TY - GEN
T1 - Zero-Shot Entity Recognition on Forensic Timeline
AU - Talasari, Resky Ayu Dewi
AU - Ilham, Karina Fitriwulandari
AU - Studiawan, Hudan
N1 - Publisher Copyright:
© 2024 IEEE.
PY - 2024
Y1 - 2024
N2 - Forensic timeline contains standardized entities such as date, time, and host which are essential in a forensic investigation setting. These components need to be analyzed to assist an investigator in analyzing forensic evidence and artifacts. However, traditional entity recognition models often require extensive labeled data for each entity of interest. This becomes challenging in forensic scenarios where new and unseen entities constantly emerge, and labeled data for those entities is non-existent. This paper introduces a method for entity recognition in forensic timeline using zero-shot learning (ZSL) technique by employing the widely used large language models (LLMs), such as ChatGPT and Claude. In this paper, three publicly available different types of datasets downloaded from Digital Corpora namely, 2010-nps-email, nps-2009-casper-rw, and nps-2009-canon-rw, are used to test the proposed approach. Experimental results show that Claude's ZSL model is more consistent than ChatGPT in recognizing entities based on finetuned prompts.
AB - Forensic timeline contains standardized entities such as date, time, and host which are essential in a forensic investigation setting. These components need to be analyzed to assist an investigator in analyzing forensic evidence and artifacts. However, traditional entity recognition models often require extensive labeled data for each entity of interest. This becomes challenging in forensic scenarios where new and unseen entities constantly emerge, and labeled data for those entities is non-existent. This paper introduces a method for entity recognition in forensic timeline using zero-shot learning (ZSL) technique by employing the widely used large language models (LLMs), such as ChatGPT and Claude. In this paper, three publicly available different types of datasets downloaded from Digital Corpora namely, 2010-nps-email, nps-2009-casper-rw, and nps-2009-canon-rw, are used to test the proposed approach. Experimental results show that Claude's ZSL model is more consistent than ChatGPT in recognizing entities based on finetuned prompts.
KW - digital forensic
KW - forensic timeline
KW - log2timeline plaso
KW - named entity recognition
KW - zero-shot learning
UR - http://www.scopus.com/inward/record.url?scp=85207509785&partnerID=8YFLogxK
U2 - 10.1109/ICSCC62041.2024.10690409
DO - 10.1109/ICSCC62041.2024.10690409
M3 - Conference contribution
AN - SCOPUS:85207509785
T3 - 2024 10th International Conference on Smart Computing and Communication, ICSCC 2024
SP - 117
EP - 122
BT - 2024 10th International Conference on Smart Computing and Communication, ICSCC 2024
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 10th International Conference on Smart Computing and Communication, ICSCC 2024
Y2 - 25 July 2024 through 27 July 2024
ER -