An Overview Diversity Framework for Internet of Things (IoT) Forensic Investigation

Randi Rizal - Siliwangi University, Tasikmalaya, Indonesia
Siti Selamat - Universiti Teknikal Malaysia Melaka, Melaka, Malaysia
Mohd. Mas’ud - Universiti Teknikal Malaysia Melaka, Melaka, Malaysia


Citation Format:



DOI: http://dx.doi.org/10.30630/joiv.7.2.1520

Abstract


The increasing utilization of IoT technology in various fields creates opportunities and risks for investigating all cybercrimes. At the same time, many research studies have concentrated on security and forensic investigations to collect digital evidence on IoT devices. However, until now, the IoT platform has not fully evolved to adjust the tools, methods, and procedures of IoT forensic investigations. The main reasons for investigators are the characteristics and infrastructure of IoT devices. For example, device number variations, heterogeneity, distribution of protocols used, data duplication, complexity, limited memory, etc. As a result, resulting is a tough challenge to identify, collect, examine, analyze, and present potential IoT digital evidence for forensic investigative processes effectively and efficiently. Indeed, there is not fully used and adapted international standard for the perfect IoT forensic investigation framework. In the research method, a literature review has been carried out by producing previous research studies that have contributed to further facing challenges. To keep the quality of the literature review, research questions (RQ) were conducted for all studies related to the IoT forensic investigation framework between 2015-2022. This research results highlight and provides a comprehensive overview of the twenty current IoT forensic investigation framework that has been proposed. Then, a summary or contribution is presented focusing on the latest research, grouping the forensic phases, and evaluating essential frameworks in the IoT forensic investigation process to obtain digital evidence. Finally, open research issues are presented for further research in developing IoT forensic investigative framework.


Keywords


An Overview; Internet of Things Forensics; IoT Framework; Digital Evidence.

Full Text:

PDF

References


S. Vashi, J. Ram, J. Modi, S. Verma, and C. Prakash, “Internet of Things (IoT): A vision, architectural elements, and security issues,†Proceedings of the International Conference on IoT in Social, Mobile, Analytics and Cloud, I-SMAC 2017, no. February 2017, pp. 492–496, 2017, doi: 10.1109/I-SMAC.2017.8058399.

E. S. Soegoto et al., “A systematic Literature Review of Internet of Things for Higher Education: Architecture and Implementation,†Indonesian Journal of Science and Technology, vol. 7, no. 3, pp. 511–528, 2022, doi: 10.17509/ijost.v7i3.51464.

A. Ghasempour, “Internet of things in smart grid: Architecture, applications, services, key technologies, and challenges,†Inventions, vol. 4, no. 1. MDPI Multidisciplinary Digital Publishing Institute, Mar. 01, 2019. doi: 10.3390/inventions4010022.

P. Sethi and S. R. Sarangi, “Internet of Things: Architectures, Protocols, and Applications,†Journal of Electrical and Computer Engineering, vol. 2017. Hindawi Publishing Corporation, 2017. doi: 10.1155/2017/9324035.

H. F. Atlam and G. B. Wills, “IoT Security, Privacy, Safety and Ethics,†in Internet of Things, Springer International Publishing, 2020, pp. 123–149. doi: 10.1007/978-3-030-18732-3_8.

H. Chi, T. Aderibigbe, and B. C. Granville, “A Framework for IoT Data Acquisition and Forensics Analysis,†in 2018 IEEE International Conference on Big Data (Big Data), IEEE, Dec. 2018, pp. 5142–5146. doi: 10.1109/BigData.2018.8622019.

T. Zia, P. Liu, and W. Han, “Application-Specific Digital Forensics Investigative Model in Internet of Things (IoT),†in ACM International Conference Proceeding Series, 2017, pp. 1–7. doi: 10.1145/3098954.3104052.

F. Bouchaud, G. Grimaud, and T. Vantroys, “IoT forensic: Identification and classification of evidence in criminal investigations,†in ACM International Conference Proceeding Series, Association for Computing Machinery, Aug. 2018. doi: 10.1145/3230833.3233257.

