El martes día 2 de diciembre la Cátedra Internacional de Ciberseguridad UNIZAR organiza el seminario “Evolving Digital Forensics: Modern File Systems, Artifact Attribution and AI”, que abordará cómo la evolución tecnológica y la inteligencia artificial están transformando las investigaciones forenses digitales. Será a las 12:00 en el Aula A02 del Edificio Ada Byron
Resumen:
“Digital forensics is evolving constantly, driven by technological advancement and the growing complexity of investigations. In this talk, I will present the core topics of our current research in this area: the impact of new storage technologies, the growing complexity of digital artifacts and the expanding role of intelligent automation in forensic analysis.
We begin by revisiting the foundational layer of digital investigations: the file system. Since 2005, Brian Carrier’s workflow model has been the gold standard for file system analysis in order to extract content and metadata. However, the landscape of persistent storage has shifted dramatically in the last two decades. We will evaluate how this classic model holds up against contemporary file systems, highlighting where it remains robust and identifying where modern complexities show its limitations.
While file system analysis tell us what exists on a drive, they often fail to explain why it got there and what it means. To address this gap, we introduce Sandroid, a novel sandbox framework designed for the Android ecosystem. By closely linking specific user actions to the artifacts they generate, Sandroid assists investigators in the identification and interpretation of artifacts. For example, understanding which actions may have led to the presence of a discriminating file on a user’s smartphone. We will look at the framework’s architecture and a live demonstration of its capabilities.
Finally, we will explore how artificial intelligence can enhance and partially automate forensic processes and tools like Sandroid. This includes a deep dive into the novel Model Context Protocol and the capabilities of Agentic AI, demonstrating how autonomous agents can assist in processing the overwhelming volume of data in modern investigations.”
Bio del ponente:
Jan-Niclas Hilgert is a researcher in digital forensics at the Fraunhofer FKIE institute in Bonn, Germany. He began his work with a focus on file system analysis, and over time expanded his interests to memory and network forensics, as well as the use of AI in digital investigations. Beyond research, he works closely with German agencies to transfer research results into practice and bring real-world problems back into research. He also teaches digital forensics at the University of Bonn and the Bonn-Rhein-Sieg University of Applied Sciences (H-BRS). Hilgert, a researcher in digital forensics at the Fraunhofer FKIE institute in Bonn, Germany, brings extensive expertise to the topic. His work initially focused on file system analysis, later expanding to include memory and network forensics, as well as the application of AI in digital investigations. Beyond his research, Hilgert collaborates closely with German agencies, facilitating the transfer of research findings into practical applications and integrating real-world challenges back into academic inquiry. He also teaches digital forensics at the University of Bonn and the Bonn-Rhein-Sieg University of Applied Sciences (H-BRS).
Este seminario se realiza en el marco de los fondos del Plan de Recuperación, Transformación y Resiliencia, financiada por la Unión Europea (Next Generation), el proyecto del Gobierno de España que traza la hoja de ruta para la modernización de la economía española, la recuperación del crecimiento económico y la creación de empleo, para la reconstrucción económica sólida, inclusiva y resiliente tras la crisis de la COVID19, y para responder a los retos de la próxima década
Enlaces:
