Degree

Doctor of Philosophy (PhD)

Department

Division of Computer Science & Engineering

Document Type

Dissertation

Abstract

Digital Forensics (DF) is a field of forensic science focusing on the acquisition, authentication, and analysis of digital evidence while maintaining integrity of that data. DF analysts use forensic tools to parse large volumes of data for investigations and depend on them for identification of pertinent digital evidence in vast amounts of data. Keeping up with innovations and ever-expanding data volumes is a constant challenge for these investigators. The prevalence of Artificial Intelligence (AI) in everyday computing is rapidly expanding, with the use of Machine Learning (ML) and Large Language Models (LLM)s becoming increasingly commonplace. Innovations in technology bring new challenges that need to be addressed, especially in the artifact discovery and analysis that enables DF practitioners. Exploring how AI impacts DF is vital for moving forward in digital investigation in an AI-centric future. This works offers three contributions to the intersection of DF and AI, exploring both the forensic analysis of AI frameworks and how AI can be used to assist DF analysts. The first contribution is a primary account of the injection and detection of foreign data of the Hierarchical Data Format 5 (HDF5) file format as it is utilized by the ML framework TensorFlow 2 (TF2). The second is a primary account of artifact analysis of the multi-agent AI framework by Microsoft called AutoGen. The third is assessing the viability of using LLMs to create new plugins for the forensic tools Autopsy and Volatility 3 using readily available online LLMs, namely OpenAI’s GPT models, Anthropic’s Claude, Google’s Gemini, and DeepSeek.

Date

7-16-2025

Committee Chair

Baggili, Ibrahim

DOI

10.31390/gradschool_dissertations.6884

Download

Included in

Cybersecurity Commons

Share

COinS