C. Meffert, D. Clark, I. Baggili, and F. Breitinger, “FSAIoT: A general framework and practical approach for IoT forensics through IoT device state acquisition,†in ACM International Conference Proceeding Series, Association for Computing Machinery, Aug. 2017. doi: 10.1145/3098954.3104053.

Shadi Al-Sarawi, Mohammed Anbar, Kamal Alieyan, and Mahmood Alzubaidi, “Internet of Things (IoT) Communication Protocols : Review,†in 8th International Conference on Information Technology (ICIT), 2017.

A. Vijaya Prakash, “A Study of Communication Protocols for Internet of Things (IoT) Devices: Review,†in Proceedings of the 3rd International Conference on Integrated Intelligent Computing, 2021.

M. Conti, A. Dehghantanha, K. Franke, and S. Watson, “Internet of Things security and forensics: Challenges and opportunities,†Future Generation Computer Systems, vol. 78. Elsevier B.V., pp. 544–546, Jan. 01, 2018. doi: 10.1016/j.future.2017.07.060.

M. Chernyshev, S. Zeadally, Z. Baig, and A. Woodward, “Internet of Things Forensics The Need, Process Models, and Open Issues,†IEEE Computer Society, IT Professional, 2018.

I. Yaqoob, I. A. T. Hashem, A. Ahmed, S. M. A. Kazmi, and C. S. Hong, “Internet of things forensics: Recent advances, taxonomy, requirements, and open challenges,†Future Generation Computer Systems, vol. 92, pp. 265–275, Mar. 2019, doi: 10.1016/j.future.2018.09.058.

V. R. Kebande and I. Ray, “A generic digital forensic investigation framework for Internet of Things (IoT),†in Proceedings - 2016 IEEE 4th International Conference on Future Internet of Things and Cloud, FiCloud 2016, Institute of Electrical and Electronics Engineers Inc., Sep. 2016, pp. 356–362. doi: 10.1109/FiCloud.2016.57.

A. Simonetta, L. Fazio, and M. C. Paoletti, “A Forensic Methodology for the Identification of Illicit Data Leakage,†in CEUR Workshop Proceedings , 2021, pp. 1–6.

E. Al-Masri, Y. Bai, and J. Li, “A fog-based digital forensics investigation framework for IoT systems,†in Proceedings - 3rd IEEE International Conference on Smart Cloud, SmartCloud 2018, Institute of Electrical and Electronics Engineers Inc., Oct. 2018, pp. 196–201. doi: 10.1109/SmartCloud.2018.00040.

Harbawi Malek and Varol Asaf, “An ImprovedDigital Evidence AcquisitionModelforthe Internet ofThingsForensic I:A TheoreticalFramework,†International Symposium on Digital Forensic and Security (ISDFS), 2017.

N. H. N. Zulkipli, A. Alenezi, and G. B. Wills, “IoT forensic: Bridging the challenges in digital forensic and the internet of things,†in IoTBDS 2017 - Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security, SciTePress, 2017, pp. 315–324. doi: 10.5220/0006308703150324.

M. S. Kirmani and M. T. Banday, “Digital Forensics in the Context of the Internet of Things,†in IGI Global, 2019, pp. 296–324. doi: 10.4018/978-1-5225-5742-5.ch011.

P. H. Rughani, “IoT Evidence Acquisition-Issues and Challenges,†Advances in Computational Sciences and Technology, vol. 10, no. 5, pp. 1285–1293, 2017.

T. Janarthanan, M. Bagheri, and S. Zargari, “IoT Forensics: An Overview of the Current Issues and Challenges,†in Advanced Sciences and Technologies for Security Applications, Springer, 2021, pp. 223–254. doi: 10.1007/978-3-030-60425-7_10.

T. Alam, “Cloud-based iot applications and their roles in smart cities,†Smart Cities, vol. 4, no. 3. MDPI, pp. 1196–1219, Sep. 01, 2021. doi: 10.3390/smartcities4030064.

M. E. Alex and R. Kishore, “Forensics framework for cloud computing,†Computers and Electrical Engineering, vol. 60, pp. 193–205, May 2017, doi: 10.1016/j.compeleceng.2017.02.006.

