Internet of things forensics: Recent advances, taxonomy, requirements, and open challenges

Abstract

The explosive growth of smart objects and their dependency on wireless technologies for communication increases the vulnerability of Internet of Things (IoT) to cyberattacks. Cyberattacks faced by IoT present daunting challenges to digital forensic experts. Researchers adopt various forensic techniques to investigate such attacks. These techniques aim to track internal and external attacks by emphasizing on communication mechanisms and IoT’s architectural vulnerabilities. In this study, we explore IoT’s novel factors affecting traditional computer forensics. We investigate recent studies on IoT forensics by analyzing their strengths and weaknesses. We categorize and classify the literature by devising a taxonomy based on forensics phases, enablers, networks, sources of evidence, investigation modes, forensics models, forensics layers, forensics tools, and forensics data processing. We also enumerate a few prominent use cases of IoT forensics and present the key requirements for enabling IoT forensics. Finally, we identify and discuss several indispensable open research challenges as future research directions.