Investigative
Using tools that you learned about in the labs and other course materials, you will analyze digital evidence and construct an argument about the culpability of a criminal suspect. You will be expected to write an Activity Log that documents the analysis steps that you take. You should also write a short Report (4-5 pages).
The Report should include an executive summary, a list of the evidence items examined, a brief discussion of the methods and tools used to perform the analysis, findings, conclusions, any relevant exhibits, and suggestions for further action.
Some options for evidence that you can analyze have been posted. Some of these are images of flash drives that you can analyze with WinHex, using the cslab.sou.edu virtual computer. More advanced students can use open-source software such as SANS Investigative Forensic Toolkit (SIFT), if they prefer.
Another option for the project is to analyze a hacking case using Wireshark. Wireshark is a free and open-source packet sniffer and protocol analyzer that you will learn about near the end of the class. Wireshark is running on the cslab.sou.edu virtual computer or you can install it on your own computer.
As another option, if you prefer, you can analyze evidence not listed. For example, have you received any phishing emails? Have you been the victim of malware, a virus, a cyber attack, cyber stalking? Can you recover and analyze some digital evidence related to these problems?
You could also examine evidence found at your workplace, but a word of caution: Get permission from your supervisor before you analyze workplace evidence. In general, don't snoop on any files on a computer that isn't your own personal computer without getting the permission of the owner of the computer.
In summary, your mission is to analyze digital evidence associated with a possible crime, using skills that you developed in this class. Numerous cases with digital evidence have been posted, or you can select your own case. Just send me email if you are wondering if your case would make a good project.