B. Kitchenham, “Procedures for Performing Systematic Reviews,†Keele University Technical Report TR/SE-0401, 2004.

B. Kitchenham et al., “Systematic literature reviews in software engineering – A tertiary study,†Inf Softw Technol, vol. 52, no. 8, pp. 792–805, 2010, doi: 10.1016/j.infsof.2010.03.006.

Ã. Macdermott, T. Baker, and Q. Shi, “IoT Forensics: Challenges For The IoA Era,†2018 9th IFIP International Conference on New Technologies, Mobility and Security, NTMS 2018 - Proceedings, 2018.

F. Servida and E. Casey, “IoT forensic challenges and opportunities for digital traces,†Digit Investig, vol. 28, pp. S22–S29, Apr. 2019, doi: 10.1016/j.diin.2019.01.012.

Y. Li and Q. Liu, “A comprehensive review study of cyber-attacks and cyber security; Emerging trends and recent developments,†Energy Reports, vol. 7, pp. 8176–8186, Nov. 2021, doi: 10.1016/j.egyr.2021.08.126.

E. Oriwoh, D. Jazani, G. Epiphaniou, and P. Sant, “Internet of Things Forensics: Challenges and Approaches,†2013. doi: 10.4108/icst.collaboratecom.2013.254159.

H. F. Atlam, E. El-Din Hemdan, A. Alenezi, M. O. Alassafi, and G. B. Wills, “Internet of Things Forensics: A Review,†Internet of Things, vol. 11, no. June, p. 100220, 2020, doi: 10.1016/j.iot.2020.100220.

S. Perumal, N. Md Norwawi, and V. Raman, “Internet of Things(IoT) digital forensic investigation model: Top-down forensic approach methodology,†in 2015 5th International Conference on Digital Information Processing and Communications, ICDIPC 2015, Institute of Electrical and Electronics Engineers Inc., Nov. 2015, pp. 19–23. doi: 10.1109/ICDIPC.2015.7323000.

S. Rahman, M. Bishop, and A. Holt, “Internet of Things Mobility Forensics,†in Information Security Research and Education (INSuRE) Conference, 2016.

N. D. Snehal Sathwara and E. Pricop, “IoT Forensic : A digital investigation framework for IoT systems,†2018 10th International Conference on Electronics, Computers and Artificial Intelligence (ECAI), no. June, pp. 1–9, 2018, doi: 10.1145/3230833.3233257.

S. Zawoad and R. Hasan, “FAIoT: Towards Building a Forensics Aware Eco System for the Internet of Things,†in Proceedings - 2015 IEEE International Conference on Services Computing, SCC 2015, Institute of Electrical and Electronics Engineers Inc., Aug. 2015, pp. 279–284. doi: 10.1109/SCC.2015.46.

L. Babun, A. K. Sikder, A. Acar, and A. S. Uluagac, “IoTDots: A Digital Forensics Framework for Smart Environments,†ArXiv, 2018.

M. Hossain, R. Hasan, and S. Zawoad, “Probe-IoT: A public digital ledger based forensic investigation framework for IoT,†INFOCOM 2018 - IEEE Conference on Computer Communications Workshops, pp. 1–2, 2018, doi: 10.1109/INFCOMW.2018.8406875.

N. K. Bharadwaj and U. Singh, Acquisition and Analysis of Forensic Artifacts from Raspberry Pi an Internet of Things Prototype Platform, vol. 707. Springer Singapore, 2019. doi: 10.1007/978-981-10-8639-7.

J. H. Ryu, P. K. Sharma, J. H. Jo, and J. H. Park, “A blockchain-based decentralized efficient investigation framework for IoT digital forensics,†Journal of Supercomputing, vol. 75, no. 8, pp. 4372–4387, Aug. 2019, doi: 10.1007/s11227-019-02779-9.

L. Sadineni, E. Pilli, and R. B. Battula, A HOLISTIC FORENSIC MODEL. Springer International Publishing, 2019. doi: 10.1007/978-3-030-28752-8.

