Go home now Header Background Image
Submission Procedure
share: |
Follow us
Volume 25 / Issue 9

available in:   PDF (952 kB) PS (883 kB)
Similar Docs BibTeX   Write a comment
Links into Future
DOI:   10.3217/jucs-025-09-1199


Digital Investigation of IoT Devices in the Criminal Scene

Fran├žois Bouchaud (IRCGN - Forensic Science Laboratory, France)

Gilles Grimaud (University of Lille, France)

Thomas Vantroys (University of Lille, France)

Pierrick Buret (C3N - National Cyber-Crime Unit, France)

Abstract: The Internet of Things (IoT) is everywhere around us. Smart communicating objects are offering the digitalization of lives. They create new opportunities within criminal investigations. In recent years, the scientific community sought to develop a common digital framework and methodology adapted to IoT-based infrastructure. However, the difficulty in exploiting the IoT lies in the heterogeneous nature of the devices, the lack of standards and the complex architecture. Although digital forensics are considered and adopted in IoT investigations, this work only focuses on the collection. The identification phase is quite unexplored. It addresses the challenges of locating hidden devices and finding the best evidence to be collected. The matter of facts is the traditional method of digital forensics does not fully fit the IoT environment. Furthermore, the investigator can no longer consider a connected object as a single device, but as an interconnected whole one, anchored in a cross-disciplinary environment. This paper presents the methodology for identifying and classifying connected objects in search of the best evidence to be collected. It offers techniques for detecting and locating the appropriate equipment. Based on frequency mapping and interactions, it transfers the concept of "fingerprinting" into the field of crime scene. It focuses on the technical and data criteria to successfully select the relevant IoT devices. It gives a general classiffication as well as the limits of such an approach. It shows the collection of digital evidence by focusing on pertinent information from the Internet of Things.

Keywords: Digital Forensics Model, Internet of Things, IoT forensics, IoT investigations, evidence1 acquisition

Categories: B.0, D.0, D.2, D.4.4, E.0, H.1.1, H.3.1, H.4.3