KFREAIN: Design of A Kernel-Level Forensic Layer for Improving Real-Time Evidence Analysis Performance in IoT Networks

Seema Shukla; Sangeeta Mangesh; Prachi Chhabra

doi:10.24003/emitter.v11i2.804

Seema Shukla Dronacharya Group of Institutions, Greater Noida, India
Sangeeta Mangesh Dronacharya Group of Institutions, Greater Noida, India https://orcid.org/0000-0002-5379-5260
Prachi Chhabra JSS Academy of Technical Education, Noida, India

DOI: https://doi.org/10.24003/emitter.v11i2.804

Keywords: IoT, Kernel Layer, TBC, BFO, Forensics

Abstract

An exponential increase in number of attacks in IoT Networks makes it essential to formulate attack-level mitigation strategies. This paper proposes design of a scalable Kernel-level Forensic layer that assists in improving real-time evidence analysis performance to assist in efficient pattern analysis of the collected data samples. It has an inbuilt Temporal Blockchain Cache (TBC), which is refreshed after analysis of every set of evidences. The model uses a multidomain feature extraction engine that combines lightweight Fourier, Wavelet, Convolutional, Gabor, and Cosine feature sets that are selected by a stochastic Bacterial Foraging Optimizer (BFO) for identification of high variance features. The selected features are processed by an ensemble learning (EL) classifier that use low complexity classifiers reducing the energy consumption during analysis by 8.3% when compared with application-level forensic models. The model also showcased 3.5% higher accuracy, 4.9% higher precision, and 4.3% higher recall of attack-event identification when compared with standard forensic techniques. Due to kernel-level integration, the model is also able to reduce the delay needed for forensic analysis on different network types by 9.5%, thus making it useful for real-time & heterogenous network scenarios.

Downloads

Download data is not yet available.

Author Biographies

Sangeeta Mangesh, Dronacharya Group of Institutions, Greater Noida, India

Educator in the field of Electronics & Communication Engineering with experience of more than 20 years. Passionate about pedagogy and research, believe in forging deep connections with students. A leader and team player having ability to work proficiently, cohesively adapting to technological trends. Practitioner of life- long learning.

Prachi Chhabra, JSS Academy of Technical Education, Noida, India

An avid researcher and dedicated researcher

References

M. Stoyanova, Y. Nikoloudakis, S. Panagiotakis, E. Pallis and E. K. Markakis, A Survey on the Internet of Things (IoT) Forensics: Challenges, Approaches, and Open Issues, in IEEE Communications Surveys & Tutorials, Vol. 22, No. 2, pp. 1191-1221, Second quarter 2020. DOI: https://doi.org/10.1109/COMST.2019.2962586

W. A. Mahrous, M. Farouk and S. M. Darwish, An Enhanced Blockchain-Based IoT Digital Forensics Architecture Using Fuzzy Hash, in IEEE Access, Vol. 9, pp. 151327-151336, 2021. DOI: https://doi.org/10.1109/ACCESS.2021.3126715

A. P. Sayakkara and N. -A. Le-Khac, Electromagnetic Side-Channel Analysis for IoT Forensics: Challenges, Framework, and Datasets, in IEEE Access, Vol. 9, pp. 113585-113598, 2021. DOI: https://doi.org/10.1109/ACCESS.2021.3104525

J. Hou, Y. Li, J. Yu and W. Shi, A Survey on Digital Forensics in Internet of Things, in IEEE Internet of Things Journal, Vol. 7, No. 1, pp. 1-15, Jan. 2020. DOI: https://doi.org/10.1109/JIOT.2019.2940713

A. Al-Dhaqm et al., Digital Forensics Subdomains: The State of the Art and Future Directions, in IEEE Access, Vol. 9, pp. 152476-152502, 2021. DOI: https://doi.org/10.1109/ACCESS.2021.3124262

D. Kim, Y. Pan and J. H. Park, A Study on the Digital Forensic Investigation Method of Clever Malware in IoT Devices, in IEEE Access, Vol. 8, pp. 224487-224499, 2020. DOI: https://doi.org/10.1109/ACCESS.2020.3043939

Z. Li, H. Ren, E. Chou, X. Liu and C. D. McAllister, Retrieving Forensically Sound Evidence from the ESP Series of IoT Devices, in IEEE Internet of Things Journal, Vol. 9, No. 15, pp. 13144-13152, 1 Aug.1, 2022. DOI: https://doi.org/10.1109/JIOT.2022.3144164

Z. Liao, X. Pang, J. Zhang, B. Xiong and J. Wang, Blockchain on Security and Forensics Management in Edge Computing for IoT: A Comprehensive Survey, in IEEE Transactions on Network and Service Management, Vol. 19, No. 2, pp. 1159-1175, June 2022. DOI: https://doi.org/10.1109/TNSM.2021.3122147

