The Use Of Artificial Intelligence In Digital Forensics

Lori Tyler

Jan 28 2021

As we steamroll into 2021, one of the biggest buzzwords being spoken of is Artificial Intelligence, or AI for short. Essentially, the concept of this mimics the thought and reasoning processes of the human brain and applies that to help streamline and/or automate manual processes.

AI is starting to find its role in Cybersecurity, especially as it relates to filtering for false positives and taking the manual tasks deemed time-consuming. It is finding a strong foothold as well in the world of Digital Forensics.

Let’s take a look at some real-world possibilities with AI.

The embracing of the IoT:

Most of us have heard of this acronym before, and it stands for the “Internet of Things.” This is where all of the objects we interact with in both the physical and virtual worlds are connected. Some examples of this are Siri and Cortana, the Virtual Personal Assistants (VPAs) found on both the iOS and Windows, respectively. Another is that of the Smart Home. This is where at the clap of your hands, you can either turn on your TV or even start brewing your cup of coffee. The same holds true for digital forensics. Every part of the investigative and evidence presentation process is now interlinked, driven primarily by IoT. Could AI examine the structure of a raw image taken by a camera and link that to other pieces of evidence, such as content found in an email message or social media posting? Better yet, could it describe the degree of that correlation and provide recommendations as to how it can be best showcased in a court of law? Take even newer pieces of evidence and correlate that with older pieces that have been collected previously?

“What If" Scenarios:

Some of the digital evidence collected from a crime scene may not prove to be as useful as others. But the bottom line is that in order to build a solid case, all pieces must be examined, even if they ultimately have the remotest of uses. This is where the role of constructing hypothetical situations can come into play. Imagine if AI can help to build robust “What If” scenarios from these less useful pieces of evidence and show other forms of intent that the criminal could have embarked on as well. In other words, AI can take hunches and gut feelings that cannot be explained easily and transform them into real-world, believable scenarios.

Data Mining:

AI can be used to help discover hidden trends in the pieces of evidence that is collected. But better yet, AI knows no bounds to how much data it can process and analyze. For example, it can go through terabytes and even petabytes of information and data in just a matter of a few minutes to find even much deeper trends and correlations in the datasets. This is also known as “data mining,” or “big data.” In this regard, a subset of AI, known as “Machine Learning” (“ML”), is used, as it can be used for incorporating highly complex statistical principles into the data mining process.

New Forensic Possibilities Based on Proven Capability

One of the things we are most excited about bringing to AccessData forensic tools like FTK is leveraging Exterro's leading-edge Artificial Intelligence technology. This is going to help transform the investigative environment, empowering users with pioneering tools so that they can get access to evidence faster and help uncover more relevant findings when processing and analyzing data, understanding connections that could sharpen focus and direction.

Exterro has mastered AI over the past five years and has successfully launched two AI-driven products that have been battle-tested. With the resources, experience, and expertise to bring this technology to FTK, it is exciting to think about incorporating it into forensic evidence processing and review.

To put it into action, Exterro will deliver “Smart Investigator,” to be fully integrated with FTK and will leverage the AI technology from Exterro. Smart Investigator will be your virtual investigative partner to help guide the investigation, reveal contextual insights across data at the earliest possible stage, uncovering immediate insight, shortening the time it takes to solve a case, and cutting the extraneous data out so you can spend your valuable time on the investigation itself.

To learn more about this and what else is in store for FTK, be sure to read the Forensic Focus interview with Exterro CEO, Bobby Balachandran.

Contact us today to learn more about our products and our
approach to improving how you collect, analyze and use data.
Tell Me More