Francesco Servida
Eoghan Casey, Ph.D. (University of Lausanne)

Abstract

The increasing number of IoT devices in personal environments such as smarthomes presents opportunities and risks from a forensic perspective. These devices generate traces that can be useful for investigative and forensic purposes in any type of offense. At the same time, newer IoT devices are not supported by existing digital forensic tools and methods, making it difficult for practitioners to extract data from them without the support of a forensic advisor with specialized knowledge in this area. In addition, these traces can present evaluation challenges for forensic scientists, and can contain vulnerabilities that pose privacy risks. Security vulnerabilities of IoT devices create opportunities for extracting traces but might also be used by criminals to undermine a device. The aim of this work is to increase familiarity with traces from various IoT devices in a smarthome, and demonstrate how traces from IoT devices in a smarthome can be useful for investigative and forensic purposes. This work presents a study of IoT devices and associated smartphone applications, providing approaches to extracting and analyzing digital traces. This research led to the discovery of vulnerabilities in multiple devices, and a scenario was developed.