Digital Forensics of IoT devices Homework

Purpose: The purpose of this Digital Forensics homework assignment is to investigate the security issues
with IoT Devices. Parts 3 – 6 should take at least two whole pages to answer and have citations.
Part 1: Read & watch the following two sources:

 Read: Trusting the Internet of Things by Bojanova & Voas at

https://www.computer.org/csdl/magazine/it/2017/05/mit2017050016/13rRUyft7zu
 Watch: Spies and Dolls: The Future of IoT Security | Maire O'Neill |
TEDxQueensUniversityBelfast at https://www.youtube.com/watch?v=E0FJ5K16pYE
(12:38 mins)
Part 2: Create a list of 15 different examples of IoT devices (which may impact litigation) in each of the
following categories: Home Automation IoT Devices, Industrial IoT Devices, Health
Care/Fitness IoT Devices, and VR/AR IoT Devices. Provide URL links and pictures of each
device.
1. Home Automation IoT Devices

Device Link Image

Amazon Echo https://www.bestbuy.com/site/amazon-echo-3rd-
gen-smart-speaker-with-alexa-heather-
gray/6380478.p?
skuId=6380478&ref=212&loc=1&ref=212&loc=
BM01&gclid=Cj0KCQjwj7v0BRDOARIsAGh3
7irFSZ7nWjPFhbgQIF5j_vpAfP-
VitQZBtkcM3lIUAFv5WuhtvPKmqwaAkrIEAL
w_wcB&gclsrc=aw.ds
RING Doorbell https://shop.ring.com/collections/doorbell-
cameras/products/video-doorbell

Mr coffee smart https://www.bestbuy.com/site/mr-coffee-10-cup-

coffee maker coffee-maker-stainless-steel-black/2038159.p?
skuId=2038159&ref=212&loc=1&ref=212&loc=
1&gclid=Cj0KCQjwj7v0BRDOARIsAGh37iqNt
0w5PMUi8i4WCDUyXgN18Oof4wM1FOo6yT
5S_vtWFYg8weOYBGYaAizkEALw_wcB&gcl
src=aw.ds
Nest Cam indoor https://store.google.com/us/product/nest_cam
cameras

Amazon Smart https://www.amazon.com/Echo-Spot-Smart-

Alarm Clock Display-Alexa/dp/B073SQYXTW?
ref_=fsclp_pl_dp_1

Google Nest https://www.bgemarketplace.com/google-nest-

Learning learning-thermostat-stainless-steel/I-
Thermostat NST3RDGEN-01-STST-XXXX-V1.html

Awair Smart Air https://getawair.com/

Quality Monitor

Google Nest https://store.google.com/us/product/nest_protect_

Smoke and CO 2nd_gen?hl=en-US&GoogleNest
Detector
Blossom Smart http://iotlineup.com/device/blossom
watering
controller

Petnet https://www.amazon.com/dp/B07HPYQBTS
SmartFeeder

iGrill 2 Smart https://www.amazon.com/dp/B00NC4KU42/?

grill thermometer tag=iotlineup-20

Philips Hue https://www2.meethue.com/en-us/bulbs

Smart Lighting

Belkin Wemo https://www.belkin.com/us/p/P-F7C063/

Smart Plug

Nest x Yale https://www.dell.com/en-us/shop/nest-x-yale-

Smart Lock lock-rb-yrd540-wv-619-door-electronic-smart-
 lock-touch-keypad-satin-
nickel/apd/aa099146/home-automation?
AID=6361382&cjevent=17d4b0837b4011ea834
001560a24060e&gacd=9694607-23736398-
5750457-266319267-
127795103&dgc=af&VEN1=13502820-
6361382-trd-
1443040661521563400&dclid=CjkKEQjwssD0
BRD7oJP7ge6z3rQBEiQARNJxnIHusJ9Emdetb
5NnXDMj8It7fIcvKSEZxvaLyhJZRk_w_wcB
Roomba IRobot https://www.irobot.com/roomba
Vacuum

2. Industrial IoT Devices

Device Link Image

ADT industrial https://www.lifeshield.com/shop/?
security system cid=7016f0000026nMW

Vizzon Traffic https://www.vizzion.com/cameras.html

Cameras

BizIntellia Smart https://www.biz4intellia.com/iot-smart-farming-

Farming solutions/
Solutions
Monnit Grocery https://www.monnit.com/solutions/grocery-cold-
and Cold Chain chain-monitoring
Monitoring

Monnit medical https://www.monnit.com/solutions/medical-

storage refrigerator-temperature-monitoring
monitoring

Waviot Street https://waviot.com/iot/solutions/smart-

Lighting Control city/lighting-control

ecocirc® XL http://bellgossett.com/pumps-
Heating & circulators/circulator-pumps/heating-cooling-
Cooling circulators/ecocirc-xl-high-efficiency-large-ecm-
Circulator heating/

