Team Project - Diary

Digital Forensics – Autonomous Verification Agents

Our group project, Digital Forensics: The role of autonomous verification agents in reducing malware risks and ensuring compliance, explored how intelligent agents can enhance cybersecurity by automatically analysing downloaded files before they reach end-users. The team, consisting of Thiago Contardi, Pëllumb Dalipi, and Paul Dogar, focused on designing an autonomous pre-screening agent integrated into a Chrome browser extension.

Project Overview

The proposed agent acts as a digital gatekeeper, intercepting file downloads and forwarding them to an AI-based verification server. This system analyses files using a combination of deterministic scanning, YARA rule filtering, and lightweight machine learning models. High-risk content is quarantined automatically, while clean files are released to users. This proactive approach aims to reduce malware infections, ensure compliance with data security standards, and minimise analyst workload.

Technical Summary

The solution was developed using Python with libraries such as scikit-learn for anomaly detection and yara-python for rule-based analysis. A PostgreSQL database supports structured reporting and compliance auditing, and the Chrome extension relies on Manifest V3. The system was designed for lightweight, scalable deployment using Docker, ensuring portability and integration with existing IT infrastructures.

Key Insights

Our findings highlight that integrating autonomous agents into organisational workflows can significantly reduce exposure to malware while improving traceability and compliance with frameworks such as ISO 27001 and GDPR. Unlike traditional endpoint protection tools, this pre-screening model acts earlier in the security chain, mitigating risks before infection occurs. Challenges such as false positives and processing speed were identified but can be managed through calibration, efficient algorithms, and transparent user reporting.