SlideShare a Scribd company logo

IOT Forensic Challenges

A
AnukaJinadasa

The document discusses challenges and approaches related to Internet of Things (IoT) forensics. It notes that IoT forensics is a new area that faces several challenges including a lack of standardized methodology and tools. Evidence identification, collection, and preservation can be difficult due to the wide range of IoT device hardware and software specifications. Analysis and correlation of overwhelming amounts of IoT data is also challenging. The document reviews some potential approaches to IoT forensics including performing standard data acquisition, interface testing, and extracting firmware data. It also outlines frameworks for handling IoT forensics such as the 1-2-3 Zones approach and FAIoT model. Overall, the document illustrates that IoT forens

Technology
1 of 32
Download to read offline
INTERNET OF THINGS (IOT) FORENSICS CHALLENGES A. D. H Jinadasa IT18132410 CFIR – Assignment 2021
IOT ➢The Internet of Things (IoT) integrates various sensors, objects and smart nodes that are capable of communicating with each other without human intervention [1] i) wearable devices like smart watches, glasses or health monitoring systems. ii) smart home appliances like smart locks, sensors for temperature, gas or ambient light. iii) smart vehicles, drones and applications for industrial automation and logistics. ➢The worldwide IoT market: $1.7 trillion in 2020
IOT Forensics ➢The IoT Forensics could be perceived as a subdivision of the Digital Forensics. ➢ IoT Forensics is a relatively new and unexplored area. ➢The purpose of the IoT Forensics is similar to the one of the Digital Forensics, which is to identify and extract digital information in a legal and forensically sound manner.
The need of IOT forensics ➢Extensive attack surface Despite all the benefits and the wide prospects of IOT, some IOT technologies are particularly vulnerable to cyber-attacks. IoT devices with public interfaces are exposed to greater risk levels because they could bring a malware to the private network from a less secure public space [2]. ➢New cyber-physical security threats Using IoT technology, virtual crimes could step across the limit of cyberspace and threaten human life. E.g.: US FDA published a warning that certain pacemaker models are vulnerable to hacking . ➢Contains Digital traces IoT devices which is able prove or disprove certain hypothesis, and could, help the forensics professionals find answers and reconstruct the crime scene [3].
Challenges in IoT Forensics ➢The IoT Forensics field is encountering an array of challenges, none of which has a simple solution. ▪General Issues. ▪Evidence Identification, Collection and Preservation issues. ▪Evidence Analysis and Correlation. ▪Presentation
General Issues ➢Lack of a methodology and framework for IoT forensics. ➢There is a lack of appropriate tools for IoT forensics. Impact ➢ Could contaminate or destroy evidence. ➢Absence of common forensic model could jeopardize the trust and agreements in cross jurisdictional investigations.
Evidence Identification, Collection and Preservation issues ➢Detecting the presence of IoT systems, and identification of IoT devices that can provide evidence in an investigation. ➢Lack of training for first responders. ➢Wide range of software and/or hardware specifications. ➢Lifespan limitations
Evidence Identification, Collection and Preservation issues Impact ➢Data could be easily overwritten. ➢The responding officers often neglect or shut down the system directly, without first creating the necessary forensic image.
Evidence Analysis and Correlation ➢Overwhelming amount of data that an IoT system might produce. ➢Time Lining and Limited Correlation of Evidence. ➢Data provenance -Less certainty about data ownership and modification history. ➢Metadata – vast majority of IOT devices do not store any metadata.
Impact Evidence Analysis and Correlation ➢The amount can be overwhelming for an investigator and the tools used. ➢Creating a time-line can be challenging.
Presentation ➢Jury most probably has only basic understanding of cloud computing and forensics. ➢It would be a challenging task to explain to them the technicalities behind such a complex architecture in the very limited time of the trial. ➢Will the court accept the methodology and tools used since they are not yet standardized.
➢if an investigative body chooses unsuitable methods for acquisition it can harm the data integrity and can easily be challenged in Court due to omissions in the way of collection. Presentation Impact
IOT FORENSICS METHODS AND TOOLS ➢There are very few tools designed specifically for IOT forensics ➢There is no unique methodology to investigate in a IOT environment ➢None of the approaches has been widely accepted by the forensics community. ➢Most of the approaches are still of theoretical nature.
Perform standard data acquisition ➢Various proven techniques and procedures for Digital forensics are still applicable to IoT devices. ➢if an IoT device can be connected to a computer, the internal storage of the device can be forensically imaged. ➢Various Digital forensic tools are available to perform standard data acquisitions e.g.: ▪ FTK Imager ▪ X-ways forensics ▪ ENCASE ➢More practical and cost effective method [4], [5]
Limitations ➢In IoT forensics, where traditional investigative techniques & tools have a very low success rate. ➢Useless against Proprietary echo systems e.g.: apple, amazon. ➢Occasionally, formats of the collected data are invalid or vendor specific. Perform standard data acquisition
