Digital Forensics and the Smart City: An Overview
By David Begg on March 28, 2024
Introduction
The increasing ubiquity of the Internet of Things (IoT), drones, remote sensors, artificial intelligence (AI) and other relatively new networked technologies has led to their implementation beyond the individual household or place of business and into communities at large. They have in turn become integral parts of the infrastructure of these communities, and this has culminated in what may now be called the “smart city”. The advent of the smart city in turn poses a unique set of challenges and considerations for the fields of cybersecurity and digital forensics. This report serves as a short overview of the nature of the smart city and its associated challenges in those fields.
The Smart City
The smart city is conceptualized as a city or community that employs various networked technologies such as IoT devices, smartphones, drones, sensors, and others for the purpose of facilitating services for their inhabitants [1,2]. Specific key elements may vary, but all key elements tend to draw from the growing pool of networked devices that can be utilized for infrastructure and service purposes such as power, communications, monitoring and security, and transportation, among others [1,2]. The network architecture of the smart city can be described in a manner like the OSI model of system connection in that there are several layers at which different devices, protocols, and technologies reside and interact with their neighboring layers. At the top is the service and application layer, encompassing the various services and programs (e.g., power, healthcare, parking, etc.) that most citizens will directly interface with. Next is the technology layer, which refers to the broader technological categories facilitating the service and application layer (e.g., IoT, cloud, etc.). The next layer is the network communication layer, which refers to the protocols (e.g., Bluetooth, cellular, WLAN, etc.) that facilitate the transfer of data across the smart city’s associated networks. Last is the device and sensor layer, referring to the collection of individual devices responsible for data collection and system control (e.g., sensors, smartphones, smart devices, etc.). [2]
Cybersecurity and Digital Forensics Challenges
The abundance of networked technologies running critical aspects of a city, down to the level of individual citizens, make the systems of a smart city particularly tempting targets for threat actors such as criminals and advanced persistent threats (APTs), among others [1,2]. Additionally, the diversity of the technologies and sheer number of devices that may be utilized by any given smart city means that there will be a great deal of complexity involved in securing the smart city’s systems and networks and for obtaining evidence for digital forensic purposes. Once explored, however, those complexities may turn out to be opportunities. For example, if a smart city has an intelligent traffic management system, the devices enabling it could hold data that could be useful as digital evidence [1,2].
Jurisdictional issues may also arise because of how municipalities or departments implement a technology, or if cloud technology that is based in another region is utilized. For example, a city in one country may utilize a cloud service based in a different country to maintain data related to a given city service; this poses a potential barrier to digital evidence acquisition as cybersecurity personnel may find themselves having to navigate the legal systems of both jurisdictions to access the data [1,3].
The fact that smart cities are very heavily built on IoT devices means that IoT considerations will almost certainly be smart city considerations as well. For example, smart buildings can be one aspect of a smart city and are enabled using IoT devices such as sensors and remote controls connected wirelessly to one another; any number of factors involved with these devices, such as the level of encryption on a given device, the validity or lifespan of stored data, or the accuracy (or lack thereof) of the data, can prove a hinderance to evidence collection if such devices are utilized by a threat actor [3].
Conclusion
The advent of the smart city poses a unique challenge to professionals who wish to defend the city’s systems from intrusion and exploitation, as the products and technologies that a smart city utilizes can be not only immensely diverse, but also reach into legal jurisdictions beyond the city itself. As such, it may be useful to conceptualize the smart city as a network with its own special considerations due to the interlinked nature of a smart city’s systems.
References
[1] Baig, Z. A., Szewczyk, P., Valli, C., Rabadia, P., Hannay, P., Chernyshev, M., … & Peacock, M. , “Future challenges for smart cities: Cyber-security and digital forensics,” 2017 https://www.sciencedirect.com/science/article/pii/S1742287617300579
[2] Kim, K., Alshenaifi, I. M., Ramachandran, S., Kim, J., Zia, T., & Almorjan, A., “Cybersecurity and Cyber Forensics for Smart Cities: A Comprehensive Literature Review and Survey,” 2023 https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10099346/
[3] Yaacoub, J.-P. A., Noura, H. N., Salman, O., & Chehab, A., “Advanced digital forensics and anti-digital forensics for IoT systems: Techniques, limitations and recommendations,” 2022 https://www.sciencedirect.com/science/article/pii/S2542660522000464
-
Importance of Digital Forensics Process Models: Some Examples
Importance of Digital Forensics Process Models: Some Examples
5/3/2024 -
Smart/IoT Devices as Evidence Sources
Smart/IoT Devices as Evidence Sources
4/16/2024 -
Applications and Challenges of Artificial Intelligence for Digital Forensics
Applications and Challenges of Artificial Intelligence for Digital Forensics
4/16/2024