Internet of Things Security and Forensics: Concern

and Challenges for Inspecting Cyber Attacks

Dr. Madhavi Dave

School of Cyber Security and Digital Forensics
National Forensic Sciences University
Gandhinagar, Gujarat, India
[email protected]
2022 Second International Conference on Next Generation Intelligent Systems (ICNGIS) | 978-1-6654-6792-6/22/$31.00 ©2022 IEEE | DOI: 10.1109/ICNGIS54955.2022.10079829

ORCID: 0000-0001-6058-5440

Abstract— The Internet of Things is an emerging technology security on using wireless system invites cyber attackers. The
for recent marketplace. In IoT, the heterogeneous devices are cyber attackers not only steal the data and hack the system but
connected through the medium of the Internet for seamless also use IoT devices to attack other systems. Thus, IoT
communication. The devices used in IoT are resource- security is required for providing logical and physical security
constrained in terms of memory, power and processing. Due to assurance for IoT devices and its eco-system.
that, IoT system is unable to implement hi-end security for
malicious cyber-attacks. The recent era is all about connecting The cyber attackers breach the security of IoT system with
IoT devices in various domains like medical, agriculture, various types of malicious attacks [7]. The IoT forensics is the
transport, power, manufacturing, supply chain, education, etc. legal investigation of any cyber-crime and it collects and
and thus need to be prevented from attacks and analyzed after analyses the evidences of crime by reconstructing the events
attacks for legal action. The legal analysis of IoT data, devices ofcyber-attack [8]. The domains of security and forensics are
and communication is called IoT forensics which is highly same for providing safe environment to user. The security
indispensable for various types of attacks on IoT system. This concerns with identifying the type of attack and preventing it
paper will review types of IoT attacks and its preventive for minimum damage to the system. While forensics post-
measures in cyber security. It will also help in ascertaining IoT mortem the incident for finding out its cause and suggest
forensics and its challenges in detail. This paper will conclude corrective measures [9].
with the high requirement of cyber security in IoT domains with
implementation of standard rules for IoT forensics. II. IOT AND CYBER ATTACKS
Keywords— Internet of Thing, Cyber Attacks, Cyber Security, The Internet of Things has become a trending technology
IoT Security, IoT Forensics. for many businesses of different verticals. All the businesses
are using their own technologies and platforms for
I. INTRODUCTION communicating with IoT devices. Moreover, the devices do
The Internet of Things paradigm is about connecting not carry enough computing or memory capacity for security
devices with the help of the Internet from domains like implementation. Thus, it is almost impossible to have unified
medical to agriculture, manufacturing to home, transportation security measures for all such businesses [10]. As per the
to education and many more [1]. As per the research of IBM, research of CISCO, based on vulnerability of IoT system; they
by 2025 more than 75 billion IoT devices will be connected in found that sensors are the most vulnerable part of IoT system
the world as the number of devices from 2019 are increasing and most affected part is hardware/ firmware. The
exponentially [2]. It is also predicted that, by 2023 the vulnerability pyramid is designed based on the capacity to
spending on IoT devices will reach 1.1 trillion U.S. Dollars handle cyber-attack in IoT system [11].
[2]. The connected devices are aimed to provide fastest
communication among the ecosystem and thus the
requirement of security is neglected in many cases. The IoT
components communicate through signals of Wireless Sensor
Network (WSN) and Internet and thus they are most prone to
cyber-attacks [3].
As the study of Symantec, there are 600\% hike in IoT
cyber-attacks from year 2016 to 2017 and 15\% hike in
devices vulnerabilities [4]. This situation of attacks on IoT
system arise due to negligence of cyber security while
designing the devices and its system. The manufactures of IoT
system concentrate more on the miniature size of device, low
cost and high usability while designing and marketing the
product of IoT [5]. Furthermore, IoT devices are mainly
working on M2M communications without any human
intervention. Such open communication with less or no Fig. 1. IoT Vulnerability Pyramid