Interface testing ➢Most IoT devices have web interfaces. ➢Can get general knowledge of how the system works ➢By testing the interface investigators can validate whether the relevant digital evidence is present and its condition. ➢Investigators can identify any indicators of compromise. Limitations ➢Can lead to accidental contamination of evidence.
Oxygen Forensic Detective ➢Oxygen Forensic Detective is an all-in-one forensic software platform. ➢Able to extract, decode, and analyze data from multiple digital sources mobile and IoT devices, device backups, drones, and cloud service. ➢Oxygen Forensic offers data extraction from two popular IoT devices based on Amazon & Google. ➢Can performs logical acquisition from smart-wearables (apple watch, Fitbit, Samsung Health).
➢Its support for range of devices is limited. ➢It uses a brute force technique which can take a lot of time to complete the process. ➢Oxygen Forensic suite is very expensive. Oxygen Forensic Detective Limitations
Elcomsoft iOS Forensic Toolkit ➢Perform full file system and logical acquisition for Apple ecosystem devices. ➢The toolkit provides jailbreak-free forensic extraction ➢Inbuilt write blocker. ➢Only supports Apple devices Limitations
Firmware data extraction by JTAG ➢JTAG stands for Joint Test Action Group is a common hardware interface that provides a way to communicate directly with the chips on a board. ➢The port was initially designed for testing PCB (Printed Circuit Boards). ➢JTAG Forensics involves acquiring firmware data using standard Test Access Ports (TAPs). ➢Doesn’t require specific data cables for each make/model. ➢The data is transferred in a raw format. ➢Able to recover data from damaged devices. [5]
➢it’s difficult to find out the entire JTAG pin ➢Not all Devices have a JTAG enabled chip. ➢Forensics image creating process is slow. ➢Need expert knowledge in electronics. Firmware data extraction by JTAG Limitations
Firmware data extraction by UART ➢UART is Universal Asynchronous Receiver/Transmitter. ➢UART is a widely used method. ➢It is a hardware device which is a part of Integrated circuitry and used for serial communications. ➢UART converter translates serial data into readable data via USB. ➢Hardware complexity is low. [5]
➢It can accidently reset the devices to factory settings resulting in loss of data. ➢Size of a data frame is limited to 9 bits. Firmware data extraction by UART Limitations
Cloud-based IoT Forensic Toolkit ➢Alexa is a cloud based assistant, it manages through a mobile application or the web. ➢Previously, methods such as disassembling the Amazon Echo device and unofficial Alexa APIs to access cloud data were used. ➢Researchers utilized mobile applications and web browsers to retrieve additional artifacts from the client to automate this process of data collection, visualization and evaluation [8]
Cloud-based IoT Forensic Toolkit ➢New technology. ➢Concerns about evidence Integrity. Limitations
Future Developments ➢IoT forensics is a new area open for research. There is already a need for practical solutions to questions that arise during investigations that include IoT. ➢Therefore, researchers and forensics professionals work hard to present new tools and methodologies that could mitigate IOT forensic challenges.
The 1-2-3 Zones Approach ➢1-2-3 zones are correspond to three areas of IoT forensics: device, network and cloud. ➢This method makes it is easier to plan and systematize an IoT investigation. ➢Reduces the complexity and the timing of investigations, ➢All zones can be investigate in parallelly or a zone of greatest priority can be investigated first. [6]
IOTdots ➢IoTDots general architecture divides into two parts: IoTDots - Modifier (ITM) ▪ performs source code analysis of smart applications ▪ Detects relevant forensic information ▪ The tracing logs are stored in an IoT database IoTDots - Analyzer (ITA) ▪ uses the log information stored in the IoT database with data processing and machine learning techniques to perform forensic investigation. [1], [5], [6]
Forensics-aware model for the IoT (FAIoT) ➢The FAIoT paper [592] formally defined IoT forensics and listed its challenges. ➢Proposed a conceptual model for executing Digital Forensics in the IoT infrastructure. with a centralized trusted evidence repository to ease the process of evidence collection and analysis. [7] ➢The FAIoT consists of three parts: ▪ secure evidence preservation module. ▪ secure provenance module. ▪ access to evidence through an API.
Reference [1]Avoine, G. and Hernandez-Castro,J., n.d. Security of Ubiquitous Computing Systems. [2]R. C. Joshi and E. S. Pilli, Computer Communications and Networks Fundamentals of Network Forensics A Research Perspective. 2016. [3]D. Quick and K. K. R. Choo, ‘IoT Device Forensics and Data Reduction’, IEEE Access, vol. 6, pp. 47566–47574, 2018. [4]Slideshare.net. 2021. Iot forensics. [online] Available at: <https://www.slideshare.net/AbeisAb/iot-forensics-117926663. [5]Linkedin.com. 2021. Internet of Things Forensics: Challenges and Approaches. Evaluation of Digital Forensic Tools. [online] Available at: <https://www.linkedin.com/pulse/internet-things- forensics-challenges-approaches-tools-hamal-b-k [6] M. Stoyanova, Y. Nikoloudakis, S. Panagiotakis, E. Pallis and E. K. Markakis, "A Survey on the Internet of Things (IoT) Forensics: Challenges, Approaches, and Open Issues," in IEEE Communications Surveys & Tutorials, [7] S. Zawoad and R. Hasan, ‘FAIoT: Towards Building a Forensics Aware Eco System for the Internet of Things’, [8] Hyunji Chung, Jungheum Park, and Sangjin Lee. Digital forensic approaches for amazon alexa ecosystem. Digital Investigation, 22:S15–S25, 2017.
THANK YOU !!! Everything is connected...

