An Overview Diversity Framework for Internet of Things (IoT) Forensic Investigation

The increasing utilization of IoT technology in various fields creates opportunities and risks for investigating all cybercrimes. At the same time, many research studies have concentrated on security and forensic investigations to collect digital evidence on IoT devices. However, until now, the IoT platform has not fully evolved to adjust the tools, methods, and procedures of IoT forensic investigations. The main reasons for investigators are the characteristics and infrastructure of IoT devices. For example, device number variations, heterogeneity, distribution of protocols used, data duplication, complexity, limited memory, etc. As a result, resulting is a tough challenge to identify, collect, examine, analyze, and present potential IoT digital evidence for forensic investigative processes effectively and efficiently. Indeed, there is not fully used and adapted international standard for the perfect IoT forensic investigation framework. In the research method, a literature review has been carried out by producing previous research studies that have contributed to further facing challenges. To keep the quality of the literature review, research questions (RQ) were conducted for all studies related to the IoT forensic investigation framework between 2015-2022. This research results highlight and provides a comprehensive overview of the twenty current IoT forensic investigation framework that has been proposed. Then, a summary or contribution is presented focusing on the latest research, grouping the forensic phases, and evaluating essential frameworks in the IoT forensic investigation process to obtain digital evidence. Finally, open research issues are presented for further research in developing IoT forensic investigative framework.