Table Of ContentArtifcial Intelligence and
Blockchain in Digital Forensics
RIVER PUBLISHERS SERIES IN
DIGITAL SECURITY AND FORENSICS
Series Editors
ANAND R. PRASAD R. CHANDRAMOULI
Deloitte Tohmatsu Cyber LLC in, Stevens Institute of Technology,
Japan USA
ABDERRAHIM BENSLIMANE
University of Avignon,
France
The “River Publishers Series in Security and Digital Forensics” is a series of comprehensive academic
and professional books which focus on the theory and applications of Cyber Security, including Data
Security, Mobile and Network Security, Cryptography and Digital Forensics. Topics in Prevention and
Threat Management are also included in the scope of the book series, as are general business Standards
in this domain.
Books published in the series include research monographs, edited volumes, handbooks and text-
books. The books provide professionals, researchers, educators, and advanced students in the feld
with an invaluable insight into the latest research and developments.
Topics covered in the series include-
• Blockchain for secure Transactions
• Cryptography
• Cyber Security
• Data and App Security
• Digital Forensics
• Hardware Security
• IoT Security
• Mobile Security
• Network Security
• Privacy
• Software Security
• Standardization
• Threat Management
For a list of other books in this series, visit www.riverpublishers.com
Artifcial Intelligence and
Blockchain in Digital Forensics
Editors
P. Karthikeyan
National Chung Cheng University, Taiwan
Hari Mohan Pandey
Bournemouth University, United Kingdom
Velliangiri Sarveshwaran
SRM Institute of Science and Technology, India
River Publishers
Published 2023 by River Publishers
River Publishers
Alsbjergvej 10, 9260 Gistrup, Denmark
www.riverpublishers.com
Distributed exclusively by Routledge
4 Park Square, Milton Park, Abingdon, Oxon OX14 4RN
605 Third Avenue, New York, NY 10017, USA
Artifcial Intelligence and Blockchain in Digital Forensics / P. Karthikeyan,
Hari Mohan Pandey and Velliangiri Sarveshwaran.
©2023 River Publishers. All rights reserved. No part of this publication may
be reproduced, stored in a retrieval systems, or transmitted in any form or by
any means, mechanical, photocopying, recording or otherwise, without prior
written permission of the publishers.
Routledge is an imprint of the Taylor & Francis Group, an informa business
ISBN 978-87-7022-688-2 (print)
ISBN 978-10-0084-806-9 (online)
ISBN 978-1-003-37467-1 (ebook master)
While every effort is made to provide dependable information, the publisher,
authors, and editors cannot be held responsible for any errors or omissions.
Contents
Preface xv
Acknowledgment xvii
List of Contributors xix
List of Figures xxiii
List of Tables xxvii
List of Abbreviations xxix
1 Digital Forensics Meets AI: A Game-changer for the
4th Industrial Revolution 1
S.Malhotra
1.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . 1
1.2 Digital Forensics. . . . . . . . . . . . . . . . . . . . . . . . 2
1.2.1 Growing need for digital forensics . . . . . . . . . . 4
1.2.2 Process of digital forensics . . . . . . . . . . . . . . 5
1.2.3 Advantages offered and limitations confronted by
digital forensics . . . . . . . . . . . . . . . . . . . . 6
1.3 AI and Digital Forensics. . . . . . . . . . . . . . . . . . . . 6
1.3.1 Contribution of AI in the realm of digital forensics . . 6
1.3.1.1 Knowledge representation . . . . . . . . . . 7
1.3.1.2 Reasoning process. . . . . . . . . . . . . . 7
1.3.1.3 Pattern recognition. . . . . . . . . . . . . . 8
1.3.1.4 Knowledge discovery . . . . . . . . . . . . 8
1.3.1.5 Adaptation. . . . . . . . . . . . . . . . . . 8
1.3.2 Different variants of AI-based digital forensics . . . . 8
1.3.3 AI techniques used by digital forensics investigators . 9
1.3.4 Deep learning tools and techniques helping in the
domain of digital forensics . . . . . . . . . . . . . . 11
v
vi Contents
1.4 Latest AI Trends Impacting Digital Forensics. . . . . . . . . 11
1.4.1 AI has taken a leap from novelty to necessity. . . . . 12
1.4.2 Data-driven AI can generate valuable content. . . . . 12
1.4.3 Smaller datasets are as amenable as big data . . . . . 12
1.4.4 Edge analytics: An upcoming AI trend . . . . . . . . 13
1.4.5 Citizen data scientists: The next big thing under AI. . 13
