Forensics and Security Research Group

Academic cybersecurity and digital forensics research group spanning University College Dublin and South East Technological University.

View Publications Meet the Group

Research Focus

The Forensics and Security Research Group conducts research in digital forensics, cybersecurity, network investigation, artificial intelligence for forensic workflows, cloud and IoT forensics, and digital forensic education.

Founded in University College Dublin and now expanded through collaboration with South East Technological University, the group works with academic, law-enforcement, and industry partners on research that improves the reliability, scalability, and practical impact of digital investigations.

Digital Forensics Network Investigation AI for Forensics Cloud and IoT Evidence Forensic Readiness Education and Training

Latest

News

All News

Mar 2026

VAAS: Vision-Attention Anomaly Scoring for Image Manipulation Detection in Digital Forensics

VAAS: A novel dual-module framework for image manipulation detection in digital forensics, combining global attention-based anomaly estimation with patch-level self-consistency scoring for interpretable anomaly detection and tamper localization.

Mar 2026

Objects as Universal Geolocation Cues: A Computer Vision Approach

This paper proposes a computer vision approach to geolocation using universal visual cues, specifically electrical plug sockets, to narrow down the search space for law enforcement in combating crimes such as human trafficking and child exploitation.

Mar 2026

New DFRWS EU 2026 Publications

The group has new work appearing at DFRWS EU 2026 and in Forensic Science International: Digital Investigation.

Mar 2026

AutoDFBench 1.0: A Benchmarking Framework for Digital Forensic Tool Testing and Generated Code Evaluation

AutoDFBench 1.0 is a comprehensive benchmarking framework for digital forensic tool testing and validation, addressing the lack of standardisation in tool validation and evaluation methodologies. It integrates five areas defined by the NIST CFTT programme and enables fair and reproducible comparison across tools and forensic scripts.

Recent Output

Selected Publications

Full Publications List

2025

Fine-Tuning Large Language Models for Digital Forensics: Case Study and General Recommendations

Gaëtan Michelet; Hans Henseler; Harm van Beek; Mark Scanlon; Frank Breitinger

ACM Digital Threats: Research and Practice pp. 3748264

This paper proposes recommendations for fine-tuning large language models (LLMs) for digital forensics tasks, addressing the gap in existing research. A case study on chat summarization showcases the applicability of the recommendations, evaluating multiple fine-tuned models to assess their performance. The study shares lessons learned from the case study, providing insights into the fine-tuning process, computational power issues, data challenges, and evaluation methods.

Publication details

2025

Towards a standardized methodology and dataset for evaluating LLM-based digital forensic timeline analysis

Hudan Studiawan; Frank Breitinger; Mark Scanlon

Forensic Science International: Digital Investigation Vol. 54S pp. 301982

This paper proposes a standardized methodology for evaluating the performance of Large Language Models (LLMs) in digital forensic timeline analysis tasks, such as event summarization. The methodology includes a dataset, timeline generation, and ground truth development, and recommends the use of BLEU and ROUGE metrics for quantitative evaluation.

Publication details

2026

Plug to place: Indoor multimedia geolocation from electrical sockets for digital investigation

Kanwal Aftab; Graham Adams; Mark Scanlon

Forensic Science International: Digital Investigation Vol. 56 pp. 302056

This paper introduces a pipeline for indoor multimedia geolocation using electrical sockets as consistent markers, aiding law enforcement in human trafficking investigations.

Publication details