Questions:

Objective:

The objectives of this assignment are to gain theoretical and practical knowledge and skills in different computer forensics and anti-forensics techniques such as image acquiring, analysis of email headers, temporary internet files, and low-level text search of entire contents of the computer hard drive. The students should apply appropriate computer forensics tools and techniques and write a report on their findings. Marks will be awarded based on the sophistication and in-depth exploration of the selected techniques.

Case Study:

A reputed multi-national company from country A was involved in a strategic alliance agreement with a government organization of country B. The multi-national company was interacting with the government organization through its local agent in country B and was a victim of multi-million dollar fraud [1]. Cyber attacker/attack group spoofed emails exchanged between MNC and local independent agent, altered the payment related data exchanged between the parties. Local company engaged with a digital forensic solutions lab (DFSL) to carry out forensics analysis and advise them.

Assume that you are working with DFSL as a digital forensic engineer and you are going to lead the team to perform forensic related task such as information gathering, electronic evidence identification, collection & laptop hard disk imaging, email tracing, header analysis, log analysis, computer system forensic analysis, interviews, email contents detailed analysis. Finally, your team will provide a report to the independent local party with a detailed analysis with findings.

Assignment Specification:

Prepare a report and video demonstration on the following sections related to the case study. You can use your own files for data hiding and analysis. Provide the list of references using IEEE referencing style at the end of the report.

Section 1: Forensic imaging and examinations

Do an Internet search to list out five tools for the above case study. Choose one of the tools to examine the forensic image and explain with screenshots how the tool can be useful. (250 words)

Section 2: Forensic analysis and validation

Write a report describing the procedures to retrieve the evidence with your selected forensics tools. Explain how to identify and analyse email message headers, file data and time properties, internet usage, and call information files. Also explain how computers were forensically imaged, identified for de-fragmentation, and low level text search were carried out in this investigation. (500 words)

Section 3: Anti-forensics

Research on anti-forensics techniques and write a report on your findings on these techniques. Compare the advantages and disadvantages of these techniques in a tabular format. Use one of the anti-forensic techniques on your files and explain how useful it is. Please explain your methods with the help of screenshots. (750 words)

Demonstration:

Demonstrate your work. You should appear in the video (you can use Zoom) at the first and last 30 secs to introduce yourself and draw a conclusion on your experience with the different computer forensics and anti-forensics techniques.

Marks are allocated as described in the following table.

Section	Description of the section	Marks
Section 1	List out effective tools for the above case study and explain briefly Explain with screenshots how the tool can be useful	20
Section 2	Digital forensic analysis and validation with procedure and screenshots Identify and analyse email message headers, file data and time properties, internet usage, call information files, defragmentation, and low level text search of files.	30
Section 3	Anti-forensic techniques Pros and Cons Application of anti-forensic on files	20
Presentation	Writing quality, Coherence, Report Structure	05
Demonstration	Video demonstration	20
References	References Must consider at least five current references from journal/conference papers and books. Must follow IEEE referencing style	05
	Total Marks	100