Paper Info
Title
Evidence Identification and Acquisition Based on Network Link in an Internet of Things Environment.
Abstract
In an Internet of Things (IoT) environment, IoT devices are typically connected through different network media types such as mobile, WiFi and wired networks. Due to the pervasive nature of such devices, they are a potential evidence source in both civil litigation and criminal investigations. It is, however, challenging to identify and acquire forensic artifacts from the broad range of devices, which have varying storage and communication capabilities. We posit the importance of focusing on the hidden links between different IoT devices (e.g. whether one device is controlled or can be accessed from another device in the system), and design an approach to do so. Specifically, our approach adopts a graph to model the message flows of IoT communications, with the aim of facilitating the identification of correlated network traffic, based on the direction of the network and the associated attributes. To demonstrate how such an approach can be deployed in practice, we evaluate our approach using IoT devices in a smart home environment and achieve an accuracy rate of 98.3% for detecting hidden links between devices.
Year
DOI
Venue
2020
10.1007/978-3-030-57805-3_16
CISIS
DocType
Citations 
PageRank 
Conference
0
0.34
References 
Authors
11
4
Name
Order
Citations
PageRank
Saad Khalid Alabdulsalam100.34
Trung Q. Duong22911171.22
Kim-Kwang Raymond Choo34103362.49
Nhien-An Le-Khac422449.63