{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,4]],"date-time":"2026-04-04T05:58:55Z","timestamp":1775282335657,"version":"3.50.1"},"reference-count":30,"publisher":"MDPI AG","issue":"12","license":[{"start":{"date-parts":[[2023,6,15]],"date-time":"2023-06-15T00:00:00Z","timestamp":1686787200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"King Saud University","award":["RSPD2023R576"],"award-info":[{"award-number":["RSPD2023R576"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>As criminal activity increasingly relies on digital devices, the field of digital forensics plays a vital role in identifying and investigating criminals. In this paper, we addressed the problem of anomaly detection in digital forensics data. Our objective was to propose an effective approach for identifying suspicious patterns and activities that could indicate criminal behavior. To achieve this, we introduce a novel method called the Novel Support Vector Neural Network (NSVNN). We evaluated the performance of the NSVNN by conducting experiments on a real-world dataset of digital forensics data. The dataset consisted of various features related to network activity, system logs, and file metadata. Through our experiments, we compared the NSVNN with several existing anomaly detection algorithms, including Support Vector Machines (SVM) and neural networks. We measured and analyzed the performance of each algorithm in terms of the accuracy, precision, recall, and F1-score. Furthermore, we provide insights into the specific features that contribute significantly to the detection of anomalies. Our results demonstrated that the NSVNN method outperformed the existing algorithms in terms of anomaly detection accuracy. We also highlight the interpretability of the NSVNN model by analyzing the feature importance and providing insights into the decision-making process. Overall, our research contributes to the field of digital forensics by proposing a novel approach, the NSVNN, for anomaly detection. We emphasize the importance of both performance evaluation and model interpretability in this context, providing practical insights for identifying criminal behavior in digital forensics investigations.<\/jats:p>","DOI":"10.3390\/s23125626","type":"journal-article","created":{"date-parts":[[2023,6,16]],"date-time":"2023-06-16T02:54:33Z","timestamp":1686884073000},"page":"5626","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":13,"title":["Investigating the Effectiveness of Novel Support Vector Neural Network for Anomaly Detection in Digital Forensics Data"],"prefix":"10.3390","volume":"23","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-9030-1277","authenticated-orcid":false,"given":"Umar","family":"Islam","sequence":"first","affiliation":[{"name":"Department of Computer Science, IQRA National University, Swat Campus, Peshawar 25100, Pakistan"}]},{"given":"Hathal Salamah","family":"Alwageed","sequence":"additional","affiliation":[{"name":"College of Computer and Information Sciences, Jouf University, Sakaka 73211, Saudi Arabia"}]},{"given":"Malik Muhammad Umer","family":"Farooq","sequence":"additional","affiliation":[{"name":"Software Engineering Department, Federation University Australia, Ballarat, VIC 3350, Australia"}]},{"given":"Inayat","family":"Khan","sequence":"additional","affiliation":[{"name":"Department of Computer Science, University of Engineering and Technology, Mardan 23200, Pakistan"}]},{"given":"Fuad A.","family":"Awwad","sequence":"additional","affiliation":[{"name":"Department of Quantitative Analysis, College of Business Administration, King Saud University, P.O. Box 71115, Riyadh 11587, Saudi Arabia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4556-5606","authenticated-orcid":false,"given":"Ijaz","family":"Ali","sequence":"additional","affiliation":[{"name":"Department of Computer Science, IQRA National University, Swat Campus, Peshawar 25100, Pakistan"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6010-001X","authenticated-orcid":false,"given":"Mohamed R.","family":"Abonazel","sequence":"additional","affiliation":[{"name":"Department of Applied Statistics and Econometrics, Faculty of Graduate Studies for Statistical Research, Cairo University, Giza 12613, Egypt"}]}],"member":"1968","published-online":{"date-parts":[[2023,6,15]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"543","DOI":"10.1007\/978-3-319-03095-1_58","article-title":"A Stylometric Investigation Tool for Authorship Attribution in E-Mail Forensics","volume":"Volume 249","author":"Neralla","year":"2014","journal-title":"Advances in Intelligent Systems and Computing"},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"1433","DOI":"10.1109\/TCSS.2019.2927431","article-title":"Blockchain-Based Digital Forensics Investigation Framework in the Internet of Things and Social Systems","volume":"6","author":"Li","year":"2019","journal-title":"IEEE Trans. Comput. Soc. Syst."