ChatGPT for digital forensic investigation: The good, the bad, and the unknown

IF 2 4区 医学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS
Mark Scanlon , Frank Breitinger , Christopher Hargreaves , Jan-Niclas Hilgert , John Sheppard
{"title":"ChatGPT for digital forensic investigation: The good, the bad, and the unknown","authors":"Mark Scanlon ,&nbsp;Frank Breitinger ,&nbsp;Christopher Hargreaves ,&nbsp;Jan-Niclas Hilgert ,&nbsp;John Sheppard","doi":"10.1016/j.fsidi.2023.301609","DOIUrl":null,"url":null,"abstract":"<div><p>The disruptive application of ChatGPT (GPT-3.5, GPT-4) to a variety of domains has become a topic of much discussion in the scientific community and society at large. Large Language Models (LLMs), e.g., BERT, Bard, Generative Pre-trained Transformers (GPTs), LLaMA, etc., have the ability to take instructions, or prompts, from users and generate answers and solutions based on very large volumes of text-based training data. This paper assesses the impact and potential impact of ChatGPT on the field of digital forensics, specifically looking at its latest pre-trained LLM, GPT-4. A series of experiments are conducted to assess its capability across several digital forensic use cases including artefact understanding, evidence searching, code generation, anomaly detection, incident response, and education. Across these topics, its strengths and risks are outlined and a number of general conclusions are drawn. Overall this paper concludes that while there are some potential low-risk applications of ChatGPT within digital forensics, many are either unsuitable at present, since the evidence would need to be uploaded to the service, or they require sufficient knowledge of the topic being asked of the tool to identify incorrect assumptions, inaccuracies, and mistakes. However, to an appropriately knowledgeable user, it could act as a useful supporting tool in some circumstances.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":null,"pages":null},"PeriodicalIF":2.0000,"publicationDate":"2023-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Forensic Science International-Digital Investigation","FirstCategoryId":"3","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S266628172300121X","RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

The disruptive application of ChatGPT (GPT-3.5, GPT-4) to a variety of domains has become a topic of much discussion in the scientific community and society at large. Large Language Models (LLMs), e.g., BERT, Bard, Generative Pre-trained Transformers (GPTs), LLaMA, etc., have the ability to take instructions, or prompts, from users and generate answers and solutions based on very large volumes of text-based training data. This paper assesses the impact and potential impact of ChatGPT on the field of digital forensics, specifically looking at its latest pre-trained LLM, GPT-4. A series of experiments are conducted to assess its capability across several digital forensic use cases including artefact understanding, evidence searching, code generation, anomaly detection, incident response, and education. Across these topics, its strengths and risks are outlined and a number of general conclusions are drawn. Overall this paper concludes that while there are some potential low-risk applications of ChatGPT within digital forensics, many are either unsuitable at present, since the evidence would need to be uploaded to the service, or they require sufficient knowledge of the topic being asked of the tool to identify incorrect assumptions, inaccuracies, and mistakes. However, to an appropriately knowledgeable user, it could act as a useful supporting tool in some circumstances.

ChatGPT数字取证调查:好的、坏的和未知的
ChatGPT (GPT-3.5, GPT-4)在各个领域的颠覆性应用已经成为科学界和社会广泛讨论的话题。大型语言模型(llm),例如BERT、Bard、生成式预训练变形器(gpt)、LLaMA等,能够从用户那里获取指令或提示,并根据大量基于文本的训练数据生成答案和解决方案。本文评估了ChatGPT对数字取证领域的影响和潜在影响,特别关注了其最新的预训练法学硕士GPT-4。我们进行了一系列的实验,以评估它在几个数字取证用例中的能力,包括工件理解、证据搜索、代码生成、异常检测、事件响应和教育。通过这些主题,概述了其优势和风险,并得出了一些一般性结论。总体而言,本文得出的结论是,虽然ChatGPT在数字取证中有一些潜在的低风险应用,但许多应用目前都不适合,因为证据需要上传到服务中,或者它们需要对工具所要求的主题有足够的了解,以识别不正确的假设、不准确和错误。但是,对于知识渊博的用户来说,它在某些情况下可以作为有用的支持工具。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
CiteScore
5.90
自引率
15.00%
发文量
87
审稿时长
76 days
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信