An Artificial Intelligence-based Proactive Network Forensic Framework

Abstract

     is at an all-time high in the modern period, and the majority of the population uses the Internet for all types of communication. It is great to be able to improvise like this. As a result of this trend, hackers have become increasingly focused on attacking the system/network in numerous ways. When a hacker commits a digital crime, it is examined in a reactive manner, which aids in the identification of the perpetrators. However, in the modern period, it is not expected to wait for an attack to occur. The user anticipates being able to predict a cyberattack before it causes damage to the system. This can be accomplished with the assistance of the proactive forensic framework presented in this study. The proposed system combines a reactive and proactive framework. The proactive part will use machine learning-based classification algorithms to forecast the attack. Once the assault has been predicted, the reactive element of the proposed framework is used to investigate who is attempting to initiate the attack. The suggested system further emphasizes integrity and confidentiality by proposing an encryption method that encrypts the proactive module's report before decrypting it in the reactive module. The suggested elliptical curve cryptography-based security model was compared to several existing security methods in this paper.A comparison of multiple machine learning-based categorization algorithms is also performed in order to determine which is the most suitable for the proposed Network Forensic Framework. Accuracy, recall, precision, and F1 value are the performance metrics used to evaluate the various machine learning-based algorithms. According to the analysis, the suggested Network Forensic Framework is best implemented using the Extreme Gradient Boosting (XGB) technique.