Probe-IoT: A public digital ledger based forensic investigation framework for IoT

The increased deployment of Internet of Things (IoT) devices will make them targets for attacks. IoT devices can also be used as tools for committing crimes. In this regard, we propose Probe-IoT — a forensic investigation framework using a public digital ledger to find facts in criminal incidents in IoT-based systems. Probe-IoT collects interactions that take place among various IoT entities (clouds, users, and IoT devices) as evidence and stores them securely as transactions in public, distributed and decentralized blockchain network which is similar to the Bitcoin network. Probe-IoT presents a scheme that ensures integrity, confidentiality, anonymity, and non-repudiation of the evidence stored in the public ledger. Furthermore, during the investigation of a malicious incident, Probe-IoT provides a mechanism to acquire evidence from the ledger and verify the authenticity and integrity of the obtained evidence.