ABSTRACT
As with other types of machine learning forensic investigations, with cybersecurity crimes one needs to follow methodical techniques to solve crimes involving machines attacking other machines. It requires the application of human skills and experience, coupled with pattern recognition software and a precise investigative methodology. Such investigations involves sifting through gigabytes of data and server log files looking for specific clues to discover what happened at certain times and locations over networks, server farms, and the Internet. This usually involves remote digital attacks on machines, networks, and websites that are commonly referred to as an incident breach, which is followed by an incident response.