Recommended

Iot forensics
Iot forensicsIot forensics
Iot forensicsAbeis Ab
 
Internet of Things Forensics
Internet of Things ForensicsInternet of Things Forensics
Internet of Things ForensicsAakashjit Bhattacharya
 
IOT Forensics
IOT ForensicsIOT Forensics
IOT ForensicsMuhammadAwaisQureshi6
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1Manu Mathew Cherian
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptxAmbuj Kumar
 
Mobile Forensics
Mobile Forensics Mobile Forensics
Mobile Forensics abdullah roomi
 
Digital forensics
Digital forensics Digital forensics
Digital forensics vishnuv43
 
IoT security
IoT securityIoT security
IoT securityYashKesharwani2
 

Recommended

Iot forensics
Iot forensicsIot forensics
Iot forensicsAbeis Ab
 
Internet of Things Forensics
Internet of Things ForensicsInternet of Things Forensics
Internet of Things ForensicsAakashjit Bhattacharya
 
IOT Forensics
IOT ForensicsIOT Forensics
IOT ForensicsMuhammadAwaisQureshi6
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1Manu Mathew Cherian
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptxAmbuj Kumar
 
Mobile Forensics
Mobile Forensics Mobile Forensics
Mobile Forensics abdullah roomi
 
Digital forensics
Digital forensics Digital forensics
Digital forensics vishnuv43
 
IoT security
IoT securityIoT security
IoT securityYashKesharwani2
 
Anti forensic
Anti forensicAnti forensic
Anti forensicMilap Oza
 
L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxBhupeshkumar Nanhe
 
Presentation on IOT SECURITY
Presentation on IOT SECURITYPresentation on IOT SECURITY
Presentation on IOT SECURITYThe Avi Sharma
 
Cyber Forensics & Challenges
Cyber Forensics & ChallengesCyber Forensics & Challenges
Cyber Forensics & ChallengesDeepak Kumar (D3)
 
