International Journal on Advanced Science, Engineering and Information Technology

For every contact made on a digital device, a trace is left behind; this means that every digital device contains some form of electronic evidence that may be associated to the behaviour of the users in a given environment. This evidence can be used to prove or disprove facts if a cyber-incident is detected. However, the world has seen a shift on how devices communicate and connect as a result of increased devices and connectivity, which has led to the creation of “smart environments†where the Internet of Things (IoT) plays a key role. Still, we can harness this proliferation of digital devices and smart environments to Digital Forensic (DF) technology which might help to solve the puzzle of how proactive strategies can help to minimise the time and cost needed to conduct a digital investigation. This article introduces the Functional Requirements (FRs) and processes needed when Digital Forensic Readiness (DFR) process is employed as a security component in the IoT-based environment. The paper serves as a continuation of the initially proposed architecture for adding DFR as a security component to IoT environment. The aspects and claims presented in this paper can be used as basic building blocks for implementing DFR technologies that guarantee security in the IoT-based environment. It is worth noting again that the processes that have been defined in this paper comply with the ISO/IEC 27043: 2015 International Standard.

digital forensic readiness; functional requirements; internet of things

M. Triawan, H. Hindersah, D.Yolanda, and F. Hadiatna, “Internet of Things using Publish and Subscribe Method Cloud-based Application to NFT-based Hydroponic Systemâ€, In the 2016 IEEE, Proceedings of the 6th International Conference on System Engineering and Technology(ICSET) Oct, 3-4, 2016 Bandung – Indonesia, 2016.

M. Al-Fuqaha, M. Guizani, M. Mohammadi, Aledhari and M. Ayyash, "Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications," in IEEE Communications Surveys & Tutorials, vol. 17, no. 4, pp. 2347-2376, Fourthquarter, 2015.

Tripwire,†Survey: Less Than One-Third of Organizations Prepared for IoT Security Risksâ€, Available at: http://www.tripwire.com/company/news/press-release/survey-less-than-one-third-of-organizations-prepared-for-iot-security-risks/ [Accessed on 23 -Feb- 2016].

J. Barrett, “Internet of Things (IoT)â€, 2016 Available at: http://internetofthingsagenda.techtarget.com/definition/Internet-of-Things-IoT [Accessed on 24th Feb. 2017]

J. Morgan, “A Simple Explanation of 'The Internet of Thingâ€, 2014. Available at: https://www.forbes.com/sites/jacobmorgan/2014/05/13/simple-explanation-internet-things-that-anyone-can-understand/#1734f7081d09 [Accessed on 24th Feb. 2017]

S. Jason, “How ‘Digital Forensic Readiness’ Reduces Business Risk†Available at: http://www.darkreading.com/attacks-breaches/how-digital-forensic-readiness-reduces-business-risk/a/d-id/1323508, 2015 [Accessed March 18, 2017]

M. Cobb ,â€Digital forensic investigation procedure: form a computer forensics policyâ€, http://www.computerweekly.com/tip/Digital-forensicinvestigation-procedure-Form-a-computer-forensics-policy, 2013 [Accessed February 18, 2013].

F. R. Van Staden and H. S. Venter,"Adding digital forensic readiness to electronic communication using a security monitoring tool," 2011 Information Security for South Africa, Johannesburg, 2011, pp. 1-5. doi: 10.1109/ISSA.2011.6027537.

S. Jason , “Implementing Digital Forensic Readiness: From Reactive to Proactive Process:, 1st Edition. EBook ISBN: 9780128045015. Copyright: © Syngress 2016.

K. Reddy, and H. S. Venter, “The architecture of a digital forensic readiness management systemâ€, Computers & security, 32, 73-89, 2013.

Victor R Kebande,Nickson M Karie and H S Venter,"Adding Digital Forensic Readiness as a Security Component to the IoT Domain," International Journal on Advanced Science, Engineering and Information Technology, vol. 8, no. 1, pp. 1-11, 2018. [Online]. Available: http://dx.doi.org/10.18517/ijaseit.8.1.2115.

ISO/IEC 27043: 2015, Information technology -- Security techniques -- Incident investigation principles and processes, [online],Accessed at https://www.iso.org/standard/44407.html

R. Rowlingson, “A ten step process for forensic readinessâ€, International Journal of Digital Evidence, 2(3), 1-28, 2004.

A. Yasinsac and Y. Manzano, “Policies to enhance computer and network forensics. In Proceedings of the 2001 IEEE workshop on information assurance and security (pp. 289-295), 2001.

J. Tan, “Forensic readiness. Cambridge, MA:@ Stake, 1-23, 2001.

V. R. Kebande and H.S. Venter, “ Towards a Model for Characterizing Potential Digital Evidence in the Cloud Environment during Digital Forensic Readiness Processâ€, In ICCSM2015-3rd International Conference on Cloud Security and Management: ICCSM2015 (p. 151)., 2015 Academic Conferences and publishing limited.

Y. C. Liao and H. Langweg,†Resource-Based Event Reconstruction of Digital Crime Scenesâ€, In Intelligence and Security Informatics Conference (JISIC), 2014 IEEE Joint (pp. 129-136). IEEE, 2014.

V. R Kebande, and H.S Venter, “Adding event reconstruction to a Cloud Forensic Readiness modelâ€, In Information Security for South Africa (ISSA), 2015 (pp. 1-9). IEEE, 2015.

B. D Carrier and E. H Spafford, “Defining event reconstruction of digital crime scenesâ€, Journal of Forensic Science, 49(6), JFS2004127-8, 2004.

V. R Kebande and I. Ray, “ A Generic Digital Forensic Investigation Framework for Internet of Things (IoT). In Future Internet of Things and Cloud (FiCloud), 2016 IEEE 4th International Conference on (pp. 356-362). IEEE, 2016.

Du, M., & Li, F. Spell: Streaming Parsing of System Event Logs.

A. S. Editya, S. Sumpeno, I, Pratomo, " Performance of IEEE 802.14.5 and ZigBee protocol on realtime monitoring augmented reality based wireless sensor network system," International Journal of Advances in Intelligent Informatics, vol. 3, No 2 pp. 90–97, 2017.