Bell & Gossett http://bellgossett.com/pumps-circulators/end-

end suction pump suction-pumps/e-1510/
(plumbing)
Yardarm Gun & http://www.yardarmtech.com/
Holster Sensors
for Law
Enforcement

Daytex smart https://www.datexcorp.com/iot-and-the-smart-

warehouse & warehouse/
inventory
management

John Deere Self- https://www.farm-

Driving Tractor equipment.com/articles/17489-john-deere-
reveals-new-driverless-tractor-concept

Sierra Wireless https://www.sierrawireless.com/applications/auto

Asset Tracking motive-and-transport/asset-tracking/

SPEC Sensors https://www.spec-sensors.com/product/digital-

Carbon co-sensor/
Monoxide Sensor
SPEC Sensors https://www.spec-sensors.com/product/digital-
Digital Gas gas-sensor-developer-kit/
Sensor

Amazon Delivery https://www.amazon.com/Amazon-Prime-Air/b?

Drones ie=UTF8&node=8037720011

3. Health Care/ Fitness IoT Devices

Device Link Image

Kinsa Smart https://www.kinsahealth.co/products/#buynow
Thermometer

Kinsa Smart Ear https://www.kinsahealth.co/products/#buynow

Probe
Withings Sleep https://www.withings.com/us/en/sleep/shop
Monitor Pad

Fitbit Activity https://www.fitbit.com/us/products/trackers/charg

Monitor e4?sku=417BKGY

Withings Wi-fi https://www.withings.com/us/en/body/shop

Scale

Withings Blood https://www.withings.com/us/en/bpm-

Pressure Monitor connect/shop
Mimo Smart https://www.amazon.com/dp/B00K5UPQEK/?
Baby Breathing tag=iotlineup-20
& Activity
Monitor

Apple Watch https://www.apple.com/shop/buy-watch/apple-

Activity Tracker watch?
option.watch_cases=MWT32LL/A&option.watch
_bands=MXP02AM/A&preSelect=false&product
=Z0YQ&step=detail#

Smart Yoga Map https://smartmat.com/about/

(Concept)

Sense Sleep https://sleeptrackers.io/sense/

Tracker

Peloton Bike https://www.onepeloton.com/shop/bike

with class
subscrption
FreeStyle Libre https://www.freestylelibre.us/?
blood sugar gclid=CjwKCAjw1cX0BRBmEiwAy9tKHlbvmq
monitor LBIGBiKvFHgT9IPZu9843qzcycOrVHQxAbFA
I73d1xFY9z8RoCLgEQAvD_BwE

WHOOP Heart https://www.whoop.com/?

rate monitor gclid=CjwKCAjw1cX0BRBmEiwAy9tKHq2Xzx
lsJ7E-KtjAfzF4S9AwDk-
HbnhmOqO6oo5Txs16e_aqdK4VjxoCcsgQAvD
_BwE

TONAL Home https://www.tonal.com/equipment/?

Gym gclid=CjwKCAjw1cX0BRBmEiwAy9tKHhLPo3
m14MKuvGhzbYW5ViXIhID8FwMgitamu5ekL
LnGPRtyuzYZORoCKrIQAvD_BwE

BlazePod Home https://www.blazepod.com/collections/blazepod-

Fitness Kit kits/products/standard-kit-early-bird?
gclid=CjwKCAjw1cX0BRBmEiwAy9tKHizl6An
ncwJvcxiaRN37eqtD-5bRZ_IVtQK3laSjq-
SNu_VbVqABwxoCDP0QAvD_BwE

4. VR/AR IoT Devices

Device Link Image

Playstation VR https://direct.playstation.com/en-
us/accessories/accessory/playstation-vr-blood-
truth-and-everybodys-golf-vr-bundle.3004150?
smcid=pdc:us-en:web-pdc-explore-playstation-
vr:par_first-Buy%20Now:null:

Program Ace https://program-ace.com/success-stories/vr-hotel/

VR Hotel Tours

Program Ace https://program-ace.com/success-

Emergency stories/emergency-evacuation-simulator/
Evacuation
Simulator

Program Ace https://program-ace.com/success-stories/military-

Military training/
Training VR

Toyota Virtual https://zerolight.com/projects/toyota/toyota-c-hr-

Car VR virtual-reality-car-launch
IKEA Place AR https://www.wired.com/story/ikea-place-ar-kit-
Design app augmented-reality/

Adidas AR Try https://footwearnews.com/2019/business/retail/adid

on feature as-alphaedge-virtual-try-on-ar-vyking-
1202876679/

US Army https://www.army.mil/article/188088?a
Situational
Awareness AR

Nintendo Labo https://www.amazon.com/dp/B07PL7D7BS?