A brief Intro to Digital Forensics
A brief Intro to Digital ForensicsA brief Intro to Digital Forensics
A brief Intro to Digital ForensicsManik Bhola
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
Computer Forensic
Computer ForensicComputer Forensic
Computer ForensicNovizul Evendi
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensicspranjal dutta
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic toolsSonu Sunaliya
 
Guideline for Call Data Record Analysis by Raghu Khimani
Guideline for Call Data Record Analysis by Raghu KhimaniGuideline for Call Data Record Analysis by Raghu Khimani
Guideline for Call Data Record Analysis by Raghu KhimaniDr Raghu Khimani
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranKoenig Solutions Ltd.
 
INTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSINTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSSylvain Martinez
 
Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics sunanditaAnand
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensicsprimeteacher32
 
Digital investigation
Digital investigationDigital investigation
Digital investigationunnilala11
 
Computer Forensics ppt
Computer Forensics pptComputer Forensics ppt
Computer Forensics pptOECLIB Odisha Electronics Control Library
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeAung Thu Rha Hein
 
Forensic audio
Forensic audioForensic audio
Forensic audioTejasvi Bhatia
 
Memory forensics
Memory forensicsMemory forensics
Memory forensicsSunil Kumar
 
Presentation about IoT in media and communication.pdf
Presentation about IoT in media and communication.pdfPresentation about IoT in media and communication.pdf
Presentation about IoT in media and communication.pdfezzAyman1
 
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...IRJET Journal
 

More Related Content

What's hot

Anti forensic
Anti forensicAnti forensic
Anti forensicMilap Oza
 
L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxBhupeshkumar Nanhe
 
Presentation on IOT SECURITY
Presentation on IOT SECURITYPresentation on IOT SECURITY
Presentation on IOT SECURITYThe Avi Sharma
 
A brief Intro to Digital Forensics
A brief Intro to Digital ForensicsA brief Intro to Digital Forensics
A brief Intro to Digital ForensicsManik Bhola
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic toolsSonu Sunaliya
 
Guideline for Call Data Record Analysis by Raghu Khimani
Guideline for Call Data Record Analysis by Raghu KhimaniGuideline for Call Data Record Analysis by Raghu Khimani
Guideline for Call Data Record Analysis by Raghu KhimaniDr Raghu Khimani
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranKoenig Solutions Ltd.
 
INTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSINTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSSylvain Martinez
 
Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics sunanditaAnand
 
Digital investigation
Digital investigationDigital investigation
Digital investigationunnilala11
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeAung Thu Rha Hein
 
Memory forensics
Memory forensicsMemory forensics
Memory forensicsSunil Kumar
 

What's hot (20)

Anti forensic
Anti forensicAnti forensic
Anti forensic
 
L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptx
 
Presentation on IOT SECURITY
Presentation on IOT SECURITYPresentation on IOT SECURITY
Presentation on IOT SECURITY
 
Cyber Forensics & Challenges
Cyber Forensics & ChallengesCyber Forensics & Challenges
Cyber Forensics & Challenges
 
A brief Intro to Digital Forensics
A brief Intro to Digital ForensicsA brief Intro to Digital Forensics
A brief Intro to Digital Forensics
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkit
 
Computer Forensic
Computer ForensicComputer Forensic
Computer Forensic
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensics
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic tools
 
Guideline for Call Data Record Analysis by Raghu Khimani
Guideline for Call Data Record Analysis by Raghu KhimaniGuideline for Call Data Record Analysis by Raghu Khimani
Guideline for Call Data Record Analysis by Raghu Khimani
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
 
INTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSINTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICS
 
Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensics
 
Digital investigation
Digital investigationDigital investigation
Digital investigation
 
Computer Forensics ppt
Computer Forensics pptComputer Forensics ppt
Computer Forensics ppt
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research Challenge
 
Forensic audio
Forensic audioForensic audio
Forensic audio
 
Memory forensics
Memory forensicsMemory forensics
Memory forensics
 

Similar to IOT Forensic Challenges

Presentation about IoT in media and communication.pdf
Presentation about IoT in media and communication.pdfPresentation about IoT in media and communication.pdf
Presentation about IoT in media and communication.pdfezzAyman1
 
