A survey of machine learning applications in digital forensics

Hilmand Khan; Sarmad Hanif

doi:10.17352/tcsit.000034

Trends in Computer Science and Information Technology volume6-issue1 articles

PDF HTML

Submitted: March 29, 2021

Published: Apr 8, 2021

DOI: 10.17352/tcsit.000034

Keywords:

Access control management, P-DIFF, File fragment, Internet-of-things-dots, Convolution neural network

Hilmand Khan*

Department of Computer Science, CIIT, Islamabad, Pakistan

Sarmad Hanif

Department of Computer Science, CIIT, Islamabad, Pakistan

Abstract

We address the role of machine learning in digital forensics in this paper, in order to have a better understanding of where machine learning stand in today’s cyber security domain when it comes to collecting digital evidence. We started by talking about Digital Forensics and its past. Then, to illustrate the fields of digital forensics where machine learning methods have been used to date, we recommend a brief literature review. The aim of this paper is to promote machine learning applications in digital forensics. We went through different applications of machine learning in different areas and analysed how machine learning can potentially be used in other areas by considering its current applications and we believe that the ideas presented here will provide promising directions in the pursuit of more powerful and successful digital forensics tools.

Downloads

Download data is not yet available.

How to Cite

Khan, H., & Hanif, S. (2021). A survey of machine learning applications in digital forensics. Trends in Computer Science and Information Technology, 6(1), 020–024. https://doi.org/10.17352/tcsit.000034

Issue

Vol. 6 No. 1 (2021)

Section

Observational Studies

Copyright & License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

Licensing and protecting the author rights is the central aim and core of the publishing business. Peertechz dedicates itself in making it easier for people to share and build upon the work of others while maintaining consistency with the rules of copyright. Peertechz licensing terms are formulated to facilitate reuse of the manuscripts published in journals to take maximum advantage of Open Access publication and for the purpose of disseminating knowledge.

We support 'libre' open access, which defines Open Access in true terms as free of charge online access along with usage rights. The usage rights are granted through the use of specific Creative Commons license.

Peertechz accomplice with- [CC BY 4.0]

Explanation

'CC' stands for Creative Commons license. 'BY' symbolizes that users have provided attribution to the creator that the published manuscripts can be used or shared. This license allows for redistribution, commercial and non-commercial, as long as it is passed along unchanged and in whole, with credit to the author.

Please take in notification that Creative Commons user licenses are non-revocable. We recommend authors to check if their funding body requires a specific license.

With this license, the authors are allowed that after publishing with Peertechz, they can share their research by posting a free draft copy of their article to any repository or website.
'CC BY' license observance:

License Name	Permission to read and download	Permission to display in a repository	Permission to translate	Commercial uses of manuscript
CC BY 4.0	Yes	Yes	Yes	Yes

The authors please note that Creative Commons license is focused on making creative works available for discovery and reuse. Creative Commons licenses provide an alternative to standard copyrights, allowing authors to specify ways that their works can be used without having to grant permission for each individual request. Others who want to reserve all of their rights under copyright law should not use CC licenses.

References

Bell DE, LaPadula LJ (1973) Secure computer systems: Mathematical foundations. Mitre Corp Bedford MA. Link: https://bit.ly/3fPT1rR

Denning DE (1987) An intrusion-detection model. IEEE Transactions on Software Engineering 222-232. Link: https://bit.ly/2OqgGUy

Perdisci R, Lee W, Feamster N (2010) Behavioral clustering of http-based malware and signature generation using malicious network traces. In NSDI 10. Link: https://bit.ly/3fKYMHz

Grillo A, Lentini A, Me G, Ottoni M (2009) Fast user classifying to establish forensic analysis priorities. In 2009 Fifth International Conference on IT Security Incident Management and IT Forensics. IEEE 69-77. Link: https://bit.ly/31TMOTG

Rowe NC, Garfinkel SL (2011) Finding anomalous and suspicious files from directory metadata on a large corpus. In International Conference on Digital Forensics and Cyber Crime. Springer, Berlin, Heidelberg 115-130. Link: https://bit.ly/3mBZRTz

Liao N, Tian S, Wang T (2009) Network forensics based on fuzzy logic and expert system. Computer Communications 32: 1881-1892. Link: https://bit.ly/3rTCOo1

Raina P (2021) A Privacy and Integrity Preserving Framework For Incorporating Intelligence In Digital Forensics.

Mohamed Shakeel P, Baskar S, Fouad H, Manogaran G, Saravanan V, et al. (2021) Internet of things forensic data analysis using machine learning to identify roots of data scavenging. Future Generation Computer Systems 115: 756-768. Link: https://bit.ly/39N2E6Q

Oladipo F, Ogbuju E, Alayesanmi FS, Musa AE (2020) The State of the Art in Machine Learning-Based Digital Forensics. Link: https://bit.ly/31UxLt8

Xiang C, Wu Y, Shen B, Shen M, Huang H, et al. (2019) Towards Continuous Access Control Validation and Forensics. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security 113-129. Link: https://bit.ly/2RebtjT

Babun L, Sikder AK, Acar A, Uluagac AS (2018) Lotdots: A digital forensics framework for smart environments. arXiv preprint arXiv:1809.00745. Link: https://bit.ly/3uyFut9

The Open Web Application Security Project. 2017. Jan. 2018. OWASP Top 10-2017: The Ten Most Critical Web Application Security Risks. Link: https://bit.ly/39OdF89

Xiang C, Wu Y, Shen B, Shen M, Huang H, et al. (2019) Towards Continuous Access Control Validation and Forensics. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security 113-129. Link: https://bit.ly/3cX3nVb

Du X, Scanlon M (2019) Methodology for the automated metadata-based classification of incriminating digital forensic artefacts. In Proceedings of the 14th International Conference on Availability, Reliability and Security 1-8. Link: https://bit.ly/2Oqh6u6

Chen Q, Liao Q, Jiang ZL, Fang J, Yiu S, et al. (2018) File fragment classification using grayscale image conversion and deep learning in digital forensics. In 2018 IEEE Security and Privacy Workshops (SPW) 140-147. Link: https://bit.ly/39P68WN

Mayer O, Bayar B, Stamm MC (2018) Learning unified deep-features for multiple forensic tasks. In Proceedings of the 6th ACM workshop on information hiding and multimedia security 79-84. Link: https://bit.ly/3mnku5G

Babun L, Sikder AK, Acar A, Uluagac AS (2018) Iotdots: A digital forensics framework for smart environments. arXiv preprint arXiv:1809.00745. Link: https://bit.ly/3cVSGlA

Iqbal F, Binsalleeh H, Fung BC, Debbabi M (2010) Mining writeprints from anonymous e-mails for forensic investigation. Digital Investigation 7: 56-64. Link: https://bit.ly/2PxFACt

De Vel O, Anderson A, Corney M, Mohay G (2001) Mining e-mail content for author identification forensics. ACM Sigmod Record 30: 55-64. Link: https://bit.ly/3wyLyU2

Kaur P, Bijalwan A, Joshi RC, Awasthi A (2018) Network forensic process model and framework: an alternative scenario. In Intelligent Communication, Control and Devices Springer, Singapore 115-130. Link: https://bit.ly/3dDKZQl

Pluskal J, Lichtner O, Rysavy O (2018) Traffic Classification and Application Identification in Network Forensics. In IFIP International Conference on Digital Forensics 161-181. Link: https://bit.ly/3rXQLBi

Article Sidebar

Main Article Content