Hi everyone,
We hope you've enjoyed a good break over summer.
It turns out - only 9 people have provided feedback on the Digital Forensics course.
Many aspects were new or revamped this year - including many tutorials, the forensics professionalism section and the entire extended forensics course.
We rely on your feedback to make improvements. So if you have a few minutes - please fill it out :)
Hi everyone,
We hope you enjoyed the exam. The exam has now finished.
If you have any issues, please email cs6445@cse.unsw.edu.au
Thanks again.
The final exam has started at 2pm AEDT and will finish at 4pm AEDT.
Please click the tap “Final Exam 2020” on the left side pane on WebCMS to view the exam paper.
If you have issues during the exam email cs6445@cse.unsw.edu.au or message 0415 627 304.
Good luck!
Hi everyone,
Good luck in the exam tomorrow afternoon.
If you are looking for a distraction - consider completing the feedback survey for this year's Digital Forensics course.
Many aspects were new or revamped this year - including many tutorials, the forensics professionalism section and the entire extended forensics course.
We rely on your feedback to make improvements. So if you have a few minutes tonight - please fill it out :)
Hi all,
Hope your exam period is going alright.
We listened to your feedback about the closed book exam and have changed that. It is now an open book/open internet exam but in a read only state so no communicating with others.
The exam duration has been finalised and bonus marks are available, details are on the Open Learning exam FAQs page.
If you have any questions, feel free to email cs6445@cse.unsw.edu.au
Thanks Brendan
Hi all,
As promised we have created an exam FAQs available on Open Learning.
It's accessible from the exam tab on the side.
The exam skeleton is also available, it is accessible on Webcms (and there is a link on Open learning).
There is a thread on slack where you can post follow up questions and we will add them to the FAQs page as needed. You can also email the course account (cs6445@cse.unsw.edu.au).
Thanks Brendan
Hi all,
I hope you're all looking forward to our mock trial on Monday, I know I am. We have 2 great advocates in Mr Ajoy Ghosh and Ms Tabitha Bauer and spectacularly a 13 year seasoned federal court judge Honourable Dr Annabelle Bennett AC SC to take on the role of judge.
The case involves 2 alleged spies ex-filtrating secrets from a defense contractor, I will say no more...
For students not taking part it will start at our normal Monday lecture time of 5pm, please rock up on time to ensure you get the best experience. It will be slightly different as the mock trial will be being broadcast from the law building at UNSW.
For students taking part (aka extended students) please bring your students cards with you and arrive at 4:30pm to ensure you are ready.
Annabelle Bennett has been very generous with her time and has also recorded a podcast with Richard Buckland available for all to listen to on Apple Podcast and also HERE
I look forward to seeing you all on Monday for this exciting opportunity,
Brendan (cs6445@cse.unsw.edu.au)
Hi all,
I have released preliminary marks for report 1 and quiz 1 - 4. These marks are available on Webcms under Grades .
Week 9 downloads are also available on HERE and HERE .
Let me know if you have any issues,
Brendan (cs6445@cse.unsw.edu.au)
Hi all,
Hope you enjoyed your quiet week.
I have uploaded Week 8's downloads to Cloudstor and CSE , I recommend starting the download now so that you're ready to analyse the Android phone for next week.
The autopsy file is pre-processed for you so all you need to do is download it.
Thanks Brendan
Hi all,
Congrats on making it to the end of week 5, I hope you enjoy your quiet week.
I have uploaded week 7's downloads and made report 2 available IF you want to start early, there is no need to but I thought I'd give you all the flexibility/option.
The downloads are accessible from the downloads page as well as HERE and HERE
Note for extended students:
Some students have had trouble extracting the zip file. We have uploaded a new version to Openlearning so you may wish to double check and download the updated version if you are also struggling with this. The direct download link is HERE .
If you are having trouble downloading the file (due to size /internet connection) let the course account know and we can help.
Enjoy your break,
Brendan ( S:@chapachap, E:cs6445@cse.unsw.edu.au)
Hi everyone,
For those interested in virtually attending Tim's second lecture on Windows Forensics it will be held on zoom at 2pm Thursday 15 October (this Thursday) here: https://unsw.zoom.us/j/81377902719
There will also be a recording released and you may watch the content there.
Thanks Brendan
Hi all,
Hope you are all managing with your reports this weekend. (Reach out if you need some assistance)
I know you're wondering, "What's something I could do to procrastinate without feeling guilty?" well I have an answer for you!
Start downloading this week's chunks, just set and forget while you work. You can get them either HERE or HERE .
Let me know if there are any issues,
Brendan (S: @chapachap, email: cs6445@cse.unsw.edu.au)
Hi extended students,
Submission instructions for your Drop 1 Activity instructions have been posted under the extended workshop files HERE . It is the third file.
Let me know if you have any issues,
Brendan (cs6445@cse.unsw.edu.au or @chapachap on slack)
Hi all,
Kristian Mansfield is a tutor with SecEDU and is currently working on a project he'd like to share with everyone.
Check it out!
Hi everybody,
I've been working on a project with Richard to get some data about how everyone's cyber security has changed due to their move to working from home.