1.4.6 AI has an ethical and responsible role in society . . . 13
1.5 Challenges and the Road Ahead. . . . . . . . . . . . . . . . 14
1.5.1 Key challenges to be addressed . . . . . . . . . . . . 14
1.5.1.1 Heterogeneity, resulting in lack of
standardization. . . . . . . . . . . . . . . . 14
1.5.1.2 AI can be a double-edged sword . . . . . . 14
1.5.1.3 Privacy-preserving and legitimacy outcry . . 15
1.5.2 Road to the future . . . . . . . . . . . . . . . . . . . 15
1.6 Conclusion. . . . . . . . . . . . . . . . . . . . . . . . . . . 16
References. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
2 Mitigating and Controlling Virtual Addiction Through
Web Forensics and Deep Learning 21
R.Danu, and S. Kavitha
2.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . 22
2.2 Internet Addiction (IA) Types . . . . . . . . . . . . . . . . . 22
2.2.1 Cyberbullying addiction. . . . . . . . . . . . . . . . 22
2.2.2 Web obligations . . . . . . . . . . . . . . . . . . . . 22
2.2.3 Addiction to cyberspace relationships. . . . . . . . . 23
2.2.4 Anxious searching for content. . . . . . . . . . . . . 23
2.2.5 Gaming addiction . . . . . . . . . . . . . . . . . . . 23
2.2.6 Smartphone mobile app addiction. . . . . . . . . . . 23
2.3 Human Behavior Analysis. . . . . . . . . . . . . . . . . . . 23
2.4 Deep Learning’s Relevance to Human Behavior Prediction . . . 25
2.5 Forms of online mining . . . . . . . . . . . . . . . . . . . . 25
2.5.1 HTML page information extraction . . . . . . . . . . 25
2.5.2 Commonly associated metadata extraction . . . . . . 26
2.5.3 Customized web usage monitoring . . . . . . . . . . 26
2.6 Web Usage Mining Process . . . . . . . . . . . . . . . . . . 26
2.7 RNN-based Analysis of Web History Log Data. . . . . . . . 29
2.8 Feed-forward Networks Versus RNNs . . . . . . . . . . . . 29
2.9 RNN Relying on LSTM. . . . . . . . . . . . . . . . . . . . 30
Contents vii
2.10 Various Categories of Forensics. . . . . . . . . . . . . . . . 32
2.10.1 Digitalforensics. . . . . . . . . . . . . . . . . . . . 32
2.10.2 Forensics over networking. . . . . . . . . . . . . . . 32
2.10.3 Webforensics . . . . . . . . . . . . . . . . . . . . . 32
2.10.4 Cloudforensics . . . . . . . . . . . . . . . . . . . . 33
2.10.5 Mobileforensics. . . . . . . . . . . . . . . . . . . . 33
2.10.6 Webbrowser forensics. . . . . . . . . . . . . . . . . 33
2.11 Web Browser Artifacts. . . . . . . . . . . . . . . . . . . . . 33
2.11.1 Navigationhistory. . . . . . . . . . . . . . . . . . . 33
2.11.2 Autocompletedata. . . . . . . . . . . . . . . . . . . 33
2.11.3 Cache . . . . . . . . . . . . . . . . . . . . . . . . . 34
2.11.4 Favicons . . . . . . . . . . . . . . . . . . . . . . . . 34
2.11.5 Browser session storage. . . . . . . . . . . . . . . . 34
2.11.6 Form data . . . . . . . . . . . . . . . . . . . . . . . 34
2.12 Analysis of Website Usage History . . . . . . . . . . . . . . 34
2.13 Conclusion. . . . . . . . . . . . . . . . . . . . . . . . . . . 36
2.14 Acknowledgement. . . . . . . . . . . . . . . . . . . . . . . 36
References. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
3 Automatic Identifcation of Cyber Predators Using
Text Analytics and Machine Learning 41
N.Kavitha, K. Ruba Soundar, S. Shanmuga Priya, and
T.SathisKumar
3.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . 42
3.1.1 OPI problem defnition . . . . . . . . . . . . . . . . 42
3.2 Literature Survey . . . . . . . . . . . . . . . . . . . . . . . 44
3.2.1 Cyber predator intent classifcation . . . . . . . . . . 45
3.3 System Architecture. . . . . . . . . . . . . . . . . . . . . . 46
3.3.1 Chat category . . . . . . . . . . . . . . . . . . . . . 46
3.3.2 Chat classifcation. . . . . . . . . . . . . . . . . . . 48
3.4 Experiments . . . . . . . . . . . . . . . . . . . . . . . . . . 48
3.4.1 Dataset. . . . . . . . . . . . . . . . . . . . . . . . . 49
3.4.2 Results of phase 1: Chat labelling . . . . . . . . . . . 50
3.4.3 Results of phase 2: Chat classifcation . . . . . . . . 50
3.5 Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . . 51
References. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
viii Contents
4 CNN Classifcation Approach to Detecting Abusive
Content in Text Messages 55
R.Dinesh Kumar, G. Vinoda Reddy, S. Ravi Chand,
B.Karthika, and V. Murugesh
