A survey of machine learning applications in digital forensics

Hilmand Khan; Sarmad Hanif

doi:10.17352/tcsit.000034

Trends in Computer Science and Information Technology volume6-issue1 articles

PDF HTML

Submitted: March 29, 2021

Published: Apr 8, 2021

DOI: 10.17352/tcsit.000034

Keywords:

Access control management, P-DIFF, File fragment, Internet-of-things-dots, Convolution neural network

Hilmand Khan*

Department of Computer Science, CIIT, Islamabad, Pakistan

Sarmad Hanif

Department of Computer Science, CIIT, Islamabad, Pakistan

Abstract

We address the role of machine learning in digital forensics in this paper, in order to have a better understanding of where machine learning stand in today’s cyber security domain when it comes to collecting digital evidence. We started by talking about Digital Forensics and its past. Then, to illustrate the fields of digital forensics where machine learning methods have been used to date, we recommend a brief literature review. The aim of this paper is to promote machine learning applications in digital forensics. We went through different applications of machine learning in different areas and analysed how machine learning can potentially be used in other areas by considering its current applications and we believe that the ideas presented here will provide promising directions in the pursuit of more powerful and successful digital forensics tools.

Downloads

Download data is not yet available.

How to Cite

Khan, H., & Hanif, S. (2021). A survey of machine learning applications in digital forensics. Trends in Computer Science and Information Technology, 6(1), 020–024. https://doi.org/10.17352/tcsit.000034

Issue

Vol. 6 No. 1 (2021)

Section

Observational Studies

Copyright & License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

References

Bell DE, LaPadula LJ (1973) Secure computer systems: Mathematical foundations. Mitre Corp Bedford MA. Link: https://bit.ly/3fPT1rR

Denning DE (1987) An intrusion-detection model. IEEE Transactions on Software Engineering 222-232. Link: https://bit.ly/2OqgGUy

Perdisci R, Lee W, Feamster N (2010) Behavioral clustering of http-based malware and signature generation using malicious network traces. In NSDI 10. Link: https://bit.ly/3fKYMHz

Grillo A, Lentini A, Me G, Ottoni M (2009) Fast user classifying to establish forensic analysis priorities. In 2009 Fifth International Conference on IT Security Incident Management and IT Forensics. IEEE 69-77. Link: https://bit.ly/31TMOTG

Rowe NC, Garfinkel SL (2011) Finding anomalous and suspicious files from directory metadata on a large corpus. In International Conference on Digital Forensics and Cyber Crime. Springer, Berlin, Heidelberg 115-130. Link: https://bit.ly/3mBZRTz

Liao N, Tian S, Wang T (2009) Network forensics based on fuzzy logic and expert system. Computer Communications 32: 1881-1892. Link: https://bit.ly/3rTCOo1

Raina P (2021) A Privacy and Integrity Preserving Framework For Incorporating Intelligence In Digital Forensics.

Mohamed Shakeel P, Baskar S, Fouad H, Manogaran G, Saravanan V, et al. (2021) Internet of things forensic data analysis using machine learning to identify roots of data scavenging. Future Generation Computer Systems 115: 756-768. Link: https://bit.ly/39N2E6Q

Oladipo F, Ogbuju E, Alayesanmi FS, Musa AE (2020) The State of the Art in Machine Learning-Based Digital Forensics. Link: https://bit.ly/31UxLt8

Xiang C, Wu Y, Shen B, Shen M, Huang H, et al. (2019) Towards Continuous Access Control Validation and Forensics. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security 113-129. Link: https://bit.ly/2RebtjT

Babun L, Sikder AK, Acar A, Uluagac AS (2018) Lotdots: A digital forensics framework for smart environments. arXiv preprint arXiv:1809.00745. Link: https://bit.ly/3uyFut9

The Open Web Application Security Project. 2017. Jan. 2018. OWASP Top 10-2017: The Ten Most Critical Web Application Security Risks. Link: https://bit.ly/39OdF89

Xiang C, Wu Y, Shen B, Shen M, Huang H, et al. (2019) Towards Continuous Access Control Validation and Forensics. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security 113-129. Link: https://bit.ly/3cX3nVb

Du X, Scanlon M (2019) Methodology for the automated metadata-based classification of incriminating digital forensic artefacts. In Proceedings of the 14th International Conference on Availability, Reliability and Security 1-8. Link: https://bit.ly/2Oqh6u6

Chen Q, Liao Q, Jiang ZL, Fang J, Yiu S, et al. (2018) File fragment classification using grayscale image conversion and deep learning in digital forensics. In 2018 IEEE Security and Privacy Workshops (SPW) 140-147. Link: https://bit.ly/39P68WN

Mayer O, Bayar B, Stamm MC (2018) Learning unified deep-features for multiple forensic tasks. In Proceedings of the 6th ACM workshop on information hiding and multimedia security 79-84. Link: https://bit.ly/3mnku5G

Babun L, Sikder AK, Acar A, Uluagac AS (2018) Iotdots: A digital forensics framework for smart environments. arXiv preprint arXiv:1809.00745. Link: https://bit.ly/3cVSGlA

Iqbal F, Binsalleeh H, Fung BC, Debbabi M (2010) Mining writeprints from anonymous e-mails for forensic investigation. Digital Investigation 7: 56-64. Link: https://bit.ly/2PxFACt

De Vel O, Anderson A, Corney M, Mohay G (2001) Mining e-mail content for author identification forensics. ACM Sigmod Record 30: 55-64. Link: https://bit.ly/3wyLyU2

Kaur P, Bijalwan A, Joshi RC, Awasthi A (2018) Network forensic process model and framework: an alternative scenario. In Intelligent Communication, Control and Devices Springer, Singapore 115-130. Link: https://bit.ly/3dDKZQl

Pluskal J, Lichtner O, Rysavy O (2018) Traffic Classification and Application Identification in Network Forensics. In IFIP International Conference on Digital Forensics 161-181. Link: https://bit.ly/3rXQLBi

Article Sidebar

Main Article Content