Main Article Content
The breakneck speed of Internet of Things (IoT) is continually growing with 5G networks to add new connected devices. Hackers make use of this IoT explosion as a perfect chance to launch attacks especially by building botnet army. There had been lot of research over the decade in detecting and investigating the Distributed Denial of Service (DDoS) attacks. This paper was aimed at the presentation of a cloud based forensic investigation framework that can adaptively acquire attack evidences from IoT environment. The investigation model is called INSPECT that worked in cloud data storageto acquire corresponding evidences of the DDoS attack launched on IoT. The model optimally selected and exploited the forensic fields alone from the vast cloud data logs in order to find the source of attack and to report dynamic chain of custody. As a continuous effort, an experimental setup was built with IoT Geo-spatial devices to launch DDoS attack scenario and investigation performed with contextual initialization based evidence acquisition. Significant progress was observed by isolating the trustworthy evidence data to avert any deliberate modification by attackers and presenting the chain of custody. The work provided way for the law enforcement authority to explore and reconstruct the crime scene using virtual machine snapshots with corresponding timestamp data. Experimental results revealed the high level of accuracy in the investigation of IoT data secured in the multitenant cloud.
Upon receipt of accepted manuscripts, authors will be invited to complete a copyright license to publish the paper. At least the corresponding author must send the copyright form signed for publication. It is a condition of publication that authors grant an exclusive licence to the the INFOCOMP Journal of Computer Science. This ensures that requests from third parties to reproduce articles are handled efficiently and consistently and will also allow the article to be as widely disseminated as possible. In assigning the copyright license, authors may use their own material in other publications and ensure that the INFOCOMP Journal of Computer Science is acknowledged as the original publication place.