Enhanced Readiness Forensic Framework for the Complexity of Internet of Things (IoT) Investigation Based on Artificial Intelligence
DOI:
https://doi.org/10.37934/araset.50.1.121135Keywords:
Internet of Things, Digital forensics readiness, IoT attack, Investigation forensics, Artificial intelligence (AI), ISO/IEC 27043Abstract
The growing versatility of Internet of Things devices increases the possibility of multiple attacks occurring and being carried out continuously. The limited processing capabilities and memory capacity of Internet of Things devices pose challenges for security and forensic analysis in collecting and documenting various attacks targeting these devices during the forensic investigation process. Thus, forensic investigative analysis goes beyond expectations, offering a holistic understanding of the complex consequences arising from IoT device attacks that have occurred. These issues and challenges provide important insights into vulnerabilities, potential future threats, and steps to effectively increase the resilience of the IoT ecosystem against the evolving cyber-attack risk landscape. Apart from that, the large amount of IoT attack data generated raises several problems. Such as the difficulty of quickly identifying threats and in-depth forensic analysis of each very diverse attack. The implementation of artificial intelligence is a very useful solution in overcoming the forensic investigation challenges that arise due to IoT attacks with the enormous increase in data volume and complexity. Therefore, this research aims and proposes to improve the IoT forensic readiness framework by collecting and analyzing digital evidence in detecting various attacks from various IoT devices automatically based on an artificial intelligence approach and functioning as an early warning system. Enhanced the proposed IoT forensic readiness framework based on ISO/IEC 27043 serves as a prototype for detecting and collecting various types of attacks as potential digital evidence from various IoT devices, as well as effective forensic investigation of digital evidence with the utilization of smart repository.