IoT and Cloud Forensic Investigation Guidelines

Part of the Advanced Sciences and Technologies for Security Applications book series (ASTSA)


IoT devices are becoming more prevalent in society, with an expected 21.5 Billion devices connected by 2025 [24], and when an incident occurs in the vicinity of such devices then they should be considered as potential digital evidence. A network of IoT devices is often referred to as a smart environment, or more frequently as a cyber physical system [17]. Is there a need for yet another framework? It could be questioned that: (i) there is no need for such frameworks since the IoT devices are not that important; or, (ii) that there are adequate SOPs and frameworks already in place? This chapter aims to provide answers to these questions.


Cyber physical systems Digital forensic frameworks Blockchain Cloud IoT 


Conflicting Interests

None identified.


  1. 1.
    Babun L, Sikder AK, Acar, A, Selcuk Uluagac A (2018) Iotdots: a digital forensics framework for smart environments. arXiv preprint arXiv:1809.00745
  2. 2.
    Bashir I (2018) Mastering blockchain. Packt, 2 edn.Google Scholar
  3. 3.
    BBC (2020) Ring doorbell’gives Facebook and Google user data. Accessed Jan 2020
  4. 4.
    Beavers JL, Faulks M, Marchang J (2019) Hacking NHS pacemakers: a feasibility study. In: Global security, safety and sustainability the security challenges of the connected worldGoogle Scholar
  5. 5.
    Beebe NL, Clark JG (2005) A hierarchical, objectives-based framework for the digital investigations process. Digit Invest 2(2),147–167Google Scholar
  6. 6.
    Camara C, Peris-Lopez P, Tapiador JE (2015) Security and privacy issues in implantable medical devices: a comprehensive survey. J Biomed Inform 55, 272–289Google Scholar
  7. 7.
    Carrier B, Spafford EH (2004) An event-based digital forensic investigation framework. In: Digital forensic research workshop, pp 11–13Google Scholar
  8. 8.
    Casey E, Blitz A, Steuart C (2005) Digital evidence and computer crimeGoogle Scholar
  9. 9.
    Chirgwin R (2020) Finns chilling as DDoS knocks out building control system. Accessed Jan 2020
  10. 10.
    Clack CD, Bakshi, VA Braine L (2016) Smart contract templates: essential requirements and design options. arXiv preprint arXiv:1612.04496
  11. 11.
    Clack CD, Bakshi VA, Braine L (2016) Smart contract templates: foundations, design landscape and research directions. arXiv preprint arXiv:1608.00771
  12. 12.
    Council of European Union. Council Regulation (EU) no 2016/679. Accessed July 2018
  13. 13.
    Divya M, Biradar NB (2018) IOTA-next generation block chain. Int J Eng Comput Sci 7(4), 23823–23826Google Scholar
  14. 14.
    El Ioini N, Pahl C (2018) A review of distributed ledger technologies. In: OTM confederated international conferences “On the Move to Meaningful Internet Systems”. Springer, pp 277–288Google Scholar
  15. 15.
    Forensic Science Regulator (FSR). Codes of practice and conduct for forensic science providers and practitioners in the criminal justice system. Technical report, UK Govt, Birmingham, UKGoogle Scholar
  16. 16.
    Garrie DB (2014) Digital forensic evidence in the courtroom: understanding content and quality. Northwest J Technol Intellect Prop 12, 1–128Google Scholar
  17. 17.
    Griffor ER, Greer C, Wollman DA, Burns MJ (2017) Framework for cyber-physical systems: Volume 1, overview. Technical report, National Institute of Standards and TechnologyGoogle Scholar
  18. 18.
    Ibarra J (2019) Digital forensic investigation process model (DFIPM) to IoMT ensuring data privacy. Master’s thesis, Northumbria University, Newcastle, UKGoogle Scholar
  19. 19.
