
Research Article
ForensiQ: A Knowledge Graph Question Answering System for IoT Forensics
@INPROCEEDINGS{10.1007/978-3-031-56583-0_20, author={Ruipeng Zhang and Mengjun Xie}, title={ForensiQ: A Knowledge Graph Question Answering System for IoT Forensics}, proceedings={Digital Forensics and Cyber Crime. 14th EAI International Conference, ICDF2C 2023, New York City, NY, USA, November 30, 2023, Proceedings, Part II}, proceedings_a={ICDF2C PART 2}, year={2024}, month={4}, keywords={Internet of Things Digital Forensics Knowledge Graph Ontology Design Question Answering}, doi={10.1007/978-3-031-56583-0_20} }
- Ruipeng Zhang
Mengjun Xie
Year: 2024
ForensiQ: A Knowledge Graph Question Answering System for IoT Forensics
ICDF2C PART 2
Springer
DOI: 10.1007/978-3-031-56583-0_20
Abstract
The increasing number of attacks against the Internet of Things (IoT) has made IoT forensics critically important for reporting and mitigating cyber incidents and crimes. However, the heterogeneity of IoT environments and the complexity and volume of IoT data present significant challenges to forensic practitioners. The advent of question answering (QA) systems and large language models (LLM) offers a potential solution to accessing sophisticated IoT forensic knowledge and data. In light of this, we propose ForensiQ, a framework based on knowledge graph question answering (KGQA), to help investigators navigate complex IoT forensic artifacts and cybersecurity knowledge. Our framework integrates knowledge graphs (KG) into the IoT forensic workflow to better organize and analyze forensic artifacts. We also have developed a novel KGQA model that serves as a natural-language user interface to the IoT forensic KG. Our evaluation results show that, compared to existing KGQA models, ForensiQ demonstrates higher accuracy in answering natural language questions when applied to our experimental IoT forensic KG.