IoT Forensics: Current Perspectives and Future Directions

Abstract

The Internet of Things forensics is a specialised field within digital forensics that focuses on the identification of security incidents, as well as the collection and analysis of evidence with the aim of preventing future attacks on IoT networks. IoT forensics differs from other digital forensic fields due to the unique characteristics of IoT devices, such as limited processing power and connectivity. Although numerous studies are available on IoT forensics, the field is rapidly evolving, and comprehensive surveys are needed to keep up with new developments, emerging threats, and evolving best practices. In this respect, this paper aims to review the state of the art in IoT forensics and discuss the challenges in current investigation techniques. A qualitative analysis of related reviews in the field of IoT forensics has been conducted, identifying key issues and assessing primary obstacles. Despite the variety of topics and approaches, common issues emerge. The majority of these issues are related to the collection and pre-processing of evidence because of the counter-analysis techniques and challenges associated with gathering data from devices and the cloud. Our analysis extends beyond technological problems; it further identifies the procedural problems with preparedness, reporting, and presentation as well as ethical issues. In particular, it provides insights into emerging threats and challenges in IoT forensics, increases awareness and understanding of the importance of IoT forensics in preventing cybercrimes, and ensures the security and privacy of IoT devices and networks. Our findings make a substantial contribution to the field of IoT forensics, as they not only involve a critical analysis of the challenges presented in existing works but also identify numerous problems. These insights will greatly assist researchers in identifying appropriate directions for their future research.