.
Analysis of Open Sources and Data
Study Course Description
Course Description Statuss:Approved
Course Description Version:8.00
Study Course Accepted:02.02.2024 12:30:31
| Study Course Information | |||||||||
| Course Code: | JF_438 | LQF level: | Level 7 | ||||||
| Credit Points: | 2.00 | ECTS: | 3.00 | ||||||
| Branch of Science: | Management | Target Audience: | Civil and Military Defense; Law | ||||||
| Study Course Supervisor | |||||||||
| Course Supervisor: | Daiga Spila | ||||||||
| Study Course Implementer | |||||||||
| Structural Unit: | Faculty of Social Sciences | ||||||||
| The Head of Structural Unit: | |||||||||
| Contacts: | Dzirciema street 16, Rīga, szf rsu[pnkts]lv | ||||||||
| Study Course Planning | |||||||||
| Full-Time - Semester No.1 | |||||||||
| Lectures (count) | 8 | Lecture Length (academic hours) | 2 | Total Contact Hours of Lectures | 16 | ||||
| Classes (count) | 4 | Class Length (academic hours) | 2 | Total Contact Hours of Classes | 8 | ||||
| Total Contact Hours | 24 | ||||||||
| Part-Time - Semester No.1 | |||||||||
| Lectures (count) | 3 | Lecture Length (academic hours) | 2 | Total Contact Hours of Lectures | 6 | ||||
| Classes (count) | 2 | Class Length (academic hours) | 2 | Total Contact Hours of Classes | 4 | ||||
| Total Contact Hours | 10 | ||||||||
| Study course description | |||||||||
| Preliminary Knowledge: | Skills to work with a computer, internet browsers, navigate in social networks, English language skills | ||||||||
| Objective: | To provide students with an understanding of the use of open source and data analysis OSINT (Open Source Intelligence) in solving and combating economic crime; To provide students with the necessary abilities and skills in searching for and summarising open source evidence, acquainting students with free access tools and methods of obtaining information; To provide students with abilities and skills in the analysis and synthesis of the information and evidence obtained. | ||||||||
| Topic Layout (Full-Time) | |||||||||
| No. | Topic | Type of Implementation | Number | Venue | |||||
| 1 | Introduction to OSINT Analysis of open sources and data or OSINT as an approach to collection, summarising and analysis of information; Illustrating case studies: • Creation of people’s dossiers; • Geolocation; • Reconstruction of events; • Identification of a conflict of interest. | Lectures | 0.50 | computer room | |||||
| 2 | Introduction to modern internet environment Principles of work of the internet – data circulation infrastructure; Principles of work of internet websites – domain, server hosting; Webpage indexation, deepweb, dark web; SEO – search engine optimization; Social networks – attention economy, influencers Big data economy, machine learning Data brokers – Cambridge Analytica, OCEAN, micro targeting | Lectures | 0.50 | computer room | |||||
| 3 | Availability of information and privacy in the internet Seminar work in accordance with seminar No. 1 instruction. | Classes | 0.25 | computer room | |||||
| 4 | Advanced searching in internet browsers Dorking of internet websites: • To search on specific page; • To search for a specific phrase; • To search for a specific file type; • To search by picture, etc. Archived content; Search for personal data by person’s name, username, e-mail, address, phone number | Lectures | 0.50 | computer room | |||||
| 5 | Search on social networks Facebook; Twitter; Instagram; VKontakte; YouTube; WhatsApp groups; Telegram channels and groups. | Lectures | 0.50 | computer room | |||||
| 6 | Summarising a person’s dossier Seminar work in accordance with seminar No. 2 instruction. | Classes | 0.25 | computer room | |||||
| 7 | Verification of evidences Check of text; Check of pictures; Check of videos; Check of location. | Lectures | 1.00 | computer room | |||||
| 8 | Inauthentic behaviour in social networks Inauthentic pages on Facebook Inauthentic accounts on Facebook Automated accounts on Twitter (bots) Click farms Troll factories | Lectures | 1.00 | computer room | |||||
| 9 | Verification of an event demonstrating evidence verification methods Seminar work in accordance with seminar No. 3 instruction. | Classes | 1.00 | computer room | |||||
| 10 | Identification of a conflict of interest in open data (Visiting lecture) Data from the Register of Enterprises, KNAB on party financing, declarations of SRS officials and data published by the Procurement Monitoring Bureau (PMB), etc.; Case studies with the most popular corruption and conflict of interest schemes | Lectures | 1.00 | computer room | |||||
