skip to main content


Title: Towards Designing Shared Digital Forensics Instructional Materials
This paper presents a systematic approach to designing digital forensics instructional materials to address the severe shortage of active learning materials in the digital forensics community. The materials include real-world scenario-based case studies, hands-on problem-driven labs for each case study, and an integrated forensic investigation environment. In this paper, we first clarify some fundamental concepts related to digital forensics, such as digital forensic artifacts, artifact generators, and evidence. We then re-categorize knowledge units of digital forensics based on the artifact generators for measuring the coverage of learning outcomes and topics. Finally, we utilize a real-world cybercrime scenario to demonstrate how knowledge units, digital forensics topics, concepts, artifacts, and investigation tools can be infused into each lab through active learning. The repository of the instructional materials is publicly available on GitHub. It has gained nearly 600 stars and 22k views within several months. Index Terms  more » « less
Award ID(s):
2039288
NSF-PAR ID:
10404816
Author(s) / Creator(s):
Date Published:
Journal Name:
the IEEE 46th Annual Computers, Software, and Applications Conference (COMPSAC'22)
Page Range / eLocation ID:
117-122
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. Abstract

    This paper describes the design, implementation and research of the Cyber Sleuth Science Lab (CSSL), an innovative educational program and supporting virtual learning environment, that combines pedagogical theory, gender inclusive instruction strategies, scientific principles/practices, gamification methods, computational thinking, and real-world problem solving. This program provides underrepresented youth, especially girls, with digital forensic knowledge, skills and career pathways, challenging them to explore complex social issues related to technology and to become cyber sleuths using real-world digital forensic methods and tools to solve investigative scenarios. Students also learn about related careers while improving their cyber street smarts. The CSSL incorporates additional “outside of the computer” activities to strengthen students’ engagement such as structured in-classroom discussions, mock trials, and in-person interactions with practitioner role models. The CSSL was piloted in various forms to assess the suitability for in-school and out-of-school settings, and the students predominantly represented racial minorities. Research in this project relied on a mixed methods approach for data collection and analysis, including qualitative and quantitative methods, reinforced using learning analytics generated from the students clicking through the interface and interacting with the system. Analysis of gathered data indicate that the virtual learning environment developed in this project is highly effective for teaching digital forensic knowledge, skills, and abilities that are directly applicable in the workplace. Furthermore, the strategies for gender inclusive STEM instruction implemented in CSSL are effective for engaging girls without being harmful to boys’ engagement. Learning STEM through digital forensic science taps into girls’ motivations to address real-world problems that have direct relevance to their lives, and to protect and serve their community. After participating in the educational program, girls expressed a significantly greater increase in interest, relative to boys, in learning more about careers related to digital forensics and cybersecurity.

     
    more » « less
  2. The current analysis utilizes semi-structured qualitative interviews with sworn cybercrime detectives, civilian digital forensics analysts, and unit administrators to consider variations between cybercrime units which bear significant implications for cybercrime investigative policy and practice. The first variation observed in this study concerns differences in the structure of digital forensics assignments. Such duties may be assigned to sworn officers, civilians, sworn officers and civilian, outsourced to other departments, or a dedicated forensic lab. Second, variations between units were noted in resource availability (tools, training, and finances). These variations among cybercrime units may have implications for personnel recruitment and retention, the sophistication of cases considered by investigators, and case success.

     
    more » « less
  3. Gladyshev, P. ; Goel, S. ; James, J. ; Markowsky, G. ; Johnson, D. (Ed.)
    AI Forensics is a novel research field that aims at providing techniques, mechanisms, processes, and protocols for an AI failure investigation. In this paper, we pave the way towards further exploring a sub-domain of AI forensics, namely AI model forensics, and introduce AI model ballistics as a subfield inspired by forensic ballistics. AI model forensics studies the forensic investigation process, including where available evidence can be collected, as it applies to AI models and systems. We elaborate on the background and nature of AI model development and deployment, and highlight the fact that these models can be replaced, trojanized, gradually poisoned, or fooled by adversarial input. The relationships and the dependencies of our newly proposed subdomain draws from past literature in software, cloud, and network forensics. Additionally, we share a use-case mini-study to explore the peculiarities of AI model forensics in an appropriate context. Blockchain is discussed as a possible solution for maintaining audit trails. Finally, the challenges of AI model forensics are discussed. 
    more » « less
  4. As our lives become more dependent on digital technology, cyber crime is increasing in our society. There is now an ever-increasing need to counter cyber crime through digital forensics investigations. With rapid developments in technology such as cloud computing, the Internet of Things, and mobile computing, it is vital to ensure proper training of law enforcement personnel and judges in the theory and practice of digital forensics. In this paper, we describe our methods and approach to create curricula, educational materials, and courses for training law en- forcement and judicial personnel in digital forensics. We partnered with legal experts to design a series of modules/courses on digital forensics to educate the actual target demographics. Training materials have been designed to be not only scalable to nationwide law enforcement and ju- dicial professionals, but also amenable to regular updates to respond to rapidly changing attacks and forensic techniques. 
    more » « less
  5. The focus of this paper is to investigate how elementary students learned computer science concepts through storytelling in Scratch. To serve this purpose, we conducted artifact interviews with 4th graders who were engaged with a computer science (CS) integrated module in their English language arts (ELA) class. Students created stories in Scratch with a focus on character traits. The constructionist design of the Scratch tool supports student learning through tinkering, the creation of meaningful artifacts, and through the theatrical metaphor that underlies interface design. This paper explores how two 4th graders demonstrated their CS/CT and ELA knowledge through the design of a Scratch artifact and how Scratch facilitated this interdisciplinary learning. While there have been studies in middle school and in after-school contexts that focus on digital storytelling and writing, there are few papers that examine interdisciplinary integration in the formal school context at the elementary level. 
    more » « less