978-1-6654-6792-6/22/$31.00 ©2022 IEEE

Authorized licensed use limited to: Nat. Inst. of Elec. & Info. Tech (NIELIT). Downloaded on April 01,2024 at 06:04:46 UTC from IEEE Xplore. Restrictions apply.
 The IoT devices uses API (Application Programmable
Interface) for providing user interface in application. All the
communication of IoT devices and its regulations can be
managed by the API of the system. The API are mostly
designed using JSon or JavaScript which is most prone to
cyber-attacks [8]. The IoT devices itself are vulnerable for
being the platform for security threat. The attackers use IoT
devices at government bodies, public places, medical
institutes, financial organizations, etc. for preforming the
cyber-attack. It is been predicted by [12] that, by 2025 one
third of cyber-attacks would use IoT devices as a platform for
DDoS (Distributed Denial of Service) and many other attacks
on legit organizations. The attackers may use IP addresses,
smart gadgets, cameras and many other devices to hack or
intrude in the privacy [13].
The cyber-attacks can be categorized as physical and
digital attacks in the field of IoT [14]. As the cyber-attacks
already existed in the information technology world, but with
the advancement of IoT technology the new vertical of cyber-
physical attack comes in existence. The IoT devices are not
only prone to cyber-attacks but they are under threat of
physical attack also, due to its characteristic and size. The
main types of cyber-attacks are as under,
• IoT Hardware Attacks
• IoT Software Attacks
• IoT Data Attacks
• IoT Protocol Attacks

A. IoT Hardware Attacks

The cyber-attacks on IoT hardware includes the attacks on
physical and network layer components of IoT’s layered Fig. 2. IoT Hardware Attacks
architecture. The hardware attacks are increasing rapidly than
the solution implementation for hardware and physical
security. The hardware attacks are further bifurcated as C. IoT Data Attacks
physical, network and side channel attacks. The main reason The data attacks on IoT system are very crucial from
for increase of physical attack is the less human intervention security aspects as IoT devices are the biggest source of data
in IoT system as the devices are placed at distant places generation. The data attacks can happen in form of brute-
without supervision [11]. The network attack can be force, malicious VM (Virtual Machine), VM hopping and
considered when the hardware of the devices is malfunctioned mitigation, data exposure, data leakage, scavenging or account
and thus it results in breach of security in IoT system. The hijacking. As the data from IoT storage device are recoverable
cause behind this type of attack is the non-regulated if backed up properly else they are vulnerable to many attacks.
production of IC (Integrated Circuit) and thus hardware trojan The same way data leakage is a crucial issue which happens
or cloning of network device become possible [14]. The side due to lack of the secure methods of processing, storing, and
channel attack is a threat to embedded system as in this type transmitting, for example, storing unencrypted data either on
of attack the hidden data, voice, power consumption and many the cloud or on IoT objects. The list of data attacks are shown
other information can be extracted from the IoT system [11]. in Fig. 4.
The example of attack in each category for hardware attack is
listed in Fig. 2.
III. CYBER-SECURITY BY IOT PROTOCOLS
B. IoT Software Attacks In the domain of IoT, most discussed thing is device
The software attacks on IoT system can be categories as security and network security when the concern is about
operating system attack, web application attack and firmware protecting the system [15]. The security key measures are CIA
attack based on its characteristics. The cyber-attacks like (Confidentiality, Integrity and Authenticity) which can be
trojan, phishing, brute force or virus which target operating considered for devices, its communication and the whole
system directly for mitigating the process fall under the network. These measures ensure that the IoT devices usage is
category of OS attack. The same way, the attack on web not compromised by any unauthenticated party and its privacy
application like spyware, malware, DoS or malicious code is not violated. For IoT devices the security measures are not
breaches the security of application and hijacking or reverse in-built as the devices are heterogeneous in terms of
engineering can attack the firmware as depicted in Fig. 3. manufacturing and underlying platform. The security can be
added on in devices at cost of its size, memory and processing
speed, and thus many manufacturers avoid that [16]. Due to

Authorized licensed use limited to: Nat. Inst. of Elec. & Info. Tech (NIELIT). Downloaded on April 01,2024 at 06:04:46 UTC from IEEE Xplore. Restrictions apply.
 Fig. 4. IoT Data Attacks

of IoT technology is continuously keeping pace for reducing

cyber security attacks for IoT devices and its communication.
The IoT system is better described through its layered
architecture and each and every layer is assigned separate set
of responsibilities for connection and communication [3]. In
IoT the security measures can also be considered for each
layer according to the task of the corresponding layer [18].
The following section describes cyber security attacks and its
solutions for each layer of IoT architecture.
Fig. 3. IoT Software Attacks

