Digital Forensics for IoT and WSNs

In the last decade, wireless sensor networks (WSNs) and Internet-of-Things (IoT) devices are proliferated in many domains including critical infrastructures such as energy, transportation and manufacturing. Consequently, most of the daily operations now rely on the data coming from wireless sensors or IoT devices and their actions. In addition, personal IoT devices are heavily used for social media applications, which connect people as well as all critical infrastructures to each other under the cyber domain. However, this connectedness also comes with the risk of increasing number of cyber attacks through WSNs and/or IoT. While a significant research has been dedicated to secure WSN/IoT, this still indicates that there needs to be forensics mechanisms to be able to conduct investigations and analysis. In particular, understanding what has happened after a failure or an attack is crucial to many businesses, which rely on WSN/IoT applications. Therefore, there is a great interest and need for understanding digital forensics applications in WSN and IoT realms. This chapter fills this gap by providing an overview and classification of digital forensics research and applications in these emerging domains in a comprehensive manner. In addition to analyzing the technical challenges, the chapter provides a survey of the existing efforts from the device level to network level while also pointing out future research opportunities.

[1]  Noureddine Boudriga,et al.  Digital Investigation of Wormhole Attacks in Wireless Sensor Networks , 2009, 2009 Eighth IEEE International Symposium on Network Computing and Applications.

[2]  Cecilia Metra,et al.  Secure communication protocol for wireless sensor networks , 2010, 2010 East-West Design & Test Symposium (EWDTS).

[3]  Rama Krishna Challa,et al.  Performance Evaluation of Routing Protocols Based on Wormhole Attack in Wireless Mesh Networks , 2010, 2010 Second International Conference on Computer and Network Technology.

[4]  Sergei Skorobogatov,et al.  The bumpy road towards iPhone 5c NAND mirroring , 2016, ArXiv.

[5]  Maurizio Tomasella,et al.  Vision and Challenges for Realising the Internet of Things , 2010 .

[6]  Yang Liu,et al.  A Storage Solution for Massive IoT Data Based on NoSQL , 2012, 2012 IEEE International Conference on Green Computing and Communications.

[7]  Hongming Cai,et al.  An IoT-Oriented Data Storage Framework in Cloud Computing Platform , 2014, IEEE Transactions on Industrial Informatics.

[8]  Lei Zhang,et al.  Wireless Sensor Networks and the Internet of Things , 2013, Int. J. Distributed Sens. Networks.

[9]  Paul Sant,et al.  The Forensics Edge Management System: A Concept and Design , 2013, 2013 IEEE 10th International Conference on Ubiquitous Intelligence and Computing and 2013 IEEE 10th International Conference on Autonomic and Trusted Computing.

[10]  Mohand Tahar Kechadi,et al.  Cloud Forensics , 2011, IFIP Int. Conf. Digital Forensics.

[11]  Vijay Kumar,et al.  Digital investigations for IPv6-based Wireless Sensor Networks , 2014, Digit. Investig..

[12]  Carsten Bormann,et al.  6LoWPAN: The Wireless Embedded Internet , 2009 .

[13]  Shusen Yang,et al.  A survey on the ietf protocol suite for the internet of things: standards, challenges, and opportunities , 2013, IEEE Wireless Communications.

[14]  Towards a definition of the Internet of Things ( IoT ) , 2015 .

[15]  N Pedro Taveras,et al.  SCADA LIVE FORENSICS: REAL TIME DATA ACQUISITION PROCESS TO DETECT, PREVENT OR EVALUATE CRITICAL SITUATIONS , 2013 .

[16]  Golden G. Richard,et al.  SCADA Systems: Challenges for Forensic Investigators , 2012, Computer.

[17]  Stefano Chessa,et al.  Wireless sensor networks: A survey on the state of the art and the 802.15.4 and ZigBee standards , 2007, Comput. Commun..

[18]  Golden G. Richard,et al.  Acquisition and analysis of volatile memory from android devices , 2012, Digit. Investig..