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...IRJET Journal
 
Conceptual Study of Mobile Forensics
Conceptual Study of Mobile ForensicsConceptual Study of Mobile Forensics
Conceptual Study of Mobile Forensicsijtsrd
 
Technology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT SecurityTechnology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT SecurityCableLabs
 
Internet of Things - Recent developments and Trends
Internet of Things - Recent developments and TrendsInternet of Things - Recent developments and Trends
Internet of Things - Recent developments and TrendsDennis Jacob
 
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsMark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsStanford School of Engineering
 
A Smart Switch to Connect and Disconnect Electrical Devices at Home by using ...
A Smart Switch to Connect and Disconnect Electrical Devices at Home by using ...A Smart Switch to Connect and Disconnect Electrical Devices at Home by using ...
A Smart Switch to Connect and Disconnect Electrical Devices at Home by using ...IRJET Journal
 
A Brief Review on Internet of Things
A Brief Review on Internet of ThingsA Brief Review on Internet of Things
A Brief Review on Internet of ThingsIRJET Journal
 
IRJET - A Study on Smart Way for Securing IoT Devices
IRJET - A Study on Smart Way for Securing IoT DevicesIRJET - A Study on Smart Way for Securing IoT Devices
IRJET - A Study on Smart Way for Securing IoT DevicesIRJET Journal
 
Internet of Things-ppt.pptx
Internet of Things-ppt.pptxInternet of Things-ppt.pptx
Internet of Things-ppt.pptxSaonDey3
 
Deep Learning and Big Data technologies for IoT Security
Deep Learning and Big Data technologies for IoT SecurityDeep Learning and Big Data technologies for IoT Security
Deep Learning and Big Data technologies for IoT SecurityIRJET Journal
 
IRJET - Digital Forensics Analysis for Network Related Data
IRJET - Digital Forensics Analysis for Network Related DataIRJET - Digital Forensics Analysis for Network Related Data
IRJET - Digital Forensics Analysis for Network Related DataIRJET Journal
 
Crypto Mechanism to Provide Secure to the IOT Data
Crypto Mechanism to Provide Secure to the IOT DataCrypto Mechanism to Provide Secure to the IOT Data
Crypto Mechanism to Provide Secure to the IOT DataIRJET Journal
 
pres_drone_forensics_program.pptx
pres_drone_forensics_program.pptxpres_drone_forensics_program.pptx
pres_drone_forensics_program.pptxVolgaTC
 
Views and myths of IoT
Views and myths of IoTViews and myths of IoT
Views and myths of IoTAhmed Banafa
 
Internet of things (IoT)
Internet of things (IoT)Internet of things (IoT)
Internet of things (IoT)GOPAL BASAK
 
IoT Design Principles
IoT Design PrinciplesIoT Design Principles
IoT Design Principlesardexateam
 
Internet of things-blockchain lightweight cryptography to data security and ...
Internet of things-blockchain lightweight cryptography to data security and ...Internet of things-blockchain lightweight cryptography to data security and ...
Internet of things-blockchain lightweight cryptography to data security and ...IJECEIAES
 

Similar to IOT Forensic Challenges (20)

Presentation about IoT in media and communication.pdf
Presentation about IoT in media and communication.pdfPresentation about IoT in media and communication.pdf
Presentation about IoT in media and communication.pdf
 
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...
 
Conceptual Study of Mobile Forensics
Conceptual Study of Mobile ForensicsConceptual Study of Mobile Forensics
Conceptual Study of Mobile Forensics
 
Technology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT SecurityTechnology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT Security
 
Internet of Things - Recent developments and Trends
Internet of Things - Recent developments and TrendsInternet of Things - Recent developments and Trends
Internet of Things - Recent developments and Trends
 
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsMark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
 
A Smart Switch to Connect and Disconnect Electrical Devices at Home by using ...
A Smart Switch to Connect and Disconnect Electrical Devices at Home by using ...A Smart Switch to Connect and Disconnect Electrical Devices at Home by using ...
A Smart Switch to Connect and Disconnect Electrical Devices at Home by using ...
 
