Security, Cybercrime and Digital Forensics for IoT

The Internet of Things (IoT) connects almost all the environment objects whether physical or virtual over the Internet to produce new digitized services that improve people’s lifestyle. Currently, several IoT applications have a direct impact on our daily life activities including smart agriculture, wearables, connected healthcare, connected vehicles, and others. Despite the countless benefits provided by the IoT system, it introduces several security challenges. Resolving these challenges should be one of the highest priorities for IoT manufacturers to continue the successful deployment of IoT applications. The owners of IoT devices should guarantee that effective security measures are built in their devices. With the developments of the Internet, the number of security attacks and cybercrimes has increased significantly. In addition, with poor security measures implemented in IoT devices, the IoT system creates more opportunities for cybercrimes to attack various application and services of the IoT system resulting in a direct impact on users. One of the approaches that tackle the increasing number of cybercrimes is digital forensics. Cybercrimes with the power of the IoT technology can cross the virtual space to threaten human life, therefore, IoT forensics is required to investigate and mitigate against such attacks. This chapter presents a review of IoT security and forensics. It started with reviewing the IoT system by discussing building blocks of an IoT device, essential characteristic, communication technologies and challenges of the IoT. Then, IoT security by highlighting threats and solutions regarding IoT architecture layers are discussed. Digital forensics is also discussed by presenting the main steps of the investigation process. In the end, IoT forensics is discussed by reviewing related IoT forensics frameworks, discussing the need for adopting real-time approaches and showing various IoT forensics.

[1]  Paul Fergus,et al.  SCCIR: Smart Cities Critical Infrastructure Response Framework , 2011, 2011 Developments in E-systems Engineering.

[2]  Robert Hegarty,et al.  Digital Evidence Challenges in the Internet of Things , 2014, INC.

[3]  Hongmei Chi,et al.  A Framework for IoT Data Acquisition and Forensics Analysis , 2018, 2018 IEEE International Conference on Big Data (Big Data).

[4]  Antonio Pescapè,et al.  On the Integration of Cloud Computing and Internet of Things , 2014, 2014 International Conference on Future Internet of Things and Cloud.

[5]  Mark Taylor,et al.  Digital evidence in cloud computing systems , 2010, Comput. Law Secur. Rev..

[6]  Maninder Singh,et al.  Cyber forensics framework for big data analytics in IoT environment using machine learning , 2018, Multimedia Tools and Applications.

[7]  Carlo Maria Medaglia,et al.  An Overview of Privacy and Security Issues in the Internet of Things , 2010 .

[8]  Indrakshi Ray,et al.  A Generic Digital Forensic Investigation Framework for Internet of Things (IoT) , 2016, 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud).

[9]  Fatos Xhafa,et al.  Inter-cooperative Collective Intelligence: Techniques and Applications , 2013 .

[10]  Sieteng Soh,et al.  Cloud forensics: Technical challenges, solutions and comparative analysis , 2015, Digit. Investig..

[11]  lobna yehia,et al.  Hybrid Security Techniques for Internet of Things Healthcare Applications , 2015, IOT 2015.

[12]  Utz Roedig,et al.  DHB-KEY: An efficient key distribution scheme for wireless sensor networks , 2008, 2008 5th IEEE International Conference on Mobile Ad Hoc and Sensor Systems.

[13]  Sarah V. Hart,et al.  Forensic Examination of Digital Evidence: A Guide for Law Enforcement , 2014 .

[14]  Sherali Zeadally,et al.  Internet of Things Forensics: The Need, Process Models, and Open Issues , 2018, IT Professional.

[15]  Gary B. Wills,et al.  IoT Forensics: A State-of-the-Art Review, Challenges and Future Directions , 2019, COMPLEXIS.

[16]  Gary B. Wills,et al.  Validation of an adaptive risk-based access control model for the Internet of Things , 2018 .

[17]  George Suciu,et al.  Analysis of the security solutions implemented in current Internet of Things platforms , 2015, 2015 Conference Grid, Cloud & High Performance Computing in Science (ROLCG).

[18]  Munam Ali Shah,et al.  IoT security: A layered approach for attacks & defenses , 2017, 2017 International Conference on Communication Technologies (ComTech).

