A Framework for Integrated Digital Forensic Investigation Employing AutoGen AI Agents

Contribution Summary

This paper presents a novel architecture for digital forensic investigations that integrates AutoGen AI agents and Large Language Models (LLMs) to optimize the investigative workflow. The proposed framework utilizes AI agents and LLMs to perform tasks articulated in natural language by a human agent, alleviating the investigative workload and shortening the learning curve for investigators. The framework's design considers the challenges of evolving requirements, information accuracy, and legal barriers. The authors introduce the concept of prompt engineering in the context of digital forensics, aiming to generate subtasks from intricate and sequential tasks. The framework's integrity is intricately tied to the precision and clarity achieved through prompt engineering, establishing a pivotal dependency. The proposed framework is built upon the AutoGen framework, integrating LLaMA and StarCoder LLMs alongside four AI agents. The framework's ability to process and understand input from natural language, distinguish between specific tasks and irrelevant information, and recognize various language patterns and technical DF terminology improves the model's accuracy in interpreting user commands. The framework's validation mechanism leverages a baseline data set for effective implementation, and the Language Feedback Benchmark (LLF-Bench) is utilized to assess the LLM's performance in sub-task decomposition within the DF domain.

Keywords: Digital Forensics; Large Language Models; AI Agents; AutoGen; Prompt Engineering; Digital Forensic Investigation; Artificial Intelligence; Natural Language Processing