M. J. Islam, M. Mahin, A. Khatun, B. C. Debnath, and S. Kabir, “Digital Forensic Investigation Framework for Internet of Things (IoT): A Comprehensive Approach,†1st International Conference on Advances in Science, Engineering and Robotics Technology 2019, ICASERT 2019, no. April, 2019, doi: 10.1109/ICASERT.2019.8934707.

M. Qatawneh, W. Almobaideen, M. Khanafseh, and I. AL Qatawneh, “DFIM: A New Digital Forensics Investigation Model For Internet Of Things (IoT),†Article in Journal of Theoretical and Applied Information Technology, vol. 31, p. 24, 2019.

N. Koroniotis, N. Moustafa, and E. Sitnikova, “A new network forensic framework based on deep learning for Internet of Things networks: A particle deep framework,†Future Generation Computer Systems, vol. 110, pp. 91–106, Sep. 2020, doi: 10.1016/j.future.2020.03.042.

M. Ahmed Saleh, S. Hajar Othman, M. Ahmad Al-Khasawneh, and A. Al-Dhaqm, “Common Investigation Process Model for Internet of Things Forensics,†in International Conference on Smart Computing and Electronic Enterprise, 2021.

H. Ahmed, S. Yousef, and A. Mohammad, “An Internet of Things (IoT) forensics model using third-party logs-vault,†in ACM International Conference Proceeding Series, Association for Computing Machinery, Apr. 2021, pp. 143–146. doi: 10.1145/3460620.3460746.

F. I. Fagbola and H. Venter, “Smart Digital Forensic Readiness Model for Shadow IoT Devices,†Applied Sciences (Switzerland), vol. 12, no. 2, Jan. 2022, doi: 10.3390/app12020730.

M. S. Mazhar et al., “Forensic Analysis on Internet of Things (IoT) Device Using Machine-to-Machine (M2M) Framework,†Electronics (Switzerland), vol. 11, no. 7, Apr. 2022, doi: 10.3390/electronics11071126.

C. Shin, P. Chandok, R. Liu, S. J. Nielson, and T. R. Leschke, “Potential forensic analysis of IoT data: An overview of the state-of-the-art and future possibilities,†in Proceedings - 2017 IEEE International Conference on Internet of Things, Institute of Electrical and Electronics Engineers Inc., Jan. 2018, pp. 705–710.

A. Nieto, R. Rios, and J. Lopez, “Iot-forensics meets privacy: Towards cooperative digital investigations,†Sensors (Switzerland), vol. 18, no. 2, Feb. 2018, doi: 10.3390/s18020492.

A. Nieto, R. Rios, and J. Lopez, “A Methodology for Privacy-Aware IoT-Forensics,†in 2017 IEEE Trustcom/BigDataSE/ICESS, IEEE, Aug. 2017, pp. 626–633. doi: 10.1109/Trustcom/BigDataSE/ICESS.2017.293.

E. Oriwoh and P. Sant, “The forensics edge management system: A concept and design,†Proceedings - IEEE 10th International Conference on Ubiquitous Intelligence and Computing, UIC 2013 and IEEE 10th International Conference on Autonomic and Trusted Computing, ATC 2013, pp. 544–550, 2013, doi: 10.1109/UIC-ATC.2013.71.

E. E. Hemdan and D. H. Manjaiah, “Cybercrimes Investigation and Intrusion Detection in Internet of Things Based on Data Science Methods,†pp. 39–62, 2018.

V. R. Kebande, “Cloud-Centric framework for isolating Big Data as Forensic Evidence from IoT Infrastructures,†2017.

M. B. Al Sadi, H. Wimmer, L. Chen, and K. Wang, “Improving the efficiency of big forensic data analysis using NoSQL,†International Conference on Mobile Multimedia Communications (MobiMedia), vol. 2017-July, pp. 240–248, 2017, doi: 10.475/eai.13-7-2017.2270344.

D. Quick and K. K. R. Choo, “IoT Device Forensics and Data Reduction,†IEEE Access, vol. 6, pp. 47566–47574, Aug. 2018, doi: 10.1109/ACCESS.2018.2867466.