[19]  Ragib Hasan,et al.  FAIoT: Towards Building a Forensics Aware Eco System for the Internet of Things , 2015, 2015 IEEE International Conference on Services Computing.

[20]  Tolga Ayav,et al.  A review of cloud deployment models for e-learning systems , 2013, 2013 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[21]  Steven Furnell,et al.  Cloud Forensics: A Review of Challenges, Solutions and Open Problems , 2015, 2015 International Conference on Cloud Computing (ICCC).

[22]  Ibrahim M. Baggili,et al.  Forensic State Acquisition from Internet of Things (FSAIoT): A general framework and practical approach for IoT forensics through IoT device state acquisition , 2017, ARES.

[23]  Ankit Agarwal,et al.  Systematic Digital Forensic Investigation Model , 2011 .

[24]  Y. Iraqi,et al.  A State-of-the-Art Review of Cloud Forensics , 2014, J. Digit. Forensics Secur. Law.

[25]  Flora Malamateniou,et al.  Enabling data protection through PKI encryption in IoT m-Health devices , 2012, 2012 IEEE 12th International Conference on Bioinformatics & Bioengineering (BIBE).

[26]  R. Venkatesan,et al.  Expander graphs based on GRH with an application to elliptic curve cryptography , 2008, 0811.0647.

[27]  Engin Leloglu A Review of Security Concerns in Internet of Things , 2017 .

[28]  Thar Baker,et al.  Iot Forensics: Challenges for the Ioa Era , 2018, 2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS).

[29]  Hany F. Atlam,et al.  IoT Security, Privacy, Safety and Ethics , 2019, Internet of Things.

[30]  Kaveh Pahlavan,et al.  Handoff in hybrid mobile data networks , 2000, IEEE Wirel. Commun..

[31]  Mohammed Anbar,et al.  Internet of Things (IoT) communication protocols: Review , 2017, 2017 8th International Conference on Information Technology (ICIT).

[32]  Aikaterini Mitrokotsa,et al.  Classifying RFID attacks and defenses , 2010, Inf. Syst. Frontiers.

[33]  Heon-Chang Yu,et al.  Detecting Sybil Attacks in Cloud Computing Environments Based on Fail-Stop Signature , 2017, Symmetry.

[34]  Geoff Mulligan,et al.  The 6LoWPAN architecture , 2007, EmNets '07.

[35]  Ragib Hasan,et al.  FIF-IoT: A Forensic Investigation Framework for IoT Using a Public Digital Ledger , 2018, 2018 IEEE International Congress on Internet of Things (ICIOT).

[36]  Antonio F. Gómez-Skarmeta,et al.  The Internet of Everything through IPv6: An Analysis of Challenges, Solutions and Opportunities , 2013, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[37]  Madini O. Alassafi,et al.  Blockchain with Internet of Things: Benefits, Challenges, and Future Directions , 2018, International Journal of Intelligent Systems and Applications.

[38]  Norita Md Norwawi,et al.  Internet of Things(IoT) digital forensic investigation model: Top-down forensic approach methodology , 2015, 2015 Fifth International Conference on Digital Information Processing and Communications (ICDIPC).

[39]  Hany F. Atlam,et al.  Chapter One - Technical aspects of blockchain and IoT , 2019, Adv. Comput..

[40]  Ashraf Darwish,et al.  Managing Computing Infrastructure for IoT Data , 2014, IOT 2014.

[41]  Timothy Grance,et al.  Guide to Integrating Forensic Techniques into Incident Response , 2006 .

[42]  Gary B. Wills,et al.  IoT Forensic: Bridging the Challenges in Digital Forensic and the Internet of Things , 2017, IoTBDS.

[43]  Ahmed Banafa,et al.  IoT and Blockchain Convergence: Benefits and Challenges , 2017 .

[44]  Gary B. Wills,et al.  Integration of Cloud Computing with Internet of Things: Challenges and Open Issues , 2017, 2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[45]  Ahmad-Reza Sadeghi,et al.  Security and privacy challenges in industrial Internet of Things , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[46]  Arnab Raha,et al.  Energy-efficient system design for IoT devices , 2016, 2016 21st Asia and South Pacific Design Automation Conference (ASP-DAC).

