analyse such machines and networks before the systems have been compromised, and also to analyse the forensic evidence left behind to trace culprits.


1. Legal and ethical issues surrounding forensic computing and ethical hacking. (1 Lecture)
2. Footprinting and Scanning (1 lecture + 1 practical)
3. Viruses, Trojans and Backdoors (1 lecture + 1 practical)
4. Denial of Service ( 1 lecture + 1 practical)
5. Social Engineering (1 lecture)
6. IDS, Firewalls and Honeypots (1 lecture + 1 practical)
7. Cryptography (1 lecture + 1 practical)
8. Buffer Overflows & Web application vulnerabilities (4 practicals)
9. The use of forensic computing software (eg. EnCase, Penguin Sleuth, Knoppix STD) (4 practicals)
10. Hacking wireless networks (1 lecture)
11. Scene of crime analysis (1 lecture + 1 practical)

Module Skills

Skills Type Skills details
Application of Number no
Communication Presentation of workshop results as a report and//or lab workbook.
Improving own Learning and Performance Inherent in level of subject
Information Technology Inherent to subject
Personal Development and Career planning no
Problem solving Use of forensic analysis software
Research skills In order to do practicals
Team work Working as pairs in lab work

Reading List

General Text
(2003.) Hacker's challenge 2 :test your network security & forensic skills /Mike Schiffman ... [et al.]. McGraw-Hill/Osborne Primo search Jones, Keith J. (2006.) Real digital forensics :computer security and incident response /Keith J. Jones, Richard Bejtlich, Curtis W. Rose. Addison-Wesley Primo search Mitnick, Kevin D. (c2002.) The art of deception :controlling the human element of security /Kevin D. Mitnick and William L. Simon. Wiley Primo search Schiffman, Mike. (c2001.) Hacker's challenge :test your incident response skills using 20 scenarios /Mike Schiffman. Osborne/McGraw-Hill Primo search Stoll, Clifford. (1990) The cuckoo's egg :tracking a spy through the maze of computer espionage /Clifford Stoll. Pocket books Primo search Vladimirov, Andrew A. (c2004.) Wi-Foo /Andrew A.Vladimirov, Konstantin V. Gavrilenko, Andrei A. Mikhailovsky. Addison-Wesley Primo search

Farmer, Dan. (c2005.) Forensic discovery /Dan Farmer, Wietse Venema. Addison-Wesley Provos, Niels. (c2008.) Virtual honeypots :from botnet tracking to intrusion detection /Niels Provos, Thorsten Holz. Addison-Wesley Spitzner, Lance. (c2003.) Honeypots :tracking hackers /Lance Spitzner. Addison-Wesley Primo search


This module is at CQFW Level 7