Forensic State Acquisition from Internet of Things (FSAIoT) : A general framework and practical approach for IoT forensics through IoT device state acquisition

Détails

ID Serval
serval:BIB_7CBC6F1B225C
Type
Actes de conférence (partie): contribution originale à la littérature scientifique, publiée à l'occasion de conférences scientifiques, dans un ouvrage de compte-rendu (proceedings), ou dans l'édition spéciale d'un journal reconnu (conference proceedings).
Collection
Publications
Titre
Forensic State Acquisition from Internet of Things (FSAIoT) : A general framework and practical approach for IoT forensics through IoT device state acquisition
Titre de la conférence
Proceedings of the 12th International Conference on Availability, Reliability and Security
Auteur⸱e⸱s
Meffert Christopher, Clark Devon, Baggili Ibrahim, Breitinger Frank
Editeur
ACM
Adresse
Reggio Calabria, Italy
ISBN
9781450352574
Statut éditorial
Publié
Date de publication
29/08/2017
Langue
anglais
Résumé
IoT device forensics is a difficult problem given that manufactured IoT devices are not standardized, many store little to no historical data, and are always connected; making them extremely volatile. The goal of this paper was to address these challenges by presenting a primary account for a general framework and practical approach we term Forensic State Acquisition from Internet of Things (FSAIoT). We argue that by leveraging the acquisition of the state of IoT devices (e.g. if an IoT lock is open or locked), it becomes possible to paint a clear picture of events that have occurred. To this end, FSAIoT consists of a centralized Forensic State Acquisition Controller (FSAC) employed in three state collection modes: controller to IoT device, controller to cloud, and controller to controller. We present a proof of concept implementation using openHAB – a device agnostic open source IoT device controller – and self-created scripts, to resemble a FSAC implementation. Our proof of concept employed an Insteon IP Camera as a controller to device test, an Insteon Hub as a controller to controller test, and a nest thermostat for a a controller to cloud test. Our findings show that it is possible to practically pull forensically relevant state data from IoT devices. Future work and open research problems are shared.
Mots-clé
Internet of Things, IoT State acquisition, IoT controllers, IoT forensic challenges, IoT forensics framework, IoT research
Création de la notice
06/05/2021 11:01
Dernière modification de la notice
06/05/2021 11:20
Données d'usage