A Concept Forensic Methodology For The Investigation Of IoT Cyberincidents

The number of Internet of Things (IoT) forensic investigations has increased considerably over recent years due to the weak nature of the security measures of its devices. In order to ensure the effectiveness and completeness of their examinations, investigators rely on forensic models, frameworks a...

Full description

Saved in:
Bibliographic Details
Published inComputer journal Vol. 67; no. 4; pp. 1324 - 1345
Main Authors Castelo Gómez, Juan Manuel, Carrillo-Mondéjar, Javier, Roldán-Gómez, José, Martínez Martínez, José Luis
Format Journal Article
LanguageEnglish
Published Oxford University Press 21.04.2024
Subjects
digital forensics
IoT forensics
Cybersecurity
internet of things
forensic methodology
Online AccessGet full text

Cover

Abstract The number of Internet of Things (IoT) forensic investigations has increased considerably over recent years due to the weak nature of the security measures of its devices. In order to ensure the effectiveness and completeness of their examinations, investigators rely on forensic models, frameworks and methodologies. However, given the novelty of the environment, the existing ones are not refined enough, and the conventional counterparts do not satisfy the requirements of the IoT. Consequently, further improvements are needed in order for a more suitable IoT methodology to be designed. After reviewing the proposals from the research community for the development of procedures for performing IoT investigations, this article presents a practical concept methodology for conducting IoT forensic investigations that details step by step the whole examination process from its opening to its closing. In order to test its effectiveness and feasibility, it is submitted to a theoretical, a practical and a hybrid evaluation. Firstly, by comparing its level of detail, practicality and content with the related work. Secondly, by assessing its performance in two practical scenarios that depict real-life forensic investigations and the challenges that they present. And, finally, by studying how the existing models from the research community would have behaved in these cases. After performing these three different evaluations, it can be concluded that the results achieved by the proposed methodology were satisfactory, confirmed the feasibility of the proposal and showed clear benefits compared with the related work in terms of practicality and level of detail.
AbstractList The number of Internet of Things (IoT) forensic investigations has increased considerably over recent years due to the weak nature of the security measures of its devices. In order to ensure the effectiveness and completeness of their examinations, investigators rely on forensic models, frameworks and methodologies. However, given the novelty of the environment, the existing ones are not refined enough, and the conventional counterparts do not satisfy the requirements of the IoT. Consequently, further improvements are needed in order for a more suitable IoT methodology to be designed. After reviewing the proposals from the research community for the development of procedures for performing IoT investigations, this article presents a practical concept methodology for conducting IoT forensic investigations that details step by step the whole examination process from its opening to its closing. In order to test its effectiveness and feasibility, it is submitted to a theoretical, a practical and a hybrid evaluation. Firstly, by comparing its level of detail, practicality and content with the related work. Secondly, by assessing its performance in two practical scenarios that depict real-life forensic investigations and the challenges that they present. And, finally, by studying how the existing models from the research community would have behaved in these cases. After performing these three different evaluations, it can be concluded that the results achieved by the proposed methodology were satisfactory, confirmed the feasibility of the proposal and showed clear benefits compared with the related work in terms of practicality and level of detail.