VR kit tag=p00935-
20&ascsubtag=07CDkEi0wb8E5MSwxlt8VbG

Oculus Gaming https://www.oculus.com/?locale=en_US

VR Headset

Vive Arts https://arts.vive.com/us/articles/projects/art-

Museum VR photography/mona_lisa_beyond_the_glass/?
Experience _ga=2.36795111.635845932.1586709457-
298052529.1586709457
Pokemon GO https://pokemongolive.com/en/
AR app

BRIO AR & VR https://experience.briovr.com/industry/retail-

Retail Software ecommerce/?gclid=Cj0KCQjw-
Mr0BRDyARIsAKEFbeekEL51Y6I76m-
kM8vpY-3i_QI2g1nfKLY-zHP3g5IG2enLjzU-
x1IaAmx7EALw_wcB

Valve Index PC https://store.steampowered.com/sub/354231/

VR

Apple Glasses https://www.macrumors.com/roundup/apple-

(Coming soon) glasses/
Part 3: Explain methods that describe how to make forensically sound copies of the digital

information.

According to Rodney McKemmish, author of Advances in Digital Forensics IV, copies of digital

information are forensically sound if the data can be collected without any changes to the

data or metadata. Forensically sound copies are often made through drive imaging, a

process in which an analyst creates a bit-by-bit duplicate of a drive. Furthermore, in order

to be forensically sound, the drive imaging process must satisfy the following

requirements- the process must produce an exact copy of the original, the duplicated data

must independently authenticate as being a true copy, and the process must produce an

audit trail. This audit trail serves as a chain of custody, to keep track of every step that

was taken in collecting the evidence. This assists in ensuring the data collection process

is correct and explainable in order to withstand scrutiny in a court of law.

Part 4: What are proactive measures that one can take with IoT Digital Forensic solutions can be

acted upon?

Proactive forensic approaches can be described as approaches that can deal with digitally

investigating an incident while or before it occurs. Digital forensic proactivity can

enhance an origination’s readiness for incident response. There are three phases of

proactive measures that can be taken with IoT digital forensics- proactive collection,

proactive preservation, and proactive analysis. Proactive collection is described as the

live collection of data in order of priority & related to a specific requirement of an

organization. Proactive preservation is the automated preservation of the evidence in

relation to a suspicious event. Finally, Proactive analysis is the automated live analysis of

evidence. This analysis can use forensics techniques such as data mining to create the
 initial hypothesis of an incident report. This forensic proactivity can result in lower

investigation costs, targeted security monitoring, crime deterrence, etc.

Part 5: How does the standardization of ISO/IEC 27043:2015, titled “Information technology -

Security techniques - Incident investigation principles and processes” influence IoT?

According to iso.org, “ISO/IEC 27043:2015 provides guidelines based on idealized models for

common incident investigation processes across various incident investigation scenarios

involving digital evidence.” In essence, this standard describes general overviews for

incident investigation. This is influential because it means that processes no longer have

to cater to particular details within each specific investigation, and can instead provide a

general protocol applicable for all scenarios.

Part 6: Over the next five years, what should be done with IoT to create a more secure

environment?

Broadly speaking, all IoT device manufacturers should employ increased security measures. No

matter how insignificant and harmless the product may seem, any device part of a IoT has the

potential to be hacked and cause damage to a company or individual, just like the Kayla

interactive doll in the TED talk video. The security should not stop at just the device, however.

The network and cloud should be secured as well in order to ensure maximum security for data

within any given IoT. Additionally, the ability for an IoT to be able to recognize possible

vulnerabilities or malicious threats would increase security.

Some examples of internal security measures can include:

- Encryption of information

- Protection of Software integrity

- Server protection

- Secure access to devices

 Sources
Alharbi, S., Weber-Jahnke, J., & Traore, I. (2011). The Proactive and Reactive Digital Forensics

Investigation Process: A Systematic Literature Review. Communications in Computer and

Information Science Information Security and Assurance, 87–100. doi: 10.1007/978-3-642-

23141-4_9

ISO/IEC 27043:2015. (2020, January 15). Retrieved from https://www.iso.org/standard/44407.html

Sachowski, J. (2016, February 22). A Proactive Approach To Incident Response: 7 Benefits.

Retrieved from https://www.darkreading.com/operations/a-proactive-approach-to-incident-

response-7-benefits-/a/d-id/1324363

Zapproved. (2020, February 26). What Is Forensically Sound Data Collection? Retrieved from

https://zapproved.com/blog/what-is-forensically-sound-data-collection/