A Brief Review on Internet of Things
A Brief Review on Internet of ThingsA Brief Review on Internet of Things
A Brief Review on Internet of Things
 
IRJET - A Study on Smart Way for Securing IoT Devices
IRJET - A Study on Smart Way for Securing IoT DevicesIRJET - A Study on Smart Way for Securing IoT Devices
IRJET - A Study on Smart Way for Securing IoT Devices
 
180 184
180 184180 184
180 184
 
Internet of Things-ppt.pptx
Internet of Things-ppt.pptxInternet of Things-ppt.pptx
Internet of Things-ppt.pptx
 
Deep Learning and Big Data technologies for IoT Security
Deep Learning and Big Data technologies for IoT SecurityDeep Learning and Big Data technologies for IoT Security
Deep Learning and Big Data technologies for IoT Security
 
IRJET - Digital Forensics Analysis for Network Related Data
IRJET - Digital Forensics Analysis for Network Related DataIRJET - Digital Forensics Analysis for Network Related Data
IRJET - Digital Forensics Analysis for Network Related Data
 
Crypto Mechanism to Provide Secure to the IOT Data
Crypto Mechanism to Provide Secure to the IOT DataCrypto Mechanism to Provide Secure to the IOT Data
Crypto Mechanism to Provide Secure to the IOT Data
 
pres_drone_forensics_program.pptx
pres_drone_forensics_program.pptxpres_drone_forensics_program.pptx
pres_drone_forensics_program.pptx
 
Views and myths of IoT
Views and myths of IoTViews and myths of IoT
Views and myths of IoT
 
Internet of things (IoT)
Internet of things (IoT)Internet of things (IoT)
Internet of things (IoT)
 
Chapter 1.pdf
Chapter 1.pdfChapter 1.pdf
Chapter 1.pdf
 
IoT Design Principles
IoT Design PrinciplesIoT Design Principles
IoT Design Principles
 
Internet of things-blockchain lightweight cryptography to data security and ...
Internet of things-blockchain lightweight cryptography to data security and ...Internet of things-blockchain lightweight cryptography to data security and ...
Internet of things-blockchain lightweight cryptography to data security and ...
 

Recently uploaded

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 

Recently uploaded (20)