L. Zhou, Y. Hu and Y. Makris, A Hardware-Based Architecture-Neutral Framework for Real-Time IoT Workload Forensics, in IEEE Transactions on Computers, Vol. 69, No. 11, pp. 1668-1680, 1 Nov. 2020. DOI: https://doi.org/10.1109/TC.2020.3000237

R. Zhao et al., A Novel Intrusion Detection Method Based on Lightweight Neural Network for Internet of Things, in IEEE Internet of Things Journal, Vol. 9, No. 12, pp. 9960-9972, 15 June15, 2022. DOI: https://doi.org/10.1109/JIOT.2021.3119055

G. Parise, D. Mohla, L. Parise and M. Lombardi, IoT Innovations and Forensic Engineering in the Digital Age, in IEEE Transactions on Industry Applications, Vol. 57, No. 3, pp. 2098-2103, May-June 2021. DOI: https://doi.org/10.1109/TIA.2021.3057344

J. Cui, X. Zhang, H. Zhong, J. Zhang and L. Liu, Extensible Conditional Privacy Protection Authentication Scheme for Secure Vehicular Networks in a Multi-Cloud Environment, in IEEE Transactions on Information Forensics and Security, Vol. 15, pp. 1654-1667, 2020. DOI: https://doi.org/10.1109/TIFS.2019.2946933

L. Wei, J. Cui, Y. Xu, J. Cheng and H. Zhong, Secure and Lightweight Conditional Privacy-Preserving Authentication for Securing Traffic Emergency Messages in VANETs, in IEEE Transactions on Information Forensics and Security, Vol. 16, pp. 1681-1695, 2021. DOI: https://doi.org/10.1109/TIFS.2020.3040876

J. Zhang, H. Zhong, J. Cui, Y. Xu and L. Liu, SMAKA: Secure Many-to-Many Authentication and Key Agreement Scheme for Vehicular Networks, in IEEE Transactions on Information Forensics and Security, Vol. 16, pp. 1810-1824, 2021. DOI: https://doi.org/10.1109/TIFS.2020.3044855

X. Zhang, H. Zhong, C. Fan, I. Bolodurina and J. Cui, CBACS: A Privacy-Preserving and Efficient Cache-Based Access Control Scheme for Software Defined Vehicular Networks, in IEEE Transactions on Information Forensics and Security, Vol. 17, pp. 1930-1945, 2022. DOI: https://doi.org/10.1109/TIFS.2022.3174389

Q. Zhang, J. Wu, H. Zhong, D. He and J. Cui, Efficient Anonymous Authentication Based on Physically Unclonable Function in Industrial Internet of Things, in IEEE Transactions on Information Forensics and Security, Vol. 18, pp. 233-247, 2023. DOI: https://doi.org/10.1109/TIFS.2022.3218432

Z. Abdullah, G. Chen, M. A. M. Abdullah and J. A. Chambers, Enhanced Secrecy Performance of Multihop IoT Networks with Cooperative Hybrid-Duplex Jamming, in IEEE Transactions on Information Forensics and Security, Vol. 16, pp. 161-172, 2021. DOI: https://doi.org/10.1109/TIFS.2020.3005336

S. Rajendran and Z. Sun, RF Impairment Model-Based IoT Physical-Layer Identification for Enhanced Domain Generalization, in IEEE Transactions on Information Forensics and Security, Vol. 17, pp. 1285-1299, 2022. DOI: https://doi.org/10.1109/TIFS.2022.3158553

N. Y. Ahn and D. H. Lee, Security of IoT Device: Perspective Forensic/Anti-Forensic Issues on Invalid Area of NAND Flash Memory, in IEEE Access, Vol. 10, pp. 74207-74219, 2022. DOI: https://doi.org/10.1109/ACCESS.2022.3190957

N. V. Abhishek, A. Tandon, T. J. Lim and B. Sikdar, A GLRT-Based Mechanism for Detecting Relay Misbehavior in Clustered IoT Networks, in IEEE Transactions on Information Forensics and Security, Vol. 15, pp. 435-446, 2020. DOI: https://doi.org/10.1109/TIFS.2019.2922262

F. Tong, X. Chen, K. Wang and Y. Zhang, CCAP: A Complete Cross-Domain Authentication Based on Blockchain for Internet of Things, in IEEE Transactions on Information Forensics and Security, Vol. 17, pp. 3789-3800, 2022. DOI: https://doi.org/10.1109/TIFS.2022.3214733

S. Zhao, S. Li, L. Qi and L. D. Xu, Computational Intelligence Enabled Cybersecurity for the Internet of Things, in IEEE Transactions on Emerging Topics in Computational Intelligence, Vol. 4, No. 5, pp. 666-674, Oct. 2020. DOI: https://doi.org/10.1109/TETCI.2019.2941757

