Navigating the Complex Landscape of IoT Forensics: Challenges and Emerging Solutions
With the increasing proliferation of the Internet of Things (IoT) devices, digital forensics professionals face numerous challenges while investigating cybercrimes. The vast number of IoT devices, the heterogeneity of their formats, and the diversity of the data they generate make identifying and collecting relevant evidence a daunting task. This research paper explores the complex landscape of IoT forensics, highlighting the major challenges and emerging solutions. We start by listing the available digital forensics models and frameworks. We then delve into evidence management during IoT forensic investigation stages such as Identification, Acquisition, Preservation and Protection, Analysis and Correlation, Attack and Deficit Attribution and lastly, Presentation. Furthermore, we highlight the current challenges, open issues and major security and privacy concerns related to IoT forensics. Finally, we review state-of-the-art IoT forensics, exploring the possible solutions proposed in recent literature. Overall, this paper provides a comprehensive overview of the current IoT forensics ecosystem and the challenges and proposes the latest possible solutions, which are critical for ensuring the security and integrity of IoT-enabled critical infrastructures and can serve as a valuable resource for researchers and practitioners in the field.
[1] Aguado A., Lopez V., Lopez D., Peev M., Poppe A., Pastor A., Folgueira J., Martiin V., “The Engineering of Software-Defined Quantum Key Distribution Networks,” IEEE Communications Magazine, vol. 57, no. 7, pp. 20-26, 2019. doi: 10.1109/MCOM.2019.1800763.
[2] Alazab A., Khraisat A., and Singh S., “A Review on the Internet of Things (IoT) Forensics: Challenges, Techniques, and Evaluation of Digital Forensic Tools,” Digital Forensics-Challenges and New Frontiers
[Working Title]. IntechOpen, 2023. doi: 10.5772/intechopen.109840.
[3] Al-Masri E., Bai Y., and Li J., “A Fog-Based Digital Forensics Investigation Framework for Iot Systems,” in Procedings of the IEEE International Conference on Smart Cloud (SmartCloud), New York, pp. 196-201, 2018. DOI: 10.1109/SmartCloud.2018.00040
[4] Al-Mousa M., “Generic Proactive IoT Cybercrime Evidence Analysis Model for Digital Forensics,” in Procedings of the International Conference on Information Technology, Amman, pp. 654-659, 2021. doi: 10.1109/ICIT52682.2021.9491718.
[5] Amer O., Garg V., and Krawec W., “An Introduction to Practical Quantum Key Distribution,” IEEE Aerospace and Electronic Systems Magazine, vol. 36, no. 3, pp. 30-55, 2021. doi: 10.1109/MAES.2020.3015571.
[6] Amiroon S. and Fachkha C., “Digital Forensics and Investigations of the Internet of Things: A Short Survey,” in Procedings of the 3rd International Conference on Signal Processing and Information Security, Dubai, pp. 1-4, 2020. doi: 10.1109/ICSPIS51252.2020.9340150.
[7] Atlam H., Alenezi A., Alassafi M., Alshdadi A., and Wills G., “Security, Cybercrime and Digital Forensics for IoT,” Intelligent Systems Reference 502 The International Arab Journal of Information Technology, Vol. 20, No. 3A, Special Issue 2023 Library, pp. 551-577, 2019. doi: https://doi.org/10.1007/978-3-030-33596-0_22.
[8] Beebe N. and Clark J., “A Hierarchical, Objectives-Based Framework for The Digital Investigations Process,” Digit Investig, vol. 2, no. 2, pp. 147-167, 2005. https://doi.org/10.1016/j.diin.2005.04.002
[9] Brotsis S., Kolokotronis N., Limniotis K., Shiaeles S., Kavallieros D., Bellini E., and Pavué C., “Blockchain Solutions for Forensic Evidence Preservation in IoT Environments,” in Procedings of the IEEE Conference on Network Softwarization (NetSoft), Paris, pp. 110-114, 2019. doi: 10.1109/NETSOFT.2019.8806675.
