A Forensic Analysis of Home Automation Devices (FAHAD) Model: Kasa Smart Light Bulb and Eufy Floodlight Camera as Case Studies

The adoption of Internet of Things (IoT) devices is rapidly increasing with the advancement of network technology, these devices carry sensitive data that require adherence to minimum security practices. The adoption of smart devices to migrate homeowners from traditional homes to smart homes has been noticeable. These smart devices share value with and are of potential interest to digital forensic investigators, as well. Therefore, in this paper, we conduct comprehensive security and forensic analysis to contribute to both fields—targeting a security enhancement of the selected IoT devices and assisting the current IoT forensics approaches. Our work follows several techniques such as forensic analysis of identifiable information, including connected devices and sensor data. Furthermore, we perform security assessment exploring insecure communication protocols, plain text credentials, and sensitive information. This will include reverse engineering some binary files and manual analysis techniques. The analysis includes a data-set of home automation devices provided by the VTO labs: (1) the eufy floodlight camera, and (2) the Kasa smart light bulb. The main goal of the technical experiment in this research is to support the proposed model

Navigating the IoT landscape: Unraveling forensics, security issues, applications, research challenges, and future

Given the exponential expansion of the internet, the possibilities of security attacks and cybercrimes have increased accordingly. However, poorly implemented security mechanisms in the Internet of Things (IoT) devices make them susceptible to cyberattacks, which can directly affect users. IoT forensics is thus needed for investigating and mitigating such attacks. While many works have examined IoT applications and challenges, only a few have focused on both the forensic and security issues in IoT. Therefore, this paper reviews forensic and security issues associated with IoT in different fields. Future prospects and challenges in IoT research and development are also highlighted. As demonstrated in the literature, most IoT devices are vulnerable to attacks due to a lack of standardized security measures. Unauthorized users could get access, compromise data, and even benefit from control of critical infrastructure. To fulfil the security-conscious needs of consumers, IoT can be used to develop a smart home system by designing a FLIP-based system that is highly scalable and adaptable. Utilizing a blockchain-based authentication mechanism with a multi-chain structure can provide additional security protection between different trust domains. Deep learning can be utilized to develop a network forensics framework with a high-performing system for detecting and tracking cyberattack incidents. Moreover, researchers should consider limiting the amount of data created and delivered when using big data to develop IoT-based smart systems. The findings of this review will stimulate academics to seek potential solutions for the identified issues, thereby advancing the IoT field.Comment: 77 pages, 5 figures, 5 table

Blockchain based digital forensics investigation framework in the internet of things and social systems

The decentralised nature of blockchain technologies can well match the needs of integrity and provenances of evidences collecting in digital forensics across jurisdictional borders. In this work, a novel blockchain based digital forensics investigation framework in the Internet of Things (IoT) and social systems environment is proposed, which can provide proof of existence and privacy preservation for evidence items examination. To implement such features, we present a block enabled forensics framework for IoT, namely IoT forensic chain (IoTFC), which can offer forensic investigation with good authenticity, immutability, traceability, resilience, and distributed trust between evidential entitles as well as examiners. The IoTFC can deliver a gurantee of traceability and track provenance of evidence items. Details of evidence identification, preservation, analysis, and presentation will be recorded in chains of block. The IoTFC can increase trust of both evidence items and examiners by providing transparency of the audit train. The use case demonstrated the effectiveness of proposed method

Multinational perspectives on information technology from academia and industry

As the term \u27information technology\u27 has many meanings for various stakeholders and continues to evolve, this work presents a comprehensive approach for developing curriculum guidelines for rigorous, high quality, bachelor\u27s degree programs in information technology (IT) to prepare successful graduates for a future global technological society. The aim is to address three research questions in the context of IT concerning (1) the educational frameworks relevant for academics and students of IT, (2) the pathways into IT programs, and (3) graduates\u27 preparation for meeting future technologies. The analysis of current trends comes from survey data of IT faculty members and professional IT industry leaders. With these analyses, the IT Model Curricula of CC2005, IT2008, IT2017, extensive literature review, and the multinational insights of the authors into the status of IT, this paper presents a comprehensive overview and discussion of future directions of global IT education toward 2025

Exploring Cybertechnology Standards Through Bibliometrics: Case of National Institute of Standards and Technology

Cyber security is one of the topics that gain importance today. It is necessary to determine the basic components, basic dynamics, and main actors of the Cyber security issue, which is obvious that it will have an impact in many areas from social, social, economic, environmental, and political aspects, as a hot research topic. When the subject literature is examined, it has become a trend-forming research subject followed by institutions and organizations that produce R&D policy, starting from the level of governments. In this study, cybersecurity research is examined in the context of 5 basic cyber security functions specified in the cyber security standard (CSF) defined by the National Institute of Standards and Technology (NIST). It is aimed to determine the research topics emerging in the international literature, to identify the most productive countries, to determine the rankings created by these countries according to their functions, to determine the research clusters and research focuses. In the study, several quantitative methods were used, especially scientometrics, social network analysis (SNA) line theory and structural hole analysis. Statistical tests (Log-Likelihood Ratio) were used to reveal the prominent areas, and the text mining method was also used. we first defined a workflow according to the “Identify”, “Protect”, “Detect”, “Respond” and “Recover” setups, and conducted an online search on the Web of Science (WoS) to access the information on the publications on the relevant topics It is seen that actors, institutions and research create different densities according to various geographical regions in the 5 functions defined within the framework of cybersecurity. It is possible to say that infiltration detection, the internet of things and the concept of artificial intelligence are among the other prominent research focuses, although it is seen that smart grids are among the most prominent research topics. In the first clustering analysis we performed, we can say that 17 clusters are formed, especially when we look under the definition function. The largest of these clusters has 32 data points, so-called decision making models