Abstract
The Internet of Things (IoT) is finding increasing application in different areas, whether for private users or in industrial plants. The IoT increases the attack surface for Advanced Persistent Threats (APTs) due to insufficiently secured IoT devices and networks. The heterogeneous structure of the IoT poses several new challenges for the application of IoT forensics (IoTF). Due to limited resources and storage capacity on the devices, the application of traditional forensics is not possible. Therefore, the nature of these IoT devices urges forensic experts to extract and analyze possibly relevant data in a real-time manner from running devices by applying Live Digital Forensics (LDF). Although LDF investigations are not commonly applied in the IoT context yet, IoTF could benefit largely from a combined arms approach with LDF. Thus, security experts with sufficient skills and knowledge will be required to perform such procedures. Addressing the challenge to equip future forensic experts with these skills and knowledge, we propose a concept for an educational IoT Cyber Range for LDF for postgraduate cybersecurity learners. For a realistic learning experience, we outline the simulation of a simplistic, underlying IoT system. In order to create an environment that is as realistic as possible, we describe an illustrative scenario that serves as a motivational story. Following the scenario, learners carry out several tasks of an IoTF investigation for solving the scenario.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Adelstein, F.: Live forensics: diagnosing your system without killing it first. Commun. ACM 49(2), 63–66 (2006)
Blauw, F.F., Leung, W.S.: ForenCity: a playground for self-motivated learning in computer forensics. In: Drevin, L., Theocharidou, M. (eds.) WISE 2018. IAICT, vol. 531, pp. 15–27. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-99734-6_2
Böhm, F., Englbrecht, L., Friedl, S., Pernul, G.: Visual decision-support for live digital forensics. In: IEEE Symposium on Visualization for Cyber Security, VizSec 2021, New Orleans, LA, USA, 27 October 2021, pp. 58–67. IEEE (2021)
Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (IIoT): an analysis framework. Comput. Ind. 101, 1–12 (2018)
Csikszentmihalyi, M., Csikzentmihaly, M.: Flow: The Psychology of Optimal Experience, vol. 1990. Harper & Row, New York (1990)
Davis, J., Magrath, S.: A survey of cyber ranges and testbeds. Technical report, Defence Science and Technology Organisation Edinburg (Australia) Cyber and Electronic Warfare DIV (2013)
Dorsemaine, B., Gaulier, J., Wary, J., Kheir, N., Urien, P.: Internet of things: a definition & taxonomy. In: Al-Begain, K., AlBeiruti, N. (eds.) 9th International Conference on Next Generation Mobile Applications, Services and Technologies, NGMAST 2015, Cambridge, United Kingdom, 9–11 September 2015, pp. 72–77. IEEE (2015)
Eckert, W.G.: Introduction to Forensic Sciences. CRC Press (1996)
Englbrecht, L., Pernul, G.: A serious game-based peer-instruction digital forensics workshop. In: Drevin, L., Von Solms, S., Theocharidou, M. (eds.) WISE 2020. IAICT, vol. 579, pp. 127–141. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-59291-2_9
IoT Analytics: Cellular IoT & LPWA Connectivity Market Tracker (2020). https://iot-analytics.com/state-of-the-iot-2020-12-billion-iot-connections-surpassing-non-iot-for-the-first-time/. Accessed 4 Apr 2022
ISACA: ISACA Report - State of Cybersecurity 2021, Part 1 (2021)
Kramp, T., Van Kranenburg, R., Lange, S.: Introduction to the Internet of Things. In: Enabling Things to Talk, pp. 1–10. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40403-0_1
Leitner, M., et al.: AIT cyber range: flexible cyber security environment for exercises, training and research. In: Proceedings of the European Interdisciplinary Cybersecurity Conference. EICC 2020. Association for Computing Machinery, New York (2020). https://doi.org/10.1145/3424954.3424959
McKemmish, R.: What is forensic computing? Australian Institute of Criminology Canberra (1999)
Mishra, N., Pandya, S.: Internet of things applications, security challenges, attacks, intrusion detection, and future visions: a systematic review. IEEE Access 9, 59353–59377 (2021)
National Initiative for Cybersecurity Education (NICE): The cyber range: A guide. Technical report (2020)
Newhouse, W., Keith, S., Scribner, B., Witte, G.: National initiative for cybersecurity education (NICE) cybersecurity workforce framework. NIST Spec. Publ. 800(2017), 181 (2017)
Oriwoh, E., Jazani, D., Epiphaniou, G., Sant, P.: Internet of things forensics: challenges and approaches. In: Bertino, E., Georgakopoulos, D., Srivatsa, M., Nepal, S., Vinciarelli, A. (eds.) 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, Austin, TX, USA, 20–23 October 2013, pp. 608–615. ICST/IEEE (2013)
Rahman, M.S., Kabir, M.H.: A survey analysis and model development for Internet of Things (IoT) system for city buildings: Dhaka city, Bangladesh perspective. In: TENCON 2018–2018 IEEE Region 10 Conference, pp. 1229–1234. IEEE (2018)
Rose, K., Eldridge, S., Chapin, L.: The internet of things: an overview. The Internet Soc. (ISOC) 80, 1–50 (2015)
Stoyanova, M., Nikoloudakis, Y., Panagiotakis, S., Pallis, E., Markakis, E.K.: A survey on the Internet of Things (IoT) forensics: challenges, approaches, and open issues. IEEE Commun. Surv. Tutorials 22(2), 1191–1221 (2020)
Sudhakar, K.S.: An emerging threat Fileless malware: a survey and research challenges. Cybersecurity 3(1), 1 (2020)
Vielberth, M., Glas, M., Dietz, M., Karagiannis, S., Magkos, E., Pernul, G.: A digital twin-based cyber range for SOC analysts. In: Barker, K., Ghazinour, K. (eds.) DBSec 2021. LNCS, vol. 12840, pp. 293–311. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-81242-3_17
Vykopal, J., Oslejsek, R., Celeda, P., Vizváry, M., Tovarnák, D.: KYPO cyber range: design and use cases. In: Cardoso, J., Maciaszek, L.A., van Sinderen, M., Cabello, E. (eds.) Proceedings of the 12th International Conference on Software Technologies, ICSOFT 2017, Madrid, Spain, 24–26 July 2017, pp. 310–321. SciTePress (2017)
Yamin, M.M., Katt, B., Gkioulos, V.: Cyber ranges and security testbeds: scenarios, functions, tools and architecture. Comput. Secur. 88 (2020)
Zawoad, S., Hasan, R.: FAIoT: towards building a forensics aware eco system for the internet of things. In: 2015 IEEE International Conference on Services Computing, SCC 2015, New York City, NY, USA, 27 June – 2 July 2015, pp. 279–284. IEEE Computer Society (2015)
Acknowledgement
This work is partly performed under the INSIST project, which is supported under contract by the Bavarian Ministry of Economic Affairs, Regional Development and Energy (DIK0338/01).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 IFIP International Federation for Information Processing
About this paper
Cite this paper
Friedl, S., Glas, M., Englbrecht, L., Böhm, F., Pernul, G. (2022). ForCyRange: An Educational IoT Cyber Range for Live Digital Forensics. In: Drevin, L., Miloslavskaya, N., Leung, W.S., von Solms, S. (eds) Information Security Education - Adapting to the Fourth Industrial Revolution. WISE 2022. IFIP Advances in Information and Communication Technology, vol 650. Springer, Cham. https://doi.org/10.1007/978-3-031-08172-9_6
Download citation
DOI: https://doi.org/10.1007/978-3-031-08172-9_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-08171-2
Online ISBN: 978-3-031-08172-9
eBook Packages: Computer ScienceComputer Science (R0)