Adding Digital Forensic Readiness as a Security Component to the IoT Domain

The unique identities of remote sensing, monitoring, self-actuating, self–adapting and self-configuring “things” in Internet of Things (IoT) has come out as fundamental building blocks for the development of “smart environments”. This experience has begun to be felt across different IoT-based domains like healthcare, surveillance, energy systems, home appliances, industrial machines, smart grids and smart cities. These developments have, however, brought about a more complex and heterogeneous environment which is slowly becoming a home to cyber attackers. Digital Forensic Readiness (DFR) though can be employed as a mechanism for maximizing the potential use of digital evidence while minimizing the cost of conducting a digital forensic investigation process in IoT environments in case of an incidence. The problem addressed in this paper, therefore, is that at the time of writing this paper, there still exist no IoT architectures that have a DFR capability that is able to attain incident preparedness across IoT environments as a mechanism of preparing for post-event response process. It is on this premise, that the authors are proposing an architecture for incorporating DFR to IoT domain for proper planning and preparing in the case of security incidents. It is paramount to note that the DFR mechanism in IoT discussed in this paper complies with ISO/IEC 27043: 2015, 27030:2012 and 27017: 2015 international standards. It is the authors’ opinion that the architecture is holistic and very significant in IoT forensics

Digital forensic readiness for wireless sensor network environments

The new and upcoming field of wireless sensor networking is unfortunately still lacking in terms of both digital forensics and security. All communications between different nodes (also known as motes) are sent out in a broadcast fashion. These broadcasts make it quite difficult to capture data packets forensically and, at the same time, retain their integrity and authenticity. The study presents several attacks that can be executed successfully on a wireless sensor network, after which the dissertation delves more deeply into the flooding attack as it is one of the most difficult attacks to address in wireless sensor networks. Furthermore, a set of factors is presented to take into account while attempting to achieve digital forensic readiness in wireless sensor networks. The set of factors is subsequently discussed critically and a model is proposed for implementing digital forensic readiness in a wireless sensor network. The proposed model is next transformed into a working prototype that is able to provide digital forensic readiness to a wireless sensor network. The main contribution of this research is the digital forensic readiness prototype that can be used to add a digital forensics layer to any existing wireless sensor network. The prototype ensures the integrity and authenticity of each of the data packets captured from the existing wireless sensor network by using the number of motes in the network that have seen a data packet to determine its integrity and authenticity in the network. The prototype also works on different types of wireless sensor networks that are in the frequency range of the network on which the prototype is implemented, and does not require any modifications to be made to the existing wireless sensor network. Flooding attacks pose a major problem in wireless sensor networks due to the broadcasting of communication between motes in wireless sensor networks. The prototype is able to address this problem by using a solution proposed in this dissertation to determine a sudden influx of data packets within a wireless sensor network. The prototype is able to detect flooding attacks while they are occurring and can therefore address the flooding attack immediately. Finally, this dissertation critically discusses the advantages of having such a digital forensic readiness system in place in a wireless sensor network environment. CopyrightDissertation (MSc)--University of Pretoria, 2012.Computer Scienceunrestricte

Digital forensics model of smart city automated vehicles challenges

The current cyber society is full of complications. Internet has brought so many convenient services to our society but Internet is also a mine field. Mass surveillance from smart phone to PC, from automated car to smart television, any online device seems could be turn to privacy breach toolkit. In order to protect privacy data, including PII, against Cyberstalking and other cybercrimes, a Digital Forensics Model is in progress served for Smart City Automated Vehicles. The proposed development is still on going. Here, an update is reported for discussions

A new digital forensics model of smart city automated vehicles

In the modern world, cyber societies are full of complications. The Internet has brought so many convenient services to our society but Internet is also a mine field. Mass surveillance from smart phone to PC, from automated car to smart television, any online device seems could be turn to privacy breach toolkit. In order to follow the GDPR (General Data Protection Regulation), protect privacy data, including PII (Personally Identifiable Information), against Cyberstalking and many other cybercrime challenges, a novel Digital Forensics Model served for Smart City Automated Vehicles has been developed working on investigating AAV (Autonomous Automated Vehicle) cases. The proposed development is reported to Big Data 2017. Here, we report the update for discussion

Functional Requirements for Adding Digital Forensic Readiness as a Security Component in IoT Environments

