Major IOT research in JDFSL and/or “Digital Investigation”.
Major incidents in media.
Forensic implications given it are IoT, harder, easier???
Digital investigation includes several subjects related to security and crime all over the world. Primarily IoT crime includes crimes in major technology areas which are computers, mobile devices, cloud computing, tablets, RFID technologies and sensors. IOT forensics is majorly used in order to obtain digital evidence that is found in several IoT devices. Digital forensics is primarily a branch of forensic science that investigates and recovers the evidence which is found in digital devices. In this paper different aspects of IoT have been discussed along with the problem of cybercrime. Another important issue on which this study focuses on is several media incidents that are associated with the issue under study. Advantages and disadvantages of IoT and its impact on the Digital Forensics are been discussed in a detailed manner.
Different aspect of IoT
Internet of things is basically the connection of the various devices via a single network connected to various computing devices which are embedded in day-to-day using devices and objects so that there can be exchange of information between the devices. Internet of things is considered to be one of the most important technological criteria that is being followed and used in almost all major businesses. It has become a matter of importance in every technological industry. Before considering and implementing internet of things, it is important to give importance to the various aspects of IoT (Al-Fuqaha, Guizani, Mohammadi, Aledhari & Ayyash, 2015). Some of these aspects are:
Requirement of IoT infrastructure
The basic requirement of any IoT infrastructure does not mandatorily requires devices that have the ability and capacity to perform ‘smart’ activities. IoT being a network base can be applied to any to business and its legacy system. With the help of sensors, the legacy system of any business can be made smarter.
In order to conduct data collection, initially all the devices that are linked to IoT needs to be connected with the help of sensors. Once the connection has been made with the help of a single network, the data is collected from the different devices which are connected to a single main location and then those data are processed (Perera, Zaslavsky, Christen & Georgakopoulos, 2014).
Monitoring and management of devices
Monitoring of the computing devices are important and is a tedious work that is to be done. With the using of IoT, continuous monitoring of the devices becomes easier and possible. IoT allows the customer to use its services by allowing the accessing of information with the help of remote technical support.
IoT and human connection
The implementation of Internet of things allows the businesses to give more opportunities for the recruitment of more employees, thus it can be said that IT is more like a companion for the various workers and employees. IoT makes the working of the employees on various aspects easier and less time consuming.
Operating system for IoT
Even though IoT helps in reducing time and makes working easier, the working and running of IoT requires specialized operating system because various devices are used in the implementation of IoT like sensors, microcontrollers and processors. These requirements cannot be fulfilled by any traditional operating system and will end up in more maintenance cost (Borgia, 2014).
The exchanging of information is usually and most often get ignored. This is one of the most important criteria that makes IT an useful devices on a higher context. It is an issue because in a collection of many devices it becomes difficult for the users to handle all the devices using a different interface. So, a common mechanism and a system is required that allows the testing of API where the users are to take and give resources and information from the devices.
The model host for the Internet of things can be divided into on-premises, private cloud and public cloud. The hosting of the model means the accumulation of storage and providing access to the data that has been collected from the various device that are connected.
Implementing an IoT involves the using of various protocols. Instead of using one OSI model layer for every protocol, a varied category of protocols can be used. Some of which are data protocol, device management protocol, identification protocol, semantic protocol, discovery protocol, multi layer framework protocol and many others (Wortmann & Fluchter, 2015).
Cost of implementation
An IoT will be implemented in any business or not, depends on the cost of implementation. As expenditure and cost are the most important factor for any organization. Most of the costs that gets accounted while the installation of IoT devices takes place, is on the upgrading of the infrastructure, getting the devices which are IoT ready, installation costs and many other costs that are important to be considered.
Security of IoT
All the connected devices and the network of Iot needs to be protected from any intruder so that the data is not revealed to the outside world. The privacy of the data is important because if any of the important data gets leaked to the hands of any cyber criminal, then it can be a matter of concern for the organization. As these information can be used to cause harm to the organization, thus security of IoT is important and mandatory. Another reason is that the when IT is used, all the devices are connected using a common network, thus imposing more threats to the safety of the systems and information.
When many devices are connected, the amount of information that is to collected and used are in huge in number. So, the processing of the data becomes difficult but with the use of IoT analytics, all such data will be processed with the help of data science and presented meaningfully by data visualization tools. Companies usually struggle to retrieve the required data to create the required information. Thus, IoT benefits the companies from these aspects and helps in identifying the data and make proper use of them.
Digital investigation can be described as a process that describes the digital states and events of digital forensic. It is basically a branch of forensic science that recovers and investigates the various materials that are found in the digital devices. Digital investigation is mostly related to computer crime. Digital investigation is based on a very wide subject that is mostly related to cyber crime or digital crime and looks into the security of the digitized objects in the world of technology. Digital investigation involves various factors that is meant to be kept in mind while conducting the process of investigation. The main concern in digital investigation is the digital evidence that is authentic and integrated. There are various challenges and lessons that are learned while conducting an investigation (Ko & Zaw, 2015). A few of those can be described as:
Research and development
The research and development of the forensic science, computer science, artificial science and intelligence are termed to be applied to the digital evidence and multimedia. Adoption of new methods to deal with the challenges that occur in the analysis of digital evidence and the exploitation of specific technologies, thus responding to incidents within a computer security context (Sang, 2013).
