Applying Forensic Principles to Computer-Based Assessment

  • R. Laubscher
  • D. Rabe
  • M. Olivier
  • J. Eloff
  • H. Venter
Part of the IFIP — The International Federation for Information Processing book series (IFIPAICT, volume 194)


A computer forensic investigator investigates computer crime. Currently only a few academic institutions have a computer forensic department and, therefore, the investigative responsibility (in case of contravention of assessment regulations for computer-based assessments) rests upon the lecturers.

The purpose of our project is to apply computer forensic principles to a computer-based assessment environment to facilitate the identification and prosecution of any party that contravenes assessment regulations. This paper is the first step in that project; its purpose is to consider the nature of such an environment. This nature is derived from the established computer forensic principles. In particular, we focus on the forensic process to determine the policies, procedures and types of tools that should be present in such an environment. The intention of the paper is not to consider any of the issues raised in detail, but to consider the process from a high level. The utilization of different tools, namely a key logger, CCTV camera, audit log and a report of logins, facilitates the identification of any party that contravenes assessment regulations. The proposed process consists of four phases: preparation of the environment, collection of evidence, analysis of evidence, and reporting findings.


Computer-based programming assessment forensic process key logging 


  1. [1]
    I. Armstrong, Computer forensics: Detecting the imprint, SC Magazine, August 2002.Google Scholar
  2. [2]
    M. Bigler, Computer forensics, Internal Auditor, vol. 57(1), p. 53, 2000.Google Scholar
  3. [3]
    C. Boyd and P. Forster, Time and date issues in forensic computing: A case study, Digital Investigation, vol. 1(1), pp. 18–23, 2004.CrossRefGoogle Scholar
  4. [4]
    J. Feldman, Collecting and preserving electronic media, Computer Forensics Inc., Seattle, Washington, 2001.Google Scholar
  5. [5]
    J. Holley, Market survey: Product review, SC Magazine, September 2000.Google Scholar
  6. [6]
    W. Kruse and J. Heiser, Computer Forensics: Incident Response Essentials, Addison-Wesley Longman, Amsterdam, The Netherlands, 2001.Google Scholar
  7. [7]
    C. Pfleeger and S. Pfleeger, Security in Computing, Prentice Hall, Upper Saddle River, New Jersey, 2003.Google Scholar
  8. [8]
    S.T. Ltd., Top ten key loggers in review ( Scholar
  9. [9]
    W. Soukoreff and S. Mackenzie, KeyCapture (www.dynamicservices. com/~will/academic/textinput/keycapture), 2003.Google Scholar
  10. [10]
    H. Wolfe, Computer forensics, Computers and Security, vol. 22(1), pp. 26–28, 2003.CrossRefGoogle Scholar
  11. [11]
    M. Wyer and S. Eisenbach, LEXIS: An exam invigilation system, Proceedings of the Fifteenth Conference on Systems Administration, 2001.Google Scholar

Copyright information

© International Federation for Information Processing 2006

Authors and Affiliations

  • R. Laubscher
  • D. Rabe
  • M. Olivier
  • J. Eloff
  • H. Venter

There are no affiliations available

Personalised recommendations