We've built it up to be a system to both gather data for use in my thesis and other academic research, but it's also a system to work out where your security might be lacking. There's feedback presented in the results and a step by step list of things you can do to improve your security standing in the actions section. The plan is to deploy this to the internet and have as many people in the workforce as possible answer questions about working from home, so if your mum and dad want to fill it out (or you just want to see how they compare) then send them the link!
At the moment, I'm the only developer so if you've got any comments or especially if you find any bugs and security concerns, please let me know. There's a google form here to submit feedback - https://forms.gle/A3yo7nyow5FaottZ7 .
The data should be available to you as well if you've got research projects you want to get involved in, let me know. You can reach me at z5114062@unsw.edu.au or @TrashPanda on the SecEDU slack channel.
Thanks everyone,
Hi all,
Week 4 download is ready to go, start your download now HERE or HERE .
Set and forget while your enjoy your long weekend.
Thanks Brendan
Hi all,
Thank you for your feedback and patience with zip file downloads. I have now changed how the downloads work slightly and provided a mirror server from CSE.
The downloads are now chunked in 400mb files so if your internet breaks you have only lost at most 400mbs of progress. I'm curious on feedback for the optimal chunk size so let me know if you have issues.
Instructions on how to recombine the files are located on Open Learning at the bottom of the downloads page for Windows, Linux and Mac.
For those having issues with the week 3 download checkout either of these 2 links HERE or HERE to begin your download.
Let me know if you have any issues on slack (@chapachap) or the course email.
Cheers Brendan
Ajoy Ghosh, one of our industry lecturers, has recommended the following training which has just become available.
Check it out!
If you enjoyed the free Autopsy training we released earlier in the year, you might also be interested in our next free course on incident response.
In this course, you’ll learn Brian Carrier's systematic approach to endpoint investigations and how to apply it. Brian will cover:The course is 3 hours, video-based, and on-demand. It’s also vendor agnostic, but Cyber Triage is used as a reference tool.
- A framework for categorizing artifacts that may contain DFIR evidence
- How to analyze those artifact categories
- The benefits of an automated approach
Reserve your seat today. You’ll receive a link to register when classes start on October 7th!
Hi all,
As some of you have noticed there is a file in the Week3.zip that is corrupted. There is now a separate download for the short term for that single file available on the Openlearning downloads page.
Some of you have mentioned you have had some issues with downloading large files from cloudstor. We are looking into alternatives but in the short term let me (@chapachap) know or email cs6445@cse.unsw.edu.au and I can provide a separate non-cloudstor link to get you started this week.
Thank you
For extended students, there will be no formal workshop this evening.
However, we will have an informal session where you will be able to ask any questions you might have about the extended investigation project.
In this session you can any further questions you may have have about the company, the employees and forensic assets for the extended investigation.
Dear All students,
We have received a few questions about how much storage space is required for each week and the course generally.
On the downloads page of Open Learning I have added some estimated sizes for each of the downloads so you can work out a week or 2 in advance if you will have enough space.
Some weeks say TBC (To Be Confirmed) and will be updated as the term progresses.
If anyone has or believes they may have issues downloading and/or storing any of the course files please reach out to the course account (cs6445@cse.unsw.edu.au) ASAP and arrangements can be made. We do not want anyone disadvantaged :)
Thanks Brendan
Dear All Students,
We have had some questions relating to the differences between COMP6445 and COMP6845 (Extended).
Extended students still complete all the same content that the Core students do, including reports, weekly quizzes and reflections.
The two cohorts differ in respect to the Tuesday evening masterclass/extended lecture (although core students are encouraged to attended when they can) and the Extended Project culminating in a mock trial at the end of the term. This is run by industry guest lecturer Ajoy Ghosh.
The content covered relates to being a Digital Forensic expert witness, which is a very senior position. This would be helpful for students wishing to extend (pardon the pun) themselves both this term and in their career or are particularly ambitious. Expert witnesses apply to all fields of security and beyond.
COMP6845 students will also undertake an Extended Project. While this will not involve any additional technical knowledge than is taught in the Core stream, the additional artifacts allow extra breath to practice those skills. The artifacts will play into a larger narrative throughout the course culminating with a mock trial where students submit their evidence. Other than providing more opportunities to practice your technical skills in a supported learning environment, the project will reflect well in job interviews and write ups.
To account for the extended project, there are slightly different assessment weightings (which some students may prefer) visible in the official course outline here .
If you would like to swap from Core to Extended or Extended to Core please email the class account (cs6445@cse.unsw.edu.au) and a swap can be arranged during Week 1 and early Week 2.
If you are in Clifford's tutorial occuring right now (7pm-9pm) and cannot get into the tute, use this link:
Dear all students,
The course schedule is available at OpenLearning . You can find the zoom meeting links to the core and extended lectures and the tutorials. All these links are also available at WebCMS and Moodle . All students are welcome and encouraged to attend the extension workshop.
Please note that the 6445 Tutorial Thu 18-20 has been closed. If you registered in this lab, please re-register to other session. Thank you!
Warm regards,
Dear students,
Welcome to COMP6445/6845 Digital Forensics!
For this course, we use OpenLearning . You shall sign into OpenLearning (OL) via Moodle and use Moodle credentials the first time you sign into OL.
If you have any issue, please feel free to contact cs6445@cse.unsw.edu.au or leave comments below.
Wishing you an enjoyable and rewarding course.