Y. Zhou, G. Cheng and S. Yu, An SDN-Enabled Proactive Defense Framework for DDoS Mitigation in IoT Networks, in IEEE Transactions on Information Forensics and Security, Vol. 16, pp. 5366-5380, 2021. DOI: https://doi.org/10.1109/TIFS.2021.3127009

L. David, A. Hassidim, Y. Matias, M. Yung and A. Ziv, Eddystone-EID: Secure and Private Infrastructural Protocol for BLE Beacons, in IEEE Transactions on Information Forensics and Security, Vol. 17, pp. 3877-3889, 2022. DOI: https://doi.org/10.1109/TIFS.2022.3214074

H. M. J. Almohri, L. T. Watson and D. Evans, An Attack-Resilient Architecture for the Internet of Things, in IEEE Transactions on Information Forensics and Security, Vol. 15, pp. 3940-3954, 2020. DOI: https://doi.org/10.1109/TIFS.2020.2994777

A. Vangala, A. K. Das, A. Mitra, S. K. Das and Y. Park, Blockchain-Enabled Authenticated Key Agreement Scheme for Mobile Vehicles-Assisted Precision Agricultural IoT Networks, in IEEE Transactions on Information Forensics and Security, Vol. 18, pp. 904-919, 2023. DOI: https://doi.org/10.1109/TIFS.2022.3231121

B. Ahuja, D. Mishra and R. Bose, Fair Subcarrier Allocation for Securing OFDMA in IoT Against Full-Duplex Hybrid Attacker, in IEEE Transactions on Information Forensics and Security, Vol. 16, pp. 2898-2911, 2021. DOI: https://doi.org/10.1109/TIFS.2021.3067157

P. Zhang, Y. Tao, Q. Zhao and M. Zhou, A Rate-and-Trust-Based Node Selection Model for Block Transmission in Blockchain Networks, in IEEE Internet of Things Journal, Vol. 10, No. 2, pp. 1605-1616, 15 Jan.15, 2023. DOI: https://doi.org/10.1109/JIOT.2022.3210197

Z. He et al., Edge Device Identification Based on Federated Learning and Network Traffic Feature Engineering, in IEEE Transactions on Cognitive Communications and Networking, Vol. 8, No. 4, pp. 1898-1909, Dec. 2022. DOI: https://doi.org/10.1109/TCCN.2021.3101239

L. Li, Y. Luo, J. Yang and L. Pu, Reinforcement Learning Enabled Intelligent Energy Attack in Green IoT Networks, in IEEE Transactions on Information Forensics and Security, Vol. 17, pp. 644-658, 2022. DOI: https://doi.org/10.1109/TIFS.2022.3149148

M. I. Ali et al., Security Challenges and Cyber Forensic Ecosystem in IoT Driven BYOD Environment, in IEEE Access, Vol. 8, pp. 172770-172782, 2020. DOI: https://doi.org/10.1109/ACCESS.2020.3024784

Q. Luo, J. Liu, J. Wang, Y. Tan, Y. Cao and N. Kato, Automatic Content Inspection and Forensics for Children Android Apps, in IEEE Internet of Things Journal, Vol. 7, No. 8, pp. 7123-7134, Aug. 2020. DOI: https://doi.org/10.1109/JIOT.2020.2982248

T. Trajanovski and N. Zhang, An Automated and Comprehensive Framework for IoT Botnet Detection and Analysis (IoT-BDA), in IEEE Access, Vol. 9, pp. 124360-124383, 2021. DOI: https://doi.org/10.1109/ACCESS.2021.3110188

A. Nieto, Becoming JUDAS: Correlating Users and Devices During a Digital Investigation, in IEEE Transactions on Information Forensics and Security, Vol. 15, pp. 3325-3334, 2020. DOI: https://doi.org/10.1109/TIFS.2020.2988602

Z. Zhou et al., Coverless Information Hiding Based on Probability Graph Learning for Secure Communication in IoT Environment, in IEEE Internet of Things Journal, Vol. 9, No. 12, pp. 9332-9341, 15 June15, 2022. DOI: https://doi.org/10.1109/JIOT.2021.3103779

G. Xu et al., An Ensemble Learning-Based Prediction Model for Image Forensics From IoT Camera in Smart Cities, in IEEE Access, Vol. 8, pp. 222117-222125, 2020. DOI: https://doi.org/10.1109/ACCESS.2020.3043765

M. R. Nosouhi, K. Sood, M. Grobler and R. Doss, Towards Spoofing Resistant Next Generation IoT Networks, in IEEE Transactions on Information Forensics and Security, Vol. 17, pp. 1669-1683, 2022. DOI: https://doi.org/10.1109/TIFS.2022.3170276

