Reference no: EM133122728
CSE 300 Cybersecurity Engineering Program - Abu Dhabi University
Learning Outcome 1: Develop an in depth understanding of the digital forensics process
Learning Outcome 2: Develop an understanding of the tradeoffs and differences between various forensics tools
Learning Outcome 3: Identify and document potential security breaches of computer data that suggest violations of legal, ethical, moral, policy, and/or societal standards.
Assignment Description
This assignment consists of two tasks (Maximum 10 to 12 pages including references page).
Task 1: The purpose of this part of the assignment is to enable the students to study different breaches of computer data done in the past in the literature or in real world. The students will analyze the selected study in terms of legal, ethical, moral, policy and social standards.
Task 2: In this part, students will search and analyze the functionality of different tools used in the digital forensics process. A comparison of the selected tools will be done in terms of similarities and differences between them. The study will also find out different tradeoffs of using different tools in different situations.
Details of the Tasks
Task 1:
1. Each student is required to select any cyber crime happened in the history from the internet (some interesting cyber crimes are listed below) and discuss that breach for following points:
• Brief overview of the cyber crime (summary)
• Discuss the cyber crime:
o Legal aspects
o Ethical/Moral aspects
o Policy and social standards violations and impact
o Forensics summary to explain about how cyber crime was identified
2. Please write all the refences for the information and cite properly in the text.
3. Please write maximum 2 to 3 pages to address all the points in a comprehensive way and to the point.
Background information for Part 1
With the increase in digital technology advancements, we live in a digitized world, sopeople are more dependent on their smartphones or laptops/tablets for their day-todaywork and social media. Technologies like Internet of Things (IoT) and smart homesmake life easier for humans. But due to vulnerabilities in these devices, an attackercan exploit these vulnerabilities and gain control over these systems. Here are a fewcybercrimes that are faced by individuals or organizations:
Some Notable Cyber Crimes from the Past from 2018
Aadhaar
Aadhaar is a 12-digit unique identifier that is assigned to every Indian citizen. Aadhaar
records of all 1.1 billion India citizens were compromised.
Facebook
Hackers exploited Facebook's vulnerability, which allowed them to steal Facebook
access tokens.
• In the month of March, 50 million records were breached.
• In the month of September, 90 million records were breached.
• And in December, 7 million records were breached.
Quora
Quora is a platform where its users can ask and answer questions. A malicious third
party attacked it. Account information of 100 million Quora users including their name,
email address, and encrypted password were compromised.
Marriott Hotels
Marriott Hotels suffered a data breach in which personal information of 500 million
hotel guests were stolen. This included names, emails, addresses, dates of birth, credit
card information, and passport numbers of the guests.
TicketFly
Ticketfly, an event ticketing company, was the target of a malicious cyberattack.
Information of approximately 27 million Ticketfly users, including their names,
addresses, email addresses, and phone numbers, were compromised. Any financial
information such as credit and debit cards were not compromised during this attack.
MyHeritage
MyHeritage Company is an online genealogy platform, which tests its users' DNA to find
their ancestors and build their family trees. Ninety-two million records of users who
signed up before October 26, 2017, were breached. But DNA information and family
trees were stored on separate systems, which were not breached.
Exactis
Exactis's database was on a publicly accessible server. Exactis exposed approximately
340 million records in which information was comprised of an email address, phone
number, physical address, etc.
British Airways
British Airways faced a serious attack on its website and application. Approximately
380,000 card payments made to British Airways between August 21st and September 5
were compromised. The hackers in this attack used the credit card skimming technique.
Cathay Pacific
Cathay Pacific is an airline company from Hong Kong. The company's data breach
exposed personal information of 9.4 million passengers.
Under Armour
The company's food and nutrition app were hacked, and 150 million records were
breached. But the company processes payments through a separate channel, and
therefore any payment information was not leaked.
Task 2:
1. Each student should select one tool from each of the below given categories form the internet and discuss for given points
List of categories (Each student will select 8 tools, one for each of given categories)
1) Disk Forensic Tools
2) Network Forensic Tools
3) Wireless Forensic Tools
4) Database Forensic Tools
5) Malware Forensic Tools
6) Email Forensic Tools
7) Memory Forensic Tools
8) Mobile Phone Forensic Tools
After selection of tools for above categories, please discuss each tool for following points:
• Security
• Support for multiple platforms
• User-friendly interface
• Features and functionalities offered
• Support for multiple devices
• Support for multiple file formats
• Analytics features
• Integrations and Plugins support
• In which scenario/situation will you use this tool?
• What are the positive and negative aspects of using the tool (what will go right and what can go wrong).
Attachment:- Cybersecurity Engineering Program.rar