News
An AI-Based Network Forensic Readiness Framework for Resource-Constrained Environments
Congratulations to Syed Rizvi and co-authors Mark Scanlon, Jimmy McGibney, and John Sheppard on the publication of An AI-Based Network Forensic Readiness Framework for Resource-Constrained Environments in Proceedings of the 18th International Workshop on Digital Forensics, part of the 20th International Conference on Availability, Reliability and Security.
Co-authors: Mark Scanlon, Jimmy McGibney, and John Sheppard.
AI-generated summary of the contribution: This research proposes an AI-based network forensic readiness framework for resource-constrained environments (RCEs), addressing the challenges of limited computational capacity, power constraints, and heterogeneous IoT-generated data and traffic. The framework integrates optimised artificial intelligence models trained on the CICIoT2023 and CSE-CIC-IDS2018 datasets, capturing network traffic in real-time and dynamically selecting the most suitable AI model for attack detection. It continuously monitors resources and activates evidence acquisition components to collect relevant data for forensic analysis, securing the acquired evidence and transmitting it to a server-side environment for validation and preservation. The framework aligns with ISO/IEC 27043:2015 Digital Forensic Readiness principles, automating many manual procedures and reducing both time and human effort. The quantitative evaluation demonstrates the effectiveness of the proposed network forensic readiness framework to address the specific challenges of RCEs.