Internet of Things (IoT) Security and Forensics: Challenges and Opportunities

References

Cite

Share

Abstract

Internet of Things (IoT) devices are increasingly found around, in, and on us (e.g., smart home and other consumer devices) in applications ranging from environmental monitoring to healthcare (e.g., healthcare or medical IoT devices) to surveillance to industry (e.g., industrial IoT IIoT), and battlefields / military (e.g., Internet of Battlefield / Military Things). Such devices are also generally capable of capturing a broad range of information, including digital artifacts that can be used for cyber threat intelligence and inform security mitigation strategy formulation. There are, however, a number of challenges associated with designing IoT cyber security and threat intelligence solutions. In addition to the technical challenges, there are also associated legal and policy challenges that need to be considered in the design and deployment of such solutions in practice. For example, how do we use machine/deep learning to facilitate detection of real-time attacks against IoT devices and systems, and how can we automatically identify and collect digital evidence in a forensically sound manner which can be subsequently used for cyber threat intelligence? In the event that the attackers use sophisticated tools to obfuscate their trails, can we design machine/deep learning techniques to unobfuscate and/or identify and exploit vulnerabilities to get access to digital evidence? What are the potential legal implications and challenges? Can we also design explainable AI techniques to facilitate the explanation and inclusion of such digital evidence and cyber threat intelligence in court proceedings or presentations to C-level or boards in organizations? Based on these discussed challenges, we will identify potential opportunities for stakeholders in academia (e.g., students and researchers), industry and government.