Unearthing the hidden path of MANET's nodes with signal strength measurements: Forensics challenges, survey and a novel approach for data collection, preservation and examination

Mobile Ad hoc Networks (MANETs) are self-configuring networks of mobile devices that communicate with each other without the need for infrastructure. This makes them highly flexible and adaptable to changing environments, making them ideal for applications such as transportation and tactical domains. However, the mobility feature of the network poses new challenges for digital forensics investigators due to their specific characteristics. One challenge is how the investigator can prove the Chain of Custody (COC) in court in this highly volatile network to ensure the integrity of the evidence. This paper studies the forensic challenges in several wireless technologies, including the Internet of Things (IoT), Vehicular Ad-hoc Networks (VANETs), and, especially in Mobile Ad-hoc Networks (MANETs), critically reviews several approaches to cover the challenges, and also proposes a novel digital forensics framework that is built on Fog Computing (FC). Using regular communication signal strength measurements, the proposed framework enables investigators to learn details about nodes' locations over time and mobility characteristics without requiring changes to communication protocols or overwhelming nodes with additional tasks. This can help to ensure the availability and integrity of the digital evidence and its admissibility in court. Additionally, the paper suggests a novel automated detection technique for Hello Flood attacks in ad-hoc networks. The viability of the approach has been demonstrated on a network simulator.