4.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . 56
4.1.1 Humanity . . . . . . . . . . . . . . . . . . . . . . . 56
4.1.2 Abusive harassment on the internet . . . . . . . . . . 57
4.1.3 Learning algorithm . . . . . . . . . . . . . . . . . . 57
4.2 Literature Survey . . . . . . . . . . . . . . . . . . . . . . . 57
4.3 Proposed Methodology . . . . . . . . . . . . . . . . . . . . 59
4.3.1 Pre-processing. . . . . . . . . . . . . . . . . . . . . 59
4.3.2 Feature extraction . . . . . . . . . . . . . . . . . . . 60
4.3.3 Vector space model (VSM) . . . . . . . . . . . . . . 60
4.3.3.1 Bag of words. . . . . . . . . . . . . . . . . 60
4.3.4 Classifcation methods. . . . . . . . . . . . . . . . . 61
4.3.4.1 Support vector machine (SVM) . . . . . . . 61
4.3.4.2 Multilayer perceptron (MLP) . . . . . . . . 61
4.3.4.3 Convolutional neural networks (CNN) . . . 62
4.4 Performance Analysis and Metrics . . . . . . . . . . . . . . 63
4.4.1 Precision. . . . . . . . . . . . . . . . . . . . . . . . 63
4.4.2 Recall . . . . . . . . . . . . . . . . . . . . . . . . . 64
4.4.3 F-measure . . . . . . . . . . . . . . . . . . . . . . . 64
4.4.4 Accuracy. . . . . . . . . . . . . . . . . . . . . . . . 64
4.5 Results and Discussion . . . . . . . . . . . . . . . . . . . . 64
4.6 Conclusion. . . . . . . . . . . . . . . . . . . . . . . . . . . 65
References. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
5 Detection of Online Sexual Predatory Chats Using
Deep Learning 69
R.Kesavamoorthy, S. P. Anandaraj, T. R. Mahesh,
V.Rajesh Kumar, and Asadi Srinivasulu
5.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . 70
5.2 Machine Learning Models to Detect Online Sexual
Predatory Chats . . . . . . . . . . . . . . . . . . . . . . . . 70
5.2.1 Deep learning . . . . . . . . . . . . . . . . . . . . . 71
5.2.1.1 Recursive neural network . . . . . . . . . . 72
5.2.1.2 Recurrent neural networks . . . . . . . . . 73
5.2.1.3 Long short-term memory . . . . . . . . . . 74
5.2.1.4 Convolutional neural networks . . . . . . . 74
Contents ix
5.3 Conclusion. . . . . . . . . . . . . . . . . . . . . . . . . . . 78
5.4 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 79
References. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
6 Enhncing ATM Security in the Forensic Domain Using
Artifcial Intelligence 81
M.S. Swetha, M. S. Muneshwara, Ashutosh Raj, Atul Tomar,
Ayush Prakash, and Chetan Singh
6.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . 82
6.2 Literature Survey . . . . . . . . . . . . . . . . . . . . . . . 83
6.3 Problem Statement . . . . . . . . . . . . . . . . . . . . . . 84
6.4 Proposed System . . . . . . . . . . . . . . . . . . . . . . . 87
6.5 Methodology . . . . . . . . . . . . . . . . . . . . . . . . . 87
6.6 Result and Discussion. . . . . . . . . . . . . . . . . . . . . 89
6.7 Future Scope. . . . . . . . . . . . . . . . . . . . . . . . . . 93
6.8 Conclusion. . . . . . . . . . . . . . . . . . . . . . . . . . . 95
References. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
7 Network Forensics Architecture for Mitigating Attacks in
Software-defned Networks 99
Immanuel Johnraja Jebadurai, Getzi Jeba Leelipushpam Paulraj,
Jebaveerasingh Jebadurai, and Salaja Silas
7.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . 100
7.2 Software-defned Networking Planes . . . . . . . . . . . . . 100
7.3 Attacks in Software-defned Networks . . . . . . . . . . . . 102
7.4 Network Forensics Architecture for Securing an SDN . . . . 103
7.4.1 Identifcation phase . . . . . . . . . . . . . . . . . . 104
7.4.2 Data collection phase . . . . . . . . . . . . . . . . . 104
7.4.3 Analysis phase. . . . . . . . . . . . . . . . . . . . . 108
7.4.3.1 Detection of fooding attack . . . . . . . . . 108
7.4.3.2 Detection of a fow table overfow attack . . 109
7.5 Experimental Analysis. . . . . . . . . . . . . . . . . . . . . 110
7.5.1 Performance analysis on fooding attack
detection. . . . . . . . . . . . . . . . . . . . . . . . 110
7.5.2 Performance analysis on fow table overfow
attack detection . . . . . . . . . . . . . . . . . . . . 112
7.6 Conclusion. . . . . . . . . . . . . . . . . . . . . . . . . . . 112
7.7 Acknowledgement. . . . . . . . . . . . . . . . . . . . . . . 113
References. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
