Research by finding a NEW scholarly article or case study using the same methodology for your week 1 assignment, discuss ONE of the following computer crimes/incidents:
1) Network intrusions
2) Destruction of data and information
3) Denial of service attack
4) Theft of logins and passwords
5) Malicious code and programs
6) IP spoofing
7) Information warfare
8) Cyber-terrorism
When discussing your article, at the end you will formulate a research question. This research should be similar to the following:
Example 1 addressing topic 4, theft of logins and passwords:
Evidence that demonstrates your question is valid:
Asiri et al. (2023), assert that continued use devices in Industrial Control Systems (ICS) where the default password has not been changed continues to cause significant security issues for these entities. This would suggest that there is a gap in information security best practices training and awareness.
Question – Understanding and comprehending current information security best practices, why are basic tasks such as changing default passwords still being ignored?
So what makes this a valid research question?
You have shown that this question is supported by current literature
You can formulate a proper hypothesis that shows and IV and DV.
Example hypothesis/null hypothesis:
Hypothesis:
There is a no correlation between information security best practices training and password compromises.
Null Hypothesis:
There is a correlation between information security best practices training and password compromises.
Above I mentioned an IV (independent variable) and a DV (dependent variable). It is important to understand the relationship between the IV and DV in order to have a proper research question in order to develop a proper hypothesis.
IV – The variable that is changed
DV – The variable being observed
For example, the IV would be training and the DV would password compromises.
Asiri, M., Saxena, N., Gjomemo, R., & Burnap, P. (2023). Understanding indicators of compromise against cyber-attacks in industrial control systems: a security perspective. ACM transactions on cyber-physical systems, 7(2), 1-33.
Using at least 500 words:
Task 1 – Summarize the article you have chosen and state your research question, hypothesis/null hypothesis and your IV and DV.
You will be graded on Content/Subject Knowledge, Critical Thinking Skills, Organization of Ideas, and Writing Conventions.
Category: Computer Forensics
Question:
Open a web browser and go to the CERT website and review the currently active technology threats.
Summarize your findings and describe how a security department can use these alerts.
Project description/detail
For this project, you are
required to perform and present the following:
1.
Background
study: A literature survey to illustrate the various aspects of a digital
forensic investigation, focusing on evidence collection, analysis, and
reporting. This should include the legal and ethical considerations in digital
forensics investigations.
2.
Evidence
collection: Students will receive image files of Jim Cloudy’s laptop and cloud
storage accounts. They will use Autopsy to extract and analyze relevant digital
evidence, including documents, emails, and internet browsing history.
3.
Evidence
analysis: Students will analyze the digital evidence to identify Jim Cloudy’s
planning and execution of the attack. This will include identifying relevant
time frames, communication with others, and the use of cloud storage services.
4.
Report
writing: Students will be required to write a report on their findings,
including a summary of the investigation, the evidence collected, and the
analysis conducted. This should be presented in a format suitable for legal or
court proceedings.
5.
Research
and referencing component: Students will be required to conduct additional
research and reference relevant literature in their report to support their
analysis and findings. They will need to follow proper citation and referencing
guidelines.
The main
objective of this study:
To analyze the digital
evidence related to a ‘lone wolf ’-style attack planning and execution.
The secondary
objectives of this study:
1.
To
develop evidence collection and analysis skills using digital forensic tools
like Autopsy.
2.
To
gain an understanding of the legal and ethical considerations in digital
forensics investigations.
3.
To
develop skills in report writing and referencing.
This section explains the report layout:
Introduction
The introduction should introduce the reader to the
topic and clearly state the actions that the student will perform to address
the assignment tasks. It should also contain a detailed overview of how the
report will be structured, and what steps will be taken to solve the task and it
should tell a story that links with the Summary and Conclusion.
Expected challenges and Assumptions should be listed.
Main
The main part should follow the tasks described in the
introduction and accurately and thoroughly explain what has been done to
address the assignment tasks, why they have been done in that way, the challenges
overcome, and the results. This should be sufficiently backed up by authoritative
sources.
Solution|Technical
The technical part and/or solution should show working
solutions with configurations according to best practices in addition to
fulfilling all assignment requirements. All efforts/attempts/troubleshooting can
be shown here. The following is within the Solution|Technical section:
· Administrative section – Firstly,
the administrative section will contain information related to the
investigation, such as the name of the agency, any relevant case numbers, as
well as the names of those who participated in the investigation. Any victims,
as well as any suspects, should also be named.
· Executive summary – The
executive summary is a section that should only summarise a report. The report
will be more detailed and have a more structured narrative than the executive
summary. The main goal of the executive summary is to give the reader a
high-level view of what has occurred in the investigation.
·
Technical
section
o
Narrative –
As the narrative is drafted, clarity should be your goal. You don’t want the
reader to be unclear or have questions about the report, as this can lead to
misunderstandings in any following procedures involving the report. This can be
difficult as technical details are constantly combined with the investigation’s
non-technical aspects.
The subsections of the narrative are needed –
§
Evidence
Analysed
§
Acquisition
details
§
Analysis
details
· Exhibits/technical details – As the
narrative in the analysis details section is written, the author will reference
specific artifact (s). Any screenshots used to complement the artifact
references in the analysis details section should be included in the report’s
‘exhibits/technical details’ section.
This will include the output of reports from any forensic tool(s) used during
the examination process. Therefore, it’s crucial to include as many exhibits as
possible to give a detailed and well-rounded overview of what has happened and
what has been done. Concluding the technical forensic report.
Summary & Conclusion
In this section, the student should summarize what has
been done, the findings and/or results, and make conclusions and reflections
based on those findings and/or results. The findings, results, and conclusions
should relate to the actions specified in the introduction and be executed in
the main part/solution.
This is the summary and conclusion for the overall Noroff report.
References
The student’s work should be supported by sources of
authority. The list of sources should include books and academic publications.
They should all be cited in the text. Both citations and listings should be
done in Harvard referencing style. Writing should contain no spelling and few
grammatical errors. Writing in the 3rd person is essential. Showing a wide
section of research done on each topic is beneficial.