Artificial Intelligence in Mobile Malware Forensics: Enhancing Evidence Recovery and Threat Attribution

The increasing sophistication of mobile malware poses significant challenges for forensic investigators tasked with evidence recovery and threat attribution. Conventional forensic techniques often fail to cope with polymorphic malware, encrypted communication, and anti-forensic countermeasures. This research explores the role of artificial intelligence (AI) in mobile malware forensics, particularly in improving the acquisition, analysis, and interpretation of digital evidence. By conducting a comparative evaluation of AI-assisted forensic tools and traditional approaches, the study examines their effectiveness in detecting hidden artifacts, reconstructing attack patterns, and attributing malicious activity. Experimental simulations were conducted on Android and iOS devices infected with representative malware families, and the results demonstrate that AI-enhanced approaches can improve recovery rates by up to 20% compared with conventional methods. Furthermore, case studies illustrate how AI-driven semantic analysis supports more accurate threat attribution. The research concludes that AI is a transformative component of modern mobile forensics, offering significant benefits in both investigative efficiency and evidentiary robustness.