CIS8708 Digital Forensics Assessment :
For solution: +610482078788
Assessment task information: CIS8708- Digital Forensics – Semester 1, 2023
Assessment 2: Report
Important notes for this CIS8708 Digital Forensics Assessment
This report is worth for 40% of your total mark for this course.
This report addresses the following course learning objectives (CLO) 2,3, and 4:
CLO2: reflect on and synthesise complex issues, problems, concepts and theories relating to securing diverse devices on non-wired networks;
CLO3: apply specialist knowledge and skills in enabling secure use of wireless, mobile and IoT networks to mitigate potential security breaches;
CLO4: critically examine cyber security breaches using forensic tools, processes, and procedures
- This report is individual. Group submission will get a zero mark.
- Check word limit. Your report should be concise and self-explanatory with respect to the word limit.
- Any assumptions which you consider in doing your assessment MUST be stated clearly in your report.
CIS8708 – Report
This report has three questions to be completed. Compile your answers into a single MS Word or .pdf document and then upload to Study Desk. Your Report MUST include your Name, Student Number and course code (CIS8708) in the header of each page and include references and a bibliography where appropriate. When submitting your document/s, the file will be submitted to Turnitin for originality checking. Therefore, it is important to include necessary references and bibliographies in your submission.
Question 1 – 25 marks, 750 word maximum (CLO 2 and 4) A real-word investigation scenario at Woolworth retailer
Woolworth retailer has recently realized anomalies in its orders that are made by customer doing online shopping. It has undertaken an initial check of system log files, and there are a number of suspicious entries and IP addresses with a large amount of product data being sent outside the Woolworth software system firewall. Woolworth has also recently received a number of customer complaints saying that there is often a strange message displayed during online shopping and order processing, and they are often re-directed to a payment page that does not look legitimate. Your job is to conduct a digital forensic analysis process and data acquisition which relying on adopting a set of sophisticated tools.
- Read the file named “Digital forensic tools-Recent advances and enhancing the status quo – supplementary material” which is under Module 6. A list of data acquisition tools is discussed in this file. Note that some of these tools may have been already discussed or referred to in Module 6.
- Select 4 tools based on your interest. Then
- Write a brief instruction (maximum 5 lines) of these tools and highlight at least 3 key features for each.
- Write an analyse and discuss how these 4 tools can help you to conduct the whole investigation process including the identification of digital evidence and data acquisition.
Hint: your answers and examples should be exactly related to the scenario. General answers or examples that are irrelevant to the scenario are not acceptable.
Question 2 – 25 marks, 600 word maximum (CLO 2 and 3)
Consider the real-world scenario described in Question 1. Read the file named “Data acquisition process model” which is under Module 4. In particular, read carefully Figure 2 (UML activity diagram of the acquisition process).
Write a report, placing yourself in the shoes of a digital forensic detective for the local police office. Detail in the report, the steps that you are taken to gather evidence from IT support of Woolworth, Woolworth systems, and customers. In addition, explain 3 different obstacles that might you expect to encounter during the investigation case.
Question 3 – 50 marks, 300 word maximum (CLO 4)
The file named “Explainable artificial intelligence for digital forensics.pdf”, available under Assessment -> Written Report folder, explores the potential of Explainable Artificial Intelligence (XAI) to enhance triage and analysis of digital forensic evidence, using examples of the current state of the art as a starting point. The .pdf provides both practical and novel ideas as well as controversial points for leveraging XAI to improve the efficacy of digital forensic analysis. Read this file completely and read carefully in particular the case study Section 4.
Based on your understanding and lecture PowerPoints and relevant sources in the Study Desk during the course so far, provide 5 example challenges and 5 example advantages in using XAI to conduct digital forensic analysis.
Hint: You need to consider Figure 2 in the file named “Explainable artificial intelligence for digital forensics.pdf” and sections 3.4.1 and 3.3.4 in this file to organise your answers.