Cyber Security for Physical / Datalink Layer

these reasons, it is crucial for IoT ecosystem to provide cyber
security for protection of open communication over the As IoT devices are designed for working in distant and
Internet. non-human operated areas, they tend to be resource
constrained and tiny in size [19]. Due to the nature of IoT
The security mechanism of IoT devices can be
device to be resource constrained in terms of memory,
implemented in protocols for standardization of the eco- processing and power, it’s almost impossible to add extra
system [17]. The IoT protocols can be bifurcated by its layer of security in this layer without compromising its size
appearance in IoT layered architecture and it can be broadly and capacity [20][21][22]. The main cyber-attacks which
categorized based on its application as follows, concerns this layer are cloning of RFID tags and physical
• IoT Connectivity Protocol damage as per the Fig 2. There are many researches going in
the direction of Physical Unclonable Functions (PFU) which
• IoT Communication Protocol can protect authentication device identification for physical
The protocol characteristic with its available security chip [23][24]. PFU can restrict the IoT devices from its
mechanism are described in Tab. 1 for connectivity protocol cloning and protect from device tempering as well [25][26].
and Tab. 2 for communication protocol. The connectivity The PFU can embed lightweight cryptography for cyber
protocol table demonstrates the range of the communication security concerns at device layer but it also requires
with its bandwidth. It also depicts the type of attacks can enhancement of security commitments at the end of
happen on the mentioned protocol with its internal security manufacturer and third parties.
mechanism which may protect the device connection.
Cyber Security for Network Layer
The communication protocol table describes the beneath
communication model that protocol is following with its The network layer of IoT system play crucial role for its
internal security and transport support. The communication cyber security as this layer is responsible for all the
protocol’s operational structure and auto node discovery for connections and communication from device layer to the user
extension of network communication is mentioned in table. application layer. As per the Fig 2 and 3, the major cyber-
attacks on network layer are DDoS, traffic analysis, Virus and
A. IoT Layered Architecture for Cyber Security worms. For protection of this layer a suitable Intrusion
Detection System (IDS) is required to be implemented [27].
The IoT cyber security has become essential part of any The IDS help the IoT system to prevent DDoS attacks, packet
IoT based ecosystem due to preventing the risk of data sniffing and detect anomalies using machine learning models
exposure and asset protection. The recent emergence in field [28][29].

Authorized licensed use limited to: Nat. Inst. of Elec. & Info. Tech (NIELIT). Downloaded on April 01,2024 at 06:04:46 UTC from IEEE Xplore. Restrictions apply.
 Tab. 1. Security Measures for IoT Connectivity Protocol

