SIT327 - Network Forensics
Unit details
| Year: | 2023 unit information |
|---|---|
| Enrolment modes: | Trimester 1: Burwood (Melbourne), Waurn Ponds (Geelong), Online |
| Credit point(s): | 1 |
| EFTSL value: | 0.125 |
| Unit Chair: | Trimester 1: Frank Jiang |
| Prerequisite: | SIT202 |
| Corequisite: | Nil |
| Incompatible with: | Nil |
| Typical study commitment: | Students will on average spend 150 hours over the trimester undertaking the teaching, learning and assessment activities for this unit. |
| Scheduled learning activities - campus: | 1 x 3 hour active class per week. |
| Scheduled learning activities - online: | Online independent and collaborative learning including 1 x 2 hour online workshop per week, weekly drop-in sessions. |
Content
This unit teaches the main techniques and tools needed to successfully investigate attacks against modern computer networks, including how to detect the attacks, how to attribute them, and how to mitigate damage and prevent further damage. Skills to be studied include log analysis, IDS configuration, pcap analysis, protocol reverse engineering. Student will work through a variety of simulated and historical forensic incidents in order to hone their skills.
| ULO | These are the Learning Outcomes (ULO) for this unit. At the completion of this unit, successful students can: | Deakin Graduate Learning Outcomes |
|---|---|---|
| ULO1 | Analyse network log recovery in order to detect common attacks, while gaining familiarity with common network forensics tools. | GLO3: Digital literacy GLO4: Critical thinking |
| ULO2 | Develop experience in configuring intrusion detection systems to discover and prevent common network attacks. | GLO1: Discipline-specific knowledge and capabilities |
| ULO3 | Perform reverse engineering of unknown network communications protocols, using manual analysis and automated tools. | GLO4: Critical thinking |
| ULO4 | Use common network forensics tools to perform analysis of wireless network traffic, in order to detect and prevent common wireless attacks. | GLO1: Discipline-specific knowledge and capabilities |
| ULO5 | Respond to simulated incidents and produce reports on response, attribution, and recommend mitigation. | GLO2: Communication |
These Unit Learning Outcomes are applicable for all teaching periods throughout the year.
Assessment
| Assessment Description | Student output | Grading and weighting (% total mark for unit) | Indicative due week |
|---|---|---|---|
| Learning portfolio | Tasks include the production of a range of artefacts (scripts, packet captures, written reports etc.), along with written critique and reflection. | 80% | Week 11 |
| End-of-Unit Assessment | Timed online test | 20% | End-of-unit assessment period |
The assessment due weeks provided may change. The Unit Chair will clarify the exact assessment requirements, including the due date, at the start of the teaching period.
Hurdle requirement
To be eligible to obtain a pass in this unit, students must meet certain milestones as part of the portfolio, and must achieve a passing grade in the End-of-Unit Assessment.
Learning Resource
There is no prescribed text. Unit materials are provided via the unit site. This includes unit topic readings and references to further information.
The texts and reading list for the unit can be found on the University Library via the link below: SIT327 Note: Select the relevant trimester reading list. Please note that a future teaching period's reading list may not be available until a month prior to the start of that teaching period so you may wish to use the relevant trimester's prior year reading list as a guide only.
Unit Fee Information
Click on the fee link below which describes you: