The rapid increase in the pervasiveness of digital devices, combined with their heterogeneous nature, has culminated in increasing volumes of diverse data, aka big data, that can become subject to criminal or civil investigations. This growth in big digital forensic data (DFD) has forced digital forensic practitioners (DFPs) to consider seizing a wider range of devices and acquiring larger volumes of data that can be pertinent to the case being investigated. This, in turn, has created an immense backlog of cases for law enforcement agencies worldwide. The method of data reduction by targeted imaging, combined with a robust process model, however, can assist with speeding up the processes of data acquisition and data analysis in IoT device forensic investigations. To this end, we propose an IoT Forensic Investigation Process Model, IoT-FIPM, that can facilitate not only the reduction of the evidentiary IoT data but also a timely acquisition and analysis of this data.
|Number of pages
|International Journal of Electronic Security and Digital Forensics
|Early online date
|23 Jul 2020
|Published - 1 Oct 2020