Fig. 5. Digital Forensic Process Life cycle

the collected evidences remain unchanged and can be

investigated to take legal action again criminal activity [36].
The digital forensics is a sub-division of forensic science
which deals with electronic devices as an evidence in case of
cyber-crime. The electronic devices may range from personal
computer to mobile phone, CCTV camera to IoT device and
Tab. 2. Security Measures for IoT Communication Protocol
compact disk to data servers. The main concern in digital
forensics is to create copy of evidence by cryptographic hash
Cyber Security for Transport Layer function so that the original evidence remain unchanged and
The role of transport layer is to support the transport and the copied evidence can be used in legal procedure [37][38].
store data in IoT ecosystem with the help of cloud system as The digital forensics life cycle can be depicted as Fig. 5, which
IoT devices are not capable of data transport and storage in its describes its four stages for criminal incident and its evidence
constrained environment. As per Fig. 2 and 3, the IoT collection.
transport layer can be attacked with firmware and data level The IoT forensics is all about investigating and collecting
attacks. To restrict outside attacks and protect the system, the evidences from It devices. As now a days, IoT has span across
IDS and blockchain approach can be implemented [30][31]. all the domain which makes it important to define the structure
The security aspects in blockchain can assure IoT ecosystem’s for IoT forensics [39]. According to the resource constrained
security concerns by implementing it for data transport using nature IoT devices, the task for investigating criminal activity
hyper ledger fabric [32]. through IoT devices is a tedious job. The devices of IoT
ecosystem are not having enough memory to store the data and
Cyber Security for Application Layer thus the data for investigation may be stored in some distant
and unknown cloud platform. The IoT devices also struggles
The application layer of IoT supports many smart for processing and memory capacity, which makes the task of
applications like power grids, supply chain, transport, evidence gathering more difficult [40].
medical, agriculture and many other. The security at
application layer is the utmost need of the current time as the
security compromise at application layer may affect A. Need for IoT Forensics
interrelated connections and its applications [33]. The As IoT market is widespread in use, thus the IoT system
communication protocols like CoAP, MQTT, AMQP, dependent crimes too. The IoT Forensic departments is still in
XMPP can be used to strengthen the authentication and its infancy and researchers of digital forensics are exploring in
access control mechanism atapplication layer [34][35]. this domain. The IoT forensics techniques and frameworks are
in pipeline for approval of standardization. Unlike the
IV. IOT FORENSICS traditional forensics which relies on firewall and secure end
points, IoT devices require investigation tools for checking
The forensics is a science which is used for investigating each layer of network. With the exponential growth of IoT
criminal activities by collecting its evidences by using its market, its forensic tools are also in high demand [41].
scientific techniques. The crucial tasks of forensics are
evidence gathering and its analysis in systematic way so that The IoT forensics can be divided in following section due
to its communication characteristics,

Authorized licensed use limited to: Nat. Inst. of Elec. & Info. Tech (NIELIT). Downloaded on April 01,2024 at 06:04:46 UTC from IEEE Xplore. Restrictions apply.
 C. IoT Forensics Opportunities
IoT forensics is not only coming with challenges but also
offers many opportunities in technical advancements. The first
and important advantage of IoT forensics over other
categories is that the evidences recorded by IoT devices are
not noticed by criminals in many cases as IoT devices operates
without human intervention. Thus the criminal can never even
think of to delete the evidence or destroy the data [44].
The evidences of IoT devices can IoT forensics is not only
coming with challenges but also offers many opportunities in
technical advancements. The first and important advantage of
IoT forensics over other categories is that the evidences
recorded by IoT devices are not noticed by criminals in many
cases as IoT devices operates without human intervention.
Thus the criminal can never even think of to delete the
evidence or destroy the data [44].

Fig. 6. IoT Forensics Components [8]

