Article Preview
Top1. Introduction
Over the past few years, technology has become prevalent in many aspects of day to day life. we have witnessed rapid advancements in Information and Communication Technology (ICT) features. Technologies such as communication networks, mobile devices, Internet of Things (IoT) solutions, Cloud-Based Services (CBSs), Cyber-Physical Systems (CPSs) have brought many benefits to technologically advanced societies (Montasari & Hill, 2019; Montasari, 2017b; Caviglione et al., 2017; Pichan et al., 2015). As a result, commercial transactions and governmental services have rapidly grown, revolutionising the lifestyles of many individuals living in these societies. While technological advancements undoubtedly present many advantages, at the same time they pose new cybersecurity threats (Jahankhani et al., 2014), which have significant impacts on a variety of domains such as government systems, enterprises, ecommerce, online banking, and critical infrastructure (Hosseinian-Far et al., 2017). According to an official survey conducted by The Office for National Statistics (BBC, 2017), there were an estimated 3.6 million cases of fraud and two million computer misuse offences in a year.
Some of the challenges resulting from such technological advancements include, but are not limited to: high volume of data, heterogeneous nature of digital devices, advanced hardware and software technologies, anti-forensic techniques, video and rich media, whole drive encryption, wireless, virtualisation, live response, distributed evidence, borderless cybercrime and dark web tools, lack of standardised tools and methods, usability and visualisation. The deployment of IP anonymity and the ease with which individuals can sign up for a cloud service with minimum information can also pose significant challenges in relation to identifying a perpetrator (Caviglione et al., 2017; Lillis et al., 2016; Chen et al., 2012; Ruan et al., 2011; Cameron, 2018). As a result, the number of cases that necessitate DFIs are on the rise, culminating in the creation of a backlog of cases for LEAs worldwide (Montasari, 2016a; Montasari, 2016c). Without a clear plan to facilitate research efforts that extend one another, forensic research will lag behind, tools will become outdated, and law enforcements’ products will be incapable of relying on the results of DF analysis (Garfinkel, 2010; Montasari et al., 2019).
In recent years the area of digital forensics has attracted interest from researchers, with notable survey and position papers being published. One recent position paper (Watson & Dehghantanha, 2016) states the high-level challenges associated with preforming digital forensics on IoT devices. The authors focus their attention on the location and inability to extract meaningful data from IoT devices. However, they provide little information on what the future direction of this field might be, which could for example, include IoT producers accommodating forensic capabilities from the design stage of the technology. In another study, the authors focus their attention on suggesting future challenges within Smart Infrastructure, which includes IoT devices (Baig et al., 2017). IoT forensic can be related to data, service and/or architecture fusion. Sometimes fusion with other data and users is common. Innovative solutions/recommendations are required to resolve some of the known existing issues (Kuo et al., 2018). The paper provides a comprehensive speculation as to the threats facing Smart Infrastructure and how digital forensics might be performed.