Security Challenges and Cyber Forensic Ecosystem in IoT Driven BYOD Environment (original) (raw)
Related papers
DIGITAL FORENSIC READINESS FRAMEWORK BASED ON HONEYPOT AND HONEYNET FOR BYOD
Journal of Digital Forensics, Security and Law, 2021
The utilization of the internet within organizations has surged over the past decade. Though, it has numerous benefits, the internet also comes with its own challenges such as intrusions and threats. Bring Your Own Device (BYOD) as a growing trend among organizations allow employees to connect their portable devices such as smart phones, tablets, laptops, to the organization's network to perform organizational duties. It has gained popularity over the years because of its flexibility and cost effectiveness. This adoption of BYOD has exposed organizations to security risks and demands proactive measures to mitigate such incidents. In this study, we propose a Digital Forensic Readiness (DFR) framework for BYOD using honeypot technology. The framework consists of the following components: BYOD devices, Management, People, Technology and DFR. It is designed to comply with ISO/IEC 27043, detect security incidents/threats and collect potential digital evidence using low-and high-level interaction honeypots. Besides, the framework proffers adequate security support to the organization through space isolation, device management, crypto operations, and policies database. This framework would ensure and improve information security as well as securely preserve digital evidence. Embedding DFR into BYOD will improve security and enable an organization to stay abreast when handling a security incident.
Secured Communication Using Advanced Digital Forensic IoT
Rasel Ahmed, 2021
The internet of things (IoT) brings the power of the internet, data processing, and analytics to the physical world. Consumers will be able to communicate with the global information network without the use of a keyboard or screen; many of their daily objects and equipment will be able to take instructions from the network with minimal human interference.Due to the widespread applicability of the Internet of Things (IoT), it is critical that IoT designers and architects provide ensuring protection of communication in IoT as a key requirement. Communication in IoT is a new field of study concerned with ensuring safe coordination between smart sensors, actuators, and computers, as well as the external world, which makes up the IoT's overarching arena.IoT architecture must provide several features such as scalability, reliability, usability, availability, and flexibility so that applications that support both public and private entities can be developed. A precise specification of security criteria, as well as various security measures that must be implemented, will be critical to the IoT's success.This paper uses an innovative digital forensic technique for security enhancement to provide an overview of security and privacy aspects of IoT communications. In the investigation of IoT security violations, the researchers face a variety of obstacles. The difficulties are amplified by the fact that cloud service providers use advanced strategies such as virtualization and a multi-tenant usage model to efficiently assign resources to users.The proposed technique, which uses an innovative digital forensic approach, outlines an improved, accessible, and accurate method for determining the source of the crime and collecting evidence related to a security breach during contact.
Smart Digital Forensic Readiness Model for Shadow IoT Devices
Applied Sciences
Internet of Things (IoT) is the network of physical objects for communication and data sharing. However, these devices can become shadow IoT devices when they connect to an existing network without the knowledge of the organization’s Information Technology team. More often than not, when shadow devices connect to a network, their inherent vulnerabilities are easily exploited by an adversary and all traces are removed after the attack or criminal activity. Hence, shadow connections pose a challenge for both security and forensic investigations. In this respect, a forensic readiness model for shadow device-inclusive networks is sorely needed for the purposes of forensic evidence gathering and preparedness, should a security or privacy breach occur. However, the hidden nature of shadow IoT devices does not facilitate the effective adoption of the most conventional digital and IoT forensic methods for capturing and preserving potential forensic evidence that might emanate from shadow de...
Journal of Advanced Research in Applied Sciences and Engineering Technology 50, Issue 1 (2025) 121-135, 2024
The growing versatility of Internet of Things devices increases the possibility of multiple attacks occurring and being carried out continuously. The limited processing capabilities and memory capacity of Internet of Things devices pose challenges for security and forensic analysis in collecting and documenting various attacks targeting these devices during the forensic investigation process. Thus, forensic investigative analysis goes beyond expectations, offering a holistic understanding of the complex consequences arising from IoT device attacks that have occurred. These issues and challenges provide important insights into vulnerabilities, potential future threats, and steps to effectively increase the resilience of the IoT ecosystem against the evolving cyber-attack risk landscape. Apart from that, the large amount of IoT attack data generated raises several problems. Such as the difficulty of quickly identifying threats and in-depth forensic analysis of each very diverse attack. The implementation of artificial intelligence is a very useful solution in overcoming the forensic investigation challenges that arise due to IoT attacks with the enormous increase in data volume and complexity. Therefore, this research aims and proposes to improve the IoT forensic readiness framework by collecting and analyzing digital evidence in detecting various attacks from various IoT devices automatically based on an artificial intelligence approach and functioning as an early warning system. Enhanced the proposed IoT forensic readiness framework based on ISO/IEC 27043 serves as a prototype for detecting and collecting various types of attacks as potential digital evidence from various IoT devices, as well as effective forensic investigation of digital evidence with the utilization of smart repository.
Threats and Corrective Measures for IoT Security with Observance of Cybercrime: A Survey
Wireless Communications and Mobile Computing, 2021
Internet of Things (IoT) is the utmost assuring framework to facilitate human life with quality and comfort. IoT has contributed significantly to numerous application areas. The stormy expansion of smart devices and their credence for data transfer using wireless mechanics boost their susceptibility to cyberattacks. Consequently, the cybercrime rate is increasing day by day. Hence, the study of IoT security threats and possible corrective measures can benefit researchers in identifying appropriate solutions to deal with various challenges in cybercrime investigation. IoT forensics plays a vital role in cybercrime investigations. This review paper presents an overview of the IoT framework consisting of IoT architecture, protocols, and technologies. Various security issues at each layer and corrective measures are also discussed in detail. This paper also presents the role of IoT forensics in cybercrime investigation in various domains like smart homes, smart cities, automated vehicle...