[19]  Sieteng Soh,et al.  Cloud forensics: Technical challenges, solutions and comparative analysis , 2015, Digit. Investig..

[20]  Vijay Kumar,et al.  Traffic forensics for IPv6-based Wireless Sensor Networks and the Internet of Things , 2016, 2016 IEEE 3rd World Forum on Internet of Things (WF-IoT).

[21]  Mohamed F. Younis,et al.  A survey on routing protocols for wireless sensor networks , 2005, Ad Hoc Networks.

[22]  Hein S. Venter,et al.  Requirements for wireless sensor networks in order to achieve digital forensic readiness , 2011, WDFIA.

[23]  Adam Dunkels,et al.  Contiki - a lightweight and flexible operating system for tiny networked sensors , 2004, 29th Annual IEEE International Conference on Local Computer Networks.

[24]  Ian F. Akyildiz,et al.  Sensor Networks , 2002, Encyclopedia of GIS.

[25]  Imrich Chlamtac,et al.  Internet of things: Vision, applications and research challenges , 2012, Ad Hoc Networks.

[26]  John Anderson,et al.  An analysis of a large scale habitat monitoring application , 2004, SenSys '04.

[27]  Xiangyu Zhang,et al.  Screen after Previous Screens: Spatial-Temporal Recreation of Android App Displays from Memory Images , 2016, USENIX Security Symposium.

[28]  Margo I. Seltzer,et al.  Provenance-Aware Storage Systems , 2006, USENIX ATC, General Track.

[29]  Richard P. Ayers,et al.  Guidelines on Mobile Device Forensics , 2014 .

[30]  Insup Lee,et al.  Cyber-physical systems: The next computing revolution , 2010, Design Automation Conference.

[31]  Avishai Wool,et al.  Accurate Modeling of The Siemens S7 SCADA Protocol For Intrusion Detection And Digital Forensic , 2014, J. Digit. Forensics Secur. Law.

[32]  Norita Md Norwawi,et al.  Internet of Things(IoT) digital forensic investigation model: Top-down forensic approach methodology , 2015, 2015 Fifth International Conference on Digital Information Processing and Communications (ICDIPC).

[33]  Daniela Miao,et al.  Security Analysis of Wearable Fitness Devices ( Fitbit ) , 2014 .

[34]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[35]  Francois Mouton,et al.  A prototype for achieving digital forensic readiness on wireless sensor networks , 2011, IEEE Africon '11.

[36]  Rumen Kyusakov,et al.  Enabling Cloud Connectivity for Mobile Internet of Things Applications , 2013, 2013 IEEE Seventh International Symposium on Service-Oriented System Engineering.

[37]  Golden G. Richard,et al.  FACE: Automated digital evidence discovery and correlation , 2008, Digit. Investig..

[38]  Fagen Li,et al.  Practical Secure Communication for Integrating Wireless Sensor Networks Into the Internet of Things , 2013, IEEE Sensors Journal.

[39]  Ronald L. Krutz Securing SCADA systems , 2005 .

[40]  Tina Wu,et al.  Towards a SCADA Forensics Architecture , 2013, ICS-CSR.

[41]  Elena Gaura,et al.  Smart Mems And Sensor Systems , 2006 .

[42]  Aamir Shahzad,et al.  Industrial control systems (ICSs) vulnerabilities analysis and SCADA security enhancement using testbed encryption , 2014, ICUIMC.

[43]  Matt Welsh,et al.  Deploying a wireless sensor network on an active volcano , 2006, IEEE Internet Computing.

[44]  Thomas C. Schmidt,et al.  RIOT OS: Towards an OS for the Internet of Things , 2013, 2013 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[45]  Ahmad Ghafarian,et al.  A Computer Forensics Approach Based on Autonomous Intelligent Multi-Agent System , 2013 .

[46]  Robert Hegarty,et al.  Digital Evidence Challenges in the Internet of Things , 2014, INC.

[47]  Cem Ersoy,et al.  MAC protocols for wireless sensor networks: a survey , 2006, IEEE Communications Magazine.

