AI-Enabled Digital Forensic Evidence Examination

  • Jim Q. Chen
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 1129)


Digital forensics is crucial for the prosecution of offenders in cyberspace, including nation-state actors and non-nation-state actors. The evidence discovered, verified, and associated during the evidence examination phase serves as the basis for digital forensic analysis and eventually the basis for the verdict of a judge and a jury. However, the current digital forensic evidence examination procedure usually takes a relatively long time, demands a great amount of resources, and requires great efforts from human experts. The biggest challenges in this procedure are accuracy and speed. Nevertheless, in some cases, delay is not allowed, as it may have significant impact upon a critical mission, especially a time-sensitive one. To address this challenge, this paper recommends an AI-based digital forensic evidence examination architecture that is empowered by contextual binding, machine learning, and human-machine teaming. In this approach, human experts are teamed up with artificial intelligence (AI) systems in conducting evidence examination. This approach certainly improves the efficiency and effectiveness of an investigation, thus successfully supporting missions.


Digital forensics Evidence examination Artificial intelligence Contextual binding Machine learning Human-Machine teaming 


  1. 1.
    Schmidhuber, J.: Deep learning in neural networks: an overview. In: Technical Report IDSIA-03-14. Switzerland: The Swiss AI Lab IDSIA, University of Lugano & SUPSI (2014)Google Scholar
  2. 2.
    Irons, A., Lallie, H.: Digital forensics to intelligent forensics. Future Internet 6, 583–596 (2014). Scholar
  3. 3.
    Lakade, S.: Digital forensics: current scenario and future challenges. Int. J. Inf. Secur. Cybercrime. 4(2) (2015).
  4. 4.
    Simou, S., Kalloniatis, C., Gritzalis, S., Mouratidis, H.: A survey on cloud forensics challenges and solutions. Secur. Commun. Netw. 9, 6285–6314 (2016). Scholar
  5. 5.
    Lopez, E., Moon, S., Park, J.: Scenario-based digital forensics challenges in cloud computing. Symmetry 8(107), 1–20 (2016). Scholar
  6. 6.
    Alqahtany, S., Clarke, N., Furnell, S., Reich, C.: Cloud forensics: a review of challenges, solutions and open problems. In: Proceedings of the 2015 International Conference on Cloud Computing (ICCC), Riyadh, Saudi Arabia, pp. 1–9, 27–28 April 2015 (2015)Google Scholar
  7. 7.
    Beebe, N.: Digital forensic research: the good, the bad and the unaddressed. In: Peterson, G., Shenoi, S. (eds.) Advances in Digital Forensics V, pp. 17–36. Springer (2009)Google Scholar
  8. 8.
    Pollitt, M.: The good, the bad, the unaddressed. J. Digit. Forensic Pract. 2(4), 172–174 (2009). Scholar
  9. 9.
    Marti, R., Reinelt, G.: Heuristic methods. In: The Linear Ordering Problem, Exact and Heuristic Methods in Combinatorial Optimization, vol. 175, pp. 17–40. Springer, Berlin (2011).
  10. 10.
    Chen, J.: Contextual binding and intelligent targeting. In: Proceedings of the 2016 IEEE/WIC/ACM International Conference on Web Intelligence, pp. 701–704. IEEE (2016)Google Scholar
  11. 11.
    Chen, J.: An intelligent path towards fast and accurate attribution. In: Arai, K., Kapoor, S., Bhatia, R. (eds.) Intelligent Computing: Proceedings of the 2018 Computing Conference, vol. 2, pp. 1072–1082. Springer (2018)Google Scholar
  12. 12.
    Nakasone, P.: A cyber force for persistent operations. Joint Force Q. 92(1), 10–14 (2019)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  • Jim Q. Chen
    • 1
  1. 1.U.S. National Defense UniversityWashington DCUSA

Personalised recommendations