[10] Canli H. and Toklu S., “AVL Based Settlement Algorithm and Reservation System for Smart Parking Systems in IoT-based Smart Cities,” The International Arab Journal of Information Technology,vol. 19, no. 5, pp. 793-801, 2022. https://doi.org/10.34028/iajit/19/5/11
[11] Empl P. and Pernul G., “Digital-Twin-Based Security Analytics for the Internet of Things,” Information, vol. 14, no. 2, pp. 95, 2023. doi: https://doi.org/10.3390/info14020095.
[12] Feng X., Dawam E., and Amin S., “Digital Forensics Model of Smart City Automated Vehicles Challenges,” 2017.
[13] Freiling F. and Schwittay B., “A Common Process Model for Incident Response and Computer Forensics,” IMF 2007: IT-Incident Management and IT-Forensics, pp. 1-18, 2007.
[14] Grobler C., Louwrens C., and Von Solms S., “A Multi-Component View of Digital Forensics,” in Procedings of the International Conference on Availability, Reliability, and Security, Krakow, pp. 647-652, 2010. DOI: 10.1109/ARES.2010.61
[15] Harbawi M. and Varol A.,“An Improved Digital Evidence Acquisition Model for The Internet of Things Forensic I: A Theoretical Framework,” in Proceedimgs of the 5th International Symposium on Digital Forensic and Security (ISDFS), Tirgu Mures, pp. 1-6, 2017. DOI: 10.1109/ISDFS.2017.7916508
[16] Houhamdi Z. and Athamena B., “Identity Identification And Management In The Internet of Things,” The International Arab Journal of Information Technology, vol. 17, no. 4A, pp. 645- 654, 2020. doi: https://doi.org/10.34028/iajit/17/4A/9
[17] Joshi R. and Pilli E., Fundamentals of Network Forensics, Springer, 2016.
[18] Kaushik K., Dahiya S., Bhardwaj A., and Maleh Y., Internet of Things and Cyber Physical Systems, CRC Press, 2022.
[19] Kebande V. and Ray I., “A Generic Digital Forensic Investigation Framework For Internet of Things,” in Procedings of the IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), pp. 356-362, Vienna, 2016. DOI: 10.1109/FiCloud.2016.57
[20] Khan M., Sajjad I., Tahir M., and Haseeb A., “IOT Application for Energy Management in Smart Homes,” Engineering Proceedings, vol. 20, no. 1, p. 43, 2022. doi: https://doi.org/10.3390/engproc2022020043.
[21] Khanpara P., Shah I., Tanwar S., Verma A., and Sharma R., “Toward the Internet of Things Forensics: A Data Analytics Perspective,” Security and Privacy, 2023. doi: https://doi.org/10.1002/spy2.306.
[22] Kumar A., Ottaviani C., Gill S., and Buyya R., “Securing The Future Internet of Things with Post-Quantum Cryptography,” Security and Privacy, 2022. doi: https://doi.org/10.1002/spy2.200.
[23] Kumar G., Saha R., Lal C., and Conti M., “Internet-of-Forensic (Iof): A Blockchain-Based Digital Forensics Framework for Iot Applications,” Future Generation Computer Systems, vol. 120, pp. 13-25, 2021.
[24] Lee H., Palmbach T., and Miller M., “Henry Lee’s Crime Scene Handbook,”Academic Press, 2001.
[25] Mrdovic S., “IoT Forensics,” Security of Ubiquitous Computing Systems, pp. 215-229, 2021. doi: https://doi.org/10.1007/978-3-030- 10591-4_13.
[26] Nieto A., Rios R., and Lopez J., “A Methodology for Privacy-Aware IoT-Forensics,” IEEE Trustcom/BigDataSE/ICESS, Sydney, pp. 626- 633, 2017. doi: 10.1109/Trustcom/BigDataSE/ICESS.2017.293
[27] Noura H., Salman O., Chehab A., and Couturier R., “DistLog: A distributed logging scheme for IoT forensics,” Ad Hoc Networks, vol. 98, pp. 102061, 2020, doi: https://doi.org/10.1016/j.adhoc.2019.102061.
[28] Oriwoh E. and Williams G., “Internet Of Things: The Argument for Smart Forensics,” in Handbook of Research on Digital Crime, Cyberspace Security, And Information Assurance, IGI Global, pp. 407-423, 2015.
