Open AccessHoneyNetCloud Investigation Model, A Preventive Process Model for IoT Forensics
Author(s) -
Jayakrishnan Anilakkad Raman,
Vasanthi Varadharajan
Publication year - 2021
Publication title -
ingénierie des systèmes d'information/ingénierie des systèmes d'information
Language(s) - English
Resource type - Journals
eISSN - 2116-7125
pISSN - 1633-1311
DOI - 10.18280/isi.260309
Subject(s) - computer security , process (computing) , honeypot , computer science , digital forensics , intrusion detection system , network forensics , internet of things , reliability (semiconductor) , power (physics) , physics , quantum mechanics , operating system
With the pervasive usage of sensing systems and IoT things, the importance of security has increased. Attempts towards breaching IoT security systems by attackers are on upsurge. Many intrusions in embedded systems, sensing equipment and IoT things have occurred in the past. Though there are cyber security tools like Antivirus, Intrusion detection and prevention systems available for securing the digital devices and its networks. However, a forensic methodology to be followed for the analysis and investigation to detect origin cause of network incidents is lacking. This paper derives a comprehensive preventive cyber forensic process model with honeypots for the digital IoT investigation process which is formal, that can assist in the court of law in defining the reliability of the investigative process. One year data of various attacks to the IoT network has been recorded by the honeypots for this study. The newly derived model HIM has been validated using various methods and instead of converging on a particular aspect of investigation, it details the entire lifecycle of IoT forensic investigation. The model is targeted to address the forensic analysts’ requirements and the need of legal fraternity for a forensic model. The process model follows a preventive method which reduce further attacks on network.