| 11 | Data analysis in Excel Data import, formatting, mapping, selection, search; Merging of data sets; Pivot tables | Classes | 1.00 | computer room | |||||
| 12 | Examination of website Register of domains, IP addresses, VPN; SSL certificates; Visitor flow (SmilarWeb/Alexa); Backlinks; Cookies; Source code – unique | Lectures | 1.00 | computer room | |||||
| 13 | Network analysis when studying a website Seminar work in accordance with seminar No. 5 instruction. | Classes | 0.50 | computer room | |||||
| 14 | Fraud and crime on the internet (Visiting lecture) Phishing; Identity theft; Hacking; Social engineering (pretending to be a bank); DDoS attacks; Doxing, etc. | Lectures | 1.00 | computer room | |||||
| 15 | Safety on the internet (Visiting lecture) User identity protection online (VPN, virtual machines; browser settings) Password administration, two/three factor verification, biometry; Protection against espionage via digital devices; Safe use of location services, etc. | Lectures | 1.00 | computer room | |||||
| 16 | Visitor safety on the internet Seminar work in accordance with seminar No. 6 instruction. | Classes | 1.00 | computer room | |||||
| Topic Layout (Part-Time) | |||||||||
| No. | Topic | Type of Implementation | Number | Venue | |||||
| 4 | Advanced searching in internet browsers Dorking of internet websites: • To search on specific page; • To search for a specific phrase; • To search for a specific file type; • To search by picture, etc. Archived content; Search for personal data by person’s name, username, e-mail, address, phone number | Lectures | 0.50 | computer room | |||||
| 5 | Search on social networks Facebook; Twitter; Instagram; VKontakte; YouTube; WhatsApp groups; Telegram channels and groups. | Lectures | 0.50 | computer room | |||||
| 10 | Identification of a conflict of interest in open data (Visiting lecture) Data from the Register of Enterprises, KNAB on party financing, declarations of SRS officials and data published by the Procurement Monitoring Bureau (PMB), etc.; Case studies with the most popular corruption and conflict of interest schemes | Lectures | 0.50 | computer room | |||||
| 11 | Data analysis in Excel Data import, formatting, mapping, selection, search; Merging of data sets; Pivot tables | Classes | 1.00 | computer room | |||||
| 12 | Examination of website Register of domains, IP addresses, VPN; SSL certificates; Visitor flow (SmilarWeb/Alexa); Backlinks; Cookies; Source code – unique | Classes | 1.00 | computer room | |||||
| 15 | Safety on the internet (Visiting lecture) User identity protection online (VPN, virtual machines; browser settings) Password administration, two/three factor verification, biometry; Protection against espionage via digital devices; Safe use of location services, etc. | Lectures | 0.50 | computer room | |||||
| 17 | Introduction to OSINT and modern internet environment Analysis of open sources and data or OSINT as an approach to collection, summarising and analysis of information; Principles of work of internet websites – domain, server hosting; Webpage indexation, deepweb, dark web; Social networks – attention economy, influencers Big data economy, machine learning Data brokers – Cambridge Analytica, OCEAN, micro targeting; Cases, when open source intelligence is used. Homework: Essay on openness and priva | Lectures | 0.50 | computer room | |||||
| 18 | Verification of evidences and inauthentic behaviour in social networks Check of text; Check of pictures; Check of videos; Check of location; Inauthentic pages and accounts on Facebook; Automated accounts on Twitter (bots) Click farms and troll factories. Homework: To verify the “evidences” provided by the lecturer describing the course of the verification, tools used and justifying conclusions on authenticity of evidences. | Lectures | 0.50 | computer room | |||||
| Assessment | |||||||||
