Smart Home IoT Forensics.
Master's thesis, Hallym University.
App Data Security Cloud API Security Cloud Data Digital Forensic Investigation Internet of Things IoT IoT Security Network Forensics Privacy Smart Home
Smart home Internet of Things (IoT) are becoming the mainstream technologies that are being integrated into today society. Recent cyber-attacks and researches on these devices indicate smart home IoT developers do not design and implement data protection solutions comprehensively in the IoT ecosystem. These security weaknesses have different implications for user privacy, safety and digital forensic investigations. This thesis provides an analysis of data protection methods implemented in smart home IoT devices and how the weaknesses can be applied to digital forensic investigation purposes. In this thesis, we included the analysis of four smart home IoT devices (Sen.se Mother, Naver Clova, SKT Nugu and Xiaomi Smart home) user data protection techniques to identify the vulnerabilities that can be exploited to acquire user data for digital forensic investigation purpose. To achieve the goal, we analyzed data security techniques and cloud data acquisition possibilities for the selected smart home IoT devices. The investigation is conducted using a combination of forensic analysis of companion apps on smartphones, network investigation between the app and cloud, between the device and the cloud and security analysis of cloud APIs used between companion apps and the cloud. From the apps data storage security, we showed that all of the apps do not consider data encryption. As a result, if the databases can be extracted from the smartphone, the stored data can be extracted for forensics purposes. Similarly, except one of the devices' companion app, all the apps do not consider data encryption in the shared preference storage. On the other hand, we identified that some of the devices use one-time session tokens for cloud APIs authorization. Based on the research, we were able to acquire artefacts from smartphones and network investigations without security challenges. Moreover, using those artefacts, we were able to acquire user data from the cloud for three of the devices. While using such kind of vulnerabilities helps digital forensics investigations to acquire user data from smart home IoT ecosystem, they also endanger users' privacy and safety if exploited by hackers.