},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Duy, P.T., Hoang, H.D., Hien, D.T.T., Khanh, N.B., and Pham, V.H. (2019, January 12\u201313). SDNLog-Foren: Ensuring the integrity and tamper resistance of log files for SDN forensics using blockchain. Proceedings of the 2019 6th NAFOSTED Conference on Information and Computer Science (NICS), Hanoi, Vietnam.","DOI":"10.1109\/NICS48868.2019.9023852"},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Kieseberg, P., Schrittwieser, S., Fruhwirt, P., and Weippl, E. (2019, January 25\u201326). Analysis of the Internals of MySQL\/InnoDB B+ Tree Index Navigation from a Forensic Perspective. Proceedings of the 2019 International Conference on Software Security and Assurance (ICSSA), St. P\u00f6lten, Austria.","DOI":"10.1109\/ICSSA48308.2019.00013"},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"34","DOI":"10.1109\/MSEC.2018.2875877","article-title":"Blockchain-Based Distributed Cloud Storage Digital Forensics: Where\u2019s the Beef?","volume":"17","author":"Ricci","year":"2019","journal-title":"IEEE Secur. Priv."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Westerlund, M., and Jaatun, M.G. (2019, January 11\u201313). Tackling the cloud forensic problem while keeping your eye on the GDPR. Proceedings of the IEEE International Conference on Cloud Computing Technology and Science (CloudCom), Sydney, NSW, Australia.","DOI":"10.1109\/CloudCom.2019.00071"},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1109\/TIFS.2016.2603960","article-title":"Authorship Attribution for Social Media Forensics","volume":"12","author":"Rocha","year":"2017","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Brotsis, S., Kolokotronis, N., Limniotis, K., Shiaeles, S., Kavallieros, D., Bellini, E., and Pavu\u00e9, C. (2019, January 24\u201328). Blockchain solutions for forensic evidence preservation in iot environments. Proceedings of the 2019 IEEE 2019 IEEE Conference on Network Softwarization (NetSoft), Paris, France.","DOI":"10.1109\/NETSOFT.2019.8806675"},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"S42","DOI":"10.1016\/j.diin.2008.05.001","article-title":"A novel approach of mining write-prints for authorship attribution in e-mail forensics","volume":"5","author":"Iqbal","year":"2008","journal-title":"Digit. Investig."},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"25464","DOI":"10.1109\/ACCESS.2022.3154059","article-title":"Research Trends, Challenges, and Emerging Topics in Digital Forensics: A Review of Reviews","volume":"10","author":"Casino","year":"2022","journal-title":"IEEE Access"},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"110362","DOI":"10.1109\/ACCESS.2022.3214506","article-title":"Application of Artificial Intelligence to Network Forensics: Survey, Challenges and Future Directions","volume":"10","author":"Rizvi","year":"2022","journal-title":"IEEE Access"},{"key":"ref_12","unstructured":"Studiawan, H., Salimi, R.N., and Ahmad, T. (2021). Forensic Analysis of Copy-Move Attack, Springer International Publishing."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Le, D.P., Meng, H., Su, L., Yeo, S.L., and Thing, V. (2018, January 28\u201331). BIFF: A Blockchain-based IoT Forensics Framework with Identity Privacy. Proceedings of the TENCON 2018\u20142018 IEEE Region 10 Conference, Jeju, Republic of Korea.","DOI":"10.1109\/TENCON.2018.8650434"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"11065","DOI":"10.1109\/ACCESS.2022.3142508","article-title":"A Comprehensive Survey on Computer Forensics: State-of-the-Art, Tools, Techniques, Challenges, and Future Directions","volume":"10","author":"Javed","year":"2022","journal-title":"IEEE Access"},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"158","DOI":"10.1016\/j.forsciint.2013.09.013","article-title":"Passive forensics for copy-move image forgery using a method based on DCT and SVD","volume":"233","author":"Zhao","year":"2013","journal-title":"Forensic Sci. Int."