Good day everyone. My name is Victor Abola, and today I'll be speaking on a very important topic in the field of cybersecurity and digital investigations, how IC or improved digital forensic analysis and evidence collection processes. In this section, we explore how digital currency works with active intelligence, what this means for investigators, how modern tools are evolving, and the future trends we should be preparing for in the industry. Digital forensics has expanded far beyond computers with our evidence for mobile devices, cloud environment, vehicles, IOT devices, and more. With this expansion comes massive volume, complexity, and urgency. Yet we also have ai, which provides powerful waste to speed up investigations, surface eating evidence, and reduce overwhelming forensic backlogs. It meets ai. Today's evidence landscape is complex investigative deal with three to four week backlogs. Because of huge data volumes, AI helps it to automate routine task, detect aiding patterns, and highlight high value evidence. AI augmenting investigative workflows by automated repetitive tasks. It helps in identifying patterns humans may miss. Highlighting priority evidence, improving consistency and defensibility. Machine learning detects anomalies in backlogs where machine learnings and understanding system behavior and network traffic. Machine learning also clusters, active apps to refill at that campaign. Machining. Then it also classifies more aware of families. Deep learning performs image and video analysis, facial recognition and object detection. It helps to detect medial taming. It helps to analyze more aware behavior. And we are NLP Natural Language Processing that helps to extract entities from emails, charts, and documents. It helps to perform sentiments and context analysis. Summarizes long communication trait. We have an understanding of what this machine learning and deep learning and natural language processing does in our investigation. So we'll be moving on to key applications and use cases, automated evidence, trial ai, prioritize relevant evidence. AI helps to like have an understanding of how to help arrange our evidences in terms of. Their priority in terms of putting them together in terms of also maximizing the full potential of our investigation and our evidence. We have pattern recognition where it helps to reveal reoccurring cyber crime patterns. Has this been happening? What is the duration of period that has been happening? What are the cases that has happened that has helped us understand that these cases is is similar media analysis, categorizes images and ly. Behavior and disease. It helps to flag insider traits and abnormal activities. We have network analysis. It helps to dictate exfoliation and brute force activity. Data recovery models like CAR dl. It helps to construct fragmented files with up to 85% of accuracy. Moving on to AI power tools and platforms. We have several platforms and several AI investigation tools right now. And one of them, one of the leading is Celebrate Pathfinder and AI driven evidence. Correlation. We have magnetism, we have Magnet J, we have Microsoft with GPT, and we are magnet copilot also. The we'll be moving on to the benefits and industry impact of these tools. AI reduces backlogs, it improve consistency skills, investigator capacity, and strengthens differe defensible evidence processes. According to Celebrate 2025 survey, 19% cais positive impact. It is insufficiency, it's speed up analysis. 82% say it automates repetitive tasks. 61% sees AI as evaluated to as much as potential of AI being the risk, AI being the trade. It owes a lot of important impact in our industry, in our day-to-day activities in whatever we do. AI owes an a very, a large impact of positive impact. Also, we'll be discussing more about real world implementations, how we've seen. Where we've seen AI work. Let's take for let's take and a look into automated data with evidence trials In many law enforcement agencies, investigators routinely receive multiple CI devices. We have phones, we have several gadgets, laptops, tablets, SB devices naming, so creating a lot of backlogs that can stress for weeks. AI driven trial system automatically scan these devices the moment they are ingested. Identifying priority items or sustain deleted messages, suspicious media on usual communication patterns or recently access files instead of an investigator manually combi through thousands of artifact, the this AI helps to organize the data by relevance, drastically reviewing, reducing the review time for the investigators. These tools also highlight anomalies such as rare file types. Encrypt containers or apps frequently used by no offenders. By automatically producing a structured preview, investigators can determine which devices require full examination and which do not, which reduces the maximum of going through different each one of the devices and gadget one after the on this approach automatically reduce wasted efforts, allowing teams to focus on the highest value evidence. In some agencies, this shift has reduced turnaround time for three to four weeks, to just a few days improving case outcomes and speeding of justice. AI also has helped a lot in investigating C-A-C-S-A-M cases. Child sexual abuse material is it helps in the air system