[48]  Luca Mainetti,et al.  Evolution of wireless sensor networks towards the Internet of Things: A survey , 2011, SoftCOM 2011, 19th International Conference on Software, Telecommunications and Computer Networks.

[49]  Joe Stirland,et al.  Developing Cyber Forensics for SCADA Industrial Control Systems , 2014 .

[50]  Siddhartha Kumar Khaitan,et al.  Design Techniques and Applications of Cyberphysical Systems: A Survey , 2015, IEEE Systems Journal.

[51]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[52]  Vinayak S. Naik,et al.  A line in the sand: a wireless sensor network for target detection, classification, and tracking , 2004, Comput. Networks.

[53]  Song Han,et al.  WirelessHART: Applying Wireless Technology in Real-Time Industrial Process Control , 2008, 2008 IEEE Real-Time and Embedded Technology and Applications Symposium.

[54]  Ragib Hasan,et al.  FAIoT: Towards Building a Forensics Aware Eco System for the Internet of Things , 2015, 2015 IEEE International Conference on Services Computing.

[55]  Artemis Moroni,et al.  Vision and Challenges for Realising the Internet of Things , 2010 .

[56]  Kevin Ashton,et al.  That ‘Internet of Things’ Thing , 1999 .

[57]  Yen-Kuang Chen,et al.  Challenges and opportunities of internet of things , 2012, 17th Asia and South Pacific Design Automation Conference.

[58]  JeongGil Ko,et al.  Connecting low-power and lossy networks to the internet , 2011, IEEE Communications Magazine.

[59]  David E. Culler,et al.  TinyOS: An Operating System for Sensor Networks , 2005, Ambient Intelligence.

[60]  Deon Reynders,et al.  Open SCADA protocols DNP3 and IEC 60870 , 2003 .

[61]  Weisong Shi,et al.  Wireless Sensor Network Security: A Survey , 2006 .

[62]  Umit Karabiyik,et al.  Building an Intelligent Assistant for Digital Forensics , 2015 .

[63]  Marimuthu Palaniswami,et al.  Internet of Things (IoT): A vision, architectural elements, and future directions , 2012, Future Gener. Comput. Syst..

[64]  Bo Li,et al.  A survey of transport protocols for wireless sensor networks , 2006, IEEE Network.

[65]  Panayotis Kikiras,et al.  Live forensics framework for wireless sensor nodes using sandboxing , 2010, Q2SWinet '10.

[66]  Doug Fisher,et al.  SCADA: Supervisory Control and Data Acquisition , 2015 .

[67]  Ivor Kollár Forensic RAM dump image analyzer , 2009 .

[68]  Padmashali A Secure Communication for Wireless Sensor Networks , 2012 .

[69]  D7.1 Preliminary report on forensic analysis for industrial systems , 2015 .

[70]  Wei Liu,et al.  A Tool for Volatile Memory Acquisition from Android Devices , 2016, IFIP Int. Conf. Digital Forensics.

[71]  Bruce J. Nikkel An introduction to investigating IPv6 networks , 2007, Digit. Investig..

[72]  Satish Kumar,et al.  Next century challenges: scalable coordination in sensor networks , 1999, MobiCom.

[73]  M. B. Mukasey,et al.  Electronic Crime Scene Investigation: A Guide for First Responders, Second Edition , 2008 .

[74]  Ralf Steinmetz,et al.  Wireless Sensor Networks and the Internet of Things: Selected Challenges , 2009 .

[75]  Jose M. Alcaraz Calero,et al.  Toward a Multi-Tenancy Authorization System for Cloud Services , 2010, IEEE Security & Privacy.

[76]  N. Xu A Survey of Sensor Network Applications , 2002 .

[77]  Kevin Jones,et al.  A Cyber Forensic Taxonomy for SCADA Systems in Critical Infrastructure , 2015, CRITIS.

[78]  Umit Karabiyik,et al.  A secure and cloud-based medical records access scheme for on-road emergencies , 2018, 2018 15th IEEE Annual Consumer Communications & Networking Conference (CCNC).