Digital Forensics
This assessment relates to complex, multifaceted digital forensic investigation tasks. It is
composed of 3 questions. Answer any two of them.
We expect the answer to any of the following questions to take at least 2 pages or around 1k
words.
There is no upper limit to the space you may take in your answer to one particular question. The
report should contain the following sections for each chosen question.
- Abstract: Provide one or two paragraphs with an overview of the selected question and your answer to it.
- Sources: Elaborate on the sources used and the credibility you assign to each, justifying your decisions.
- Analysis: Discuss your analysis, based on the sources you have located and their assigned trustworthiness, together with any additional data or evidence resulted from your research. Show what reasoning methods and or principles you are using.
- Conclusions: What are your basic conclusions, and why, trying to estimate your degree of certainty in each of them.
- References: Provide bibliographic details of all sources used; use numbered style. (Note: Any source cited should be properly acknowledged in the references list, and all items in the references list should correspond to, at least, one in-text citation.)
Submission Instructions
The individual report should not exceed eight sides of A4 paper (including diagrams, table
and references), minimum 10pt font size. Any content beyond this page limit will be ignored for
marking. The report should be submitted in pdf format via Moodle in a link that will be created for
this purpose.
Weight
This assessment contributes 30% towards the total mark for this module.
Marking scheme
Overall presentation and references (20 marks): overall for the report; this criterion will evaluate how readable the report is (technical writing, formatting, text flow, absent of typos
or grammatical mistakes, professional presentation, and references).For each question, the evaluation will consider:
o Abstract (5 marks), Sources (5 marks), Analysis (15 marks) and Conclusions (15marks)
Questions (select 2)
QUESTION 1:
One of the principal attributes of a Digital Forensic Investigator is the ability to
process conflicting evidence and, after its analysis, be able to reach reasonable and sound conclusions based on the available data. For this exercise, we ask you to gather as much information as possible about a public person, now going by the name of Daniel Tammet, born Daniel Paul Corney and decide whether he is indeed a savant or not. For arriving to a justified conclusion, please compare him with other well-known savants and focus on differences and points in common. Cite all the sources (papers, videos, documentaries, etc.) you consult. Please see this as an OSINT investigation, where the ultimate truth may be unknowable but you have to provide an independent and expert opinion. You are kindly suggested to start with this interview:
https://www.youtube.com/watch?v=n4Arlam70bI
QUESTION 2:
Investigate twitter cryptocurrency scams, and in particular those impersonating famous people and promoting crypto (bitcoin, ether, ripple, etc.) giveaways. Study these scams and their operation, and investigate their common characteristics, with a focus on whether these features can be used to be automatically detected and stopped. In particular, find all relevant information about the scam that used these two bitcoin addresses 3CmHjSNBxM8ZxwhrCtKZzuqndzez1kML1b,18eSavQG7EBSGb5zF2VuHtx4J45c6z5mkw,
including who they impersonated, who was likely behind the operation, for how long the operation ran, how much money they made, and what they did with their ill-gotten profits.
QUESTION 3:
Investigate which, if any, of the following 4 papers present evidence of malpractice. We will need an objective approach to finding duplications, rotations, etc. and not one based simply on your visual perception, though of course your visual perception can help guide your research. We suggest using feature extraction and matching algorithms such as those found in OpenCV (SIFT, FLANN) to reach a forensically sound conclusion. You can start at https://opencv24pythontutorials.readthedocs.io/en/latest/py_tutorials/py_feature2d/py_matcher/py_matcher.html for the algorithms and at https://pubpeer.com/ for examples of malpractice. It is advisable as well to follow Dr. Elisabeth Bik (Twitter handle @MicrobiomDigest) the leading expert in the field. The 4 papers to analyze are:
1 https://www.nature.com/articles/s41598-019-43093-x
2 https://www.nature.com/articles/s41598-019-41059-7