with deep learning models can automatically identify probable abuse content. Without human exposure. During the initial review, the system analyzed image, visual pixel, excel patterns, and contextual cues to classify unfold media with accuracy rates as higher 95%. They also duplicates across global databases, helping agency connect vendors to known victims more rapidly. Because the AI handles the first layer of screening investigators see. Only content that has been tried as relevant, reducing emotional trauma. The automated, the AI automated workflow also speeds up reporting to Child Protection Organization. Ultimately, AI allows investigators to focus on the legal and contextual aspect of cases rather than manually reviewing large volumes of disturbing content. We, we've seen our AI has improved a lot of real world cases. It has helped us have an understanding of what it takes to induct AI in our investigation. Let us also take another look at at another real world case study c dl and similar motives in terms of deep learning based file recovery. It helps it has shown how traditional five carbon relies on pattern machine, which struggles when files are fragmented. Overwritten or partially corrupted the deploy approaches social as. CD uses neural networks trained on thousands of file fragments to construc data, even when traditional methods failed. Looking into a fraud investigation, suspect or communicate across multiple channels, SMS, name it, WhatsApp, email, social media, and lots, like several apps. Which creates a massive text boarding for analyst NLP. Tools automatically extract key entities such as names, locations, transaction details, or repeated keyword. They can also map relationships between individuals revealing e network of collaborators. In many cases, AI identified pattern of deception, social as sudden change in sentiment. Repeated linguistic structure used by scammers or put language. This insight help investigators quickly establish timelines, communication, hierarchies, and motives. The AI also surfaces messages that Devi is from normal behavior, enabling ANA analysis to support critical clues faster. This has shown how important AI has been, especially in important cases that, helps to show how much we are able to fish out and attack to understand how we can comb through our evidences real fast and real quick to make us to make our investigation more fast and better, we'll be discussing about the challenges and ethical considerations. AI system. We have the bias and fairness in models. AI system can unintentionally irritated biases. From the dataset they are trained on, which may lead to on unfair outcomes during investigation. Let's take for example, even AI model has been trained primarily on data from a specific demographic group. It may falsely classify or over prioritized data belonging to those population. This can lead to unequal treatment and investigation or misinterpretation of digital evidence, forensic outcome, most. Be consistent across all individuals regardless of age, ethnicity, gender, or socioeconomic background. We have the privacy and legal constraints. We it's resists a lot of complexity when people are being where like when we don't take need and real clear of what it takes to have a privacy and legacy constraint in our AI system. AI analysis often involve processing massive amounts of personal information, auto messages, location, history, and a lot of metadatas. It raises a lot of complex privacy issues. Investigators must follow sheets, legal frameworks, including warrants, data minimization laws, and restriction on access cloud across data. Cross-border datas mismanaging data privacy. Can compromise an entire investigation or expose agency to legal liabilities and definitely no agency or no. Standard wants to go through social and also the explainability and code admissibility is the third one. Many AI models, especially deep planning systems, operate as black boxes, making it difficult to clearly describe their internal workflows. Their processes, and most of the time it's often invalidate a lot of things. Courts often require transparent, reproducible, and auditable workflows to validate their evidence was processed correctly. If investigators cannot explain as an AI output, a defense autonomy, or really challenge its credibility. Fourth on this list, we have reliability and hallucination. Although AI is very powerful, yeah, understandably, it is not perfect and can occasionally miss some upgrade data or generate incorrect conclusions known as hallucination In data forensics, relying on hallucinated output can lead to false leads, which identified suspect or misclassified evidence. Investigators must always validate AI findings against raw, verifiable data before, during conclusions. Reliability testing is essential, especially when models are updated or retrain. Systems should have safeguards to alert users when confidence scores are low, or evidence requires human review and. Fifth on this list, which is one of the most important governance, oversight and accountability. Successful AI deployment requires clear governance frameworks that define how tools are used, monitored, and audited. Agencies must establish policy detailing who is authorized to run AI processes, how output should be interpreted, and what