International Journal of Digital Crime and Forensics
The Internet of Things (IoT) represents the seamless merging of the real and digital world, with new devices created that store and pass around data. Processing large quantities of IoT data will proportionately increase workloads of data centres, leaving providers with new security, capacity, and analytics challenges. Handling this data conveniently is a critical challenge, as the overall application performance is highly dependent on the properties of the data management service. This article explores the challenges posed by cybercrime investigations and digital forensics concerning the shifting landscape of crime – the IoT and the evident investigative complexity – moving to the Internet of Anything (IoA)/Internet of Everything (IoE) era. IoT forensics requires a multi-faceted approach where evidence may be collected from a variety of sources such as sensor devices, communication devices, fridges, cars and drones, to smart swarms and intelligent buildings.
Adding Digital Forensic Readiness as a Security Component to the IoT Domain
International Journal on Advanced Science, Engineering and Information Technology, 2018
The unique identities of remote sensing, monitoring, self-actuating, self-adapting and self-configuring "things" in Internet of Things (IoT) has come out as fundamental building blocks for the development of "smart environments". This experience has begun to be felt across different IoT-based domains like healthcare, surveillance, energy systems, home appliances, industrial machines, smart grids and smart cities. These developments have, however, brought about a more complex and heterogeneous environment which is slowly becoming a home to cyber attackers. Digital Forensic Readiness (DFR) though can be employed as a mechanism for maximizing the potential use of digital evidence while minimizing the cost of conducting a digital forensic investigation process in IoT environments in case of an incidence. The problem addressed in this paper, therefore, is that at the time of writing this paper, there still exist no IoT architectures that have a DFR capability that is able to attain incident preparedness across IoT environments as a mechanism of preparing for post-event response process. It is on this premise, that the authors are proposing an architecture for incorporating DFR to IoT domain for proper planning and preparing in the case of security incidents. It is paramount to note that the DFR mechanism in IoT discussed in this paper complies with ISO/IEC 27043: 2015, 27030:2012 and 27017: 2015 international standards. It is the authors' opinion that the architecture is holistic and very significant in IoT forensics.
The Internet of Things (IoT), a metaphor for smart, functional Cyberphysical Environments (CPE) is finding some usefulness in various sectors including healthcare, security, transportation and the Smart Home (SH). Within the IoT, objects potentially operate autonomously to provide specified services and complete assigned tasks. However, the introduction of new technologies and/or the novel application of existing ones usually herald the discovery of unfamiliar security vulnerabilities which lead to exploits and sometimes to security breaches. There is existing research which identifies IoT-related security concerns and breaches. This chapter discusses existing Digital Forensics (DF) models and methodologies for their applicability (or not) within the IoT domain using the SH as a case in point. The chapter also makes the argument for Smart forensics, the use of a smart autonomous system (tagged the Forensics Edge Management System (FEMS)) to provide forensic services within the self-managed CPE of the SH.
Threats and Corrective Measures for IoT Security with Observance to Cybercrime
arXiv (Cornell University), 2020
Internet of Things (IoT) is the utmost assuring framework to facilitate human life with quality and comfort. IoT has contributed significantly to numerous application areas. The stormy expansion of smart devices and their credence for data transfer using wireless mechanics boosts their susceptibility to cyber-attacks. Consequently, the rate of cybercrime is increasing day by day. Hence, the study of IoT security threats and possible corrective measures can benefit the researchers to identify appropriate solutions to deal with various challenges in cybercrime investigation. IoT forensics plays a vital role in cybercrime investigations. This review paper presents an overview of the IoT framework consisting of IoT architecture, protocols, and technologies. Various security issues at each layer and corrective measures are also discussed in detail. This paper also presents the role of IoT forensics in cybercrime investigation in various domains like smart homes, smart cities, automated vehicles, healthcare, etc. Along with, the role of advanced technologies like Artificial Intelligence, Machine Learning, Cloud computing, Edge computing, Fog computing, and Blockchain technology in cybercrime investigation are also discussed. At last, various open research challenges in IoT to assist cybercrime investigation are explained to provide a new direction for further research.
Navigating the Complex Landscape of IoT Forensics: Challenges and Emerging Solutions
The International Arab Journal of Information Technology
With the increasing proliferation of the Internet of Things (IoT) devices, digital forensics professionals face numerous challenges whilst investigating cybercrimes. The vast number of IoT devices, the heterogeneity of their formats, and the diversity of the data they generate make the identification and collection of relevant evidence a daunting task. In this research paper, we explore the complex landscape of IoT forensics, highlighting the major challenges and emerging solutions. We start by listing the available digital forensics models and frameworks. We then delve into evidence management during different IoT forensic investigation stages such as Identification, Acquisition, Preservation and Protection, Analysis and Correlation, Attack and Deficit Attribution and lastly Presentation. Furthermore, we highlight the current challenges, open issues and major security and privacy concerns related to IoT forensics. Finally, we review the state-of-the-art in IoT forensics, exploring ...