Syllabus - CSCI 435 - Anti-Forensics and Digital Privacy
Basic Information
- Section: D1
- Semester: Spring 2021
- Hard Deadline for All Work: Friday, May 7th, 2021 at 5:00 PM EDT
- This is an asynchronous online course. Regular participation is required, but there are no scheduled meetings.
- Prerequisites: Junior standing
- Credit Hours: 3
- Course Purpose: Introduces principles of digital privacy using anti-forensic techniques.
- Intended Audience: Elective course for Information Technology majors and anyone else interested in digital privacy.
Instructor Information
Dr. Mike Murphy
Please see the About Me page for contact information, and check my Schedule for office hours information.
Catalog Description
This course complements CSCI 434 by focusing on techniques to reduce the amount of information collected and stored by computer systems, with an emphasis on protecting the system and user from fraud and identity theft resulting from a compromised or stolen system. Concepts related to privacy in the digital world are discussed. Vulnerabilities in digital devices are explored in the context of a dystopian society in which citizens are under perpetual surveillance.
Course Objectives and Tentative List of Major Topics
- Introduce the broad array of capabilities present in modern consumer electronics devices, including computers, phones, televisions, voice-activated assistants, etc.
- Explain how consumer electronics devices collect data, ostensibly for user measurement and advertising purposes.
- Discuss how adversaries can utilize collected data for illicit purposes.
- Introduce methods that can be used by nation-states, intelligence agencies, and law enforcement to develop profiles and cases based on collected data.
- Describe techniques used by identity thieves to steal personal information, and how much of this information can be stolen from insecure devices.
- Discuss the societal and ethical implications of government surveillance of private citizens using their own consumer products.
- Introduce the model of Threats, Vulnerabilities, and Controls as a way of understanding security.
- Develop a personal threat model to guide individual assessment and use of computers and consumer electronics devices.
- Explain how threat modeling and anti-forensics can be applied in corporate settings, especially to the protection of personal information.
Course Student Learning Outcomes
Upon successful completion of this course, students should be able to:
- Describe ways in which modern computer systems, televisions, mobile phones, and other consumer electronics devices can be used to spy on users and bystanders.
- Explain how personal information, collected with or without consent, can be used to impersonate, manipulate, extort, rob, sue, prosecute, or coerce an individual.
- Articulate a personal threat model with vulnerabilities and controls.
- Implement anti-forensic data safeguards and procedures to reduce exposure to undesired data collection and discovery.
- Define identity theft and implement personal and corporate security controls to reduce the risk of victimization.
- Identify ways in which governments can utilize consumer electronics as part of a large-scale surveillance system.
ABET Assessment
This course measures the following Performance Indicators:
- 1.1 - Define requirements and/or specifications for a computing problem.
- 1.2 - Analyze a complex problem by breaking it down into smaller components.
- 1.3 - Select an existing solution to mitigate or solve a problem.
- 1.4 - Solve a problem by applying principles of computing and/or other relevant disciplines.
- 2.1 - Design a system to meet specific requirements.
- 2.2 - Implement a system to meet a set of requirements.
- 2.3 - Evaluate a solution against requirements.
- 4.1 - Recommend a course of action for an ethical/legal issue in the discipline.
- 4.2 - Illustrate a violation of a professional code of ethics (ACM, IEEE).
- IT 6.1 - Analyze user needs to determine requirements of a computer-based system.
- IT 6.2 - Create appropriate IT-based solutions based upon user needs.
- IT 6.3 - Select systems appropriate for different user and environment requirements.
Texts and Materials
- REQUIRED: Orwell, George. 1984. Signet Classics, 1961. ISBN-13: 978-0451524935.
- Readings, reference materials, tutorials, and videos will be assigned, requiring Internet access.
Grade Categories
Grades will be broken into different categories and weighted as follows:
| Category | Weight |
|---|---|
| Assignments | 30% |
| Learning Quizzes | 30% |
| Assessment Quizzes | 40% |
Additional Policies and Information
The following policies and documents are incorporated into this syllabus by reference:
- My Common Course Policies
- My Online Learning Expectations
- Contingency Plan
- First Week Checklist
- Student Services Guide
Disclaimer
Portions of this course may deal with issues related to cost analysis, laws, and ethics. The instructor of this course is not a lawyer, accountant, or financial advisor, and no portion of this class constitutes legal or financial advice. This syllabus and schedule are tentative and subject to change with notice to the student during the semester. If a portion of this syllabus is found to be non-compliant with University policies or applicable laws, the remainder of this syllabus will remain effective.