For every contact made on a digital device, a trace is left behind; this means that every digital device contains some form of electronic evidence that may be associated to the behaviour of the users in a given environment. This evidence can be used to prove or disprove facts if a cyber-incident is detected. However, the world has seen a shift on how devices communicate and connect as a result of increased devices and connectivity, which has led to the creation of “smart environments” where the Internet of Things (IoT) plays a key role. Still, we can harness this proliferation of digital devices and smart environments to Digital Forensic (DF) technology which might help to solve the puzzle of how proactive strategies can help to minimise the time and cost needed to conduct a digital investigation. This article introduces the Functional Requirements (FRs) and processes needed when Digital Forensic Readiness (DFR) process is employed as a security component in the IoT-based environment. The paper serves as a continuation of the initially proposed architecture for adding DFR as a security component to IoT environment. The aspects and claims presented in this paper can be used as basic building blocks for implementing DFR technologies that guarantee security in the IoT-based environment. It is worth noting again that the processes that have been defined in this paper comply with the ISO/IEC 27043: 2015 International Standard

IoT Forensics Readiness - influencing factors

The Internet of Things (IoT) is increasingly becoming a part of people’s lives and is progressively revolutionizing our lives and businesses. From a Digital Forensics (DF) point of view, this connection turns an IoT environment into a valuable source of evidence containing diverse artifacts that could significantly aid DF investigations. Therefore, DF must adapt to the characteristics of IoT Forensics (IoTF). With the increasing deployment of IoT, organizations are compelled to revise their approaches to planning, developing, and implementing Information Technology (IT) security strategies. The IoT presents new business opportunities but also simultaneously creates various challenges related to cyber-attacks and their resolution. For optimal preparedness in the face of future incidents, companies should consider implementing Forensics Readiness (FR). This paper thus examines the factors that influence IoT-FR within organizations. By systematically analyzing research efforts from 2010 to 2023, we identified the following factors influencing IoT-FR: (1) Legal Aspect, (2) Standardization Approach, (3) Technological Resource and Technique, (4) Management Process and (5) Human Factor. Furthermore, these influencing factors are not only considered individually but also in terms of the dependencies between them. This results in the creation of a holistic model including the interdependencies and influences of the factors to provide a novel overview and enhance the integrated perspective on IoT-FR. The knowledge of factors influencing the integration of IoT-FR into organizations is valuable. It thus can be of enormous importance, as it can save time and money in the event of a subsequent incident. Additionally, alongside these factors, various challenges, techniques, models, and frameworks are highlighted to offer profound insights into the relatively novel subject of IoT-FR and to inspire future research

Adding digital forensic readiness as a security component to the IoT domain

The unique identities of remote sensing, monitoring, self-actuating, self–adapting and self-configuring “things” in Internet of Things (IoT) has come out as fundamental building blocks for the development of “smart environments”. This experience has begun to be felt across different IoT-based domains like healthcare, surveillance, energy systems, home appliances, industrial machines, smart grids and smart cities. These developments have, however, brought about a more complex and heterogeneous environment which is slowly becoming a home to cyber attackers. Digital Forensic Readiness (DFR) though can be employed as a mechanism for maximizing the potential use of digital evidence while minimizing the cost of conducting a digital forensic investigation process in IoT environments in case of an incidence. The problem addressed in this paper, therefore, is that at the time of writing this paper, there still exist no IoT architectures that have a DFR capability that is able to attain incident preparedness across IoT environments as a mechanism of preparing for post-event response process. It is on this premise, that the authors are proposing an architecture for incorporating DFR to IoT domain for proper planning and preparing in the case of security incidents. It is paramount to note that the DFR mechanism in IoT discussed in this paper complies with ISO/IEC 27043: 2015, 27030:2012 and 27017: 2015 international standards. It is the authors’ opinion that the architecture is holistic and very significant in IoT forensics.http://ijaseit.insightsociety.orgam2018Computer Scienc

The Proceedings of 14th Australian Digital Forensics Conference, 5-6 December 2016, Edith Cowan University, Perth, Australia

Conference Foreword This is the fifth year that the Australian Digital Forensics Conference has been held under the banner of the Security Research Institute, which is in part due to the success of the security conference program at ECU. As with previous years, the conference continues to see a quality papers with a number from local and international authors. 11 papers were submitted and following a double blind peer review process, 8 were accepted for final presentation and publication. Conferences such as these are simply not possible without willing volunteers who follow through with the commitment they have initially made, and I would like to take this opportunity to thank the conference committee for their tireless efforts in this regard. These efforts have included but not been limited to the reviewing and editing of the conference papers, and helping with the planning, organisation and execution of the conference. Particular thanks go to those international reviewers who took the time to review papers for the conference, irrespective of the fact that they are unable to attend this year. To our sponsors and supporters a vote of thanks for both the financial and moral support provided to the conference. Finally, to the student volunteers and staff of the ECU Security Research Institute, your efforts as always are appreciated and invaluable. Yours sincerely, Conference Chair Professor Craig Valli Director, Security Research Institut