论文信息 - I Know What You Did Last Summer: Your Smart Home Internet of Things and Your iPhone Forensically Ratting You Out

I Know What You Did Last Summer: Your Smart Home Internet of Things and Your iPhone Forensically Ratting You Out

The adoption of smart home Internet of Things (IoT) devices continues to grow. What if your devices can snitch on you and let us know where you are at any given point in time? In this work we examined the forensic artifacts produced by Nest devices, and in specific, we examined the logical backup structure of an iPhone used to control a Nest thermostat, Nest Indoor Camera and a Nest Outdoor Camera. We also integrated the Google Home Mini as another method of controlling the studied Smart Home devices. Our work is the primary account for the examination of Nest artifacts produced by an iPhone, and is also the first open source research to produce a usable forensics tool we name the Forensic Evidence Acquisition and Analysis System (FEAAS). FEAAS consolidates evidentiary data into a readable report that can infer user events (like entering or leaving a home) and what triggered an event (whether it was the Google Assistant through a voice command, or the use of an iPhone application). Our results are important for the advancement of digital forensics, as there are cases starting to emerge in which smart home IoT devices have already been used as culpatory evidence.

[1] Norita Md Norwawi,et al. Internet of Things(IoT) digital forensic investigation model: Top-down forensic approach methodology , 2015, 2015 Fifth International Conference on Digital Information Processing and Communications (ICDIPC).

[2] Ragib Hasan,et al. FAIoT: Towards Building a Forensics Aware Eco System for the Internet of Things , 2015, 2015 IEEE International Conference on Services Computing.

[3] Sangjin Lee,et al. Digital Forensic Approaches for Amazon Alexa Ecosystem , 2017, Digit. Investig..

[4] Other Contributors Are Indicated Where They Contribute. Python Software Foundation , 2017 .

[5] Ibrahim Baggili,et al. iPhone 3GS Forensics: Logical analysis using Apple iTunes Backup Utility , 2010 .

[6] Ibrahim M. Baggili,et al. A Simple Cost-Effective Framework for iPhone Forensic Analysis , 2010, ICDF2C.

[7] Karl N. Levitt,et al. Is Anybody Home? Inferring Activity From Smart Home Network Traffic , 2016, 2016 IEEE Security and Privacy Workshops (SPW).

[8] Indrakshi Ray,et al. A Generic Digital Forensic Investigation Framework for Internet of Things (IoT) , 2016, 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud).

[9] Ibrahim M. Baggili,et al. Forensic State Acquisition from Internet of Things (FSAIoT): A general framework and practical approach for IoT forensics through IoT device state acquisition , 2017, ARES.