[47]  Duan Yong WSN Node Design and Communication Realization Based on ZigBee Protocol , 2007 .

[48]  Abdul Hanan Abdullah,et al.  Security Issues and Attacks in Wireless Sensor Network , 2014 .

[49]  Zheng Yan,et al.  SecIoT: a security framework for the Internet of Things , 2016, Secur. Commun. Networks.

[50]  Gary B. Wills,et al.  Developing an Adaptive Risk-Based Access Control Model for the Internet of Things , 2017, 2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[51]  Robert John Walters,et al.  Internet of Things: State-of-the-art, Challenges, Applications, and Open Issues , 2018, International Journal of Intelligent Computing Research.

[52]  M. Tahar Kechadi,et al.  Cloud forensics definitions and critical criteria for cloud forensic capability: An overview of survey results , 2013, Digit. Investig..

[53]  Gaitan Nicoleta Cristina,et al.  Gradual Development of an IoT Architecture for Real-World Things , 2015, 2015 IEEE European Modelling Symposium (EMS).

[54]  Nhien-An Le-Khac,et al.  Internet of Things Forensics - Challenges and a Case Study , 2018, IFIP Int. Conf. Digital Forensics.

[55]  Paul Sant,et al.  The Forensics Edge Management System: A Concept and Design , 2013, 2013 IEEE 10th International Conference on Ubiquitous Intelligence and Computing and 2013 IEEE 10th International Conference on Autonomic and Trusted Computing.

[56]  Mumbai,et al.  Internet of Things (IoT): A Literature Review , 2015 .

[57]  Kai Zhao,et al.  A Survey on the Internet of Things Security , 2013, 2013 Ninth International Conference on Computational Intelligence and Security.

[58]  Gary B. Wills,et al.  Experts reviews of a cloud forensic readiness framework for organizations , 2019, Journal of Cloud Computing.

[59]  Sriram Raghavan,et al.  Digital forensic research: current state of the art , 2012, CSI Transactions on ICT.

[60]  Nickson M. Karie,et al.  Towards an Integrated Digital Forensic Investigation Framework for an IoT-Based Ecosystem , 2018, 2018 IEEE International Conference on Smart Internet of Things (SmartIoT).

[61]  Geyong Min,et al.  Coordinate-Assisted Routing Approach to Bypass Routing Holes in Wireless Sensor Networks , 2017, IEEE Communications Magazine.

[62]  Hui Wang,et al.  The fog computing service for healthcare , 2015, 2015 2nd International Symposium on Future Information and Communication Technologies for Ubiquitous HealthCare (Ubi-HealthTech).

[63]  Qiu Xiao-ming Study on the Architecture and Key Technologies for Internet of Things , 2011 .

[64]  Zalak Dave,et al.  Optimizing power consumption in iot based wireless sensor networks using Bluetooth Low Energy , 2015, 2015 International Conference on Green Computing and Internet of Things (ICGCIoT).

[65]  Jan H. P. Eloff,et al.  Integrated digital forensic process model , 2013, Comput. Secur..

[66]  Jiafu Wan,et al.  Security in the Internet of Things: A Review , 2012, 2012 International Conference on Computer Science and Electronics Engineering.

[67]  Muhammad Waseem,et al.  A Critical Analysis on the Security Concerns of Internet of Things (IoT) , 2015 .

[68]  Sugata Sanyal,et al.  Survey of Security and Privacy Issues of Internet of Things , 2015, ArXiv.

[69]  V. Krotov The Internet of Things and new business opportunities , 2017 .

[70]  Robert John Walters,et al.  Fog Computing and the Internet of Things: A Review , 2018, Big Data Cogn. Comput..

[71]  Imrich Chlamtac,et al.  Internet of things: Vision, applications and research challenges , 2012, Ad Hoc Networks.

[72]  Juan Li,et al.  A Fog-Based Digital Forensics Investigation Framework for IoT Systems , 2018, 2018 IEEE International Conference on Smart Cloud (SmartCloud).