Internet of Things (IoT) Network Forensic Analysis Using the Raspberry Pi 4 Model B and Open-Source Tools

Internet of Things (IoT) Network Forensic Analysis Using the Raspberry Pi 4 Model B and Open-Source Tools

연구 분야: Analysis

학회: 2023 International Conference on Quantum Technologies, Communications, Computing, Hardware and Embedded Systems Security (iQ-CCHESS)

The Internet of Things’ (IoT) rapid growth has led to increased concerns regarding network security and the need for effective forensic analysis. This research focuses on investigating the capabilities of the Raspberry Pi 4 Model B and open-source tools for conducting IoT network forensic analysis and collecting digital evidence. The proposed system comprises three components: the IoT Physical Intrusion System Module, the Attack Module, and the Forensic Module. Within the IoT Physical Intrusion System, various attack scenarios, including Denial of Service, SSH Brute Force, and Man in the Middle, were successfully launched. IDS systems such as Wazuh Agent, Suricata, and Fail2ban log application were installed on the Raspberry Pi, effectively identifying IoT threats and providing alerts. The Wazuh Manager, serving as the forensic workstation, received the alerts and facilitated the analysis of attacks, presenting graphical representations. This research demonstrating the practicality of using micro-controller-based device for portable IoT network forensic analysis.