A GENERIC FRAMEWORK FOR IOT FORENSIC INVESTIGATIO

Abstract

The advancement in technology along with the increase in the network bandwidth has not only given people the opportunity to be interconnected but devices as well. These devices that can now communicate with each other are now known as the Internet of Things (IoT). Since their inception, IoT devices have been on the rise and are now closely integrated with one’s daily life allowing one to perform tasks efficiently. Unfortunately, this increased usage of the IoT devices makes it a viable target for attackers which allows them not to compromise one but all the devices connected through the same network.A forensic investigator needs to carry out an investigation following an attack that enables the investigator to acquire the relevant digital evidence in a sound manner. This requires the use a framework that needs to be followed by the forensic investigator. This research is aimed at developing a generic forensic framework for the investigators, especially in the IoT forensics domain as IoT forensics is not a widely explored domain yet. The proposed forensic framework has been tested and verified by using an IoT device where evidence was gathered and results were obtained by following the framework. The proposed framework has been compared with four existing IoT forensic framework which shows that the framework contains steps that were not included in the existing frameworks. The framework will serve as an important guideline for the forensic investigators that are involved in investigations containing IoT devices.