Despite the extensive empirical literature relating to the Internet of
Things (IoT), surprisingly few attempts have sought to establish the ways in
which digital forensics can be applied to undertake detailed examinations
regarding IoT frameworks. The existing
digital forensic applications have effectively held back efforts to
align the IoT with digital forensic strategies. This is because the forensic applications are ill-suited to
the highly complex IoT frameworks and would, therefore, struggle to
amass, analyze and test the necessary evidence that would be required by a
court. As such, there is a need to develop a suitable forensic framework to
facilitate forensic investigations in IoT settings. Nor has considerable
progress been made in terms of collecting and saving network and server logs from IoT settings to enable examinations.
Consequently, this study sets out to develop and test the FB system which is a
lightweight forensic framework capable of improving the scope of investigations
in IoT environments. The FB system can organize the management of various IoT
devices found in a smart apartment, all of which is controlled by the owner’s
smart watch. This will help to perform useful functions, automate the
decision-making process, and ensure that the system remains secure. A Java app is utilized to simulate the FB system,
learning the user’s requirements and security expectations when
installed and employing the MySQL server as a means of logging the
communications of the various IoT devices.
References
[1]
Say, M. (2014) How the Internet of Everything Transforms Traditional Industries, Forbes. https://www.forbes.com/sites/groupthink/2014/07/29/how-the-internet-of-everything-transforms-traditional-industries/?sh=7ceae99d2a1c
[2]
Foote, K.D. A Brief History of the Internet of Things, DATAVERSITY. http://www.dataversity.net/brief-history-internet-things/
[3]
Madakam, S., Ramaswamy, R. and Tripathi, S. (2015) Internet of Things (IoT): A Literature Review. Journal of Computer and Communications, 3, Article ID: 164173. https://doi.org/10.4236/jcc.2015.35021
[4]
Kosmatos, E.A., Tselikas, N.D. and Boucouvalas, A.C. (2011) Integrating RFIDs and Smart Objects into a Unified Internet of Things Architecture. Advances in Internet of Things: Scientific Research, 1, 5-12. https://doi.org/10.4236/ait.2011.11002
[5]
Sivaraman, V., Gharakheili, H.H., Vishwanath, A., Boreli, R. and Mehani, O. (2015) Network-Level Security and Privacy Control for Smart-Home IoT Devices. 2015 IEEE 11th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), Abu Dhabi, 19-21 October 2015, 163-167. https://doi.org/10.1109/WiMOB.2015.7347956
[6]
Zawoad, S. and Hasan, R. (2015) FAIoT: Towards Building a Forensics Aware Eco System for the Internet of Things. 2015 IEEE International Conference on Services Computing (SCC), New York, 27 June-2 July 2015, 279-284. https://doi.org/10.1109/SCC.2015.46
[7]
Perumal, N., Norwawi, M. and Raman, V. (2015) Internet of Things (IoT) Digital Forensic Investigation Model: Top-Down Forensic Approach Methodology. 2015 Fifth International Conference on Digital Information Processing and Communications (ICDIPC), Sierre, 7-9 October 2015, 19-23. https://doi.org/10.1109/ICDIPC.2015.7323000
[8]
Kebande, V.R. and Ray, I. (2016) A Generic Digital Forensic Investigation Framework for Internet of Things (IoT). 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (Fi-Cloud), Vienna, 22-24 August 2016, 356-362. https://doi.org/10.1109/FiCloud.2016.57
[9]
Nieto, A., Rios, R. and Lopez, J. (2017) A Methodology for Privacy-Aware IoT-Forensics. 2017 IEEE Trustcom/BigDataSE/ICESS, Sydney, 1-4 August 2017, 626-633. https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.293
[10]
Willers, O., Guajardo, J. and Seidel, H. (2016) MEMS Gyroscopes as Physical Unclonable Functions. ACM Conference on Computer and Communications Security (CCS), 591-602. https://doi.org/10.1145/2976749.2978295
[11]
Ho, G., Leung, D., Mishra, P., Hosseini, A., Song, D. and Wagner, D. (2015) Smart Locks: Lessons for Securing Commodity Internet of Things Devices. ACM ASIA Conference on Information, Computer and Communications Security (ASIA CCS), 461-472. https://doi.org/10.1145/2897845.2897886
[12]
Tian, Y., Zhang, N., Lin, Y.-H., Wang, X.F., Ur, B., Guo, X.Z. and Tague, P. (2017) SmartAuth: User-Centered Authorization for the Internet of Things. USENIX Security (USENIX), 361-378.