[29] Oriwoh E., Jazani D., Epiphaniou G., and Sant P., “Internet of things forensics: Challenges and Approaches,” in Procedings of the 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, pp. 608-615, 2013. DOI:10.4108/icst.collaboratecom.2013.254159
[30] Perwej Y., Haq K., Parwej F., Mumdouh M. and Hassan M., “The Internet of Things (IoT) and its Application Domains,” International Journal of Computer Applications, vol. 182, pp. 36-49, Apr. 2019, doi: https://doi.org/10.5120/ijca2019918763.
[31] Quy V., Hau N., Anh D., and Ngoc L.,“Smart Healthcare IoT Applications Based on Fog Navigating the Complex Landscape of IoT Forensics: Challenges... 503 Computing: Architecture, Applications and Challenges,” Complex and Intelligent Systems, vol. 8, pp. 3805-3815, 2021. doi: https://doi.org/10.1007/s40747-021-00582-9.
[32] Renduchintala A., Jahan F., Khanna R., and Javaid A., “A Comprehensive Micro Unmanned Aerial Vehicle (UAV/Drone) Forensic Framework,” Digit Investig, vol. 30, pp. 52-72, 2019. https://doi.org/10.1016/j.diin.2019.07.002
[33] Saleh M., Othman S., Driss M., Al-dhaqm A., Ali A., Yafooz W., and Emara A., “A Metamodeling Approach for IoT Forensic Investigation,” Electronics, vol. 12, no. 3, pp. 524, 2023. doi: https://doi.org/10.3390/electronics12030524.
[34] Scheidt N. and Adda M., “Identification of IoT Devices for Forensic Investigation,” in Procedings of the IEEE 10th International Conference on Intelligent Systems (IS), Varna, Bulgaria, pp. 165-170, 2020. doi: 10.1109/IS48319.2020.9200150.
[35] Scheidt N., Adda M., Chateau L., and Kutlu Y., “Forensic Tools for IoT Device Investigations in regards to Human Trafficking,” in Procedings of the IEEE International Conference on Smart Internet of Things (SmartIoT), Jeju, pp. 1-7, 2021. doi: 10.1109/SmartIoT52359.2021.00010.
[36] Shrivastava R., Bashir B., and Hota C., “Attack Detection and Forensics Using Honeypot in IoT Environment,” in Procedings of the Distributed Computing and Internet Technology, Bhubaneswar, pp. 402-409, 2018. doi: https://doi.org/10.1007/978-3-030-05366-6_33.
[37] Stephenson P., “A Comprehensive Approach To Digital Incident Investigation,” Information Security Technical Report, vol. 8, no. 2, pp. 42-54, 2003.
[38] Stoyanova M., Nikoloudakis Y., Panagiotakis S., Pallis E., and Markakis E., “A Survey on The Internet of Things (Iot) Forensics: Challenges, Approaches, and Open Issues,” IEEE Communications Surveys and Tutorials, vol. 22, no. 2, pp. 1191-1221, 2020.
[39] Surange G. and Khatri P., “IoT Forensics: A Review on Current Trends, Approaches and Foreseen Challenges,” in Procedings of the 8th International Conference on Computing for Sustainable Global Development, New Delhi, pp. 909-913, 2021. DOI:10.1109/INDIACom51348.2021.00163
[40] Van Beek H., Van Eijk E., Van Baar R., Ugen M., Bodde J., and Siemelink A., “Digital Forensics as A Service: Game on,” Digit Investigation, vol. 15, pp. 20-38, 2015. https://doi.org/10.1016/j.diin.2015.07.004
[41] Xiao J., Li S., and Xu Q., “Video-Based Evidence Analysis And Extraction In Digital Forensic Investigation,” IEEE Access, vol. 7, pp. 55432- 55442, 2019. DOI: 10.1109/ACCESS.2019.2913648
[42] Zawoad S. and Hasan R., “Faiot: Towards Building A Forensics Aware Eco System For The Internet of Things,” in Procedings of the IEEE International Conference on Services Computing, New York, pp. 279-284, 2015. DOI: 10.1109/SCC.2015.46
[43] Zia T., Liu P., and Han W., “Application-Specific Digital Forensics Investigative Model In Internet of Things (Iot),” in Proceedings of the 12th International Conference on Availability, Reliability and Security, pp. 1-7, 2017. DOI:10.1145/3098954.3104052