The evidences of IoT devices cannot be easily tempered or
destroyed as the data could be stored at many cloud locations
and thus makes it difficult for the cyber-criminal to get access
• IoT Device Forensics: The investigation of the ”Things” of it [45]. The major advantage of IoT forensics is that the
of IoT system for cyber-criminal incident. tiniest device can capture the real time data and transmit it to
• IoT Network Forensics: The network and is connections many connections of the network. The cumulative picture
can be traced for criminal activity and its evidences as the collected from many IoT devices can reconstruct the incident
communication may be routed through network for and help the forensic science to resolve the cyber-crime faster
malicious activities. than any other branch of forensics science. not be easily
tempered or destroyed as the data could be stored at many
• IoT Cloud Forensics: The data storage cloud can be cloud locations and thus makes it difficult for the cyber-
inspected for evidences as the memory constrained IoT criminal to get access of it [45]. The major advantage of IoT
devices stores the data in private or public cloud storage. forensics is that the tiniest device can capture the real time data
and transmit it to many connections of the network. The
cumulative picture collected from many IoT devices can
B. Challenges for IoT Forensics reconstruct the incident and help the forensic science to
• The major concern for IoT forensics is undefined system resolve the cyber-crime faster than any other branch of
and structure unlike digital forensics. This sub-division of forensics science.
digital forensics is still growing and thus there is no
defined methodology for IoT forensics [40]. Even the tools V. CONCLUSION
and technology for evidence collection and analysis are
not defines so investigator may follow its own techniques In this paper, the IoT system is evaluated for open threats
for investigation. and malicious activities by cyber criminals. The types of
cyber-attacks in various categories related to IoT system is
• In IoT, the devices can be placed across the globe and thus discussed in depth. The internal security mechanism of IoT
it’s difficult to collect evidences and file jurisdiction at any system and its layer architecture are described which need
single physical location. The IoT devices may also be added on protection for preventing hi-end attacks which can
connected to many networks and router for malfunction the connection and compromise the data security.
communication thus it makes its investigation more The security solution at each layer of IoT architecture is
difficult [42]. discussed so that the system and its heterogeneous devices can
• The identification of IoT devices at the crime scene along strengthen the security measures.
with evidence collection is challenging task due to its size The paper also discusses the after event of the cyber-crime
and resource constrained nature. It may happen that the in IoT system which is in form of IoT forensics. The life stages
IoT devices could be physically damaged and cannot be of forensic science are discussed in relevance with IoT
recovered for evidence acquisition. ecosystem so that incident can be inspected seamlessly. This
• The another challenge is the heterogeneity of IoT devices paper depicts the need of standard procedure in case of IoT
for using different platform and data storage formats. As forensics with the challenges and opportunities in this field.
the devices may follow proprietary operating platform and
data string mechanism, which makes it tedious task to REFERENCES
recover the device and collect data from it [43].
[1] K. Ashton, ”Internet of Things”, RFiD Journal (2009).
• As the smart IoT device can store real time data for many [2] https://www.statista.com/statistics/471264/iot-number-of-connected-
personal events and activities of person’s life. Legally it is devices-worldwide/
not advisable to intrude anyone’s privacy without consult. [3] J. Gubbi, R. Buyya, S. Marusic, M. Palaniswami, ”Internet of Things
Thus, IoT devices inspection involve legalities related to (IoT): A vision, architectural elements, and future directions”, Future
privacy and integrity which need to be taken care of. Generation Computer Systems, 29(7), 1645–1660 (2013).

