Explore UCD

UCD Home >

COMP41660

Academic Year 2024/2025

Live Data Forensics (COMP41660)

Subject:
Computer Science
College:
Science
School:
Computer Science
Level:
4 (Masters)
Credits:
10
Module Coordinator:
Assoc Professor Mark Scanlon
Trimester:
Autumn
Mode of Delivery:
Online
Internship Module:
No
How will I be graded?
Letter grades

Curricular information is subject to change.

Please note this module is only available to active law enforcement students registered to the MSc in Forensic Computing and Cybercrime Investigation. There are no elective or audit places available to other programmes.

Live Data Forensics is a term describing tools, techniques, and procedures for preservation and analysis of volatile evidence contained from a running device. Traditional forensics involves seizing the device and returning it to the lab environment for a forensic analysis. This can destroy information or make information inaccessible, such as data in RAM, encrypted containers, cloud storage data, etc. Live Data Forensics involves examining the device on the scene in order to preserve this volatile information. In this module, we will also research new and innovative technologies regarding live data forensics.

About this Module

Learning Outcomes:

Upon successful completion of this module, students should be able to:
• Describe the live data forensic process
• Prepare teams for live data forensics on site searches
• Know how to prepare a toolkit for LDF
• Know the legal aspects of live data forensics
• Perform triage on systems/devices/networks
• Explain the order of volatility and the Chain of Custody
• Acquire and basic analyse the contents of RAM
• Gather information on running systems/devices
• Know the risks of IoT/Smart home devices in site searches
• Gather information from IoT/Smart home devices
• Detect encrypted volumes and anti-forensics
• Preserve information found on running systems in a forensically sound manner
• Analyse gathered artefacts and report their findings
• Advise an investigative team towards further investigative directions
• Research new devices or techniques in the field of live data forensics

Student Effort Hours:
Student Effort Type Hours
Lectures

24
Practical

60
Autonomous Student Learning

116
Total

200

Approaches to Teaching and Learning:
Module is delivered online

Requirements, Exclusions and Recommendations
Learning Requirements:

In order to take this module you must be a serving member of a law enforcement organisation.


Module Requisites and Incompatibles
Not applicable to this module.
 

Assessment Strategy  
Description Timing Component Scale Must Pass Component % of Final Grade In Module Component Repeat Offered
Assignment(Including Essay): Assignment 2 Week 9 Graded No

25

 No
Assignment(Including Essay): Assignment 3 Week 12 Graded No

35

 No
Exam (In-person): 2 Hour Exam Week 14 Graded No

30

 No
Assignment(Including Essay): Assignment 1 Week 4 Graded No

10

 No

Carry forward of passed components
No
 

Resit In Terminal Exam
Summer Yes - 2 Hour
Please see Student Jargon Buster for more information about remediation types and timing. 

Feedback Strategy/Strategies

• Feedback individually to students, post-assessment

How will my Feedback be Delivered?

Not yet recorded.

Print this page
Fill in the following details:
Enter the body of your query here.

From time to time UCD would like to send you further information that we feel, based on your enquiry, would be of interest to you.