Adding Digital Forensic Readiness as a Security Component to the IoT Domain

Victor R Kebande, Nickson M Karie, H S Venter

Abstract


The unique identities of remote sensing, monitoring, self-actuating, self–adapting and self-configuring “things” in Internet of Things (IoT) has come out as fundamental building blocks for the development of “smart environments”. This experience has begun to be felt across different IoT-based domains like healthcare, surveillance, energy systems, home appliances, industrial machines, smart grids and smart cities. These developments have, however, brought about a more complex and heterogeneous environment which is slowly becoming a home to cyber attackers. Digital Forensic Readiness (DFR) though can be employed as a mechanism for maximizing the potential use of digital evidence while minimizing the cost of conducting a digital forensic investigation process in IoT environments in case of an incidence. The problem addressed in this paper, therefore, is that at the time of writing this paper, there still exist no IoT architectures that have a DFR capability that is able to attain incident preparedness across IoT environments as a mechanism of preparing for post-event response process. It is on this premise, that the authors are proposing an architecture for incorporating DFR to IoT domain for proper planning and preparing in the case of security incidents. It is paramount to note that the DFR mechanism in IoT discussed in this paper complies with ISO/IEC 27043: 2015, 27030:2012 and 27017: 2015 international standards. It is the authors’ opinion that the architecture is holistic and very significant in IoT forensics.

Keywords


Digital Forensic Readiness, Internet of Things, Architecture

Full Text:

PDF

References


Unknown (2015). Identifying the Technological Building Blocks in an Enterprise IoT Architecture. Available at: https://www.smartindustry.com/blog/smart-industry-connect/identifying-the-technological-building-blocks-in-an-enterprise-iot-architecture/ [Accessed June 03, 2016].

IoT-A, (2013). Internet-of-Things Architecture (IoT-A). Available at: http://www.iot a.eu/public [Accessed June 03, 2016].

IDC(2017) “Internet of Things spending 2017-2020: IoT industry drivers and investments”[online], Accessed February 2017. Available at-https://www.i-scoop.eu/internet-of-things-guide/iot-spending-2020/

N.M. Karie, and H.S. Venter, “Taxonomy of Challenges for Digital Forensics.” Journal of Forensic Sciences. Doi: 10.1111/1556-4029, 2015.

A.M. Desai, D. Fitzgerald, B. Hoanca, “Offering a digital forensics course in Anchorage”, Alaska. Inform Syst Edu J; Vol 7(35); http://isedj.org/7/35/, 2009

ISO/IEC 27043: 2015: Information technology -- Security techniques -- Incident investigation principles and processes

N.M. Karie, and H.S. Venter, “Toward a General Ontology for Digital Forensic Disciplines.” Journal of Forensic Sciences, Vol. 59, No. 5 Doi: 10.1111/1556-4029, 2014.

G. Mohay, “Technical challenges and directions for digital forensics. Proceedings of the First International Workshop on Systematic Approaches to Digital Forensic Engineering; 2005 Nov. 7–9; Taipei, Taiwan. Piscataway, NJ: IEEE Computer Society Publishers,;155–61, 2005.

M. Cobb, “Digital forensic investigation procedure: form a computer forensics policy”. http://www.computerweekly.com/tip/Digital-forensicinvestigation-procedure-Form-a-computer-forensics-policy [Accessed February 18, 2013].

E. Berthelsen, “Identifying the Major Technological Domains in an IoT Architecture.” Avilable online at: https://www.thingworx.com/blog/identifying-the-major-technological-domains-in-an-iot-architecture/ [Accessed June, 30th 2015]

E. Mohamed, B.M. Sean, A. Atif and L. Andrew, “Towards A Systemic Framework for Digital Forensic Readiness.” Journal of Computer Information Systems 54(3):97-105. DOI: 10.1080/08874417.2014.11645708, 2014.

T. Grobler and B. Louwrens, “Digital Forensic Readiness as a Component of Information Security Best Practice”, in IFIP International Federation for Information Processing, Volume 232, New Approaches for Security, Privacy and Trust in Complex Environments, eds, in Venter, H., Eloff, M., Labuschagne, L., Eloff, J., von Solms, R., (Boston: Springer), pp. 13-24, 2007.

A. Pooe, and L. Labuschagne, “A conceptual model for digital forensic readiness. Information Security for South Africa, Johannesburg, Gauteng. pp. 1-8, 2012”.

F.A.R. Abdul, A. Rabiah, and Z.M. Madihah, “Developing Forensic Readiness Secure Network Architecture for Wireless Body Area Network (WBAN).” International Journal of Security and Its Applications. Vol.8, No.5 pp.403-420. http://dx.doi.org/10.14257/ijsia.2014.8.5.35, 2014).

V. R. Kebande, and I. Ray, “A Generic Digital Forensic Investigation Framework for Internet of Things (IoT).” In Future Internet of Things and Cloud (FiCloud), 2016 IEEE 4th International Conference on (pp. 356-362). IEEE, 2016.

V. R. Kebande and H. S. Venter, “Novel digital forensic readiness technique in the cloud environment”, Australian Journal of Forensic Sciences, DOI: 10.1080/00450618.2016.1267797, 2017.

V. R. Kebande and H. S.Venter, “Towards a Model for Characterizing Potential Digital Evidence in the Cloud Environment during Digital Forensic Readiness Process.” In ICCSM2015-3rd International Conference on Cloud Security and Management: ICCSM2015 (p. 151). Academic Conferences and publishing limited, 2015.

O. Martikainen, J. Lipiäinen and K. Molin, “Tutorial on intelligent networks” Lappeenranta University of Technology, 1994.

V. R Kebande, N.M. Karie, Michael, A, Semaka, M & Venter, H.S(2017, Ma). How an IoT-enabled “Smart Refrigerator” can play a Clandestine Role in Perpetuating Cyber-crime. In IST-Africa, 2017 IEEE International Conference on. IEEE-To appear.

V. R. Kebande and H. S Venter, “Adding event reconstruction to a Cloud Forensic Readiness model.” In Information Security for South Africa (ISSA), 2015 (pp. 1-9). IEEE, 2015.

G. B. Satrya, H. T. Reda, K. J. Woo, P. T. Daely, U. K. Latif, S. Y. Shin and S.Chae, “IoT and Public Weather Data Based Monitoring & Control Software Development for Variable Color Temperature LED Street Lights.” International Journal on Advanced Science, Engineering and Information Technology, 7(2), 2017.

H. Z. Abidin, N. M. Din, N.A.M Radzi and Z. I Rizman, " A Review on Sensor Node Placement Techniques in Wireless Sensor Networks," International Journal on Advanced Science, Engineering and Information Technology, vol. 7, pp. 190–197, 2017.

Editya,A.S, Sumpeno, S. and Pratomo, I.,(2017).Performance of IEEE 802.14.5 and ZigBee protocol on realtime monitoring augmented reality based wireless sensor network system. International Journal of Advances in Intelligent Informatics.Vol.3, No 2,pp. 90-97




DOI: http://dx.doi.org/10.18517/ijaseit.8.1.2115

Refbacks

  • There are currently no refbacks.



Published by INSIGHT - Indonesian Society for Knowledge and Human Development