An official website of the United States government
This report will discuss and analyze the risks and challenges associated with smart home devices, focusing on vulnerabilities in commonly used products such as smart speakers, security cameras, thermostats, and lighting systems. As the adoption of smart home security grows globally, it has become clear that many users remain unaware of the associated security risks, leading to data breaches and potential privacy violations. This research evaluates the security features of these devices, the frequency of breaches, and common vulnerabilities. Using a mixed-methods approach—including a user survey, analysis of past cybersecurity incidents, and a detailed review of existing literature—this study assesses the current state of smart home device security. The findings aim to highlight gaps in user awareness, evaluate manufacturers’ protective measures, and provide recommendations for improving cybersecurity practices in smart home environments.
more »
« less
IoT Security: Threats and Forensics
In recent years, the number of Internet of Things (IoT) devices has expanded fast, transforming various industries such as healthcare, manufacturing, and transportation, and delivering benefits to both individuals and industries. However, the increased use of IoT devices has exposed IoT ecosystems to a slew of security risks and digital forensic issues. This thesis investigates the most common IoT security dangers and attacks, as well as students' understanding of them and mitigation techniques, as well as the key issues involved with IoT forensic investigations. In this thesis, a mixed-method approach is used, combining a literature review and a survey investigation. The poll measures students' understanding of IoT security threats, mitigation approaches, and perceptions of the most effective ways to improve IoT security. In addition, the survey underlines the importance of user training and awareness in minimizing IoT dangers, highlighting the most effective strategies, such as stronger regulations and increased device security by manufacturers. The literature review provides a complete overview of the most popular IoT security risks and attacks, including malware, malicious code injection, replay attacks, Man in the Middle (MITM), botnets, and Distributed Denial of Service (DDoS). This paper also emphasizes the definition and process of digital and IoT forensics, the significance of IoT forensics, and various data sources in IoT ecosystems. The key issues of IoT forensics and how they affect the efficiency of digital investigations in the IoT ecosystem are thoroughly investigated. Overall, the findings of this study contribute to ongoing research to improve IoT device security, emphasize the necessity of greater awareness and user training, and address the issues of IoT forensic investigations.
more »
« less
- Award ID(s):
- 1754054
- PAR ID:
- 10528927
- Publisher / Repository:
- The 2024 ADMI Symposium.
- Date Published:
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
This report will discuss and analyze the risks and challenges associated with smart home devices, focusing on vulnerabilities in commonly used products such as smart speakers, security cameras, thermostats, and lighting systems. As the adoption of smart home security grows globally, it has become clear that many users remain unaware of the associated security risks, leading to data breaches and potential privacy violations. This research evaluates the security features of these devices, the frequency of breaches, and common vulnerabilities. Using a mixed-methods approach—including a user survey, analysis of past cybersecurity incidents, and a detailed review of existing literature—this study assesses the current state of smart home device security. The findings aim to highlight gaps in user awareness, evaluate manufacturers’ protective measures, and provide recommendations for improving cybersecurity practices in smart home environments.more » « less
-
The increasing prevalence of Internet of Things (IoT) devices has introduced significant challenges in digital forensic investigations, requiring new strategies for effective evidence prioritization and analysis. Traditional forensic methods struggle with data heterogeneity, volatility, and legal constraints, making IoT evidence collection complex and time-sensitive. This paper presents a weighted prioritization model (WPM) that ranks IoT devices based on six forensic criteria, enabling investigators to focus on highpriority evidence first, reducing data loss and optimizing forensic workflows. Through case studies in arson, homicide, and missing person investigations, we demonstrate how WPM enhances investigative decisionmaking and resource allocation in real-world forensic scenarios. The proposed framework offers a structured, scalable, and adaptable approach to IoT forensic investigations, improving efficiency, reliability, and legal compliance in digital evidence collection.more » « less
-
The constant and rapid evolution of technology has led to some amazing achievements. Normal people can communicate with others across the globe, relatively cheap Internet of Things (IoT) devices can be used to secure homes, track fitness and health, control appliances, etc., many people have access to a seemingly endless wealth of information in small devices in their pockets, organizations can provide high availability for important services by spinning up/down servers in minutes to scale with demand through cloud services, etc. However, not everyone who uses these technologies does so with a pure heart and good intentions, many people use them to commit or help commit crimes. A nefarious individual may use cloud services to host a highly available Command and Control (C2) server, a messaging app to form and communicate with a gang or hacking group, or IoT devices as part of a botnet designed to perform Distributed Denial of Service (DDoS) attacks. When these technologies are used in the commission of a crime, they hold valuable information that needs to be recovered forensically to use as evidence to convict the perpetrators. Unfortunately, that ever-evolving technology poses many challenges for digital forensics. This paper identifies and presents many of the challenges faced in digital forensics involving mobile devices, IoT devices, and cloud services in addition to proposing a framework for solving the IoT Forensic Data Analysis problem.more » « less
-
As our lives become more dependent on digital technology, cyber crime is increasing in our society. There is now an ever-increasing need to counter cyber crime through digital forensics investigations. With rapid developments in technology such as cloud computing, the Internet of Things, and mobile computing, it is vital to ensure proper training of law enforcement personnel and judges in the theory and practice of digital forensics. In this paper, we describe our methods and approach to create curricula, educational materials, and courses for training law en- forcement and judicial personnel in digital forensics. We partnered with legal experts to design a series of modules/courses on digital forensics to educate the actual target demographics. Training materials have been designed to be not only scalable to nationwide law enforcement and ju- dicial professionals, but also amenable to regular updates to respond to rapidly changing attacks and forensic techniques.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript
- Conference Paper:
- The DOI is not currently available.