L. Sun, Y. Wang, Z. Qu and N. N. Xiong, BeatClass: A Sustainable ECG Classification System in IoT-Based eHealth, in IEEE Internet of Things Journal, Vol. 9, No. 10, pp. 7178-7195, 15 May15, 2022. DOI: https://doi.org/10.1109/JIOT.2021.3108792

E. Dushku, M. M. Rabbani, M. Conti, L. V. Mancini and S. Ranise, SARA: Secure Asynchronous Remote Attestation for IoT Systems, in IEEE Transactions on Information Forensics and Security, Vol. 15, pp. 3123-3136, 2020. DOI: https://doi.org/10.1109/TIFS.2020.2983282

X. Xu, X. Liu, Z. Xu, F. Dai, X. Zhang and L. Qi, Trust-Oriented IoT Service Placement for Smart Cities in Edge Computing, in IEEE Internet of Things Journal, Vol. 7, No. 5, pp. 4084-4091, May 2020. DOI: https://doi.org/10.1109/JIOT.2019.2959124

S. Yılmaz, E. Aydogan and S. Sen, A Transfer Learning Approach for Securing Resource-Constrained IoT Devices, in IEEE Transactions on Information Forensics and Security, Vol. 16, pp. 4405-4418, 2021. DOI: https://doi.org/10.1109/TIFS.2021.3096029

N. Wang, W. Li, A. Alipour-Fanid, L. Jiao, M. Dabaghchian and K. Zeng, Pilot Contamination Attack Detection for 5G MmWave Grant-Free IoT Networks, in IEEE Transactions on Information Forensics and Security, Vol. 16, pp. 658-670, 2021. DOI: https://doi.org/10.1109/TIFS.2020.3017932

S. Ma, Y. Zhong and Q. Huang, Efficient Public Key Encryption With Outsourced Equality Test for Cloud-Based IoT Environments, in IEEE Transactions on Information Forensics and Security, Vol. 17, pp. 3758-3772, 2022. DOI: https://doi.org/10.1109/TIFS.2022.3212203

I. Ali et al., Systematic Literature Review on IoT-Based Botnet Attack, in IEEE Access, Vol. 8, pp. 212220-212232, 2020. DOI: https://doi.org/10.1109/ACCESS.2020.3039985

Z. Jin, C. Zhang, Y. Jin, L. Zhang and J. Su, A Resource Allocation Scheme for Joint Optimizing Energy Consumption and Delay in Collaborative Edge Computing-Based Industrial IoT, in IEEE Transactions on Industrial Informatics, Vol. 18, No. 9, pp. 6236-6243, Sept. 2022. DOI: https://doi.org/10.1109/TII.2021.3125376

Y. Yu and J. Liu, TAPInspector: Safety and Liveness Verification of Concurrent Trigger-Action IoT Systems, in IEEE Transactions on Information Forensics and Security, Vol. 17, pp. 3773-3788, 2022. DOI: https://doi.org/10.1109/TIFS.2022.3214084

N. Singhal, V. Ganganwar, M. Yadav, A. Chauhan, M. Jakhar, and K. Sharma, Comparative Study of Machine Learning and Deep Learning Algorithm for Face Recognition, In Jordanian Journal of Computers and Information Technology (Issue 0, p. 1), 2021. DOI: https://doi.org/10.5455/jjcit.71-1624859356

A. Angbera, and H. Chan, A Novel True Real-Time Spatiotemporal Data Stream Processing Framework, in Jordanian Journal of Computers and Information Technology (Issue 0, p. 1), 2022. DOI: https://doi.org/10.5455/jjcit.71-1646838830

N. Yassin, Data Hiding Technique for Color Images using Pixel Value Differencing and Chaotic Map, In Jordanian Journal of Computers and Information Technology (Issue 0, p. 1), 2022. DOI: https://doi.org/10.5455/jjcit.71-1642508824

Z. Ashi, L. Aburashed, M. Qudah, and A. Qusef, Network Intrusion Detection Systems Using Supervised Machine Learning Classification and Dimensionality Reduction Techniques: A Systematic Review, In Jordanian Journal of Computers and Information Technology (Issue 0, p. 1), 2021. DOI: https://doi.org/10.5455/jjcit.71-1629527707

A. Oussous, and F. Benjelloun, A Comparative Study of Different Search and Indexing Tools for Big Data, In Jordanian Journal of Computers and Information Technology (Issue 0, p. 1), 2022. DOI: https://doi.org/10.5455/jjcit.71-1637097759

I. Almomani, and K. Sundus, The Impact of Mobility Models on the Performance of Authentication Services in Wireless Sensor Networks, In Jordanian Journal of Computers and Information Technology (Issue 0, p. 1), 2020. DOI: https://doi.org/10.5455/jjcit.71-1563658722

KFREAIN: Design of A Kernel-Level Forensic Layer for Improving Real-Time Evidence Analysis Performance in IoT Networks

Abstract

Downloads

Author Biographies

References

Plagiarism Check