A Generic Digital Forensic Investigation Framework for Internet of Things (IoT)

Although numerous researches have been carried on Internet of Things (IoT), little focus has been employed on how Digital Forensics (DF) techniques can be used to conduct Digital Forensic Investigations (DFIs) in IoT-based infrastructures. Up to this point, IoT has not fully adapted to DF techniques owing to the fact that the current DF tools and procedures are not able to meet the heterogeneity and distributed nature of the IoT infrastructures. As a result, gathering, examining and analysing potential evidence from IoT environments that may be used as admissible evidence in a court of law poses a challenge to DF investigators and Law Enforcement Agencies (LEA). Therefore, the problem addressed is that, at the time of writing this paper, there currently exist no accepted DF frameworks that can help to conduct DFIs in an IoT-based environment. Based on this premise, the authors have proposed a generic Digital Forensic Investigation Framework for IoT (DFIF-IoT) that is able to support future IoT investigative capabilities with a degree of certainty. The proposed framework includes the following advantage: It complies with the ISO/IEC 27043: 2015 which is an international standard for information technology, security techniques, incident investigation principles, and process. It is, therefore, the authors' opinion that if the proposed framework is successfully incorporated in future DF tool development, it will facilitate effective digital forensic crime investigation for IoT infrastructures.

[1]  Ramjee Prasad,et al.  Capability-based access control delegation model on the federated IoT network , 2012, The 15th International Symposium on Wireless Personal Multimedia Communications.

[2]  Erland Jonsson,et al.  Future threats to future trust , 2009 .

[3]  Jan H. P. Eloff,et al.  Integrated digital forensic process model , 2013, Comput. Secur..

[4]  Norita Md Norwawi,et al.  Internet of Things(IoT) digital forensic investigation model: Top-down forensic approach methodology , 2015, 2015 Fifth International Conference on Digital Information Processing and Communications (ICDIPC).

[5]  Joseph Almog Forensics as a proactive science. , 2014, Science & justice : journal of the Forensic Science Society.

[6]  Nicole Beebe,et al.  A hierarchical, objectives-based framework for the digital investigations process , 2005, Digit. Investig..

[7]  Gregory Epiphaniou,et al.  Internet of Things Forensics: Challenges and approaches , 2013, 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing.

[8]  Mark Pollitt,et al.  An Ad Hoc Review of Digital Forensic Models , 2007, Second International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE'07).

[9]  Angelos D. Keromytis,et al.  From the Aether to the Ethernet - Attacking the Internet using Broadcast Digital Television , 2014, USENIX Security Symposium.

[10]  Kim-Kwang Raymond Choo,et al.  Forensic-by-Design Framework for Cyber-Physical Cloud Systems , 2016, IEEE Cloud Computing.

[11]  Carsten Magerkurth,et al.  IoT Reference Model , 2013 .

[12]  Robert Rowlingson,et al.  A Ten Step Process for Forensic Readiness , 2004, Int. J. Digit. EVid..

[13]  Venansius Baryamureeba,et al.  The Enhanced Digital Investigation Process Model , 2004 .

[14]  Michael Friedewald,et al.  Privacy, identity and security in ambient intelligence: A scenario analysis , 2007, Telematics Informatics.

[15]  Eugene H. Spafford,et al.  An Event-Based Digital Forensic Investigation Framework , 2004 .

[16]  Aleksandar Valjarevic,et al.  A Comprehensive and Harmonized Digital Forensic Investigation Process Model , 2015, Journal of forensic sciences.

[17]  Ragib Hasan,et al.  FAIoT: Towards Building a Forensics Aware Eco System for the Internet of Things , 2015, 2015 IEEE International Conference on Services Computing.