A Fog-Based Digital Forensics Investigation Framework for IoT Systems

The increasing number of IoT devices is prompting the need to investigate digital forensic techniques that can be efficiently applied to solve computer-related crimes involving IoT devices. In digital forensics, it is common for forensic investigators to consider computing hardware and operating systems for forensic data acquisition. However, applying current forensic data acquisition techniques for further digital evidence analysis may not be applicable to some IoT devices. It is becoming increasingly challenging to determine what type of data should be collected from IoT devices and how traces from such devices can be leveraged by forensic investigators. In this paper, we introduce a fog-based IoT forensic framework (FoBI) that attempts to address the key challenges associated with digital IoT forensics. Throughout this paper, we discuss the overall architecture, use cases and implementation details of FoBI. We further use our FoBI framework to provide insights on improving the digital forensics processes involving IoT systems.