Author Martínez Martínez, José Luis
Carrillo-Mondéjar, Javier
Castelo Gómez, Juan Manuel
Roldán-Gómez, José
Author_xml – sequence: 1
  givenname: Juan Manuel
  surname: Castelo Gómez
  fullname: Castelo Gómez, Juan Manuel
  email: juanmanuel.castelo@uclm.es
– sequence: 2
  givenname: Javier
  surname: Carrillo-Mondéjar
  fullname: Carrillo-Mondéjar, Javier
– sequence: 3
  givenname: José
  surname: Roldán-Gómez
  fullname: Roldán-Gómez, José
– sequence: 4
  givenname: José Luis
  surname: Martínez Martínez
  fullname: Martínez Martínez, José Luis
BookMark eNqFkEFPwkAQhTcGEwG9et6rh8J0u23pkTSiGAwXPDfT3SksKbukuxr77xXhZGI8TfKS773MN2ID6ywxdh_DJIYimSp32Nt2Wn-ihkxcsWEsM4gEZPmADQFiiGQm4IaNvN8DgIAiG7KXOS-dVXQMfOE6st4o_kph57Rr3bY_hXyzI760H-SD2WIwzvJ1w5duw8u-ps5YZTTZ4G_ZdYOtp7vLHbO3xeOmfI5W66dlOV9FSuRJiLK8gFrMpK4RERCU1KRrSbWUQoqZIgLEuslSVE0qGsJcYyIE6lmKqciLZMwm517VOe87aqpjZw7Y9VUM1clEdTZRXUx8A_IXoEz4eSR0aNq_sYcz5t6P_018AadBeBA
CitedBy_id crossref_primary_10_1007_s10207_023_00776_x
crossref_primary_10_1093_comjnl_bxae097
crossref_primary_10_1016_j_fsidi_2025_301912
Cites_doi 10.1016/j.diin.2019.04.013
10.1145/3234698.3234730
10.1109/JIOT.2019.2940713
10.1016/j.fsidi.2022.301482
10.1016/j.diin.2019.03.007
10.1109/MCC.2016.5
10.1016/j.diin.2011.06.002
10.1016/j.diin.2019.01.003
10.1016/j.fsidi.2021.301114
10.1109/ASPDAC.2016.7428064
10.1016/j.cose.2017.04.004
10.1109/ICTC.2015.7354752
10.1145/3098954.3104053
10.1016/j.future.2018.05.081
10.1016/j.fsidi.2022.301499
10.1016/j.fsidi.2022.301343
10.1016/j.diin.2017.06.010
10.1145/3098954.3104052
10.1016/j.diin.2017.06.013
10.1016/j.diin.2016.01.016
10.1016/j.iot.2020.100220
10.1016/j.diin.2016.02.002
ContentType Journal Article
Copyright The British Computer Society 2023. All rights reserved. For permissions, please e-mail: journals.permissions@oup.com 2023
Copyright_xml – notice: The British Computer Society 2023. All rights reserved. For permissions, please e-mail: journals.permissions@oup.com 2023
DBID AAYXX
CITATION
DOI 10.1093/comjnl/bxad062
DatabaseName CrossRef
DatabaseTitle CrossRef
DatabaseTitleList CrossRef
DeliveryMethod fulltext_linktorsrc
Discipline Computer Science
EISSN 1460-2067
EndPage 1345
ExternalDocumentID 10_1093_comjnl_bxad062
10.1093/comjnl/bxad062
GroupedDBID -E4
-~X
.2P
.DC
.I3
0R~
123
18M
1OL
1TH
29F
3R3
4.4
41~
48X
5VS
5WA
6J9
6TJ
70D
85S
9M8
AAIJN
AAJKP
AAJQQ
AAMVS
AAOGV
AAPQZ
AAPXW
AARHZ
AAUAY
AAUQX
AAVAP
AAYOK
ABAZT
ABDFA
ABDTM
ABEFU
ABEJV
ABEUO
ABGNP
ABIXL
ABNKS
ABPTD
ABQLI
ABSMQ
ABVGC
ABVLG
ABXVV
ABZBJ
ACBEA
ACFRR
ACGFS
ACGOD
ACIWK
ACNCT
ACUFI
ACUTJ
ACUXJ
ACVCV
ACYTK
ADEYI
ADEZT
ADGZP
ADHKW
ADHZD
ADIPN
ADMLS
ADOCK
ADQBN
ADRDM
ADRTK
ADVEK
ADYJX
ADYVW
ADZXQ
AECKG
AEGPL
AEGXH
AEJOX
AEKKA
AEKSI
AEMDU
AENEX
AENZO
AEPUE
AETBJ
AEWNT
AFFZL
AFIYH
AFOFC
AGINJ
AGKEF
AGMDO
AGORE
AGSYK
AHGBF
AHXPO
AI.
AIDUJ
AIJHB
AJBYB
AJEEA
AJEUX
AJNCP
ALMA_UNASSIGNED_HOLDINGS
ALTZX
ALUQC
ALXQX
ANAKG
APIBT
APJGH
APWMN
ASAOO
ATDFG
ATGXG
AXUDD
AZVOD
BAYMD
BCRHZ
BEFXN
BEYMZ
BFFAM
BGNUA
BHONS
BKEBE
BPEOZ
BQUQU
BTQHN
CAG
CDBKE
COF
CS3
CXTWN
CZ4
DAKXR
DFGAJ
DILTD
DU5
D~K
EBS
EE~
EJD
F9B
FA8
FLIZI
FLUFQ
FOEOM
GAUVT
GJXCC
H13
H5~
HAR
HW0
HZ~
H~9
IOX
J21
JAVBF
JXSIZ
KBUDW
KOP
KSI
KSN
M-Z
MBTAY
ML0
MVM
N9A
NGC
NMDNZ
NOMLY
NU-
O0~
O9-
OCL
ODMLO
OJQWA
OJZSN
OWPYF
O~Y
P2P
PAFKI
PEELM
PQQKQ
Q1.
Q5Y
R44
RD5
RNI
ROL
ROX
ROZ
RUSNO
RW1
RXO
RZO
SC5
TAE
TJP
TN5
VH1
VOH
WH7
WHG
X7H
XJT
XOL
XSW
YAYTL
YKOAZ
YXANX
ZKX
ZY4
~91
AAYXX
CITATION
ID FETCH-LOGICAL-c273t-6790b284dbaaa0a0c4dedb4eb442428cee0aabf65acf52fea7da322ad85a52793
ISSN 0010-4620
IngestDate Thu Apr 24 23:12:16 EDT 2025
Tue Jul 01 02:55:10 EDT 2025
Mon Jun 30 08:34:42 EDT 2025
IsPeerReviewed true
IsScholarly true
Issue 4
Keywords digital forensics
IoT forensics
Cybersecurity
internet of things
forensic methodology
Language English
License This article is published and distributed under the terms of the Oxford University Press, Standard Journals Publication Model (https://academic.oup.com/pages/standard-publication-reuse-rights)
https://academic.oup.com/pages/standard-publication-reuse-rights
LinkModel OpenURL
MergedId FETCHMERGED-LOGICAL-c273t-6790b284dbaaa0a0c4dedb4eb442428cee0aabf65acf52fea7da322ad85a52793
PageCount 22
ParticipantIDs crossref_primary_10_1093_comjnl_bxad062
crossref_citationtrail_10_1093_comjnl_bxad062
oup_primary_10_1093_comjnl_bxad062
ProviderPackageCode CITATION
AAYXX
PublicationCentury 2000
PublicationDate 2024-04-21
PublicationDateYYYYMMDD 2024-04-21
PublicationDate_xml – month: 04
  year: 2024
  text: 2024-04-21
  day: 21
PublicationDecade 2020
PublicationTitle Computer journal
PublicationYear 2024
Publisher Oxford University Press
Publisher_xml – name: Oxford University Press
References International Organization for Standardization (2024042316182587100_ref2) 2012
Kebande (2024042316182587100_ref15) 2016
Samsung Electronics America (2024042316182587100_ref84) 2020
Sathwara (2024042316182587100_ref27) 2018
United States Air Force Office of Special Investigations. Foremost.org (2024042316182587100_ref68) 2020
Kim (2024042316182587100_ref35) 2023; 44
Harvey (2024042316182587100_ref73) 2020
504ENSICS Labs (2024042316182587100_ref57) 2020
Libelium Comunicaciones Distribuidas (2024042316182587100_ref89) 2020
Hossain (2024042316182587100_ref38) 2018
Kaspersky (2024042316182587100_ref7) 2022
Samsung Electronics America (2024042316182587100_ref87) 2020
Kebande (2024042316182587100_ref28) 2018
Joachim Metz. Github.com (2024042316182587100_ref72) 2020
Clark (2024042316182587100_ref41) 2017; 22
VöMel (2024042316182587100_ref53) 2011; 8
Yusoff (2024042316182587100_ref45) 2011; 3
Castelo Gómez (2024042316182587100_ref46) 2021; 36
Chung (2024042316182587100_ref40) 2017; 22
Yassein (2024042316182587100_ref74) 2018
Karagiozidis (2024042316182587100_ref32) 2022
Zawoad (2024042316182587100_ref37) 2015
Hou (2024042316182587100_ref10) 2020; 7
Forensics (2024042316182587100_ref66) 2020
Brian Carrier. Sleuthkit.org (2024042316182587100_ref64) 2020
NCSCL Quality Manager (2024042316182587100_ref78) 2017
Atlam (2024042316182587100_ref11) 2020; 11
Wireshark Foundation. Wireshark.org (2024042316182587100_ref60) 2020
Costa (2024042316182587100_ref69) 2020
Jo (2024042316182587100_ref42) 2019; 29
International Organization for Standardization (2024042316182587100_ref3) 2015
Collective work of all DFRWS attendees (2024042316182587100_ref24) 2001
Nieto (2024042316182587100_ref17) 2017
Badenhop (2024042316182587100_ref49) 2016; 17
Oriwoh (2024042316182587100_ref39) 2013
Zeek (2024042316182587100_ref70) 2020
Surange (2024042316182587100_ref33) 2022; 14
Brezinski (2024042316182587100_ref1) 2002
Samsung Electronics America (2024042316182587100_ref81) 2020
Gupta (2024042316182587100_ref52) 2016
Zimmerman (2024042316182587100_ref71) 2020
International Organization for Standardization (2024042316182587100_ref4) 2016
Vailshery (2024042316182587100_ref5)
Le-Khac (2024042316182587100_ref48) 2020; 109
Du (2024042316182587100_ref79) 2017; 1708
Zia (2024042316182587100_ref18) 2017
Gregorio (2024042316182587100_ref43) 2019; 29
Alyami (2024042316182587100_ref13) 2022
Meffert (2024042316182587100_ref36) 2017
Hadgkiss (2024042316182587100_ref44) 2019; 28
Wurm (2024042316182587100_ref50) 2016
Feng (2024042316182587100_ref20) 2017
Al-Sadi (2024042316182587100_ref29) 2018
AccessData Corp. Forensic Toolkit (FTK) (2024042316182587100_ref55) 2020
Bharadwaj (2024042316182587100_ref25) 2018
Guy Voncken. Guymager.net (2024042316182587100_ref56) 2020
Samsung Electronics America (2024042316182587100_ref82) 2020
Sonicwall (2024042316182587100_ref6) 2022
Libelium Comunicaciones Distribuidas (2024042316182587100_ref91) 2020
Ab Rahman (2024042316182587100_ref16) 2016; 3
Goudbeek (2024042316182587100_ref22) 2018
Samsung Electronics America (2024042316182587100_ref85) 2020
Al-Masri (2024042316182587100_ref23) 2018
Pomeranz (2024042316182587100_ref58) 2020
volatilityfoundation (2024042316182587100_ref65) 2020
Lillis (2024042316182587100_ref9) 2016
Sadineni (2024042316182587100_ref31) 2019
tcpdump (2024042316182587100_ref59) 2020
Harbawi (2024042316182587100_ref19) 2017
Libelium Comunicaciones Distribuidas (2024042316182587100_ref93) 2020
Foundation, R. P (2024042316182587100_ref26) 2020
Han (2024042316182587100_ref47) 2015
Elstner (2024042316182587100_ref51) 2016; 16
Kasukurti (2024042316182587100_ref30) 2018
CGSecurity. CGSecurity.org (2024042316182587100_ref67) 2020
Grand View Research (2024042316182587100_ref94)
Jacob (2024042316182587100_ref34) 2022; 42-43
Fouladi (2024042316182587100_ref76) 2013
Samsung Electronics America (2024042316182587100_ref83) 2020
Fan (2024042316182587100_ref77) 2017
Computer Hope. Computerhope.com (2024042316182587100_ref54) 2020
Libelium Comunicaciones Distribuidas (2024042316182587100_ref90) 2020
Badenhop (2024042316182587100_ref75) 2017; 68
Netresec (2024042316182587100_ref61) 2020
The Tcpdump Group (2024042316182587100_ref62) 2020
Sandvik (2024042316182587100_ref12) 2022; 40
Perumal (2024042316182587100_ref14) 2015
Oriwoh (2024042316182587100_ref8) 2013
Al-Khateeb (2024042316182587100_ref63) 2015
Amazon Web Services, I (2024042316182587100_ref92) 2020
Howarth (2024042316182587100_ref95) 2022
Samsung Electronics America (2024042316182587100_ref86) 2020
Hossain (2024042316182587100_ref21) 2017
iFixit (2024042316182587100_ref88) 2018
Samsung Electronics America (2024042316182587100_ref80) 2018
References_xml – start-page: 1
  volume-title: 5th International Symposium on Digital Forensic and Security (ISDFS), Tirgu Mures, Romania, 26–28 April
  year: 2017
  ident: 2024042316182587100_ref19
  article-title: An improved digital evidence acquisition model for the internet of things forensic: A theoretical framework
– year: 2020
  ident: 2024042316182587100_ref54
  article-title: Linux and Unix dd command
– volume-title: ISO - ISO/IEC 27042:2015 - Information technology – Security techniques – Guidelines for the analysis and interpretation of digital evidence
  year: 2015
  ident: 2024042316182587100_ref3
– start-page: 3
  volume-title: 15th IFIP WG 11.9 International Conference, Orlando, FL, USA, 28–29 January
  year: 2019
  ident: 2024042316182587100_ref31
  article-title: A holistic forensic model for the internet of things
– volume: 29
  start-page: S80
  year: 2019
  ident: 2024042316182587100_ref42
  article-title: Digital forensic practices and methodologies for ai speaker ecosystems
  publication-title: Digital Investigation
  doi: 10.1016/j.diin.2019.04.013
– year: 2020
  ident: 2024042316182587100_ref56
  article-title: Guymager free forensic imager
– year: 2020
  ident: 2024042316182587100_ref67
  article-title: PhotoRec ES - CGSecurity
– start-page: 1
  volume-title: 10th International Conference on Electronics, Computers and Artificial Intelligence (ECAI), Iasi, Romania, 28–30 June
  year: 2018
  ident: 2024042316182587100_ref27
  article-title: Iot forensic a digital investigation framework for iot systems
– volume-title: (2017) Procedure for Evidence Management
  year: 2017
  ident: 2024042316182587100_ref78
– year: 2022
  ident: 2024042316182587100_ref7
  article-title: Kaspersky security bulletin 2022
  publication-title: Stat
– year: 2018
  ident: 2024042316182587100_ref80
  article-title: Samsung SmartThings Wifi ET-WV525 user manual
– start-page: 626
  volume-title: IEEE Trustcom/BigDataSE/ICESS, Sydney, NSW, Australia, 01–04 August
  year: 2017
  ident: 2024042316182587100_ref17
  article-title: A methodology for privacy-aware iot-forensics
– start-page: 25
  volume-title: IEEE International Congress on Internet of Things (ICIOT), Honolulu, HI, USA, 25–30 Jun
  year: 2017
  ident: 2024042316182587100_ref21
  article-title: Trust-iov: A trustworthy forensic investigation framework for the internet of vehicles (iov)
– year: 2002
  ident: 2024042316182587100_ref1
  article-title: RFC 3227: guidelines for evidence collection and archiving
– start-page: 196
  volume-title: IEEE International Conference on Smart Cloud (SmartCloud), New York, NY, USA, 21–23 September
  year: 2018
  ident: 2024042316182587100_ref23
  article-title: A fog-based digital forensics investigation framework for iot systems
– year: 2020
  ident: 2024042316182587100_ref55
  article-title: Using command line imager
– year: 2020
  ident: 2024042316182587100_ref59
  article-title: Tcpdump/Libpcap public repository
– year: 2020
  ident: 2024042316182587100_ref86
  article-title: SmartThings Wifi smart plug SmartThings - GP-WOU019BBAWU — Samsung US
– year: 2020
  ident: 2024042316182587100_ref26
  article-title: Raspberry pi OS for raspberry pi
– volume-title: Statista. IoT connected devices worldwide 2019–2030 - Statista
  ident: 2024042316182587100_ref5
– start-page: 356
  volume-title: IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), Vienna, Austria, 22–24 August
  year: 2016
  ident: 2024042316182587100_ref15
  article-title: A generic digital forensic investigation framework for internet of things (iot)
– year: 2020
  ident: 2024042316182587100_ref65
  article-title: The volatility foundation - open source memory Forensics
– start-page: 1
  volume-title: SoutheastCon 2018, St. Petersburg, FL, USA, 19–22 Apri
  year: 2018
  ident: 2024042316182587100_ref29
  article-title: Internet of things digital forensic investigation using open source gears
– volume-title: 4th International Conference on Engineering & MIS (ICEMIS 2018)
  year: 2018
  ident: 2024042316182587100_ref74
  article-title: Evaluation of Security Regarding Z-Wave Wireless Protocol
  doi: 10.1145/3234698.3234730
– volume: 7
  start-page: 1
  year: 2020
  ident: 2024042316182587100_ref10
  article-title: A survey on digital forensics in internet of things
  publication-title: IEEE Internet Things J.
  doi: 10.1109/JIOT.2019.2940713
– year: 2020
  ident: 2024042316182587100_ref60
  article-title: Wireshark - network protocol Analyzer
– year: 2020
  ident: 2024042316182587100_ref87
  article-title: SmartThings smart bulb - GP-LBU019BBAWU — Samsung US
– year: 2020
  ident: 2024042316182587100_ref82
  article-title: Samsung SmartThings motion sensor — owner information support — Samsung US
– year: 2018
  ident: 2024042316182587100_ref88
  article-title: Samsung connect home teardown
– year: 2020
  ident: 2024042316182587100_ref90
  article-title: Meshlium Xtreme technical guide
– year: 2017
  ident: 2024042316182587100_ref77
  article-title: MIT computer science and artificial intelligence laboratory
  publication-title: Security Analysis of Zigbee
– volume-title: The Digital Forensic Research Conference (DFRWS), Utica, NY, 7–8 August
  year: 2001
  ident: 2024042316182587100_ref24
  article-title: A Road Map for Digital Forensic Research
– year: 2020
  ident: 2024042316182587100_ref61
  article-title: NetworkMiner - the NSM and network Forensics analysis tool
– year: 2020
  ident: 2024042316182587100_ref91
  article-title: Waspmote Plug & Sense! Technical guide
– volume-title: ISO - ISO/IEC 27037:2012 - Information technology – Security techniques – Guidelines for identification, collection, acquisition and preservation of digital evidence
  year: 2012
  ident: 2024042316182587100_ref2
– start-page: 19
  volume-title: Fifth International Conference on Digital Information Processing and Communications (ICDIPC), Sierre, Switzerland, 07–09 October
  year: 2015
  ident: 2024042316182587100_ref14
  article-title: Internet of things (iot) digital forensic investigation model: Top-down forensic approach methodology
– year: 2020
  ident: 2024042316182587100_ref70
  article-title: The Zeek network security monitor
– volume: 1708
  start-page: 01730
  year: 2017
  ident: 2024042316182587100_ref79
  article-title: Evaluation of digital forensic process models with respect to digital forensics as a service
  publication-title: arXiv
– year: 2020
  ident: 2024042316182587100_ref85
  article-title: Samsung SmartThings cam — owner information support — Samsung US
– volume-title: Blackhat USA, Las Vegas, NV, USA, 27 July - 1 August
  year: 2013
  ident: 2024042316182587100_ref76
  article-title: Security Evaluation of the Z-Wave Wireless Protocol
– start-page: 608
  volume-title: 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, Austin, TX, USA, 20–23 October
  year: 2013
  ident: 2024042316182587100_ref8
  article-title: Internet of things forensics: Challenges and approaches
– year: 2020
  ident: 2024042316182587100_ref92
  article-title: AWS IoT - Amazon web services
– volume: 42-43
  start-page: 301482
  year: 2022
  ident: 2024042316182587100_ref34
  article-title: A forensic investigation framework for internet of things monitoring
  publication-title: Forensic Sci. Int. Digit. Investig.
  doi: 10.1016/j.fsidi.2022.301482
– volume: 29
  start-page: 55
  year: 2019
  ident: 2024042316182587100_ref43
  article-title: Forensic analysis of nucleus rtos on mtk smartwatches
  publication-title: Digital Investigation
  doi: 10.1016/j.diin.2019.03.007
– volume: 3
  start-page: 50
  year: 2016
  ident: 2024042316182587100_ref16
  article-title: Forensic-by-design framework for cyber-physical cloud systems
  publication-title: IEEE Cloud Comput.
  doi: 10.1109/MCC.2016.5
– year: 2020
  ident: 2024042316182587100_ref68
  article-title: Foremost - recovery tool
– year: 2020
  ident: 2024042316182587100_ref81
  article-title: Samsung SmartThings multipurpose sensor — owner information support — Samsung US
– year: 2020
  ident: 2024042316182587100_ref93
  article-title: Waspmote Plug & Sense! Sensor guide
– start-page: 544
  volume-title: IEEE 10th International Conference on Ubiquitous Intelligence and Computing and 2013 IEEE 10th International Conference on Autonomic and Trusted Computing, Vietri sul Mare, Italy, 18–21 December
  year: 2013
  ident: 2024042316182587100_ref39
  article-title: The forensics edge management system: A concept and design
– volume: 8
  start-page: 3
  year: 2011
  ident: 2024042316182587100_ref53
  article-title: A survey of main memory acquisition and analysis techniques for the windows operating system
  publication-title: Digit. Investig.
  doi: 10.1016/j.diin.2011.06.002
– volume: 14
  start-page: 3011
  year: 2022
  ident: 2024042316182587100_ref33
  article-title: Integrated intelligent IOT forensic framework for data acquisition through open-source tools
  publication-title: Int. J. Inf. Technol.
– start-page: 11
  volume-title: 14th Australian Digital Forensics Conference, Perth, Australia, 5–6 December
  year: 2016
  ident: 2024042316182587100_ref52
  article-title: Memory forensic data recovery utilising ram cooling methods
– start-page: 279
  volume-title: IEEE International Conference on Services Computing, New York, NY, USA, 27 June - 2 July
  year: 2015
  ident: 2024042316182587100_ref37
  article-title: Faiot: Towards building a forensics aware eco system for the internet of things
– volume: 28
  start-page: 112
  year: 2019
  ident: 2024042316182587100_ref44
  article-title: Sifting through the ashes: Amazon fire tv stick acquisition and analysis
  publication-title: Digital Investigation
  doi: 10.1016/j.diin.2019.01.003
– year: 2020
  ident: 2024042316182587100_ref73
  article-title: ExifTool by Phil Harvey. Read, write and edit meta information
– start-page: 1446
  volume-title: 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), New York, NY, USA, 01–03 August
  year: 2018
  ident: 2024042316182587100_ref22
  article-title: A forensic investigation framework for smart home environment
– volume-title: ISO - ISO/IEC 27050–1:2016 - Information technology – Security techniques – Electronic discovery – Part 1: Overview and concepts
  year: 2016
  ident: 2024042316182587100_ref4
– volume: 36
  start-page: 301114
  year: 2021
  ident: 2024042316182587100_ref46
  article-title: Developing an iot forensic methodology. A concept proposal. Forensic science international
  publication-title: Digital Investigation
  doi: 10.1016/j.fsidi.2021.301114
– start-page: 50
  volume-title: A Practical Guide To Coping With Cyberstalking, April
  year: 2015
  ident: 2024042316182587100_ref63
  article-title: (2015) How you can preserve digital evidence and why it is important
– year: 2020
  ident: 2024042316182587100_ref69
  article-title: Xplico - open source network forensic analysis tool (NFAT)
– volume-title: The 11th ADFSL Conference on Digital Forensics, Security and Law (CDFSL 2016), Daytona Beach, Florida, USA, 24–26 May
  year: 2016
  ident: 2024042316182587100_ref9
  article-title: Current challenges and future research areas for digital forensic investigation
– volume-title: Mid-Year Update: 2022 SonicWall Cyber Threat Report
  year: 2022
  ident: 2024042316182587100_ref6
– start-page: 519
  volume-title: 2016 21st Asia and South Pacific Design Automation Conference (ASP-DAC), Macao, China, 25–28 January
  year: 2016
  ident: 2024042316182587100_ref50
  article-title: Security analysis on consumer and industrial iot devices
  doi: 10.1109/ASPDAC.2016.7428064
– volume: 68
  start-page: 112
  year: 2017
  ident: 2024042316182587100_ref75
  article-title: The Z-wave routing protocol and its security implications
  publication-title: Comput. Secur.