| Unaided Work: | 1. The material reviewed at lectures and seminars is the necessary minimum knowledge to be acquired. The student should learn other matters not reviewed during contact classes independently. All the matters to be learned in the study course are specified in the description of the course. 2. Learning of material outside auditorium should be systematic. At least 3 hours of learning outside auditorium per two hours in auditorium (90 min) should be provided (preparation of an essay/performance of individual work, preparation for seminars). 3. Seminar classes take place in groups and individually, using personal laptops pr PCs provided by the higher education institutions. Students prepare for seminar work individually or in groups. Detailed organisation of seminar work is included in the seminar instruction for the respective seminar, which is sent to students 5 – 7 calendar days before the seminar. Students are obliged to prepare before the class in accordance with the instruction, for example, to study each case, where open sources were used, to study additional questions and find answers to them, if asked, and after the seminar – to be able to demonstrate their own open source and data research skills. 4. In parallel to all independent work, each student should individually draft a study of open sources (course paper) on a suspect in a specific case, checking his/her alibi, social account network and website network probably involved in an economic crime or to the extent possible to solve a crime using the evidences provided by open sources and data. | ||||||||
| Assessment Criteria: | Within the course, an assessment is also provided for work at seminars, course graduation paper and the examination. To make an assessment, it is necessary: 1) Independent drafting of a course graduation paper; 2) Attendance of classes and successful assessments at seminars; 3) Successful passing of an examination. Work at a seminar – 25%; Course graduation paper – 50%: Examination – 25%. Final Examination (full-time studies): Examination (written) Final examination (part-time studies): Essay on examination questions (Written) | ||||||||
| Final Examination (Full-Time): | Exam (Written) | ||||||||
| Final Examination (Part-Time): | Exam (Written) | ||||||||
| Learning Outcomes | |||||||||
| Knowledge: | Students know the methods, approaches, tools for open source intelligence (OSINT), understand the principles of functioning of online networks, internet browsers, websites and major social networks, know the most useful open databases for the profession, and are aware of and understand the security risks faced by internet users, including the investigator himself/herself. As a result of mastering the study course students are able to integrate the obtained knowledge and make a contribution to the creation of new knowledge. | ||||||||
| Skills: | Students are able to search and systemise evidence available from open sources (texts, photographs, videos, unique identifiers, etc.) in order to subsequently verify, analyse and synthesize the information obtained by drawing conclusions on the crime under investigation. By understanding the principles of the functioning of the Internet and social networks, students are able to use the knowledge provided by the lecturers and to create new open source intelligence approaches independently. Students are able to engage in discussions on the development of Internet and social networks, the privacy, security of their users and the ethics of the researcher. | ||||||||
| Competencies: | Students are competent in conducting economic crime investigations, working on evidence gathered in open and public sources, and advising investigators using other methods of gathering evidence. | ||||||||
| Bibliography | |||||||||
| No. | Reference | ||||||||
| Required Reading | |||||||||
| 1 | Bazzell, M. Open Source Intelligence Techniques: Resources for Searching and Analysing Online Information. 7th Edition. Coppell, Texas, 2019 | ||||||||
| 2 | Akhgar, B., Bayerl, S., Sampson, F. Open Source Intelligence Investigation: From Strategy to Implementation. Springer International Publishing, Switzerland, 2016 | ||||||||
| 3 | Hassan, N., Hijazi, R. Open Source Intelligence Methods and Tools: A Practical Guide to Online Intelligence. Apress Media LLC, New York, 2018 | ||||||||
| 4 | Troia, V. Hunting Cyber Criminals: A Hacker's Guide to Online Intelligence Gathering Tools and Techniques. John Wiley & Sons, Indianapolis, 2020 | ||||||||
| 5 | Gupta, R., Brooks, H. Using Social Media for Global Security. John Wiley & Sons, Incorporated, 2013 | ||||||||
| 6 | Orlowski, J. The Social Dilemma. Netflix, 2020 | ||||||||
| Additional Reading | |||||||||
| 1 | Amer, K., Noujaim, J. The Great Hack. Netflix 2019 | ||||||||
| 2 | Fincher, D. The Social Network. Columbia Pictures, 2010 | ||||||||
| Other Information Sources | |||||||||
| 1 | Intel Techniques | ||||||||
| 2 | Bellingcat | ||||||||
| 3 | Verification and Fact Checking Handbook | ||||||||
