Internet of things forensics: Recent advances, taxonomy, requirements, and open challenges

Ibrar Yaqoob; Ibrahim Abaker Targio Hashem; Arif Ahmed; S. M.Ahsan Kazmi; Choong Seon Hong

doi:10.1016/j.future.2018.09.058

Internet of things forensics: Recent advances, taxonomy, requirements, and open challenges

Ibrar Yaqoob
, Ibrahim Abaker Targio Hashem
, Arif Ahmed
, S. M.Ahsan Kazmi
, Choong Seon Hong

Electrical Engineering

Research output: Contribution to journal › Article › peer-review

277 Scopus citations

Abstract

The explosive growth of smart objects and their dependency on wireless technologies for communication increases the vulnerability of Internet of Things (IoT) to cyberattacks. Cyberattacks faced by IoT present daunting challenges to digital forensic experts. Researchers adopt various forensic techniques to investigate such attacks. These techniques aim to track internal and external attacks by emphasizing on communication mechanisms and IoT's architectural vulnerabilities. In this study, we explore IoT's novel factors affecting traditional computer forensics. We investigate recent studies on IoT forensics by analyzing their strengths and weaknesses. We categorize and classify the literature by devising a taxonomy based on forensics phases, enablers, networks, sources of evidence, investigation modes, forensics models, forensics layers, forensics tools, and forensics data processing. We also enumerate a few prominent use cases of IoT forensics and present the key requirements for enabling IoT forensics. Finally, we identify and discuss several indispensable open research challenges as future research directions.

Original language	British English
Pages (from-to)	265-275
Number of pages	11
Journal	Future Generation Computer Systems
Volume	92
DOIs	https://doi.org/10.1016/j.future.2018.09.058
State	Published - Mar 2019

Keywords

Cybercrime
Cybersecurity
Internet of Things
Internet of Things forensics
Security
Smart city

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

10.1016/j.future.2018.09.058

Cite this

@article{c29714349c4342cd86eb25b73164c08e,

title = "Internet of things forensics: Recent advances, taxonomy, requirements, and open challenges",

abstract = "The explosive growth of smart objects and their dependency on wireless technologies for communication increases the vulnerability of Internet of Things (IoT) to cyberattacks. Cyberattacks faced by IoT present daunting challenges to digital forensic experts. Researchers adopt various forensic techniques to investigate such attacks. These techniques aim to track internal and external attacks by emphasizing on communication mechanisms and IoT's architectural vulnerabilities. In this study, we explore IoT's novel factors affecting traditional computer forensics. We investigate recent studies on IoT forensics by analyzing their strengths and weaknesses. We categorize and classify the literature by devising a taxonomy based on forensics phases, enablers, networks, sources of evidence, investigation modes, forensics models, forensics layers, forensics tools, and forensics data processing. We also enumerate a few prominent use cases of IoT forensics and present the key requirements for enabling IoT forensics. Finally, we identify and discuss several indispensable open research challenges as future research directions.",

keywords = "Cybercrime, Cybersecurity, Internet of Things, Internet of Things forensics, Security, Smart city",

author = "Ibrar Yaqoob and Hashem, \{Ibrahim Abaker Targio\} and Arif Ahmed and Kazmi, \{S. M.Ahsan\} and Hong, \{Choong Seon\}",

note = "Funding Information: This work was partially supported by Institute for Information communications Technology Promotion (IITP) grant funded by the Korea government (MSIT) (No. 2015-0-00557 , Resilient/Fault-Tolerant Autonomic Networking Based on Physicality, Relationship and Service Semantic of IoT Devices) and the MSIT (Ministry of Science and ICT), Korea , under the ITRC (Information Technology Research Center) support program ( IITP-2018-2013-1-00717 ) supervised by the IITP (Institute for Information \& communications Technology Promotion). Publisher Copyright: {\textcopyright} 2018 Elsevier B.V.",

year = "2019",

month = mar,

doi = "10.1016/j.future.2018.09.058",

language = "British English",

volume = "92",

pages = "265--275",

journal = "Future Generation Computer Systems",

issn = "0167-739X",

publisher = "Elsevier B.V.",

}

TY - JOUR

T1 - Internet of things forensics

T2 - Recent advances, taxonomy, requirements, and open challenges

AU - Yaqoob, Ibrar

AU - Hashem, Ibrahim Abaker Targio

AU - Ahmed, Arif

AU - Kazmi, S. M.Ahsan

AU - Hong, Choong Seon

N1 - Funding Information: This work was partially supported by Institute for Information communications Technology Promotion (IITP) grant funded by the Korea government (MSIT) (No. 2015-0-00557 , Resilient/Fault-Tolerant Autonomic Networking Based on Physicality, Relationship and Service Semantic of IoT Devices) and the MSIT (Ministry of Science and ICT), Korea , under the ITRC (Information Technology Research Center) support program ( IITP-2018-2013-1-00717 ) supervised by the IITP (Institute for Information & communications Technology Promotion). Publisher Copyright: © 2018 Elsevier B.V.

PY - 2019/3

Y1 - 2019/3

N2 - The explosive growth of smart objects and their dependency on wireless technologies for communication increases the vulnerability of Internet of Things (IoT) to cyberattacks. Cyberattacks faced by IoT present daunting challenges to digital forensic experts. Researchers adopt various forensic techniques to investigate such attacks. These techniques aim to track internal and external attacks by emphasizing on communication mechanisms and IoT's architectural vulnerabilities. In this study, we explore IoT's novel factors affecting traditional computer forensics. We investigate recent studies on IoT forensics by analyzing their strengths and weaknesses. We categorize and classify the literature by devising a taxonomy based on forensics phases, enablers, networks, sources of evidence, investigation modes, forensics models, forensics layers, forensics tools, and forensics data processing. We also enumerate a few prominent use cases of IoT forensics and present the key requirements for enabling IoT forensics. Finally, we identify and discuss several indispensable open research challenges as future research directions.

AB - The explosive growth of smart objects and their dependency on wireless technologies for communication increases the vulnerability of Internet of Things (IoT) to cyberattacks. Cyberattacks faced by IoT present daunting challenges to digital forensic experts. Researchers adopt various forensic techniques to investigate such attacks. These techniques aim to track internal and external attacks by emphasizing on communication mechanisms and IoT's architectural vulnerabilities. In this study, we explore IoT's novel factors affecting traditional computer forensics. We investigate recent studies on IoT forensics by analyzing their strengths and weaknesses. We categorize and classify the literature by devising a taxonomy based on forensics phases, enablers, networks, sources of evidence, investigation modes, forensics models, forensics layers, forensics tools, and forensics data processing. We also enumerate a few prominent use cases of IoT forensics and present the key requirements for enabling IoT forensics. Finally, we identify and discuss several indispensable open research challenges as future research directions.

KW - Cybercrime

KW - Cybersecurity

KW - Internet of Things

KW - Internet of Things forensics

KW - Security

KW - Smart city

UR - https://www.scopus.com/pages/publications/85055085692

U2 - 10.1016/j.future.2018.09.058

DO - 10.1016/j.future.2018.09.058

M3 - Article

AN - SCOPUS:85055085692

SN - 0167-739X

VL - 92

SP - 265

EP - 275

JO - Future Generation Computer Systems

JF - Future Generation Computer Systems

ER -

Internet of things forensics: Recent advances, taxonomy, requirements, and open challenges

Abstract

Keywords

UN SDGs

Access to Document

Other files and links

Fingerprint

Cite this