Affiliation:
1. School of Information Technology and Engineering, Addis Ababa Institute of Technology (AAiT), Addis Ababa University, Addis Ababa P.O. Box 1176, Ethiopia
2. DFIR Science LLC, Bangkok 10110, Thailand
Abstract
In this systematic literature review, we delve into the realm of intention recognition within the context of digital forensics and cybercrime. The rise of cybercrime has become a major concern for individuals, organizations, and governments worldwide. Digital forensics is a field that deals with the investigation and analysis of digital evidence in order to identify, preserve, and analyze information that can be used as evidence in a court of law. Intention recognition is a subfield of artificial intelligence that deals with the identification of agents’ intentions based on their actions and change of states. In the context of cybercrime, intention recognition can be used to identify the intentions of cybercriminals and even to predict their future actions. Employing a PRISMA systematic review approach, we curated research articles from reputable journals and categorized them into three distinct modeling approaches: logic-based, classical machine learning-based, and deep learning-based. Notably, intention recognition has transcended its historical confinement to network security, now addressing critical challenges across various subdomains, including social engineering attacks, artificial intelligence black box vulnerabilities, and physical security. While deep learning emerges as the dominant paradigm, its inherent lack of transparency poses a challenge in the digital forensics landscape. However, it is imperative that models developed for digital forensics possess intrinsic attributes of explainability and logical coherence, thereby fostering judicial confidence, mitigating biases, and upholding accountability for their determinations. To this end, we advocate for hybrid solutions that blend explainability, reasonableness, efficiency, and accuracy. Furthermore, we propose the creation of a taxonomy to precisely define intention recognition, paving the way for future advancements in this pivotal field.
Reference50 articles.
1. Cyber Space—Evolution and Growth;Malik;East Afr. Sch. J. Educ. Humanit. Lit.,2019
2. The Cyberspace: Redefining A New World;Mbanaso;IOSR J. Comput. Eng.,2015
3. Granados Franco, E. (2020). The Global Risks Report, World Economic Forum LLC.
4. Kent, K., Chevalier, S., Grance, T., and Dang, H. (2006). Guide to Integrating Forensic Techniques into Incident Response.
5. (2012). Information Technology—Security Techniques—Guidelines for Identification, Collection, Acquisition and Preservation of Digital Evidence (Standard No. ISO/IEC 27037:2012).