Authorized licensed use limited to: Nat. Inst. of Elec. & Info. Tech (NIELIT). Downloaded on April 01,2024 at 06:04:46 UTC from IEEE Xplore. Restrictions apply.
[4] Internet Security Threat Report (ISTR): Volume 23, Mar. [26] H. Xu, J. Ding, P. Li, F. Zhu, R. Wang, ”A lightweight RFID mutual
2018, [online] Available: https://www.symantec.com/content/dam/ authentication protocol based on physical unclonable function”,
symantec/docs/reports/istr-23- 2018-en.pdf. Sensors 2018, 18, 760.
[5] G. Lally and D. Sgandurra, Towards a Framework for Testing the [27] J. Pacheco, V. Benitez, L. Fe´lix, ”Anomaly Behavior Analysis
Security of IoT Devices Consistently, Cham, Switzerland:Springer, pp. for IoT Network Nodes”, In Proceedings of the 3rd International
88-102, 2018. Conference on Future Networks and Distributed Systems, Paris,
[6] CVE Details: The Ultimate Security Vulnerability Datastore France, 1–2 July 2019; pp. 1–6.
https://www.cvedetails.com/vulnerabilities-by-types.php [28] E. Hodo, X. Bellekens, A. Hamilton, P. Dubouilh, E. Iorkyase, C.
[7] Samuel Tweneboah-Koduah, Knud Erik Skouby Reza Tachtatzis, R. Atkinson, ”Threat Analysis of IoT Networks Using
Tadayoni,”Cyber Security Threats to IoT Applications and Service Artificial Neural Network Intrusion Detection System”, In Proceedings
Domains”, Wireless Personal Communications volume 95, page 69– of the 2016 International Symposium on Networks, Computers and
185 (2017) Communications (ISNCC), Yasmine Hammamet, Tunisia, 11–13 May
2016, pp. 1–6.
[8] Maria Stoyanova, Yannis Nikoloudakis, Spyridon Panagiotakis,
Evangelos Pallis, and Evangelos K. Markakis, ”A Survey on the [29] J. Li, Z. Zhao, R. Li, H. Zhang, ”AI-based two-stage intrusion detection
Internet of Things (IoT) Forensics: Challenges, Approaches, and Open for software defined IoT networks”, IEEE Internet Things J. 2019, 6,
Issues”, IEEE COMMUNICATIONS SURVEYS TUTORIALS, VOL. 2093–2102.
22, NO. 2, ISSN: 1553-877X, Page 1191 - 1221 (2020) [30] A.R. Rao, D. Clarke, ”Perspectives on emerging directions in using IoT
[9] Gulshan Kumara, Rahul Sahaab, Chhagan Lal, Mauro Conti, ”Internet- devices in blockchain application”, Internet Things 2020, 10, 100079
of-Forensic (IoF): A blockchain based digital forensics framework for [31] D. Minoli, B. Occhiogrosso, ”Blockchain mechanisms for IoT
IoT applications”, Elsevier Publications, Future Generation Computer security”, Internet Things 2018, 1, 1–13.
Systems, Volume 120, Pages 13-25 (2021) [32] R. Neisse, J.L. Herna´ndez-Ramos, S.N. Matheu, G. Baldini,
[10] Stefan Balogh , Ondrej Gallo , Roderik Ploszek , Peter Sˇpaˇcek Skarmeta, ”Toward a Blockchain-Based Platform to Manage
and Pavol Zajac, ”IoT Security Challenges: Cloud and Cybersecurity Certification of IoT devices”, In Proceedings of the 2019
Blockchain, Postquantum Cryptography, and Evolutionary IEEE Conference on Standards for Communications and Networking
Techniques”, ResearchGate Electronics 2021, 10(21), (CSCN), Granada, Spain, 28–30 October 2019, pp. 1–6.
2647;https://doi.org/10.3390/electronics10212647, October 2021 [33] A. Tekeoglu, A.S. Tosun, ”A Testbed for Security and Privacy
[11] Simranjeet Sidhu, Bassam J. Mohd, and Thaier Hayajneh, ”Hardware Analysis of IoT Devices”, In Proceedings of the IEEE 13th
Security in IoT Devices with Emphasis on Hardware Trojans”, Journal International Conference on Mobile Ad Hoc and Sensor Systems
of Sensor and Actuator Networks, MDPI, (MASS), Brasilia, Brazil, 10–13 October 2016, pp. 343–348.
https://doi.org/10.3390/jsan8030042, August 2019. [34] S. Tweneboah-Koduah, K.E. Skouby, R. Tadayoni, ”Cyber security
[12] D. Quick and K.-K. R. Choo, ”IoT device forensics and data threats to IoT applications and service domains”, Wirel. Pers.
reduction”, IEEE Access, vol. 6, pp. 47566-47574, 2018. Commun. Int. J. 2017, 95, 169–185.
[13] H. A. Abdul-Ghani, D. Konstantas and M. Mahyoub, ”A [35] L. Nastase, ”Security in the Internet of Things: A Survey on
comprehensive IoT attacks survey based on a building-blocked Application Layer Protocols”, In Proceedings of the 2017 21st
reference model”, Int. J. Adv. Comput. Sci. Appl., vol. 9, no. 3, pp. International Conference on Control Systems and Computer Science
