Skip Navigation

Syllabus - CSCI 435 - Anti-Forensics and Digital Privacy

Basic Information

Instructor Information

Dr. Mike Murphy

Please see the About Me page for contact information, and check my Schedule for office hours information.

Catalog Description

This course complements CSCI 434 by focusing on techniques to reduce the amount of information collected and stored by computer systems, with an emphasis on protecting the system and user from fraud and identity theft resulting from a compromised or stolen system. Concepts related to privacy in the digital world are discussed. Vulnerabilities in digital devices are explored in the context of a dystopian society in which citizens are under perpetual surveillance.

Course Objectives and Tentative List of Major Topics

  1. Introduce the broad array of capabilities present in modern consumer electronics devices, including computers, phones, televisions, voice-activated assistants, etc.
  2. Explain how consumer electronics devices collect data, ostensibly for user measurement and advertising purposes.
  3. Discuss how adversaries can utilize collected data for illicit purposes.
  4. Introduce methods that can be used by nation-states, intelligence agencies, and law enforcement to develop profiles and cases based on collected data.
  5. Describe techniques used by identity thieves to steal personal information, and how much of this information can be stolen from insecure devices.
  6. Discuss the societal and ethical implications of government surveillance of private citizens using their own consumer products.
  7. Introduce the model of Threats, Vulnerabilities, and Controls as a way of understanding security.
  8. Develop a personal threat model to guide individual assessment and use of computers and consumer electronics devices.
  9. Explain how threat modeling and anti-forensics can be applied in corporate settings, especially to the protection of personal information.

Course Student Learning Outcomes

Upon successful completion of this course, students should be able to:

  1. Describe ways in which modern computer systems, televisions, mobile phones, and other consumer electronics devices can be used to spy on users and bystanders.
  2. Explain how personal information, collected with or without consent, can be used to impersonate, manipulate, extort, rob, sue, prosecute, or coerce an individual.
  3. Articulate a personal threat model with vulnerabilities and controls.
  4. Implement anti-forensic data safeguards and procedures to reduce exposure to undesired data collection and discovery.
  5. Define identity theft and implement personal and corporate security controls to reduce the risk of victimization.
  6. Identify ways in which governments can utilize consumer electronics as part of a large-scale surveillance system.

ABET Assessment

This course measures the following Performance Indicators:

Texts and Materials

Grade Categories

Grades will be broken into different categories and weighted as follows:

CategoryWeight
Assignments40%
Learning Quizzes30%
Assessment Quizzes30%

Additional Policies and Information

The following policies and documents are incorporated into this syllabus by reference:

Disclaimer

Portions of this course may deal with issues related to cost analysis, laws, and ethics. The instructor of this course is not a lawyer, accountant, or financial advisor, and no portion of this class constitutes legal or financial advice. This syllabus and schedule are tentative and subject to change with notice to the student during the semester. If a portion of this syllabus is found to be non-compliant with University policies or applicable laws, the remainder of this syllabus will remain effective.