GView: A Survey of Binary Forensics via Visual, Semantic, and AI-Enhanced Analysis
This addresses cybersecurity forensics for industry and academic researchers, but appears incremental as a survey and extension of an existing framework.
The paper presents GView, an open-source forensic analysis framework that tackles sophisticated cybersecurity threats by incorporating visual, semantic, and AI-enhanced reasoning, including large language models, to improve forensic workflows.
Cybersecurity threats continue to become more sophisticated and diverse in their artifacts, boosting both their volume and complexity. To overcome those challenges, we present GView, an open-source forensic analysis framework with visual and AI-enhanced reasoning. It started with focus on the practical cybersecurity industry. It has evolved significantly, incorporating large language models (LLMs) to dynamically enhance reasoning and ease the forensic workflows. This paper surveys both the current state of GView with its published papers alongside those that are in the publishing process. It also includes its innovative use of logical inference through predicates and inference rules for both the analyzed documents and the user's actions for better suggestions. We highlight the extensible architecture, showcasing its potential as a bridge between the practical forensics worlds with the academic research.