  doi: 10.1016/j.cose.2017.04.004
– year: 2020
  ident: 2024042316182587100_ref89
  article-title: Libelium smart agriculture IoT vertical kit guide
– year: 2020
  ident: 2024042316182587100_ref84
  article-title: Samsung SmartThings presence sensor — owner information support — Samsung US
– start-page: 311
  volume-title: International Conference on Advanced Computing, Networking and Informatics (ICACNI), Singapore, 1–3 June
  year: 2018
  ident: 2024042316182587100_ref25
  article-title: Acquisition and analysis of forensic artifacts from raspberry pi an internet of things prototype platform
– start-page: 1116
  volume-title: 2015 International Conference on Information and Communication Technology Convergence (ICTC), Jeju, Korea (South), 28–30 October
  year: 2015
  ident: 2024042316182587100_ref47
  article-title: Security considerations for secure and trustworthy smart home system in the iot environment
  doi: 10.1109/ICTC.2015.7354752
– volume-title: Proceedings of the 12th International Conference on Availability, Reliability and Security (ARES), Reggio Calabria, Italy, 29 August - 1 September
  year: 2017
  ident: 2024042316182587100_ref36
  article-title: Forensic state acquisition from internet of things (fsaiot): A general framework and practical approach for iot forensics through iot device state acquisition
  doi: 10.1145/3098954.3104053
– volume: 109
  start-page: 500
  year: 2020
  ident: 2024042316182587100_ref48
  article-title: Smart vehicle forensics: challenges and case study
  publication-title: Future Generation Computer Systems
  doi: 10.1016/j.future.2018.05.081
– year: 2020
  ident: 2024042316182587100_ref57
  article-title: 504ensicsLabs/LiME
– volume: 44
  start-page: 301499
  year: 2023
  ident: 2024042316182587100_ref35
  article-title: An improved IoT forensic model to identify interconnectivity between things
  publication-title: Forensic Sci. Int. Digit. Investig.
  doi: 10.1016/j.fsidi.2022.301499
– start-page: 385
  volume-title: IEEE 19th Annual Consumer Communications Networking Conference (CCNC), Las Vegas, NV, USA, 08–11 January
  year: 2022
  ident: 2024042316182587100_ref13
  article-title: Wifi-based iot devices profiling attack based on eavesdropping of encrypted wifi traffic
– start-page: 33
  volume-title: IEEE International Congress on Internet of Things (ICIOT), San Francisco, CA, USA, 02–07 July
  year: 2018
  ident: 2024042316182587100_ref38
  article-title: Fif-iot: A forensic investigation framework for iot using a public digital ledger
– volume: 40
  start-page: 301343
  year: 2022
  ident: 2024042316182587100_ref12
  article-title: Quantifying data volatility for iot forensics with examples from contiki os
  publication-title: Forensic Sci. Int. Digit. Investig.
  doi: 10.1016/j.fsidi.2022.301343
– volume: 22
  start-page: S15
  year: 2017
  ident: 2024042316182587100_ref40
  article-title: Digital forensic approaches for amazon alexa ecosystem
  publication-title: Digital Investigation
  doi: 10.1016/j.diin.2017.06.010
– volume: 3
  start-page: 17
  year: 2011
  ident: 2024042316182587100_ref45
  article-title: Common phases of computer forensics investigation models
  publication-title: Int. J. Comput. Sci. Inf. Technol.
– year: 2020
  ident: 2024042316182587100_ref58
  article-title: Halpomeranz/lmg
– ident: 2024042316182587100_ref94
  article-title: Consumer iot market size, sshare & trends analysis report forecasts, 2023 - 2030
– volume-title: Proceedings of the 12th International Conference on Availability, Reliability and Security, Reggio Calabria, Italy, 29 August - 1 September
  year: 2017
  ident: 2024042316182587100_ref18
  article-title: Application-specific digital forensics investigative model in internet of things (iot)
  doi: 10.1145/3098954.3104052
– year: 2020
  ident: 2024042316182587100_ref72
  article-title: Log2timeline Supertimeline tool
– volume-title: IoT Statistics (2023–2030)
  year: 2022
  ident: 2024042316182587100_ref95
  article-title: Exploding Topics
– volume: 22
  start-page: S3
  year: 2017
  ident: 2024042316182587100_ref41
  article-title: Drop (drone open source parser) your drone: forensic analysis of the dji phantom iii
  publication-title: Digital Investigation
  doi: 10.1016/j.diin.2017.06.013
– year: 2020
  ident: 2024042316182587100_ref83
