Artificial Intelligence and Forensics Special Interest Group
Latest updates
This area contains all of the latest information about this group.
- Outputs from the group can be downloaded from the resources area.
- Further information about the group can be found below.
- A wiki has been set up for the use of the members of the group to work on ideas.
Found 8 articles.
| Date: 20/5/2009 |
Notes from the workshop of the AI and Forensics Special Interest Group that took place on the 2nd of April are now available to download.
| Date: 15/4/2009 |
Presentations from the meeting of the AI and Forensics Special Interest Group on the 2nd of April are now available to download from our KTN publications area.
| Date: 31/3/2009 |
More details on the AI and Forensics Special Interest Group workshop are now available, including a final agenda and further details on the topics that will be covered. The workshop will be held on the 2nd of April in London. Follow the link below for full details.
| Page 1 of 3 |
About
The exponential growth of mobilization data on the web, public databases and distributed mobility systems calls for a special interest group to explore both classical and non classical techniques and methods in understanding complex data set as well as making sense out of meaningless data. This group aims to explore research techniques, developments and applications capable of harnessing Artificial Intelligence and forensic computing for electronic crime investigation and case analysis. This could range from anti-terrorism surveillance on Internet and Mobility Systems, Online Fraud, Online Masking for impersonation and digital evidence recovery and collection.
Chair: Godfried B. Williams
Vice chair: Ian R. Henderson
Objectives of SIG and expected outputs
- Explore Artificial Intelligence (A.I) methods and techniques for assisting analysis and discovery of leads in building digital evidence for forensic analysis.
Common A.I methods for digital forensic analysis explored by this group will be genetic algorithms for optimisation and constraint based problems, artificial neural networks for analysing multi-dimensional data, image recovery and verification algorithms. The application of serious computer games in information warfare in negotiating for end user information. Multi- agents systems such as particle swarm and social adaptation for analysing data shared among social networks on computer networks.
The SIG will evaluate and discuss techniques for content management and analysis on web documents, with the view of identifying aspects that need improvement.
- Evaluate the effectiveness of existing forensic tools on the market with respect to cost, usability, resourcefulness and skills required to use these tools.
Off the shelves forensic case tools such as ENCASE encapsulates traditional techniques for recovering lost and hidden data from a computer system. On the contrary there are contemporary intelligent techniques that could be used in discovering and uncovering such evidence The SIG shall explore the cost involved in carrying out a forensic investigation in a computer based environment using traditional and existing techniques as opposed to blending existing techniques, such as the use of off the shelf packages and A.I techniques or in some cases just A.I techniques.
- Propose a standard framework for A.I tools in digital forensic analysis
Currently there are no standards governing the usage of A.I tools for digital forensic analysis and investigations. This working group will investigate criteria and parameters essential in developing standard frameworks and models for conducting such investigations.
The lack of a standard framework for conducting efficient and effective digital forensic investigating has become a bottleneck for ensuring consistency and uniformity in the manner which these investigations take place. Although several agencies in different countries adopt its own framework, there is no single reference model serving as bench mark.
This SIG will explore standard frameworks for using Artificial Intelligence techniques for extracting and compiling digital evidence admissible in a court as opposed to off the shelves software. This is presented by highlighting parameters for developing a general framework.
Expected Outputs
- A framework or model for guiding the use of artificial intelligence techniques in gathering digital evidence admissible in a court of law.
- A set of guidelines for investigators to adapt as best practice for conducting forensic analysis on computers and digital media, as well as addressing issues critical in providing new directions for government, law enforcement agencies as well as industry innovation and research in academia
- Methodologies, methods and techniques for conducting digital forensic analysis
Challenges using A.I techniques as perceived by SIG
Identifying evidence brings a number of challenges to mind. The troubling key questions are as follows, how is evidence traced? How such evidence is collected. Although security defence mechanisms and tools such as firewalls, intrusion detection systems are tools that provide useful information, they are not competent in monitoring dynamic behaviour of Communication Networks spontaneously and just in time. The preservation of evidence could also be tampered and destroyed not only by human error, but also virus and worm attacks.
The SIG will explore topics such as the role of mobile and multi-autonomous agents in the gathering and preservation of evidence in a more productive manner with the goal of ensuring that original images of hard disks and file structures are kept for future use.
If you would like to get involved with this SIG, please contact Karen Barnett (kbarnett@QinetiQ.com).
