IoT forensic challenges and opportunities for digital traces

Abstract The increasing number of IoT devices in personal environments such as smarthomes presents opportunities and risks from a forensic perspective. These devices generate traces that can be useful for investigative and forensic purposes in any type of offense. At the same time, newer IoT devices are not supported by existing digital forensic tools and methods, making it difficult for practitioners to extract data from them without the support of a forensic advisor with specialized knowledge in this area. In addition, these traces can present evaluation challenges for forensic scientists, and can contain vulnerabilities that pose privacy risks. Security vulnerabilities of IoT devices create opportunities for extracting traces but might also be used by criminals to undermine a device. The aim of this work is to increase familiarity with traces from various IoT devices in a smarthome, and demonstrate how traces from IoT devices in a smarthome can be useful for investigative and forensic purposes. This work presents a study of IoT devices and associated smartphone applications, providing approaches to extracting and analyzing digital traces. This research led to the discovery of vulnerabilities in multiple devices, and a scenario for the DFRWS IoT forensic challenge was developed.

[1]  Sangjin Lee,et al.  Digital Forensic Approaches for Amazon Alexa Ecosystem , 2017, Digit. Investig..

[2]  Ragib Hasan,et al.  FAIoT: Towards Building a Forensics Aware Eco System for the Internet of Things , 2015, 2015 IEEE International Conference on Services Computing.

[3]  Norita Md Norwawi,et al.  Internet of Things(IoT) digital forensic investigation model: Top-down forensic approach methodology , 2015, 2015 Fifth International Conference on Digital Information Processing and Communications (ICDIPC).

[4]  Eoghan Casey,et al.  Digital Evidence and Computer Crime , 2000 .

[5]  Joshua James,et al.  Evidence identification in IoT networks based on threat assessment , 2017, Future Gener. Comput. Syst..

[6]  Pascal Urien,et al.  A new approach to investigate IoT threats based on a four layer model , 2016, 2016 13th International Conference on New Technologies for Distributed Systems (NOTERE).

[7]  Anthony Brown,et al.  An Analysis of Home IoT Network Traffic and Behaviour , 2018, ArXiv.

[8]  Joshua James,et al.  Practical and Legal Challenges of Cloud Investigations , 2015, ArXiv.

[9]  Eoghan Casey,et al.  Digital Evidence and Computer Crime - Forensic Science, Computers and the Internet, 3rd Edition , 2011 .

[10]  Laetitia Heudt,et al.  The introduction of forensic advisors in Belgium and their role in the criminal justice system. , 2017, Science & justice : journal of the Forensic Science Society.

[11]  Eoghan Casey,et al.  Clearly conveying digital forensic results , 2018, Digit. Investig..

[12]  Indrakshi Ray,et al.  A Generic Digital Forensic Investigation Framework for Internet of Things (IoT) , 2016, 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud).

[13]  Nickson M. Karie,et al.  How an IoT-enabled “smart refrigerator” can play a clandestine role in perpetuating cyber-crime , 2017, 2017 IST-Africa Week Conference (IST-Africa).