    ISO17025:2017 (2017). General requirements for the competence of testing and calibrating laboratories. Technical report, International Organisation for Standardization (ISO), Geneva, CHGoogle Scholar
  20. 20.
    Jones KJ, Bejtlich R, Rose CW (2005) Real digital forensics: computer security and incident response. Addison-Wesley ProfessionalGoogle Scholar
  21. 21.
    Karabiyik U, Akkaya K (2019) Digital forensics for IoT and WSNS. In: Mission-oriented sensor networks and systems: art and science. Springer, pp 171–207Google Scholar
  22. 22.
    Kent K, Chevalier S, Grance T, Dang H (2006). Guide to integrating forensic techniques into incident response. Technical report, National Institute of Standards and TechnologyGoogle Scholar
  23. 23.
    Kirk PL (1953) Crime investigation: Physical evidence and the police laboratory, New YorkGoogle Scholar
  24. 24.
    Lueth KL (2020) State of the IoT 2018: number of IoT devices now at 7b market accelerating. Accessed: Jan 2020
  25. 25.
    Mitchell, I, Cockerton T, Hara S, Evans C. (2018) SMERF: social media, ethics and risk framework. Cyber CriminolGoogle Scholar
  26. 26.
    Mitchell I, Hara S, Jahankhani H, Neilson D (2019) Blockchain of custody, BoC. Cyber Secur Pract GuideGoogle Scholar
  27. 27.
    Montasari R (2016) The comprehensive digital forensic investigation process model. PhD thesis, University of DerbyGoogle Scholar
  28. 28.
    Montasari R (2016) A comprehensive digital forensic investigation process model. Int J Electron Secur Digit Forensics 8(4):285–302CrossRefGoogle Scholar
  29. 29.
    Montasari R, Peltola P (2015) Computer forensic analysis of private browsing modes. In: International conference on global security, safety, and sustainability. Springer, pp 96–109Google Scholar
  30. 30.
    Mouton F, Venter HS (2011) A prototype for achieving digital forensic readiness on wireless sensor networks. In: IEEE Africon’11. IEEE, pp 1–6Google Scholar
  31. 31.
    Nagasai A (2020) Classification of IoT devices. Accessed Jan 2020
  32. 32.
    Oriwoh E, Sant P, Epiphaniou G (2013) Guidelines for Internet of Things deployment approaches—The thing commandments. Procedia Computer Science 21:122–131CrossRefGoogle Scholar
  33. 33.
    Palmer GL (2002) A roadmap for digital forensics research report from the first digital forensics workshop (technical report dtr-t001-01-final). Air Force Research Lab, Rome Research Site, Utica, pp 1–48Google Scholar
  34. 34.
  35. 35.
    Popov S, Moog H, Camargo D, Capossele A, Dimitrov V, Gal A, Greve A, Kusmierz B, Mueller S, Penzkofer A (2020) The coordicide, pp 1–30. Accessed Jan 2020Google Scholar
  36. 36.
    Uribe F (2018) The classification of Internet of Things (IoT) devices based on their impact on living things. SSRN: or Accessed Jan 2020
  37. 37.
    U.S. Department of Justice (2009) Electronic crime scene investigation: an on-the scene reference for first responders. National Institute of Justice, November 2009Google Scholar
  38. 38.
    Vilandrie A (2020) Survey: Nearly half of U.S. firms using internet of things hit by security breaches. Accessed Jan 2020
  39. 39.
    Watson D, Jones AJ (2013) Digital forensics processing and procedures: meeting the requirements of ISO 17020, ISO 17025, ISO 27001 and best practice requirements, 1st edn. ElsevierGoogle Scholar
  40. 40.
    Williams J (2018) Good practice guide for digital evidence, March 2012. Accessed March 2018
  41. 41.
    Yaga D, Mell P, Roby N, Scarfone K (2018) Blockchain technology overview. Technical report, National Institute of Standards and TechnologyGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Middlesex UniversityLondonUK
  2. 2.Northumbria UniversityLondonUK
  3. 3.Huddersfield UniversityHuddersfieldUK

Personalised recommendations