355-373, 2018. (CSCS), Bucharest, Romania, 29–31 May 2017; pp. 659–666.
[14] Deogirikar, J.; Vidhate, A. Security attacks in IoT: A survey. In [36] A. Houck and J. Siegel, ”Fundamentals of Forensic Science”,
Proceedings of the 2017 International Conference on I-SMAC (IoTin Academic Press. Elsevier Science Technology Books, 2015.
Social, Mobile, Analytics and Cloud) (I-SMAC), Palladam, India, 10– [37] M. Harbawi and A. Varol, ”An improved digital evidence acquisition
11 February 2017; pp. 32–37 model for the internet of things forensic i: A theoretical framework”,
[15] A. Mohsen Nia and N. K. Jha, “A Comprehensive Study of Security of In 2017 5th International Symposium on Digital Forensic and Security
Internet-of-Things,” IEEE Transactions on Emerging Topics in (ISDFS), pages 1–6, April 2017.
Computing, vol. PP, no. 99, p. d, 2016. [38] Sherri Davidoff and Jonathan Ham. ”Network forensics: tracking
[16] S. Agrawal, “Internet of Things: A Survey on Enabling Technologies, hackers through cyberspace”, volume 2014. Prentice hall Upper Saddle
Protocols, and Applications,” Abakos, vol. 1, no. 2, pp. 78–95, 2018. River, 2012.
[17] S. A. Al-Qaseemi, H. A. Almulhim, M. F. Almulhim, and S. R. [39] Shams Zawoad and Ragib Hasan. ”FAIoT: Towards building a
Chaudhry, “IoT architecture challenges and issues: Lack of forensics aware eco system for the internet of things”, In 2015 IEEE
standardization,” FTC 2016 - Proceedings of Future Technologies International Conference on Services Computing, SCC 2015, New
Conference, no. December, pp. 731–738, 2017. York City, NY, USA, June 27 - July 2, 2015, pages 279–284, 2015.
[18] I. Lee, ”Internet of Things (IoT) Cybersecurity: Literature Review and [40] Sasa Mrdovic, ”IoT Forensics”, Security of Ubiquitous Computing
IoT Cyber Risk Management”, Future Internet 2020, 12(9), 157; Systems, Springer Publications,January 2021, pp 215–229,
https://doi.org/10.3390/fi12090157, September 2020. [41] H. Chi, T. Aderibigbe, and B. C. Granville, “A framework for IoT data
[19] Tara Salman, Prof. Raj jain, ”Networking Protocols and Standards for acquisition and forensics analysis,” in Proc. IEEE Int. Conf. Big Data,
Internet of Things”, CSE, November 2017. 2019, pp. 5142–5146
[20] K. Sha, W. Wei, T.A.Yang, Z. Wang, W. Shi, ”On security challenges [42] Jevgenijus Toldinas, Algimantas Vencˇkauskas, Sˇaru¯nas
and open issues in Internet of Things”, Future Gener. Comput. Syst. Grigaliu¯nas, Robertas Damasˇevicˇius, and Vacius Jusas.
2018, 83, 326–337. ”Suitability of the digital forensic tools for investigation of cyber
[21] R. Yu, G. Xue, V.T. Kilari, X. Zhang, ”Deploying Robust Security in crime in the internet of things and services”, In The 3rd International
Internet of Things”. In Proceedings of the 2018 IEEE Conference on Virtual Research Conference In Technical Disciplines, pages 86–97,
Communications and Network Security (CNS), Beijing, China, 30 October 2015.
May–1 June 2018; pp. 1–9. [43] Christian D’Orazio, Kim-Kwang Raymond Choo, and Laurence T.
[22] M. O’Neill, ”Insecurity by design: Today’s IoT device security Yang. ”Data exfiltration from internet of things devices: ios devices as
problem”, Engineering 2016, 2, 48–49.Y. case studies”, IEEE Internet of Things Journal, 4(2):524–535, 2017.
[23] Gao, D.C. Ranasinghe, S.F. Al-Sarawi, O. Kavehei, D. Abbott, [44] Mikhail Afanasyev, Tadayoshi Kohno, Justin Ma, Nick Murphy,
”Emerging physical unclonable functions with nanotechnology”. IEEE Stefan Savage, Alex C. Snoeren, and Geoffrey M. Voelker. ”Privacy-
Access 2016, 4, 61–80. preserving network forensics”, Commun. ACM, 54(5):78–87, May
2011.
[24] D. Mukhopadhyay, ”PUFs as promising tools for security in Internet of
Things”, IEEE Des. Test 2016, 33, 103–115. [45] Luca Caviglione, Steffen Wendzel, and Wojciech Mazurczyk. ”The
future of digital forensics: Challenges and the road ahead”, IEEE
[25] L. Kulseng, Z. Yu, Y. Wei, Y. Guan, ”Lightweight Mutual
Security Privacy, 15(6):12–17, 2017.
Authentication and Ownership Transfer for RFID Systems”, In
Proceedings of the 2010 IEEE INFOCOM, San Diego, CA, USA, 15–
19 March 2010; pp. 1–5.

Authorized licensed use limited to: Nat. Inst. of Elec. & Info. Tech (NIELIT). Downloaded on April 01,2024 at 06:04:46 UTC from IEEE Xplore. Restrictions apply.