Zobrazit v EDS

SIFT: Sifting file types—application of explainable artificial intelligence in cyber forensics.

Uloženo v:
Podrobná bibliografie
Název: SIFT: Sifting file types—application of explainable artificial intelligence in cyber forensics.
Autoři: Alam, Shahid, Demir, Alper Kamil
Zdroj: Cybersecurity (2523-3246); 9/11/2024, Vol. 7 Issue 1, p1-23, 23p
Témata: DIGITAL forensics, FORENSIC sciences, ARTIFICIAL intelligence, CYBER intelligence (Computer security), DEEP learning
Abstrakt: Artificial Intelligence (AI) is being applied to improve the efficiency of software systems used in various domains, especially in the health and forensic sciences. Explainable AI (XAI) is one of the fields of AI that interprets and explains the methods used in AI. One of the techniques used in XAI to provide such interpretations is by computing the relevance of the input features to the output of an AI model. File fragment classification is one of the vital issues of file carving in Cyber Forensics (CF) and becomes challenging when the filesystem metadata is missing. Other major challenges it faces are: proliferation of file formats, file embeddings, automation, We leverage and utilize interpretations provided by XAI to optimize the classification of file fragments and propose a novel sifting approach, named SIFT (Sifting File Types). SIFT employs TF-IDF to assign weight to a byte (feature), which is used to select features from a file fragment. Threshold-based LIME and SHAP (the two XAI techniques) feature relevance values are computed for the selected features to optimize file fragment classification. To improve multinomial classification, a Multilayer Perceptron model is developed and optimized with five hidden layers, each layer with i × n neurons, where i = the layer number and n = the total number of classes in the dataset. When tested with 47,482 samples of 20 file types (classes), SIFT achieves a detection rate of 82.1% and outperforms the other state-of-the-art techniques by at least 10%. To the best of our knowledge, this is the first effort of applying XAI in CF for optimizing file fragment classification. [ABSTRACT FROM AUTHOR]
Copyright of Cybersecurity (2523-3246) is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Databáze: Complementary Index
FullText Text:
  Availability: 0
CustomLinks:
  – Url: https://resolver.ebscohost.com/openurl?sid=EBSCO:edb&genre=article&issn=25233246&ISBN=&volume=7&issue=1&date=20240911&spage=1&pages=1-23&title=Cybersecurity (2523-3246)&atitle=SIFT%3A%20Sifting%20file%20types%E2%80%94application%20of%20explainable%20artificial%20intelligence%20in%20cyber%20forensics.&aulast=Alam%2C%20Shahid&id=DOI:10.1186/s42400-024-00241-9
    Name: Full Text Finder
    Category: fullText
    Text: Full Text Finder
    Icon: https://imageserver.ebscohost.com/branding/images/FTF.gif
    MouseOverText: Full Text Finder
  – Url: https://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=EBSCO&SrcAuth=EBSCO&DestApp=WOS&ServiceName=TransferToWoS&DestLinkType=GeneralSearchSummary&Func=Links&author=Alam%20S
    Name: ISI
    Category: fullText
    Text: Nájsť tento článok vo Web of Science
    Icon: https://imagesrvr.epnet.com/ls/20docs.gif
    MouseOverText: Nájsť tento článok vo Web of Science
Header DbId: edb
DbLabel: Complementary Index
An: 179574805
RelevancyScore: 993
AccessLevel: 6
PubType: Academic Journal
PubTypeId: academicJournal
PreciseRelevancyScore: 993.275451660156
IllustrationInfo
Items – Name: Title
  Label: Title
  Group: Ti
  Data: SIFT: Sifting file types—application of explainable artificial intelligence in cyber forensics.
