Abstract | ||
---|---|---|
The scope of forensic investigations has recently expanded. Since most Internet of Things (IoT) devices are plug and play and do not have much memory or storage to pre-process data, it is a challenge for forensic investigators to identify and obtain relevant evidence to reconstruct attacks. As a solution, we propose using artificial intelligence (AI)-inspired techniques to automate the forensic analysis process by emulating attacks in the process of identifying and collecting forensic evidence. We used a differentiable inductive logic programming (∂ILP) system to obtain attack emulation information from different sources, such as device- and subsystem-level vulnerabilities gathered by assessing device components in an enterprise network, and to predict potential attacks from previous attacks on similar configurations. Our experimental results showed that the proposed methodology could successfully generate rules that can assist forensic examiners in identifying evidence to emulate attacks without execution. |
Year | DOI | Venue |
---|---|---|
2022 | 10.1109/ISDFS55398.2022.9800801 | 2022 10th International Symposium on Digital Forensics and Security (ISDFS) |
Keywords | DocType | ISBN |
∂ILP,digital forensics,forensic investigation,artificial intelligence,IoT | Conference | 978-1-6654-9797-8 |
Citations | PageRank | References |
0 | 0.34 | 9 |
Authors | ||
2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Rami Alnafrani | 1 | 0 | 0.68 |
Duminda Wijesekera | 2 | 1464 | 141.54 |