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 

IOT Forensic Challenges

  • 1. INTERNET OF THINGS (IOT) FORENSICS CHALLENGES A. D. H Jinadasa IT18132410 CFIR – Assignment 2021
  • 2. IOT ➢The Internet of Things (IoT) integrates various sensors, objects and smart nodes that are capable of communicating with each other without human intervention [1] i) wearable devices like smart watches, glasses or health monitoring systems. ii) smart home appliances like smart locks, sensors for temperature, gas or ambient light. iii) smart vehicles, drones and applications for industrial automation and logistics. ➢The worldwide IoT market: $1.7 trillion in 2020
  • 3. IOT Forensics ➢The IoT Forensics could be perceived as a subdivision of the Digital Forensics. ➢ IoT Forensics is a relatively new and unexplored area. ➢The purpose of the IoT Forensics is similar to the one of the Digital Forensics, which is to identify and extract digital information in a legal and forensically sound manner.
  • 4. The need of IOT forensics ➢Extensive attack surface Despite all the benefits and the wide prospects of IOT, some IOT technologies are particularly vulnerable to cyber-attacks. IoT devices with public interfaces are exposed to greater risk levels because they could bring a malware to the private network from a less secure public space [2]. ➢New cyber-physical security threats Using IoT technology, virtual crimes could step across the limit of cyberspace and threaten human life. E.g.: US FDA published a warning that certain pacemaker models are vulnerable to hacking . ➢Contains Digital traces IoT devices which is able prove or disprove certain hypothesis, and could, help the forensics professionals find answers and reconstruct the crime scene [3].
  • 5. Challenges in IoT Forensics ➢The IoT Forensics field is encountering an array of challenges, none of which has a simple solution. ▪General Issues. ▪Evidence Identification, Collection and Preservation issues. ▪Evidence Analysis and Correlation. ▪Presentation
  • 6. General Issues ➢Lack of a methodology and framework for IoT forensics. ➢There is a lack of appropriate tools for IoT forensics. Impact ➢ Could contaminate or destroy evidence. ➢Absence of common forensic model could jeopardize the trust and agreements in cross jurisdictional investigations.
  • 7. Evidence Identification, Collection and Preservation issues ➢Detecting the presence of IoT systems, and identification of IoT devices that can provide evidence in an investigation. ➢Lack of training for first responders. ➢Wide range of software and/or hardware specifications. ➢Lifespan limitations
  • 8. Evidence Identification, Collection and Preservation issues Impact ➢Data could be easily overwritten. ➢The responding officers often neglect or shut down the system directly, without first creating the necessary forensic image.
  • 9. Evidence Analysis and Correlation ➢Overwhelming amount of data that an IoT system might produce. ➢Time Lining and Limited Correlation of Evidence. ➢Data provenance -Less certainty about data ownership and modification history. ➢Metadata – vast majority of IOT devices do not store any metadata.
  • 10. Impact Evidence Analysis and Correlation ➢The amount can be overwhelming for an investigator and the tools used. ➢Creating a time-line can be challenging.
  • 11. Presentation ➢Jury most probably has only basic understanding of cloud computing and forensics. ➢It would be a challenging task to explain to them the technicalities behind such a complex architecture in the very limited time of the trial. ➢Will the court accept the methodology and tools used since they are not yet standardized.
  • 12. ➢if an investigative body chooses unsuitable methods for acquisition it can harm the data integrity and can easily be challenged in Court due to omissions in the way of collection. Presentation Impact
  • 13. IOT FORENSICS METHODS AND TOOLS ➢There are very few tools designed specifically for IOT forensics ➢There is no unique methodology to investigate in a IOT environment ➢None of the approaches has been widely accepted by the forensics community. ➢Most of the approaches are still of theoretical nature.
  • 14. Perform standard data acquisition ➢Various proven techniques and procedures for Digital forensics are still applicable to IoT devices. ➢if an IoT device can be connected to a computer, the internal storage of the device can be forensically imaged. ➢Various Digital forensic tools are available to perform standard data acquisitions e.g.: ▪ FTK Imager ▪ X-ways forensics ▪ ENCASE ➢More practical and cost effective method [4], [5]
  • 15. Limitations ➢In IoT forensics, where traditional investigative techniques & tools have a very low success rate. ➢Useless against Proprietary echo systems e.g.: apple, amazon. ➢Occasionally, formats of the collected data are invalid or vendor specific. Perform standard data acquisition
  • 16. Interface testing ➢Most IoT devices have web interfaces. ➢Can get general knowledge of how the system works ➢By testing the interface investigators can validate whether the relevant digital evidence is present and its condition. ➢Investigators can identify any indicators of compromise. Limitations ➢Can lead to accidental contamination of evidence.
