@inproceedings{rizvi2024EdgeForensicReadiness, author={Rizvi, Syed and Scanlon, Mark and McGibney, Jimmy and Sheppard, John}, title="{Pushing Network Forensic Readiness to the Edge: A Resource Constrained Artificial Intelligence Based Methodology}", booktitle={2024 Cyber Research Conference - Ireland (Cyber-RCI)}, year=2024, pages = {}, month=11, publisher={IEEE}, abstract={Rapid developments in recent years with the Internet of Things (IoT) have supported significant growth in edge computing. The growing number and diversity of IoT/edge devices increase the risk of security incidents. As many IoT/edge devices can be considered lightweight, with limited data processing capacity and significant heterogeneity, traditional digital forensic investigation techniques may not always work with them. Network forensic readiness on IoT/edge devices is a proactive approach to collecting evidence to assist with forensic examinations. This paper introduces the Network Forensic Readiness for Edge Devices (NetFoREdge) framework, focussing on deploying lightweight AI models in resource-constrained environments for attack detection, evidence collection, and preservation. The proposed lightweight AI-driven solution performed effectively on resource-constrained physical devices, namely a Raspberry Pi 3B and a Raspberry Pi Zero 2 W. To evaluate the effectiveness of this approach, experiments have been conducted using two datasets: the recently released IoT network attack dataset, CICIoT2023, and the IoT-23 dataset. The experimental results are very encouraging -- achieving an accuracy rate exceeding 99.60% and 99.98% for multiclassification on CICIoT2023 and IoT-23 datasets, respectively, and demonstrating the feasibility of network forensic readiness on IoT/edge devices with limited memory, storage, CPU usage, and power consumption.} }