Abstract
Internet of Things (IoT) forensics is challenging, partly due to constant and rapid developments in the hardware and supporting software, as well as the underpinning infrastructure. This necessitates the development of a model that can be used to guide digital forensic investigations of IoT devices, while allowing flexibility to incorporate potential differences in (legal) requirements between jurisdictions. In this paper, we present one such forensic model, and describe how to set up an IoT testbed/lab to train new or inexperienced forensic investigators to examine devices and potential evidential sources. Finally, we evaluate the utility of our model using two case studies.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Kruse, W.G., Heiser, J.G.: Computer Forensics: Incident Response Essentials. Addison-Wesley (2002)
Lee, I., et al.: Challenges and research directions in medical cyber-physical systems. INSPEC Accession Numb. 12425479, 75–90 (2012)
Oriwoh, E., et al.: University of Bedforshire internet of things forensics: challenges and approaches (2013). https://doi.org/10.4108/icst.collaboratecom.2013.254159
Perumal, S., Norwawi, N.M., Raman, V.: Internet of things (IoT) digital forensic investigation model: top-down forensic approach methodology, pp. 1–5 (2015)
Goudbeek, A., Choo, K.-K.R., Le-Khac, N.-A.: A forensic investigation framework for smart home environment. In: 17th IEEE international conference on trust, security and privacy in computing and communications (IEEE TrustCom-18). New York, USA (August 2018). https://doi.org/10.1109/TrustCom/BigDataSE.2018.00201
Alabdulsalam, S., Schaefer, K., Kechadi, M.-T., Le-Khac, N.-A.: Internet of things forensics: challenges and case study. In: Peterson, G., Shenoi, S. (eds.) Advances in Digital Forensics XIV. Springer, New York, Berlin, Heidelberg. https://doi.org/10.1007/978-3-319-99277-8_3
Faheem, M., Le-Khac, N.-A., Kechadi, M.-T.: Smartphone forensics analysis: a case study for obtaining root access of an android samsung S3 device and analyse the image without an expensive commercial tool. J. Inf. Secur. 5(3), 83–90 (8 pages) (2014). http://dx.doi.org/10.4236/jis.2014.53009
Chen, L., Le‐Khac, N.-A., Schlepphorst, S., Xu, L.: Cloud forensics: model, challenges, and approaches. In: Chen, L., Takabi, H., Le-Khac, N.-A. (eds.) Security, Privacy, and Digital Forensics in the Cloud. High Education Press, Wiley Inc. (April 2019). https://doi.org/10.1002/9781119053385.ch10
Roder, A., Choo, K.-K.R., Le-Khac, N.-A.: Unmanned aerial vehicle forensic investigation process: Dji Phantom 3 drone as a case study. In: 13th annual ADFSL conference on digital forensics, security and law. Texas, USA (May 2018)
Lea, R., Blackstock, M.: City hub: a cloud-based IoT platform for smart cities. In: 2014 IEEE 6th international conference on cloud computing technology and science (CloudCom) (CLOUDCOM). Singapore, pp. 799–804 (2014)
TEDx Talks: How the IoT is making cybercrime investigation easier|Jonathan Rajewski|TEDxBuffalo (2016). Available online: https://trvision.net/detail/how-the-iot-is-making-cybercrime-investigation-easier-jonathan-rajewski-tedxbuffalo-9CemONO6vrY.html. Accessed on 12 Dec 2019
Introducing the Top Ten Dev Boards of 2017. Available online: https://www.arrow.com/en/research-and-events/articles/the-top-ten-development-platforms-dev-kits-for-2017. Accessed on 3 Nov 2019
JTAG Explained (finally!): Why “IoT” makers, software security folks, and device manufacturers should care-senrio (2018). Available online: http://blog.senr.io/blog/jtag-explained. Accessed on 3 Feb 2019
Raspbian. Available online: https://www.raspbian.org. Accessed on 2 Feb 2019
Windows 10 IoT Core. Available online: https://developer.microsoft.com/de-de/windows/iot. Accessed on 2 Feb 2019
RIOT-The friendly operating system for the internet of things. Available online: https://riot-os.org/. Accessed on Nov 2019
Android Things. Available online: https://developer.android.com/things/index.html. Accessed on Nov 2019
mbed, device to data platform. Available online: www.mbed.com/en. Accessed on Nov 2019
Nucleus RTOS. Available online: https://www.mentor.com/embedded-software/nucleus/. Accessed on 2 Feb 2019
Contiki: the open source operating system for the internet of things. Available online: http://www.contiki-os.org/. Accessed on June 2019
Autopsy. Available online: https://www.sleuthkit.org/autopsy/. Accessed on Nov 2019
EnCase forensic software—top digital investigations solution. Available online: https://www.guidancesoftware.com/encase-forensic. Accessed on Nov 2019
Forensic Toolkit (FTK)|AccessData. Available online: http://accessdata.com/solutions/digital-forensics/forensic-toolkit-ftk. Accessed on Nov 2019
MSAB—the pioneers of mobile forensics. Available online: https://www.msab.com/. Accessed on Nov 2019
Magnet Forensics AXIOM. Available online: https://www.magnetforensics.com/magnet-axiom/. Accessed on Dec 2019
Cloud Pets, attack on the mongo database. Available online: https://www.bbc.com/news/technology-39115001. Accessed on 27 Dec 2019
Le-Khac, N.-A., Jacobs, D., Nijhoff, J., Bertens, K., Choo, K.-K.R.: Smart vehicle forensics: challenges and case study. Future Generation of Computer Systems, Elsevier (July 2018). https://doi.org/10.1016/j.future.2018.05.081
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Hilgenberg, A., Duong, T.Q., Le-Khac, NA., Choo, KK.R. (2020). Digital Forensic Investigation of Internet of Thing Devices: A Proposed Model and Case Studies. In: Le-Khac, NA., Choo, KK. (eds) Cyber and Digital Forensic Investigations. Studies in Big Data, vol 74. Springer, Cham. https://doi.org/10.1007/978-3-030-47131-6_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-47131-6_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-47130-9
Online ISBN: 978-3-030-47131-6
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)