skip to main content
10.1145/3230833.3233257acmotherconferencesArticle/Chapter ViewAbstractPublication PagesaresConference Proceedingsconference-collections
research-article

IoT Forensic: identification and classification of evidence in criminal investigations

Published: 27 August 2018 Publication History

Abstract

The Internet of Things (IoT) is everywhere around us. Smart communicating objects offer the digitalization of lives. Thus, IoT opens new opportunities in criminal investigations such as a protagonist or a witness to the event. Any investigation process involves four phases: firstly the identification of an incident and its evidence, secondly device collection and preservation, thirdly data examination and extraction and then finally data analysis and formalization.
In recent years, the scientific community sought to develop a common digital framework and methodology adapted to IoT-based infrastructure. However, the difficulty of IoT lies in the heterogeneous nature of the device, lack of standards and the complex architecture. Although digital forensics are considered and adopted in IoT investigations, this work only focuses on collection. Indeed the identification phase is relatively unexplored. It addresses challenges of finding the best evidence and locating hidden devices. So, the traditional method of digital forensics does not fully fit the IoT environment.
In this paperwork, we investigate the mobility in the context of IoT at the crime scene. This paper discusses the data identification and the classification methodology from IoT to looking for the best evidences. We propose tools and techniques to identify and locate IoT devices. We develop the recent concept of "digital footprint" in the crime area based on frequencies and interactions mapping between devices. We propose technical and data criteria to efficiently select IoT devices. Finally, the paper introduces a generalist classification table as well as the limits of such an approach.

References

[1]
Michiel Aernouts, Rafael Berkvens, Koen Van Vlaenderen, and Maarten Weyn. 2018. Sigfox and LoRaWAN Datasets for Fingerprint Localization in Large Urban and Rural Areas. Data 3, 27 (2018), 13.
[2]
Marco Altini, Davide Brunelli, Elisabetta Farella, and Luca Benini. 2010. Bluetooth indoor localization with multiple neural networks. In Wireless Pervasive Computing (ISWPC), 2010 5th IEEE International Symposium on. IEEE, 295--300.
[3]
B. Copos, K. Levitt, M. Bishop, and J. Rowe. 2016. Is Anybody Home? Inferring Activity From Smart Home Network Traffic. In 2016 IEEE Security and Privacy Workshops (SPW). 245--251.
[4]
Pablo Corral, Eladio Peña, Ricardo Garcia, V. Almenar, and AC. de C. Lima. 2008. Distance estimation system based on ZigBee. In Computational Science and Engineering Workshops, 2008. CSEWORKSHOPS'08. 11th IEEE International Conference on. IEEE, 405--411.
[5]
Bruno Dorsemaine, Jean-Philippe Gaulier, Jean-Philippe Wary, Nizar Kheir, and Pascal Urien. 2015. Internet of Things: A Definition & Taxonomy. In 9th International Conference on Next Generation Mobile Applications, Services and Technologies, NGMAST 2015, Cambridge, United Kingdom, September 9-11, 2015. 72--77.
[6]
Christopher Drane, Malcolm Macnaughtan, and Craig Scott. 1998. Positioning GSM telephones. IEEE Communications magazine 36, 15 (1998), 46--54.
[7]
Anne Ferréol. 2005. Radio-goniométrie: modélisation, algorithmes, performances. Ph.D. Dissertation. École normale supérieure de Cachan-ENS Cachan.
[8]
Fabio Forno, Giovanni Malnati, and Giuseppe Portelli. 2005. Design and implementation of a Bluetooth ad hoc network for indoor positioning. IEE proceedings-Software 152, 24 (2005), 223--228.
[9]
Ralf Grossmann, Jan Blumenthal, Frank Golatowski, and Dirk Timmermann. 2007. Localization in zigbee-based sensor networks. In 1st European Zigbee Developer's Conference (EuZDC), München-Dornach, Deutschland. Citeseer.
[10]
G. Gunnarsson, M. Alanen, T. Rantalainen, V. Ruutu, and V.-M. Teittinen. 1998. Location trial system for mobile phones. In Global Telecom munications Conference, 1998. GLOBECOM 1998. The Bridge to Global Integration. IEEE, Vol. 4. IEEE, 2211--2216.
[11]
Sadek Hamani, Mourad Oussalah, and Peter Hall. 2007. Combination of GSM and GPS signals for Mobile Positioning and Location Service Using Kalman Filter. In World Congress on Engineering. 1524--1529.
[12]
Robert Hegarty, David J. Lamb, and Andrew Attwood. 2014. Digital Evidence Challenges in the Internet of Things. In INC. 163--172.
[13]
Erik T. Heidt. 2017. Architecting and Planning for IoT Success: A Gartner Trend Insight Report. Gartner G00332034, 1 (May 2017). https://www.gartner.com/doc/3710618/architecting-planning-iot-success-gartner
[14]
Mario Höcker, Volker Berkhahn, Angelika Kneidl, Andre Borrmann, and Wolfram Klein. 2010. Graph-based approaches for simulating pedestrian dynamics in building models. eWork and eBusiness in Architecture, Engineering and Construction 20 (2010), 389--394.
[15]
Karen Kent, Suzanne Chevalier, Tim Grance, and Hung Dang. 2006. Guide to integrating forensic techniques into incident response. NIST Special Publication 10, 14 (2006), 800--86.
[16]
Vijay Kumar and others. 2014. Effect of environmental parameters on GSM and GPS. Indian Journal of Science and Technology 7, 29 (2014), 1183--1188.
[17]
Frédéric Lassabe, Philippe Canalda, and Pascal Chatonnay. 2009. Geolocalisation WiFi et modeles de prediction de la mobilite dans les reseaux multimedia. Citeseer 18 (2009).
[18]
Shancang Li, Li Da Xu, and Shanshan Zhao. 2015. The internet of things: a survey. Information Systems Frontiers 17, 6 (2015), 243--259.
[19]
Lionel M. Ni, Yunhao Liu, Yiu Cho Lau, and Abhishek P. Patil. 2004. LANDMARC: indoor location sensing using active RFTD. Wireless networks 10, 23 (2004), 701--710.
[20]
Amy Nordrum. 2016. Popular internet of things forecast of 50 billion devices by 2020 is outdated. IEEE Spectrum 18, 3 (2016). https://spectrum.ieee.org/tech-talk/telecom/internet/popular-internet-of-things-forecast-of-50-billion-devices-by-2020-is-outdated
[21]
E. Oriwoh, D. Jazani, G. Epiphaniou, and P. Sant. 2013. Internet of Things Forensics: Challenges and approaches. In 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing. 608--615.
[22]
Laura Pavin. 2018. Architecting and Planning for IoT Success: A Gartner Trend Insight Report. Grain's Silicon Valley 2 (2018). http://siliconvalley.crains.com/article/news/cisco-talks-iots-future-goals-hit-one-billion-connected-devices-2020
[23]
S. Perumal, N. M. Norwawi, and V. Raman. 2015. Internet of Things(IoT) digital forensic investigation model: Top-down forensic approach methodology. In 2015 Fifth International Conference on Digital Information Processing and Communications (ICDIPC). 19--23.
[24]
KM Sabidur Rahman, Matt Bishop, and Albert Holt. 2017. Internet of Things mobility forensics. Researchgate.net 9 (2017).
[25]
Pieter Robyns, Eduard Marin, WimLamotte, Peter Quax, Dave Singelee, and Bart Preneel. 2017. Physical-layer fingerprinting of LoRa devices using supervised and zero-shot learning. ACM Press.
[26]
Henry P. Romero, Kate A. Remley, Dylan F. Williams, and Chih-Ming Wang. 2009. Electromagnetic measurements for counterfeit detection of radio frequency identification cards. IEEE Transactions on Microwave Theory and Techniques 57, 30 (2009), 1383--1387.
[27]
Tara Salman and Raj Jain. 2015. Networking Protocols and Standards for Internet of Things. Internet of Things and Data Analytics Handbook (2015) 7 (2015), 215--238.
[28]
Sen.se. 2018. Mother and the Motion Cookies. https://sen.se/mother/. (2018). {Online; accessed 29-June-2008}.
[29]
Smail Tedjini, Etienne Perret, Arnaud Vena, and Darine Kaddour. 2012. Mastering the electromagnetic signature of chipless RFID tags. Chipless and conventional radio frequency identification: Systems for ubiquitous tagging 31 (2012), 146--174.
[30]
Li wei Chan, Ji rung Chiang, Yi chao Chen, Chia nan Ke, Jane Hsu, and Hao hua Chu. 2006. Collaborative localization: Enhancing wifi-based position estimation with neighborhood links in clusters. In International Conference on Pervasive Computing. Springer, 50--66.
[31]
S. Zawoad and R. Hasan. 2015. FAIoT: Towards Building a Forensics Aware Eco System for the Internet of Things. In 2015 IEEE International Conference on Services Computing. 279--284.
[32]
Matt Zwolenski, Lee Weatherill, and others. 2014. The digital universe: Rich data and the increasing value of the internet of things. Australian Journal of Telecommunications and the Digital Economy 4 (2014), 47. https://www.emc.com/leadership/digital-universe/2014iview/index.htm

Cited By

View all
  • (2024)Forensics Investigation ReportingPractical Digital Forensics: A Guide for Windows and Linux Users10.2174/9789815305579124010011(231-250)Online publication date: 20-Nov-2024
  • (2023)A Metamodeling Approach for IoT Forensic InvestigationElectronics10.3390/electronics1203052412:3(524)Online publication date: 19-Jan-2023
  • (2023)Survey on Methodological Model of IoT in Digital Forensic2023 International Conference on Intelligent Systems, Advanced Computing and Communication (ISACC)10.1109/ISACC56298.2023.10083537(1-6)Online publication date: 3-Feb-2023
  • Show More Cited By

Index Terms

  1. IoT Forensic: identification and classification of evidence in criminal investigations

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Other conferences
    ARES '18: Proceedings of the 13th International Conference on Availability, Reliability and Security
    August 2018
    603 pages
    ISBN:9781450364485
    DOI:10.1145/3230833
    © 2018 Association for Computing Machinery. ACM acknowledges that this contribution was authored or co-authored by an employee, contractor or affiliate of a national government. As such, the Government retains a nonexclusive, royalty-free right to publish or reproduce this article, or to allow others to do so, for Government purposes only.

    In-Cooperation

    • Universität Hamburg: Universität Hamburg

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 27 August 2018

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. Digital Forensics Model
    2. Evidence acquisition
    3. Internet of Things
    4. IoT Forensics
    5. IoT Investigations

    Qualifiers

    • Research-article
    • Research
    • Refereed limited

    Conference

    ARES 2018

    Acceptance Rates

    ARES '18 Paper Acceptance Rate 128 of 260 submissions, 49%;
    Overall Acceptance Rate 228 of 451 submissions, 51%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)75
    • Downloads (Last 6 weeks)12
    Reflects downloads up to 19 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2024)Forensics Investigation ReportingPractical Digital Forensics: A Guide for Windows and Linux Users10.2174/9789815305579124010011(231-250)Online publication date: 20-Nov-2024
    • (2023)A Metamodeling Approach for IoT Forensic InvestigationElectronics10.3390/electronics1203052412:3(524)Online publication date: 19-Jan-2023
    • (2023)Survey on Methodological Model of IoT in Digital Forensic2023 International Conference on Intelligent Systems, Advanced Computing and Communication (ISACC)10.1109/ISACC56298.2023.10083537(1-6)Online publication date: 3-Feb-2023
    • (2023)Survey of Evidence Collection Methods for Internet of Things Forensics2023 International Conference on Networking and Communications (ICNWC)10.1109/ICNWC57852.2023.10127407(1-7)Online publication date: 5-Apr-2023
    • (2023)Forensics with IoT Based Systems’ Evidences: A Futuristic Review on Forensic and IoT FrameworksAdvances in Systems Engineering10.1007/978-3-031-40579-2_16(156-174)Online publication date: 4-Aug-2023
    • (2022)Research on IoT Forensics System Based on Blockchain TechnologySecurity and Communication Networks10.1155/2022/44907572022Online publication date: 1-Jan-2022
    • (2022)Attaining State of the Art in DNA TestsHandbook of DNA Forensic Applications and Interpretation10.1007/978-981-19-0043-3_2(11-23)Online publication date: 2-Jul-2022
    • (2022)ReferencesCyber Investigations10.1002/9781119582021.refs(213-229)Online publication date: 14-Oct-2022
    • (2021)Common Investigation Process Model for Internet of Things Forensics2021 2nd International Conference on Smart Computing and Electronic Enterprise (ICSCEE)10.1109/ICSCEE50312.2021.9498045(84-89)Online publication date: 15-Jun-2021
    • (2021)Digital Forensics Subdomains: The State of the Art and Future DirectionsIEEE Access10.1109/ACCESS.2021.31242629(152476-152502)Online publication date: 2021
    • Show More Cited By

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media