Motivation
In the joint research project IoTFor, the Central Criminal Investigation Service (ZKD) of the Hanover Police Department and Prof. Dietrich’s working group at the Institute for Internet Security at the Westphalian University of Applied Sciences cooperate to shed light on forensic aspects of smart home devices. The trend towards smart homes means that networked devices are increasingly finding their way into private apartments and houses, communicating both with each other and with the outside world via the Internet of Things (IoT). The resulting new possibilities for operating household appliances, for example, mean that IoT devices can be used to operate door locks, activate electrical circuits, and also record movements and noises. Any action data may be stored in the system control centers, but can also be found in the short-term memories of the IoT devices themselves. If a crime sequence is to be reconstructed or if police access is required, the task is to secure these IoT devices and to find and evaluate any traces.
Goals and Approach
In contrast to classic IT devices such as PCs, laptops and smartphones, IoT devices often do not offer a direct interface for interaction with the respective user, for example via screens and input devices. Even for expert users, these devices are often not easily distinguishable from analog everyday objects when viewed purely from the outside. IoTFor is therefore investigating methods for detecting and classifying IoT devices with the aim of assisting police investigations and providing self-protection. The focus here is on local radio interfaces and common IoT radio protocols. Possibilities to disable IoT components or to prevent their control from outside are also investigated. In addition, the forensic securing and evaluation of specific IoT devices is being researched.
Innovations and Perspectives
To solve crimes, the data traces found in IoT components are becoming increasingly important. For this purpose, suitable forensic methods are being researched to gain access to data even in volatile memories. In addition, research is being conducted into how IoT components can be specifically located and controlled in order to ensure the best possible self-protection of emergency personnel and comprehensive preservation of evidence in the event of police access.
Furthermore, the project aims to facilitate knowledge transfer of fundamental insights regarding the use of virtualization technology and the security solutions it provides to industry and research. In this way, the HypErSIS project contributes to the security of corporate and government networks and strengthens the high-tech sector in Germany.
The 2-year joint project IoTFor is a cooperation of the working group around Prof. Dietrich of the Institute for Internet Security at the Westphalian University of Applied Sciences and Arts, the Central Criminal Investigation Service (ZKD) of the Hanover Police Department and the associated partner Police Academy of Lower Saxony. It is funded by the German Federal Ministry of Education and Research (BMBF) under the funding code 13N16428 with a total of about 390 TEUR.
Joel Taddey
My research interests include malware, digital forensics, and tracking cyber attacks.
Prof. Dr. Christian Dietrich
My research interests include machine learning, computer security and threat hunting. Especially I use machine learning methods for virtual machine introspection based detection systems.