The Internet of Things is likely to increase connectivity to a comparatively larger section of natural and physical environment via the Internet than permitted within the scope of today’s laptops, mobile devices or PCs. However, there are certain challenges posed to its success, with regards to infrastructure capacity, interoperability, and standardization. There are also an increasing number of questions about the kinds of data to be stored, shared, analyzed or used on the IoT.
However, concerns about the effect of IoT on digital forensics gathering and analysis are left rather missing from the discussion.
IoT Forensic Issues
As with most other digital computing or storage systems, IoT too will be subject to misappropriation and misuse as a platform to carry out inappropriate or illegal activities. Like more other digital platforms, this too can be hacked or infected with malware or simply appropriated to inflict damage or commit theft. However, the present day’s post incidence forensics and anti-intrusion methods might be diminished due to multiple issues.
As artifacts might have been transferred of shared over a large network or number of devices, there is a huge challenge in identifying to whom data belongs when a digital forensics examination is carried out of a digital system within a home or business containing IoT components.
Moreover, it is extremely complex to understand the relationship between artifacts in both space and time since the IoT devices typically make use of proprietary communication protocols and proprietary formats for data.
Chain of Custody
A solid chain of custody over evidence holds great importance in criminal of civil litigation. However, the preservation and ownership of an evidence in an IoT environment makes the situation complex and it may influence the court’s perception of believing the acquired evidence to be reliable. This is a negative side effect of the ability of IoT devices to build ephemeral ad-hoc network connections and of data diffusion.
Conventional computers, storage devices and their networks are the prime focus of the toolset for digital forensic experts. Even a single IoT device, however, may cause the activities like live imaging to be non-effective, leave alone interconnected collection of such devices. Due to lack of IoT standardization, even the IoT specific tool may be applicable only to a narrow subset of devices.
An inextricable part of the IoT concept is the use of cloud infrastructure. The influence of this on IoT forensics is the additional complexity, money, and time incurred to collect evidence from these cloud components.
High Change Rate
Presently, IoT is still evolving and among the fastest moving technologies in the world. New devices and usage models are being created, modified, or discarded regularly and rapidly. Thus, in a world of conventional devices and networks, the IoT digital forensics has been chasing a constantly moving target.
The Path to a digital Forensics- Friendly IoT
To engender a perception of privacy and security and to foster its acceptance, the IoT ecosystem should carefully consider all such issues or concerns related to digital forensic’s ability to detect, prevent, and resolve illegal or inappropriate incidents that involve IoT devices and infrastructure.
The knowledge and experience of top digital forensics experts can be taken advantage of as they can help understand the working of forensics from a legal, technical, and privacy standpoint, this leading to the development of a robust and more secure Internet of things.