  • 17. Oxygen Forensic Detective ➢Oxygen Forensic Detective is an all-in-one forensic software platform. ➢Able to extract, decode, and analyze data from multiple digital sources mobile and IoT devices, device backups, drones, and cloud service. ➢Oxygen Forensic offers data extraction from two popular IoT devices based on Amazon & Google. ➢Can performs logical acquisition from smart-wearables (apple watch, Fitbit, Samsung Health).
  • 18. ➢Its support for range of devices is limited. ➢It uses a brute force technique which can take a lot of time to complete the process. ➢Oxygen Forensic suite is very expensive. Oxygen Forensic Detective Limitations
  • 19. Elcomsoft iOS Forensic Toolkit ➢Perform full file system and logical acquisition for Apple ecosystem devices. ➢The toolkit provides jailbreak-free forensic extraction ➢Inbuilt write blocker. ➢Only supports Apple devices Limitations
  • 20. Firmware data extraction by JTAG ➢JTAG stands for Joint Test Action Group is a common hardware interface that provides a way to communicate directly with the chips on a board. ➢The port was initially designed for testing PCB (Printed Circuit Boards). ➢JTAG Forensics involves acquiring firmware data using standard Test Access Ports (TAPs). ➢Doesn’t require specific data cables for each make/model. ➢The data is transferred in a raw format. ➢Able to recover data from damaged devices. [5]
  • 21. ➢it’s difficult to find out the entire JTAG pin ➢Not all Devices have a JTAG enabled chip. ➢Forensics image creating process is slow. ➢Need expert knowledge in electronics. Firmware data extraction by JTAG Limitations
  • 22. Firmware data extraction by UART ➢UART is Universal Asynchronous Receiver/Transmitter. ➢UART is a widely used method. ➢It is a hardware device which is a part of Integrated circuitry and used for serial communications. ➢UART converter translates serial data into readable data via USB. ➢Hardware complexity is low. [5]
  • 23. ➢It can accidently reset the devices to factory settings resulting in loss of data. ➢Size of a data frame is limited to 9 bits. Firmware data extraction by UART Limitations
  • 24. Cloud-based IoT Forensic Toolkit ➢Alexa is a cloud based assistant, it manages through a mobile application or the web. ➢Previously, methods such as disassembling the Amazon Echo device and unofficial Alexa APIs to access cloud data were used. ➢Researchers utilized mobile applications and web browsers to retrieve additional artifacts from the client to automate this process of data collection, visualization and evaluation [8]
  • 25. Cloud-based IoT Forensic Toolkit ➢New technology. ➢Concerns about evidence Integrity. Limitations
  • 26. Future Developments ➢IoT forensics is a new area open for research. There is already a need for practical solutions to questions that arise during investigations that include IoT. ➢Therefore, researchers and forensics professionals work hard to present new tools and methodologies that could mitigate IOT forensic challenges.
  • 27. The 1-2-3 Zones Approach ➢1-2-3 zones are correspond to three areas of IoT forensics: device, network and cloud. ➢This method makes it is easier to plan and systematize an IoT investigation. ➢Reduces the complexity and the timing of investigations, ➢All zones can be investigate in parallelly or a zone of greatest priority can be investigated first. [6]
  • 28.
  • 29. IOTdots ➢IoTDots general architecture divides into two parts: IoTDots - Modifier (ITM) ▪ performs source code analysis of smart applications ▪ Detects relevant forensic information ▪ The tracing logs are stored in an IoT database IoTDots - Analyzer (ITA) ▪ uses the log information stored in the IoT database with data processing and machine learning techniques to perform forensic investigation. [1], [5], [6]
  • 30. Forensics-aware model for the IoT (FAIoT) ➢The FAIoT paper [592] formally defined IoT forensics and listed its challenges. ➢Proposed a conceptual model for executing Digital Forensics in the IoT infrastructure. with a centralized trusted evidence repository to ease the process of evidence collection and analysis. [7] ➢The FAIoT consists of three parts: ▪ secure evidence preservation module. ▪ secure provenance module. ▪ access to evidence through an API.
  • 31. Reference [1]Avoine, G. and Hernandez-Castro,J., n.d. Security of Ubiquitous Computing Systems. [2]R. C. Joshi and E. S. Pilli, Computer Communications and Networks Fundamentals of Network Forensics A Research Perspective. 2016. [3]D. Quick and K. K. R. Choo, ‘IoT Device Forensics and Data Reduction’, IEEE Access, vol. 6, pp. 47566–47574, 2018. [4]Slideshare.net. 2021. Iot forensics. [online] Available at: <https://www.slideshare.net/AbeisAb/iot-forensics-117926663. [5]Linkedin.com. 2021. Internet of Things Forensics: Challenges and Approaches. Evaluation of Digital Forensic Tools. [online] Available at: <https://www.linkedin.com/pulse/internet-things- forensics-challenges-approaches-tools-hamal-b-k [6] M. Stoyanova, Y. Nikoloudakis, S. Panagiotakis, E. Pallis and E. K. Markakis, "A Survey on the Internet of Things (IoT) Forensics: Challenges, Approaches, and Open Issues," in IEEE Communications Surveys & Tutorials, [7] S. Zawoad and R. Hasan, ‘FAIoT: Towards Building a Forensics Aware Eco System for the Internet of Things’, [8] Hyunji Chung, Jungheum Park, and Sangjin Lee. Digital forensic approaches for amazon alexa ecosystem. Digital Investigation, 22:S15–S25, 2017.
  • 32. THANK YOU !!! Everything is connected...