A blockchain-based decentralized efficient investigation framework for IoT digital forensics

Until now, there has been little research on digital forensics in the IoT (Internet of Things)-based infrastructure. Current digital forensic tools, investigation frameworks, and processes cannot meet the heterogeneity and distribution characteristics of the IoT environment. These characteristics are a challenge for digital forensic investigators and law enforcement agencies. To solve these problems, this paper proposes a digital forensics framework for the IoT environment based on the blockchain technology. In the proposed framework, all communications of IoT devices are stored in the blockchain as transactions, thus making the existing chain of custody process easier and more powerful. By using the blockchain technology, the integrity of the data to be analyzed is ensured and security is strengthened, and the preservation of integrity is made more reliable by a decentralized method of integrity preservation. In addition, since the public distributed ledger is provided, participants in the forensic investigation—such as device users, manufacturers, investigators, and service providers—can confirm the investigation process transparently. We simulated the proposed model to support the proof of concept.