**4. Methodology**

The researcher recruited 60 teenagers (between the ages of 10 and 17) and 25 grown-up children (between the ages of 18 and 22) for the survey. The datasets for the survey were collected with the help of mixed methods and quantitative virtual interviews using emails and Whatsapp conferencing tool. The participants were presented with two different forms of the logs of Snort Intrusion Detection System (SIDS) in four virtual conferencing sessions to evaluate their level of understanding on network forensic investigations of computer and related crimes.

The first category of the logs of SIDS was raw forensic evidence of two different trace files that were collected from the spanning mode of the computer networks of a University for a period of 120 hours. **Figure 2** illustrates the second categories of the datasets and how forensic investigators can design log analyzers with C++ programming language to investigate forensic evidence.

The quantitative analysis of the above logs were presented to the children in four brainstorming sessions and the conversations focused mainly on crime investigations and how it is also possible for detectives to easily track and arrest the suspects of crimes committed with malware apps, cybercrimes or computer and related crimes. The statistical probabilities of the themes of the responses obtained from the

#### **Figure 2.**

*Evidence of log analysis of forensic evidence that can indicate cybercrimes.*

participants were also analyzed. The probability of a theme is the likelihood that the event will occur in a collection of other themes.

$$\text{Probability (P)} = \frac{\text{Number assigned to them (event)}}{\text{Total number of themes (events)}} \tag{1}$$

In addition, the probability of occurrences is interchangeably used as the prevalence index in some instance in this chapter. The most significant of the findings in the above investigations are presented below.