– Name: Author
  Label: Authors
  Group: Au
  Data: <searchLink fieldCode="AR" term="%22Alam%2C+Shahid%22">Alam, Shahid</searchLink><br /><searchLink fieldCode="AR" term="%22Demir%2C+Alper+Kamil%22">Demir, Alper Kamil</searchLink>
– Name: TitleSource
  Label: Source
  Group: Src
  Data: Cybersecurity (2523-3246); 9/11/2024, Vol. 7 Issue 1, p1-23, 23p
– Name: Subject
  Label: Subject Terms
  Group: Su
  Data: <searchLink fieldCode="DE" term="%22DIGITAL+forensics%22">DIGITAL forensics</searchLink><br /><searchLink fieldCode="DE" term="%22FORENSIC+sciences%22">FORENSIC sciences</searchLink><br /><searchLink fieldCode="DE" term="%22ARTIFICIAL+intelligence%22">ARTIFICIAL intelligence</searchLink><br /><searchLink fieldCode="DE" term="%22CYBER+intelligence+%28Computer+security%29%22">CYBER intelligence (Computer security)</searchLink><br /><searchLink fieldCode="DE" term="%22DEEP+learning%22">DEEP learning</searchLink>
– Name: Abstract
  Label: Abstract
  Group: Ab
  Data: Artificial Intelligence (AI) is being applied to improve the efficiency of software systems used in various domains, especially in the health and forensic sciences. Explainable AI (XAI) is one of the fields of AI that interprets and explains the methods used in AI. One of the techniques used in XAI to provide such interpretations is by computing the relevance of the input features to the output of an AI model. File fragment classification is one of the vital issues of file carving in Cyber Forensics (CF) and becomes challenging when the filesystem metadata is missing. Other major challenges it faces are: proliferation of file formats, file embeddings, automation, We leverage and utilize interpretations provided by XAI to optimize the classification of file fragments and propose a novel sifting approach, named SIFT (Sifting File Types). SIFT employs TF-IDF to assign weight to a byte (feature), which is used to select features from a file fragment. Threshold-based LIME and SHAP (the two XAI techniques) feature relevance values are computed for the selected features to optimize file fragment classification. To improve multinomial classification, a Multilayer Perceptron model is developed and optimized with five hidden layers, each layer with i × n neurons, where i = the layer number and n = the total number of classes in the dataset. When tested with 47,482 samples of 20 file types (classes), SIFT achieves a detection rate of 82.1% and outperforms the other state-of-the-art techniques by at least 10%. To the best of our knowledge, this is the first effort of applying XAI in CF for optimizing file fragment classification. [ABSTRACT FROM AUTHOR]
– Name: Abstract
  Label:
  Group: Ab
  Data: <i>Copyright of Cybersecurity (2523-3246) is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.)
PLink https://erproxy.cvtisr.sk/sfx/access?url=https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=edb&AN=179574805
RecordInfo BibRecord:
  BibEntity:
    Identifiers:
      – Type: doi
        Value: 10.1186/s42400-024-00241-9
    Languages:
      – Code: eng
        Text: English
    PhysicalDescription:
      Pagination:
        PageCount: 23
        StartPage: 1
    Subjects:
      – SubjectFull: DIGITAL forensics
        Type: general
      – SubjectFull: FORENSIC sciences
        Type: general
      – SubjectFull: ARTIFICIAL intelligence
        Type: general
      – SubjectFull: CYBER intelligence (Computer security)
        Type: general
      – SubjectFull: DEEP learning
        Type: general
    Titles:
      – TitleFull: SIFT: Sifting file types—application of explainable artificial intelligence in cyber forensics.
        Type: main
  BibRelationships:
    HasContributorRelationships:
      – PersonEntity:
          Name:
            NameFull: Alam, Shahid
      – PersonEntity:
          Name:
            NameFull: Demir, Alper Kamil
    IsPartOfRelationships:
      – BibEntity:
          Dates:
            – D: 11
              M: 09
              Text: 9/11/2024
              Type: published
              Y: 2024
          Identifiers:
            – Type: issn-print
              Value: 25233246
          Numbering:
            – Type: volume
              Value: 7
            – Type: issue
              Value: 1
          Titles:
            – TitleFull: Cybersecurity (2523-3246)
              Type: main
ResultId 1