ChatGPT for Digital Forensic

OpenAI’s ChatGPT (GPT-3.5, GPT-4) and other LLMs like BERT, Bard, etc. have sparked widespread debate due to their disruptive applications across various fields. 

These LLM modules generate answers and solutions promptly based on comprehensive text-based training data and rapidly growing interest in the scientific community and society.

Cybersecurity researchers from several universities recently published an Arxiv paper evaluating ChatGPT’s impact, especially GPT-4, on digital forensics.

Here below, we have mentioned the name of the researchers and their respective universities:-

  • Mark Scanlon (Forensics and Security Research Group, School of Computer Science, University College Dublin, Ireland)
  • Frank Breitinger (School of Criminal Justice, University of Lausanne, Lausanne, Switzerland)
  • Christopher Hargreaves (Department of Computer Science, University of Oxford, United Kingdom)
  • Jan-Niclas Hilgert (Fraunhofer FKIE, Bonn, Germany)
  • John Sheppard (Department of Computing and Mathematics, South East Technological University, Waterford, Ireland)

ChatGPT for Digital Forensic

Cybersecurity researchers from several universities recently published an Arxiv paper evaluating ChatGPT’s impact, especially GPT-4, on digital forensics.

LLMs’ advancements have opened doors for new AI applications in digital forensics, focusing on several segments such as:-

  • Data Classification
  • Network Forensics
  • Malware Investigation
  • Facial Recognition

While LLMs have potential, they prioritize generating answers over correctness, leading to hallucinations and reasoning errors. The following are the risks that involve in digital forensics, so it requires caution when using GPT-4 and similar AI models:-

  • Biases/Errors
  • Legal concerns
  • Ethical concerns
  • Investigator over-reliance
  • Technical limitations

Methodology & Uses

OpenAI’s GPTs, a family of LLMs since 2019, form a framework for GAI apps. ChatGPT, built on GPT3.5 and GPT-4, initially used GPT-3.5 for free access but offers GPT-4 to paid Plus members.

Characteristics of GPT-3.5 and GPT-4 (Source – Arxiv)

Six representative areas were selected for digital forensic investigations to assess ChatGPT’s applicability, derived from existing uses like code generation and creative writing.

Digital forensic investigations require exceptional functionalities, often absent in current software, demanding rapid script creation in resource-limited live forensic scenarios, crucial for various cases.

Here below we have mentioned some of the cases:-

  • File Carving
  • RAID Disk Acquisition
  • Password Cracking
  • Memory Forensics – Recovering Encryption Keys

Besides digital forensic investigation, it can also be used for several other tasks, such as:-

  • Storyboarding
  • Synthetic Content
  • Character Profiles
  • Character Interests
  • Summary

Though ChatGPT has several potentials in digital forensic investigation, there are limitations impacting universality. Experiments were not exhaustive, and real-world complexity might differ. 

The results depend on prompts and are not directly duplicatable due to the non-deterministic behavior of ChatGPT.

Several AI-Powered cyber security tools such as PentestGPT, WormGPT, and ChatGPT for Pentesting, are already trending in the market, now, another one has been added to this list.

Stay up-to-date with the latest Cyber Security News; follow us on Google NewsLinkedinTwitter, and Facebook.

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.