Technology assisted analysis of timeline and connections in digital forensic investigations
Technology assisted analysis of timeline and connections in digital forensic investigations
Samenvatting
This article describes ongoing research on the application of AI techniques such as Graph Neural Networks to assist investigators with the discovery of relations and patterns in digital forensic evidence. Digital forensic analysis of smartphones and computers reveals forensic artifacts that are extracted from structured databases maintained by the operating system and applications. Such forensic artifacts are part of a forensic ontology which can be used to build a relational graph of identifiers (e.g. users, documents) and a timeline of events. This information can assist with answering key investigation questions such as who, when, where etc. We propose to use a graph database and query language to assist in this analysis. Further, using key identifiers and aliases we want to augment digital forensic artifacts with entities, relations and events by extraction from the full-text of unstructured electronic contents such as emails and documents.
Organisatie | Hogeschool Leiden |
Afdeling | Faculteit Techniek |
Lectoraat | Digital forensics en e-discovery |
Gepubliceerd in | Proceedings of Legal AIIA Workshop (ICAIL ’19) New York |
Datum | 2019-06-17 |
Type | Conferentiebijdrage |
Taal | Nederlands |