Cyber-risk management refers to the usage of better and innovative ways to make use of the digital evidence in order to address the security breaches that involves various information system and performs cyber threat intelligence. In order to draw the conclusion after the incident has occurred, the various techniques and finding of digital investigation are important and mandatory (Quick & Choo, 2013).
These reports are mandatory to investigate the various case studies and describe the practitioner's way of dealing with the opportunities and challenges in cyber crime and security of computers. These reports also include various improved methods of conduction of effective and efficient digital investigation (Sang, 2013).
Due to effective media coverage people are well aware of the tremendous number of security breaches which are taking place in recent years. Various corporations such as Neiman Marcus, Home Depot, Sony and Ashley Madison have been affected highly with such issues. Mostly, the cyber criminals gain access to millions of personally identified data records majorly social security numbers and credit card details. This kind of data violation leads to the issue of identity theft.
Some of the alarming IoT security breaches are discussed as following:
Steel mills incident:
BSI or Germany’s Federal office for Information Security has issued a recent report according to which a report confirmed that a number of hackers have breached a steel plant in their homeland. These hackers have compromised several systems which includes components of the production network. Resultant to this the mill personnel could not shut down a blast furnace when it was essential to do so. This incident resulted as a massive damage to the system. According to the mill personnel this breach could have been planned and perpetrated by any of the former disgruntled employees of the mill (Williams & McCauley, 2016).
In June 2015 Congressional Research Service or CRS has reported that number of attacks on the U.S power grid system are increasing in an alarming manner. These attacks are originated by the hackers who are putting forth tremendous efforts in order to penetrate the critical systems and implant malicious software into the system which can ensure nationwide crisis. These attackers successfully harmed U.S Department of Energy computer systems more than 150 time in a short span of time between 2010 to 2014.
2012 breach related to building infrastructure:
Recently the Department of Homeland Security has informed a 2012 breach in which the cybercriminals successfully penetrated the thermostats of the state government facility and a plant of New Jersey ( www.linkedin.com , 2017). The vulnerabilities of the industrial heating systems had been exploited by the criminals and the temperature of the building continuously changed due its connectivity with the internet.
According to a recent news reports the hospital network of the University of California had been attacked by a number of criminals. These cyber criminals accessed their computers that contains sensitive reports of almost 4.5 million people. This alarming incident indicates that the criminals can further extract the personal data of the people. In order to prevent such incidents US FDA has directed hospitals to mitigate the use of Hospira Symbiq Infusion System as it is highly accessible to the hackers and also allows the unauthorized users to control the device. Therefore, it can create hazards in the process of critical patient treatment.
A 2014 Reuter’s report identified an alarming incident in which the cyber criminals have successfully shut down a floating oil rig by tilting the rig along with this another rig which was riddled by the computer malware that it took nineteen days to recover and make it seaworthy again. Although the number of attacks at sea is remarkably lower but the industry can be the primary target of the attackers in next few years because of its size and scale. 90% of the global trade is apparently sea bound and such malicious attacks can affect the worldwide economy ( www.linkedin.com , 2017).
IoT impact on Digital Forensics
Discussions related to IoT focus typically on the benefits, applications and privacy but there are a lot of things to talk about regarding this issue. It is pertinent today that the need to develop an adaptable, intelligent forensic methodology that can help the IoT related crimes (Perumal, Norwawi & Raman, 2015).
Digital forensics is gradually growing and it is successfully resolving several IoT related crimes (Sang, 2013). Primarily this particular genre of Forensics prevalently identifies, analyses, preserves and presents the digital evidence to the court of law. In order to do so it uses different accredited tools and well defined principles (Al Mutawa, Bryce,Franqueira & Marrington, 2015).
IoT forensics consists of more areas of interest than traditional Forensics. Along with the traditional network types such as wired, wireless, mobile and WiFi it also has RFID sensor network(Al Mutawa, Bryce,Franqueira & Marrington, 2015). During any investigation different Software appliances medical devices and tags are considered to be sources of evidence.
The dynamic nature of IoT solutions has introduced several new methods of investigating IoT crime. Evidences can be gathered through different sources such as:
Several evidence that are collected from the hardware and software devices which helps in providing communication among smart devices and computers, IPS, firewalls, IDS and mobile that can be considered as the external world.
Multidimensional approach of Digital Forensics:
There are no identifiable concrete principle for IoT forensics and the investigation primarily rely on the physical and mechanical nature of the smart device and it is significant as identifying evidence sources is a challenging aspect (Al Mutawa, Bryce,Franqueira & Marrington, 2015). It possible to collect the evidence from the fixed sensors in houses and apartments. Different moving sensors built in the cars along with different wearable sensory devices, cloud storage, communication devices and even the ISP logs serve the purpose and act as source of evidence.
According to the experts best practices cloud forensics can play a major role in the reinforcement of the cyber security because all of the data that have been generated by IoT components is to be stored on the cloud as it is highly scalable and it is convenient enough because of its capacity(Perumal, Norwawi & Raman, 2015).
There are many challenges that the digital forensic investigators face. the major challenges that are:
From the above conclusion it has been concluded that IoT and digital investigation can be linked and are linked in today’s modern world, making the work of digital investigation easy and effective. Though there are various aspects of IoT that is to be considered before implementing IT in any sort of organization. Digital investigation and the its step to involve IoT into account has also created certain issues which needs to be addressed and rectified properly in order to authenticate the digital investigation process. Media has also been responding by letting people know and making them aware of the various security breaches that have been taking place in the last few years.