|Written report Rubric|
|Assessment 2 Report||Weighting: 40%||Mark out of 100: /100|
|Criteria||100 – 85%||84 – 75%||74 – 65%||65 – 50%||49 – 0%|
|Question 1||Clarity of tool description||The description of||The description of||The description of||The description of||The selected tools are|
|(CLO 2 and||and justification (supportive||selected tools is complete,||selected tools is||selected tools is||selected tools||not explained|
|4)||scenario-specific examples)||distinct features for each||complete, distinct||incomplete or||needs further||completely. No|
|the strengths and||are discussed, and the||features for each are||partial, distinct||development (no||examples of distinct|
|weaknesses of tool for||way each tool is used||discussed, and the way||features for each||example of key||features for each tool.|
|investigation including||during the investigation is||each tool is used during||are well-explained,||features). The||No example or|
|digital evidence and data||well-described. The||the investigation is well-||and the way each||application of||irrelevant examples of|
|acquisition (25 marks)||answers clearly explain||described. The answers||tool is used during||tools during the||tool application during|
|how the tools are||clearly explain how the||the investigation is||investigation||the investigation|
|collectively help with the||tools are collectively help||unclear. There is||process in||process. The are|
|investigation process||with the investigation||partial clarity about||unclear (no||several presentation|
|along with illustrative||process along with||how these tools help||context-specific||issues including|
|examples relevant to the||illustrative examples||with the||examples are||spelling/formatting.|
|scenario.||relevant to the scenario.||investigation||provided). There|
|However, the application||process according||are some|
|of each tool and relevant||to the scenario.||presentation|
|examples to conduct the||There are some||issues.|
|investigation process are||presentation issues.|
|not well developed and|
|justified (some examples|
|are too general, wrong,|
|or irrelevant to the|
|Question 2||Clarity of steps to be taken||The description of steps is||The description of steps||The description of||The description of||The description of|
|(CLO 2 and||to gather evidence from||complete and supported||is somewhat complete||steps and identified||steps and||steps and identified|
|3)||different sources and||with examples according||and supported with||obstacles need||identified||obstacles are not well-|
|justifications for different||to the scenario. The||examples according to||further||obstacles are too||explained and not|
|obstacles (25 marks)||identified obstacles||the scenario. However,||development. They||general or||related to the scenario.|
|against the investigation||the investigation process||are too general and||incomplete||It is not clear how|
|process are sound and relevant to the scenario along with illustrative examples.||is general and some identified obstacles need further development.||not specific to the scenario.||according to the scenario. There are some presentation issues.||steps are performed, and obstacles are relevant to the scenario. The are several presentation issues including spelling/formatting.|
|Question 3||Context specific (no||The description of||The description of||The description of||The description of||The description of|
|(CLO 4)||general) example||challenges and||challenges and||challenges or||challenges or||challenges or|
|challenges and example||advantages related to XAI||advantages related to||advantages related||advantages||advantages related to|
|advantages in using XAI to||application to conduct||XAI application to||to XAI application to||related to XAI||XAI application to|
|conduct digital forensic||digital forensic analysis||conduct digital forensic||conduct digital||application to||conduct digital|
|along with rationale to||are well described with||analysis is somewhat||forensic analysis are||conduct digital||forensic analysis are|
|select the examples||clear illustrative examples.||complete, clear, and||incomplete, too||forensic analysis||not clear, wrong, or|
|analysis (50 marks)||specific to XAI. Some||general, and not||are||relevant to XAI. The|
|challenges and||specifically related||underdeveloped.||are several|
|advantages need further||to XAI.||They are||presentation issues|
|explanation or support||irrelevant, too||including|
|with examples.||general, and not||spelling/formatting.|
|related to XAI.|
|There are some|
|Resources available to complete task||References are required and the Harvard AGPS standard of referencing must be used, including in-text referencing. Ensure that your Assignment is fully referenced, including any references to the textbook. Your User Manual should include a List of References using the Harvard AGPS standards. A useful link on referencing is from USQ’s Library site: <http://www.usq.edu.au/library/referencing> Any direct and paraphrased quotes must be referenced using Harvard AGPS style and listed in the List of References. Do not repeat verbatim large portions of information from other sources such as the text or video – you must put the ideas/information in your own words. Only use small direct quotes where possible.|
|Turnitin||Turnitin is a detection software OF CIS8708 Digital Forensics Assessment and text matching tool used in this course. Plagiarism checking is automatically done when you submit your assignment. An originality/similarity report is automatically created which checks the originality of your assignment. You can access and review the report. NOTE: ⚠ It may take up to 24 hours for a report to be issued from Turnitin ⚠ When the assignment has been checked, you will see a notice in the Files submission area. ⚠ The percentage mark given indicates the amount of text matched against the Turnitin Database. It is merely an indicator that should always be reviewed to identify where Turnitin have picked up potential plagiarism. ⚠ You may have the option to edit submission or the option to submit assignment, this is determined by your lecturer. ⚠ Once you submit assignment you are no longer able to edit it.|
|Assessment Policies & Procedures||⚠ Information and links regarding USQ’s assessment policy/ procedure; extensions and late submissions; academic integrity & misconduct and marking are found on your course StudyDesk Assessment page. ⚠ Note on Late submission & extensions: Applications for an extension of time will only be considered if received in accordance with the USQ Assessment procedure and the Assessment of Compassionate and Compelling Circumstances Procedure. Refer to the links on StudyDesk for copies of these procedures.|
For solution: +610482078788