S. Khare and M. Totaro, “Big Data in IoT,†2019 10th International Conference on Computing, Communication and Networking Technologies, ICCCNT 2019, no. July 2019, pp. 4–11, 2019, doi: 10.1109/ICCCNT45670.2019.8944495.

M. Jahidul Islam, M. Mahin, A. Khatun, B. Chandra Debnath, and S. Kabir, “Digital Forensic Investigation Framework for Internet of Things (IoT): A Comprehensive Approach,†1st International Conference on Advances in Science, Engineering and Robotics Technology 2019, ICASERT 2019, 2019, doi: 10.13140/RG.2.2.11356.03205.

J. Hou, L. Qu, and W. Shi, “A survey on internet of things security from data perspectives,†Computer Networks, vol. 148, pp. 295–306, 2019, doi: 10.1016/j.comnet.2018.11.026.

A. Alenezi, H. F. Atlam, R. Alsagri, M. O. Alassafi, and G. B. Wills, “IoT forensics: A state-of-the-art review, challenges and future directions,†COMPLEXIS 2019 - Proceedings of the 4th International Conference on Complexity, Future Information Systems and Risk, no. Complexis, pp. 106–115, 2019, doi: 10.5220/0007905401060115.

Ã. Macdermott, T. Baker, and Q. Shi, “Iot Forensics: Challenges for the Ioa Era,†2018 9th IFIP International Conference on New Technologies, Mobility and Security, NTMS 2018 - Proceedings, vol. 2018-Janua, pp. 1–5, 2018, doi: 10.1109/NTMS.2018.8328748.

Y. Chabot, A. Bertaux, C. Nicolle, and M. T. Kechadi, “A complete formalizedknowledge representation model for advanced digital forensics timeline analysis,†ArXiv, no. October, 2019.

D. Paul Joseph and J. Norman, An analysis of digital forensics in cyber security, vol. 815. Springer Singapore, 2019. doi: 10.1007/978-981-13-1580-0_67.

J. Xiao, “Video-Based Evidence Analysis and Extraction in Digital Forensic Investigation,†IEEE Access, vol. 7, no. C, pp. 55432–55442, 2019.

A. Shalaginov and K. Franke, Big data analytics by automated generation of fuzzy rules for Network Forensics Readiness, vol. 52. Elsevier B.V., 2017. doi: 10.1016/j.asoc.2016.10.029.

A. Krivchenkov, B. Misnevs, and D. Pavlyuk, Intelligent methods in digital forensics: State of the art, vol. 68. Springer International Publishing, 2019. doi: 10.1007/978-3-030-12450-2_26.

A. L. Buczak and E. Guven, “A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection,†IEEE Communications Surveys and Tutorials, vol. 18, no. 2, pp. 1153–1176, 2016, doi: 10.1109/COMST.2015.2494502.

M. Muniswamaiah, T. Agerwala, and C. Tappert, “Big Data in Cloud Computing Review and Opportunities,†International Journal of Computer Science and Information Technology, vol. 11, no. 4, pp. 43–57, Aug. 2019, doi: 10.5121/ijcsit.2019.11404.

R. Kumar and R. Sharma, “Leveraging blockchain for ensuring trust in IoT: A survey,†Journal of King Saud University - Computer and Information Sciences, vol. 34, no. 10. King Saud bin Abdulaziz University, pp. 8599–8622, Nov. 01, 2022. doi: 10.1016/j.jksuci.2021.09.004.

S. Nižetić, P. Šolić, D. López-de-Ipiña González-de-Artaza, and L. Patrono, “Internet of Things (IoT): Opportunities, issues and challenges towards a smart and sustainable future,†J Clean Prod, vol. 274, Nov. 2020, doi: 10.1016/j.jclepro.2020.122877.

M. Chernyshev, S. Zeadally, Z. Baig, and A. Woodward, “Internet of Things Forensics : The Need, Process Models, and Open Issues,†IT Prof, vol. 20, no. June, pp. 40–49, 2018, doi: 10.1109/MITP.2018.032501747.