documentation did you require for every case. Regular audit helps. It helps to ensure that AI to remain compliant with evolving laws and ethical standards. Oversight teams must also evaluate model performance, DIC drift, and ensure tools are not misused or applied outside their intended scope. And woman number six, woman exported remains irreplaceable. Even with advanced AI capabilities, Oman investigators bring contextual, understanding, intuition, and critical reasoning that machines cannot replicate. AI may alight patterns or anomalies, but women must interpret their significance within the broader investigative narrative. Complex cases involving emotional, social, or behavioral element require non-judgment that no model can actually fully capture. This is like a great understanding of the challenges and the ethical consideration that we might have using ai. And actually it helps us understand of the kind of steps and processes of things we should follow that would improve and help our efficiency also in investigation. Looking into the future trends, what to expect, things we should focus on going forward. We have the LLM forensic copilot that has been integrated across a lot of DFIR work workflows. It represents one of the most significant advancement in digital investigation. This AI assistant can summarize case artifacts, interpret logs, explain technical findings, and even generate preliminary forensic reports. Unlike traditional tools. They provide contextual reasoning, helping investigators quickly understand conversions of events. Co-pilot are also cross reference multiple types of evidence messages, metadata, images and timeline to highlight patterns, human MI value. And number two, under list, we have the automated cloud forensics cloud platform store. Enormous amount of evidence. But they are distributed and encrypted. Nature makes investigation difficult. Future forensic tools will integrate automated cloud evidence capture, allowing AI to collect logs, reconstruct timelines, detected suspicious activity across AWS Azure, Google Cloud, and hybrid to architectures. These systems will track authentication events. API calls. By movement and access attempt to create a full picture of what happened during the breach. And number three, on the list, we have the IOT and vehicle forensic inspection. The growth, the growth of IO OT has connected vehicles, has created new forensic data sources from smart home sensors to automotive telematics. Visual tools. We incorporate AI models capable of interpreting diverse iot metadata, social device activity log, location based triggers and environmental interactions. This trend marks a significant expansion of what is considered digital evidence. We have advanced counter anti forensic capabilities. Criminals are increasingly using anti forensic techniques like data wiping, stick iconography, timestamp manipulation, or encrypted containers to I. Their tracks Visual AI system will be designed to dictate these techniques with far greater accuracy. Deep lining models will identify so to inconsistency in metadata residue patterns left after wiping or pixel level up anomaly that suggest tampering. AI will become a critical defense defense against increasingly sophisticated digital cover. We should have an understanding of that. And the fifth on this list is standardized. Automating pipelines for investigation. As AI becomes more embedded in the digital forensics organization will move forward, standardize repeated workflows that reduce error and increase consistency. Automation pipelines. We are the tasks such as evidence in the ingestion, ashin, triad, artifact, destruction, correlation, and initial reporting. In the long term, automated forensic pipelines will become the industry north rather than an advanced feature. We should know that. And most importantly, number six, AI power training and upskilling at scale. The shortage of forensic investigators is like a global challenge, like a global thing, especially as cyber camp concerns to grow. These systems can generate customized exercises based on a learning skills level and provide immediate feedback. LLM based tutor thought will explain concept. Guide trainings through complex findings and answer technical questions in real time. Most importantly, we just have to keep improving our language, learn more, and as a result, workforce readiness improves and the overall quality of digital investigation increases. Most importantly, one thing I want us to focus on is the central insights from the. Integration of AI into digital is that the most effective investigative outcomes emerge from combining machine efficiency with Oman expertise. In conclusion, the future of digital forensics will be defined by a balanced partnership between advanced automation and skilled Oman analysis. AI will become, it would always continue to enhance capacity. Reduce backlogs and uncover ING patterns. While investigators maintain responsibility for interpretation, validation, and adherence to legal, an ethical standards as forensic technology, enforce organization that successfully integrate both human and artificial intelligence will achieve the strongest and most trustworthy investigative outcomes. Thank you very much for listening and I would be open to any questions. Thank you very much.