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"8","DOI":"10.1016\/j.forsciint.2017.07.037","article-title":"Copy\u2013move forgery detection through stationary wavelets and local binary pattern variance for forensic analysis in digital images","volume":"279","author":"Mahmood","year":"2017","journal-title":"Forensic Sci. Int."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"3224","DOI":"10.1109\/ACCESS.2018.2885011","article-title":"An Empirical Study on Forensic Analysis of Text using LDA based Authorship Attribution","volume":"7","author":"Anwar","year":"2018","journal-title":"IEEE Access"},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"1191","DOI":"10.1109\/COMST.2019.2962586","article-title":"A Survey on the Internet of Things (IoT) Forensics: Challenges, Approaches, and Open Issues","volume":"22","author":"Stoyanova","year":"2020","journal-title":"IEEE Commun. Surv. Tutorials"},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"1099","DOI":"10.1109\/TIFS.2011.2129512","article-title":"A SIFT-based forensic method for copy-move attack detection and transformation recovery","volume":"6","author":"Amerini","year":"2011","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"1654","DOI":"10.1109\/TIFS.2018.2883272","article-title":"iSTRICT: An Interdependent Strategic Trust Mechanism for the Cloud-Enabled Internet of Controlled Things","volume":"14","author":"Pawlick","year":"2022","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_21","first-page":"1","article-title":"Empirical evaluations of language-based author identification techniques","volume":"8","author":"Chaski","year":"2006","journal-title":"Forensic Linguist."},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"1720","DOI":"10.1109\/TIFS.2020.3042049","article-title":"Self-Configurable Cyber-Physical Intrusion Detection for Smart Homes Using Reinforcement Learning","volume":"16","author":"Heartfield","year":"2021","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"734","DOI":"10.1109\/TIFS.2007.908228","article-title":"A comparative study of fingerprint image-quality estimation methods","volume":"2","author":"Fierrez","year":"2007","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_24","unstructured":"Loll, A. (2013). Encyclopedia of Forensic Sciences, Academic Press. [2nd ed.]."},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Ashraf, N., Mehmood, D., Obaidat, M.A., Ahmed, G., and Akhunzada, A. (2022). Criminal Behavior Identification Using Machine Learning Techniques Social Media Forensics. Electronics, 11.","DOI":"10.3390\/electronics11193162"},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"80","DOI":"10.1016\/j.patrec.2022.04.004","article-title":"A novel unsupervised ensemble framework using concept-based linguistic methods and machine learning for twitter sentiment analysis","volume":"158","author":"Bibi","year":"2022","journal-title":"Pattern Recognit. Lett."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"129","DOI":"10.1504\/IJGW.2016.074952","article-title":"Utilising key climate element variability for the prediction of future climate change using a support vector machine model","volume":"9","author":"Abubakar","year":"2016","journal-title":"Int. J. Glob. Warm."},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Ali, M.L., Thakur, K., and Obaidat, M.A. (2022). A Hybrid Method for Keystroke Biometric User Identification. Electronics, 11.","DOI":"10.3390\/electronics11172782"},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"8512469","DOI":"10.1155\/2022\/8512469","article-title":"Enhancement of detection of diabetic retinopathy using Harris hawks optimization with deep learning model","volume":"2022","author":"Gundluru","year":"2022","journal-title":"Comput. Intell. Neurosci."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"732","DOI":"10.3390\/electronics11050732","article-title":"A Novel Feature-Selection Method for Human Activity Recognition in Videos","volume":"11","author":"Nadia","year":"2022","journal-title":"Electronics"}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/23\/12\/5626\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T19:56:03Z","timestamp":1760126163000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/23\/12\/5626"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,6,15]]},"references-count":30,"journal-issue":{"issue":"12","published-online":{"date-parts":[[2023,6]]}},"alternative-id":["s23125626"],"URL":"https:\/\/doi.org\/10.3390\/s23125626","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,6,15]]}}}