Speaker
Description
This paper presents the design and validation of an integrated framework to enhance organizational digital forensic readiness through the application of artificial intelligence / machine learning. Motivated by the increasing volume, the variety of log and analytics data in modern IT settings, as well as the ongoing deficiencies in proactive evidence gathering. The study formulates a Design Science Research approach to develop a practical, standards aligned artifact. The framework combines a streaming data ingestion pipeline, robust preprocessing and feature extraction, a hybrid AI/ML analysis layer that couples unsupervised anomaly detection with supervised event classification, graph-based evidence correlation engine and tamper evident integrity controls. Also, an investigator interface that surfaces explainable model outputs. Prototype implementations and controlled simulations demonstrate that the integrated system improves detection sensitivity while maintaining precision, accelerates timeline reconstruction and materially reduces time to assemble verifiable evidence. Key contributions include; the hybrid algorithmic design that balances novel anomaly discovery with labeled classification, the operationalization of provenance and cryptographic integrity within an automated pipeline. The empirical evidence of improved investigator efficiency in testbed scenarios. The paper discusses methodological choices, evaluation metrics, practitioner feedback and limitations. It outlines directions for scaling, domain adaptation and responsible deployment. By bridging analytic automation and forensic practice, the proposed framework offers both theoretical advancement in forensic readiness research and a pragmatic pathway for organizations seeking to strengthen their incident preparedness and response capabilities.