A Digital Forensic Readiness Cybercrime Semantic Trigger Process

ABSTRACT

The recent wave of the global Covid-19 pandemic has led to a surge in text-based non-technical cybercrime attacks within the cyber ecosystem. Information about such cyber-attacks is often in unstructured text data and metadata, a rich source of evidence in a digital forensic investigation. However, such information is usually unavailable during a digital forensic investigation when dealing with the public cloud post-incident. Furthermore, digital investigators are challenged with extracting meaningful semantic content from the raw syntactic and unstructured data. It is partly due to the lack of a structured process for forensic data pre-processing when or if such information is identified. Thus, this study seeks to address the lack of a procedure or technique to extract semantic meaning from text data of a cybercrime attack that could be used as a digital forensic readiness semantics trigger in a cybercrime detection process. For the methodology to address the proposed approach, data science modelling and unsupervised machine learning are used to design a strategy. This method process extracts tokens of cybercrime text data, which are further used to develop an intelligent DFR semantic tool extractor based on natural language patterns from cybercrime text data. The proposed DFR cybercrime semantic trigger process when implemented could be used to create a digital forensic cybercrime language API for all digital forensic investigation systems or tools. © 2022, ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering.