Forensic of Things: Revisiting Digital Forensic Investigations in Internet of Things

The emerging paradigm of Internet of Things (IoT) promises automation, real-time monitoring and management of critical infrastructure(s) allowing optimized productivity in consumer and commercial concerns. Diversity in IoT devices, communication protocols, and the extensive data generated by IoT-ware requires robust incident response primitives to counter IoT related cyber-attacks and deter cybercrimes. Although substantial work is underway in improving IoT security, there is a fundamental requirement to address the forensic requisites that may aid forensic investigators and law enforcement agencies (LEAs) in prosecuting IoT related cybercrimes. IoT presents substantial forensic challenges in terms of evidence source identification, artefact acquisition, insufficiency of IoT-specific forensic tools and techniques, and issues in multijurisdictional litigation. To this effect, the present papers comprehensively reviews the applicability of traditional, cloud and network forensics in the IoT domain. State-of-the-art IoT forensic models are critically discussed to highlight their practical applicability. Furthermore, employment of recent enabling technologies including software defined networking and blockchaining is examined in a forensic of things context. The study also discusses and makes recommendations towards the multi-faceted challenges faced by IoT forensic investigators due to non-validated methodologies, leading to deficiencies in operational readiness.