  article-title: Samsung SmartThings moisture sensor — owner information support — Samsung US
– year: 2020
  ident: 2024042316182587100_ref71
  article-title: Kroll Artifact parser and extractor - KAPE
– start-page: 1
  volume-title: IEEE 27th International Conference on Emerging Technologies and Factory Automation (ETFA), Stuttgart, Germany, 06–09 September
  year: 2022
  ident: 2024042316182587100_ref32
  article-title: An OT Forensic Model Based on Established IT Forensics Using IIRA
– volume: 16
  start-page: 29
  year: 2016
  ident: 2024042316182587100_ref51
  article-title: Forensic analysis of newer tomtom devices
  publication-title: Digital Investigation
  doi: 10.1016/j.diin.2016.01.016
– start-page: 290
  volume-title: 6th SSCC: International Symposium on Security in Computing and Communication, Bangalore, India, 19–22 September
  year: 2018
  ident: 2024042316182587100_ref30
  article-title: Wearable device forensic: Probable case studies and proposed methodology
– volume: 11
  start-page: 100220
  year: 2020
  ident: 2024042316182587100_ref11
  article-title: Internet of things Forensics: a review
  publication-title: Internet of Things
  doi: 10.1016/j.iot.2020.100220
– year: 2020
  ident: 2024042316182587100_ref64
  article-title: Autopsy - the sleuth kit
– start-page: 93
  volume-title: IEEE International Conference on Smart Internet of Things (SmartIoT), Xi’an, China, 17–19 August
  year: 2018
  ident: 2024042316182587100_ref28
  article-title: Towards an integrated digital forensic investigation framework for an iot-based ecosystem
– year: 2020
  ident: 2024042316182587100_ref66
  article-title: Rekall Forensics
– start-page: 274
  volume-title: IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), Exeter, UK, 21–23 June
  year: 2017
  ident: 2024042316182587100_ref20
  article-title: A new digital forensics model of smart city automated vehicles
– volume: 17
  start-page: 14
  year: 2016
  ident: 2024042316182587100_ref49
  article-title: Extraction and analysis of non-volatile memory of the zw0301 module, a z-wave transceiver
  publication-title: Digital Investigation
  doi: 10.1016/j.diin.2016.02.002
– year: 2020
  ident: 2024042316182587100_ref62
  article-title: The-tcpdump-group/libpcap. Https://github.Com/the-tcpdump-group/libpcap
SSID ssj0002096
Score 2.3771899
Snippet The number of Internet of Things (IoT) forensic investigations has increased considerably over recent years due to the weak nature of the security measures of...
SourceID crossref
oup
SourceType Enrichment Source
Index Database
Publisher
StartPage 1324
Title A Concept Forensic Methodology For The Investigation Of IoT Cyberincidents
Volume 67
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
link http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV3db9MwELfK9sIL41OML1kIiYfIzE2cpHnsNmBUK3ugk_ZW2bEjFYUEdYnE9vftD9v5I6kzhhj0IUpc59T6fro73_nuEHqn0liFIQ-JmvCCME4jklGZEyXSPBGZzKXxQ86_JkenbHYWn41GV96ppbYRH_LLW_NK_oerMAZ81Vmy_8DZnigMwD3wF67AYbjeicc6pdxkHQa6w2YFCx7MTUdoW1gJBs2JCq-WBvD6pAi-1Ivg4EIo42iXXTWnvmCBa_QQ-L_BhCkAEWUdfNbB9f3oh_U9z1od7uFVq7yJ6_WqLGsy1z2LbSTenuOeca2GN0Ge0n49rsgNovW5fW_jMF83ZuSwUpfB4GkwPzhuVwNPRmgOwNj06E46g05gSWjjNMoKZJZQokvM-xLbPa18d4QRv7C1Zp4qH0e2VOVvasKW0ALGf69KuBG_uKROKQwqct_QlP35RRu5j5aWwtK9fw9th7BZAWm7PT2cH3_rLYKQmj5x_f_ri4dGe5bCnqMwMI50wqVn6yweogduk4KnFnGP0EhVj9FOhwvs9METNJtiB0DcARB7ANSDGACIBwDEJwUGAOIhAJ-i008fFwdHxDXnIDlYvA1J0owKsG2k4JxTTnMmlRRMCcbA6puA7UU5F0US87yIw0LxVHJQHlxOYh6HoBWeoa2qrtRzhNVYastzogpRsDRLheQMBEUEn3GcZGoXkW5VlrmrXK8bqJTL2_mwi97383_ami1_nPkWFvkvk17cmdxLdH-D61doq1m36jXYrI144yBxDdm0mkE
linkProvider EBSCOhost
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=A+Concept+Forensic+Methodology+For+The+Investigation+Of+IoT+Cyberincidents&rft.jtitle=Computer+journal&rft.au=Castelo+G%C3%B3mez%2C+Juan+Manuel&rft.au=Carrillo-Mond%C3%A9jar%2C+Javier&rft.au=Rold%C3%A1n-G%C3%B3mez%2C+Jos%C3%A9&rft.au=Mart%C3%ADnez+Mart%C3%ADnez%2C+Jos%C3%A9+Luis&rft.date=2024-04-21&rft.issn=0010-4620&rft.eissn=1460-2067&rft.volume=67&rft.issue=4&rft.spage=1324&rft.epage=1345&rft_id=info:doi/10.1093%2Fcomjnl%2Fbxad062&rft.externalDBID=n%2Fa&rft.externalDocID=10_1093_comjnl_bxad062
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0010-4620&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0010-4620&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0010-4620&client=summon