Toward a unified and secure approach for extraction of forensic digital evidence from an IoT device

The IoT devices have proliferated into human lives from simple mundane to advanced lifesaving activities by means of automation, control and monitoring. This rapid deployment of IoT devices has also made them to be used as weapon for attack in crimes possibly due to immature adaptation of security solution and/or advancement in technology. The extraction of digital evidence for digital forensic from an IoT device is an important step toward proving the crime in the court of law. The available solution and research focus is toward digital forensic models and frameworks for IoT environments with limited product-specific focus on IoT device. An earnest attempt is being made to define a unified and secure approach toward extraction of digital evidence from IoT devices that will facilitate digital forensics. Considering the vast and distinct types of IoT devices, it is crucial to identify the standard IoT device architecture in order to arrive at the approach for extraction of digital evidence from IoT devices. Threat modeling is used to summarize the security-related requirements as the security of the device requires to remain uncompromised while achieving the goal. The design is implemented and tested in an open source IoT device software platform and the reliability of the software is calculated using the reliability prediction. This approach can address the challenge of extracting data from varied and heterogeneous IoT devices and allow the investigators to focus on corroborating data to reconstruct the crime scene.