Developing a Solution for a Problem in Digital Forensics
Digital forensics can be thought of as the application of computer science in the systematic collection, processing, and study of digital data suitable for use in courts or to the just resolution of conflict, encompassing both data at rest and data in transit.
In today’s context, the domain of digital forensics is typically further subdivided into different specializations, to cover both the breadth and depth of the digital domain. An example of possible specializations is shown in Figure 1 below.
Figure 1: An example of specializations in digital forensics
Given the vastness of digital forensics, the idea of knowledge and capability sharing, and learning from one another becomes imperative. In addition, the fast-changing pace of technology may introduce new things that has to be catered for, or render what was previously learnt or developed obsolete. Therefore, it is also important that a practitioner keep himself or herself up to date, and engage in continuous learning to always be in the know.
There are many tools and solutions out there that exist to help in the digital forensics process. Disk imagers, memory dumpers, decompilers and so on are what one typically uses when performing digital forensic work. In this assignment, you and your team are to design and develop a technical solution for a problem in digital forensics.
In this assignment, you and your team are required to design and develop a technical solution for a problem in digital forensics. You are free to decide on what your solution does and the problem it addresses. It is expected that your solution is of high quality, sufficient complexity, and novel. A solution can be, for example, a standalone software program, tool or utility, a plugin to a well-known or established forensics software (e.g., Volatility, Autopsy), or hardware.
You should focus your solution on accomplishing specific things, and / or within a reasonable problem scope, so as to allow you to produce an output that is of high quality and depth. Care must be taken not to choose a problem scope or set of tasks that is trivial, of which there may be nothing much to develop for, nor too broad, for which there may be too much to possibly develop leaving insufficient time to produce work of a sufficiently high quality or rigor.
As a guide, here are some questions that you may consider when deciding on what to work on
- What is the problem you are focusing on?
- Is that problem within the domain of digital forensics?
- What is your proposed solution to solve the problem?
- Is the proposed solution reasonably complex?
- What are the existing solutions or tools out there that can be used to address the problem, and how would they compare against your proposed solution?
- Does the development of your proposed solution allow for the demonstration of technical competency in digital forensics?
- How much of knowledge is required to develop the solution lies beyond the classroom?
- Can the technical solution be developed to a reasonably high quality, tested indepthand validated within eight weeks, by a four-person team?
- Does the solution have potential to be showcased to the public, such as through community meetups or cybersecurity conferences?
At the end of the assignment, you are required to submit 1) the codes and binaries for your solution, 2) a video demonstrating how your solution works, and 3) a report detailing your solution in-depth. Your codes are to be published to a GitHub repository, where the instructor will clone it for grading. Inside your code repository, you are expected to include a comprehensive user manual.
You must document your solution in-detail within your report, including but not limited to, a comprehensive literature review on the problem, analysis of the technical issues and challenges related to the problem, your solution to address the problem and how it compares to other solutions out there, and test setup and results to show the validity of your developed solution. You must also provide in-depth details and background of the technologies that your solution relies on.
Credit will be given for strong display of technical competency in a complex topic area, the comprehensiveness of the background research, the strength, novelty, and usability of the developed solution, and the correctness of its validation.
Should you require any tools or devices that the labs may be able to provide, do drop the instructor an e-mail with the subject title “ICT2202 Device Request”. Do take note however that not all requests can or will be fulfilled.
You may form your teams based on the following conditions
- You and your peers may come together to form your own team;
- Your team must consist of at most four (4) individuals;
- You may form a team of less than four (4) individuals, however your team will still have to deliver works expected of a 4-person team;
- If you are unable to be part of a team by the end of Sunday, September 19, 2021, you, and others like you, maybe grouped together into teams or assigned to existing teams who are willing to take you in, subject to the other conditions governing team formation.
Project Outline Document
Although you are free to decide on what your solution does and the problem it addresses, you are required to inform the instructor before embarking further on the assignment. In order to do this, you and your team are required to submit a one-page document detailing the following
- What is the problem you are trying to address?
- Why did you choose this problem to address?
- What do you currently know about this problem?
- What are the existing solutions, tools, and approaches to solve the problem, whether in part or as a whole (provide at minimum 10 references from reputable sources)?
- What will your solution do, in detail?
- How will your solution work?
- How is your solution different from, and why is it better than other existing solutions?
- What are the resources you may require?