Artificial intelligence applied to computer forensics

  • Authors:

  • Bruno W. P. Hoelz;Célia Ghedini Ralha;Rajiv Geeverghese

  • Affiliations:

  • National Institute of Criminalistics Brasília, DF, Brazil;Brasilia University, Brasília, DF, Brazil;Brasilia University, Brasília, DF, Brazil

  • Venue:
  • Proceedings of the 2009 ACM symposium on Applied Computing
  • Year:
  • 2009

Quantified Score

Hi-index 0.00

Visualization

Abstract

To be able to examine large amounts of data in a timely manner in search of important evidence during crime investigations is essential to the success of computer forensic examinations. The limitations in time and resources, both computational and human, have a negative impact in the results obtained. Thus, better use of the resources available are necessary, beyond the capabilities of the currently used forensic tools. Herein, we describe the use of Artificial Intelligence in computer forensics through the development of a multiagent system and case-based reasoning. This system is composed of specialized intelligent agents that act based on the experts knowledge of the technical domain. Their goal is to analyze and correlate the data contained in the evidences of an investigation and based on its expertise, present the most interesting evidence to the human examiner, thus reducing the amount of data to be personally analyzed. The correlation feature helps to find links between evidences that can be easily overlooked by a human expert, specially due to the amount of data involved. This system has been tested using real data and the results were very positive when compared to those obtained by the human expert alone performing the same analysis.