On the Use of Artificial Intelligence in Cybersecurity Incident Investigations

On the Use of Artificial Intelligence in Cybersecurity Incident Investigations

연구 분야: Safety

학회: 2025 International Russian Smart Industry Conference (SmartIndustryCon)

The increasing number of cyber threats significantly complicates the investigation of information security incidents. Traditional digital forensic methods face challenges due to the growing volume of data and the increasing sophistication of cyberattacks. This paper presents a decision-support algorithm designed to assist specialists in conducting efficient and accurate investigations using artificial intelligence techniques. The proposed algorithm incorporates anomaly detection, attacker behavior modeling, and intelligent digital evidence analysis, thereby enhancing the effectiveness of forensic investigations. Furthermore, the developed solution can be further integrated with SIEM systems and digital forensic tools, enabling automated threat correlation and accelerating incident response. The use of AI-driven analytics improves investigation accuracy, reduces the risk of human errors, and optimizes forensic processes in modern cybersecurity environments.