TY - JOUR
T1 - Machine Learning-Based Non-Intrusive Digital Forensic Service for Smart Homes
AU - Liu, Xuanyu
AU - Fu, Xiao
AU - Du, Xiaojiang
AU - Luo, Bin
AU - Guizani, Mohsen
N1 - Publisher Copyright:
© 2004-2012 IEEE.
PY - 2023/6/1
Y1 - 2023/6/1
N2 - Security and privacy concerns keep growing with the successful development of Internet of Things (IoT) and the booming deployment of smart homes. IoT devices are utilized cooperatively to enable the interactions between home surroundings and users' daily lives, containing forensically-valuable information about what happens in smart homes, which can help introduce digital forensics into smart homes to alleviate the growing concerns. However, current IoT devices, apps, and platforms usually do not provide built-in capabilities for digital forensics. To overcome this limitation, we propose a non-intrusive solution (i.e., bringing no modification to IoT devices, apps, and platforms) of digital forensic service to provide Forensics-as-a-Service (FaaS) for smart homes. First, it leverages side-channel analysis on sniffed network traffic to monitor commands, actions, and states of IoT devices. Then, it introduces provenance graphs (i.e., causal graphs) for smart home modeling to provide a holistic and overall explanation of smart homes. Machine learning (ML) techniques are applied to overcome the deficiency of a non-intrusive solution as it suffers from challenges in data collection and smart home modeling. Finally, it conducts forensic analysis based on scalable, reusable policies that are designed for graph-based smart home modeling. We implement a prototype of our forensic service and evaluate it in a real-world smart home. The evaluation results show that our forensic service can effectively collect forensic data for smart home modeling and conduct forensic analysis to explain security risks in smart homes.
AB - Security and privacy concerns keep growing with the successful development of Internet of Things (IoT) and the booming deployment of smart homes. IoT devices are utilized cooperatively to enable the interactions between home surroundings and users' daily lives, containing forensically-valuable information about what happens in smart homes, which can help introduce digital forensics into smart homes to alleviate the growing concerns. However, current IoT devices, apps, and platforms usually do not provide built-in capabilities for digital forensics. To overcome this limitation, we propose a non-intrusive solution (i.e., bringing no modification to IoT devices, apps, and platforms) of digital forensic service to provide Forensics-as-a-Service (FaaS) for smart homes. First, it leverages side-channel analysis on sniffed network traffic to monitor commands, actions, and states of IoT devices. Then, it introduces provenance graphs (i.e., causal graphs) for smart home modeling to provide a holistic and overall explanation of smart homes. Machine learning (ML) techniques are applied to overcome the deficiency of a non-intrusive solution as it suffers from challenges in data collection and smart home modeling. Finally, it conducts forensic analysis based on scalable, reusable policies that are designed for graph-based smart home modeling. We implement a prototype of our forensic service and evaluate it in a real-world smart home. The evaluation results show that our forensic service can effectively collect forensic data for smart home modeling and conduct forensic analysis to explain security risks in smart homes.
KW - Digital forensics
KW - Internet of Things
KW - machine learning
KW - security service
KW - smart home
UR - http://www.scopus.com/inward/record.url?scp=85144007141&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85144007141&partnerID=8YFLogxK
U2 - 10.1109/TNSM.2022.3224863
DO - 10.1109/TNSM.2022.3224863
M3 - Article
AN - SCOPUS:85144007141
VL - 20
SP - 945
EP - 960
JO - IEEE Transactions on Network and Service Management
JF - IEEE Transactions on Network and Service Management
IS - 2
ER -