Extended Learning Module H – Computer Crime and Digital Forensics
EXTENDED LEARNING MODULE H
COMPUTER CRIME AND DIGITAL FORENSICS
JUMP TO THE SUPPORT YOU WANT
STUDENT LEARNING OUTCOMES
2. Identify the seven types of hackers and explain what motivates each group.
4. Describe what is meant by anti-forensics and give an example of each of the three types.
MODULE SUMMARY
This Extended Learning Module teaches your students about crimes that involve a computer or
network and how it can be detected with digital forensics.
The Extended Learning Module is a natural progression from Chapter 8, which discussed ethics,
privacy, and security, since it delves deeper into who commits crimes, what crimes or
inappropriate actions they commit and how those and other crimes can be detected by
examining the system that was used in their commission.
The primary sections of this module include:
2. Digital Forensics
Extended Learning Module H – Computer Crime and Digital Forensics
Mod H-2
LECTURE OUTLINE
INTRODUCTION (p. 437)
COMPUTER CRIME (p. 438)
2. Web Defacing
4. The Players
DIGITAL FORENSICS (p. 448)
2. The Analysis Phase
4. Anti-Forensics
WHO NEEDS DIGITAL FORENSICS INVESTIGATORS? (p. 463)
1. Proactive Digital forensics Education for Problem Prevention
3. A Day in the Life of Digital Forensics Experts
END OF MODULE (p. 468)
2. Key Terms and Concepts
4. Assignments and Exercises
Back to Jump List
Extended Learning Module H – Computer Crime and Digital Forensics
Mod H-3
MODULES, PROJECTS, AND DATA FILES
Group Projects
Extended Learning Module H – Computer Crime and Digital Forensics
Mod H-4
These are the Student Learning Outcomes for the module.
Use them to inform your students of what you will be
These are the Student Learning Outcomes for the module.
Use them as a road map to inform your students of what
This slide introduces computer crime.
Computers can be either the targets or the tools of
misdeeds
This slide provides a roadmap for the module.
SLIDE 6
This slide defines computer crime.
Extended Learning Module H – Computer Crime and Digital Forensics
Mod H-5
This slide presents Figure H.1 on page 437. (Student
Learning Outcome #1).
This slide shows Figure H.2 on page 438.
The figure is a list of crimes that are frequently
This slide has the definition of malware and two types of
malware.
There is much disagreement among computer experts
This slide discusses the deluge of problems caused by
botnets during the time period 2007-2008.
Extended Learning Module H – Computer Crime and Digital Forensics
Mod H-6
Malware bots turn individual computers into zombies.
A network of infected computers is called a botnet (see
Botnets can commandeer computers or networks to do
The Storm botnet wreaked havoc on networks a few years
ago.
The Conficker worm caused fear that on April 1st it would
do something terrible like wiping out hard drives.
Usually malware is directed at a company or as many
networks as it can infect.
Extended Learning Module H – Computer Crime and Digital Forensics
Mod H-7
This is Figure H.3 on pg. 441.
This slide shows how the Stuxnet virus spread through a
These groups represented a new breed of hackers.
In the past hacker groups were well defined and localized.
This slide presents many of the other types of malware.
The following slides provide a discussion.
Spoofing is one way for hackers to avoid detection.
They give a phony return address that protects them.
This slide discusses Trojan horse viruses.
A Trojan horse virus is one that activates on a signal from
Extended Learning Module H – Computer Crime and Digital Forensics
Mod H-8
This slide discusses virus hoaxes.
Easier than creating or finding a virus is to simply send an
This slide defines denial-of-service attacks.
A denial-ofservice attack is an ambush of a specific target
This slide presents Figure H.4 on page 444.
The figure illustrates a denial-of-service attack that is
This slide defines rootkits.
A famous case happened several years ago when Sony put
rootkits onto its CDs to detect pirated music.
This slide discusses Web page defacing.
Extended Learning Module H – Computer Crime and Digital Forensics
Mod H-9
This is a fairly new concept.
Some experts believe that it will be the next Pearl Harbor.
This is the first of a series of four slides on the people who
cause all the mayhem, generally called hackers. (Student
Learning Outcome #2)
This slide defines two more types of hackers.
Crackers are the hackers who offer their services to people
This slide covers hacktivists and cyberterrorists.
The main difference between them is their scope.
This slide defines the last group of hackers the script
kiddies.
Extended Learning Module H – Computer Crime and Digital Forensics
Mod H-10
This slide defines and discusses digital forensics. (Student
The slide presents Figure H.5 on page 450.
Many of these sources of information are obvious, like
This slide discusses the beginning of the first phase of a
digital forensic investigation.
This slide discusses the second part of Phase 1
Authentication.
There are three widely accepted types of hash values.
Extended Learning Module H – Computer Crime and Digital Forensics
Mod H-11
This slide begins the discussion of Phase II of a digital
forensic investigation – Analysis.
Forensics investigators are not limited to software built
especially for the purpose.
These are the two main software packages on the market
specifically design for digital forensics.
This slide shows Figure H.7 on pg. 453.
Unallocated space is the space on a disk that has been set
This slide show Figure H.8 on pg. 454.
Extended Learning Module H – Computer Crime and Digital Forensics
Mod H-12
These are some of the mass market programs that
Live analysis is becoming ever more necessary as systems
cannot be down, even for a short time, without substantial
This slide presents the information on cell phones in digital
analysis.
This slide shows Figure H.9 on page 455.
This slide is the first of two that show more sources of