ProvNet-IoT: Provenance based network layer forensics in Internet of Things. (September 2022)
- Record Type:
- Journal Article
- Title:
- ProvNet-IoT: Provenance based network layer forensics in Internet of Things. (September 2022)
- Main Title:
- ProvNet-IoT: Provenance based network layer forensics in Internet of Things
- Authors:
- Sadineni, Lakshminarayana
Pilli, Emmanuel S.
Battula, Ramesh Babu - Abstract:
- Abstract: Internet of Things is rapidly changing the human lives to bring convenience in domestic, public and industrial environments spanning across multiple application domains. At the same time, increasing security attacks on these networks raised alarms for timely response by forensic investigators to avoid severe consequences of the attacks. Major network forensic approaches proposed so far for IoT are based on recording and analyzing the network traffic to produce suitable evidences. One of the greatest challenges in this process is the identification and correlation of suitable artifacts among volumes of network packets to reconstruct the attack scenarios during forensic investigation. To address this challenge, we propose ProvNet-IoT, a novel provenance based forensic model for investigating network level attacks in IoT environment. The interactions between different nodes at network layer are depicted using information, functional, and event modeling techniques. We use progressive network provenance to explain different events pertaining to various attack scenarios and to provide forensically sound evidences. ProvNet-IoT is validated using two publicly available labeled IoT datasets with a corpus of different attacks. Experimental results showed the benchmark performance of ProvNet-IoT in identifying selective artifacts to produce reliable evidences during forensic investigation.
- Is Part Of:
- Forensic science international. Volume 43(2022)Supplement
- Journal:
- Forensic science international
- Issue:
- Volume 43(2022)Supplement
- Issue Display:
- Volume 43, Issue 2022 (2022)
- Year:
- 2022
- Volume:
- 43
- Issue:
- 2022
- Issue Sort Value:
- 2022-0043-2022-0000
- Page Start:
- Page End:
- Publication Date:
- 2022-09
- Subjects:
- Internet of things forensics -- Packet analysis -- Network provenance -- Provenance modeling
- Journal URLs:
- http://www.sciencedirect.com/ ↗
- DOI:
- 10.1016/j.fsidi.2022.301441 ↗
- Languages:
- English
- ISSNs:
- 2666-2817
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 24092.xml