Abstract
Raspberry Pi, a credit card sized, low power consuming and cost-effective computer gained global recognition since its development in 2008. The capability to run GNU-based Linux distribution like Snappy Ubuntu, Kali, Raspbian and even Windows 10, has partly contributed to its popularity. However, these devices can also be exploited. In this chapter, we will discuss how a digital forensic investigator could investigate a case where a Raspberry Pi was used to conduct Man in the middle attack. Using an adversary model, we will demonstrate how one can perform a man-in-the-middle attack against users by creating a rogue wireless access point and capturing critical user information. We will try to analyze different operating system and application log files; files and data recovered using different digital forensic tools to deduce the timeline and what things have happened using recovered evidence. We will also see how different digital forensic analysis tools like Autopsy, FTK AccessData and Bulk Extractor could be helpful in this case by performing benchmarking them against some key factors like recovered web history and cookies files, carved files, etc.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Mortensen, C., Winkelmaier, R., Zheng, J.: Exploring attack vectors facilitated by miniaturized computers. In: Proceedings of the 6th International Conference on Security of Information and Networks, pp. 203–209. ACM (2013)
Vemi, S.G., Panchev, C.: Vulnerability testing of wireless access points using unmanned aerial vehicles (uav). In: European Conference on e-Learning (2015)
Puangpronpitag, S., Sriwiboon, N.: Simple and lightweight HTTPS enforcement to protect against SSL striping attack. In: 2012 Fourth International Conference on Computational Intelligence, Communication Systems and Networks (CICSyN), pp. 229–234. IEEE (2012)
Agarwal, M., Biswas, S., Nandi, S.: Advanced stealth man-in-the-middle attack in WPA2 encrypted wi-fi networks. IEEE Commun. Lett. 19(4), 581–584 (2015)
Vilius, K., Liu, L., Panneerselvam, J., Stimpson, T.: A critical analysis of the efficiencies of emerging wireless security standards against network attacks (2015)
Janbeglou, M., Zamani, M., Ibrahim, S.: Redirecting network traffic toward a fake DNS server on a LAN. In: 2010 3rd IEEE International Conference on Computer Science and Information Technology (ICCSIT), vol. 2, pp. 429–433. IEEE (2010)
Djanali, S., Arunanto, F.X., Pratomo, B.A., Studiawan, H., Nugraha, S.G.: SQL injection detection and prevention system with raspberry Pi honeypot cluster for trapping attacker. In: International Symposium on Technology Management and Emerging Technologies (2014)
Drake, N.: Raspberry Pi Protection!. Future Publishing Ltd., Bath (2017)
Balani, S., Swathi, B., Shrestha, N.B.: Survey on home security surveillance system based on wi-fi connectivity using Raspberry Pi and IOT module. Udaipur Int. J. Adv. Res. Comput. Sci. (2018)
Feng, X., Babatunde, O., Liu, E.: Cyber security investigation for Raspberry Pi devices. Int. Ref. J. Eng. Sci. (2017)
McKemmish, R.: What is forensic computing? Trends Issues Crime Crim. Justice 118, 1–6 (1999)
Hegstrom, K., McCoy, M., Creecy, J., Lord, W.: Use of forensic corpora in validation of data carving on solid-state drives. ProQuest Dissertations Publishing. Retrieved from http://search.proquest.com/docview/1865305312/ (2016)
Kiruthu, G., Rogers, M., Marshall, B., Rawles, P., Springer, J.: Digital forensic investigation of a Dropbox cloud-hosted shared folder. ProQuest Dissertations Publishing. Retrieved from http://search.proquest.com/docview/1836825640/ (2012)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Gupta, A., Desai, A.U., Sahai, A. (2020). Digital Forensics of Raspberry Pi Used for MITM. In: Zhang, X., Choo, KK. (eds) Digital Forensic Education. Studies in Big Data, vol 61. Springer, Cham. https://doi.org/10.1007/978-3-030-23547-5_8
Download citation
DOI: https://doi.org/10.1007/978-3-030-23547-5_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-23546-8
Online ISBN: 978-3-030-23547-5
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)