Enabling Digital Forensics Readiness for Internet of Vehicles

Alexakos, Christos; Katsini, Christina; Votis, Konstantinos; Lalas, Antonios; Tzovaras, Dimitrios; Serpanos, Dimitrios

doi:10.1016/j.trpro.2021.01.040

Cited by 11 publications

(9 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [37], C. Alexakos states various challenges for integrating digital forensics into the Internet of Vehicles (IoV) context. Examples are that there are no standardized data formats and a dynamic network topology, i.e., nodes are added and removed.…”

Section: B Categorization Of Papersmentioning

confidence: 99%

See 1 more Smart Citation

A Systematic Literature Review on Automotive Digital Forensics: Challenges, Technical Solutions and Data Collection

Strandberg

Nowdehi

Olovsson

2023

IEEE Trans. Intell. Veh.

View full text Add to dashboard Cite

A modern vehicle has a complex internal architecture and is wirelessly connected to the Internet, other vehicles, and the infrastructure. The risk of cyber attacks and other criminal incidents along with recent road accidents caused by autonomous vehicles calls for more research on automotive digital forensics. Failures in automated driving functions can be caused by hardware and software failures and cyber security issues. Thus, it is imperative to be able to determine and investigate the cause of these failures, something which requires trustable data. However, automotive digital forensics is a relatively new field for the automotive where most existing self-monitoring and diagnostic systems in vehicles only monitor safety-related events. To the best of our knowledge, our work is the first systematic literature review on the current research within this field. We identify and assess over 300 papers published between 2006 -2021 and further map the relevant papers to different categories based on identified focus areas to give a comprehensive overview of the forensics field and the related research activities. Moreover, we identify forensically relevant data from the literature, link the data to categories, and further map them to required security properties and potential stakeholders. Our categorization makes it easy for practitioners and researchers to quickly find relevant work within a particular sub-field of digital forensics. We believe our contributions can guide digital forensic investigations in automotive and similar areas, such as cyber-physical systems and smart cities, facilitate further research, and serve as a guideline for engineers implementing forensics mechanisms.

show abstract

Section: B Categorization Of Papersmentioning

confidence: 99%

“…Moreover, there is no open access due to intellectual properties and privacy concerns. The authors in [37] propose a forensic readiness tool that follows the digital forensic process model from Valjarevic et al [109]. The tool is implemented by software into the nIoVe framework [110].…”

Section: B Categorization Of Papersmentioning

confidence: 99%

A Systematic Literature Review on Automotive Digital Forensics: Challenges, Technical Solutions and Data Collection

Strandberg

Nowdehi

Olovsson

2023

IEEE Trans. Intell. Veh.

View full text Add to dashboard Cite

show abstract

“…Such insights could help security experts to have a clearer picture of the underlying reasons for the attack and discover common patterns (e.g., identification of the attacker, exploitation of vulnerabilities in the IoV network). Therefore, we developed an attack attribution and digital forensic readiness tool (AAFRT) to allow security experts to perform post-incident analysis of an incoming attack [6]. The AAFRT tool supports two main functionalities:…”

Section: Niove Frameworkmentioning

confidence: 99%

Towards Automated Matching of Cyber Threat Intelligence Reports based on Cluster Analysis in an Internet-of-Vehicles Environment

Raptis

Katsini

Alexakos

2021

2021 IEEE International Conference on Cyber Security and Resilience (CSR)

View full text Add to dashboard Cite

Connected and automated vehicles are a transformative technology that is getting closer to maturity and offers many benefits to the Internet-of-Vehicles ecosystem. Considering their multi-diverse nature and the vast amount of data they collect, process, and exchange, they attract varying malicious activities that jeopardize security and safety aspects. Therefore, the successful confrontation of such activities is crucial. When detecting such activities, information about the incoming threat is collected and analyzed during and after the incident. Organizations and security experts use cyber threat intelligence to organize such information. Considering that threats can be related to each other, it is important to provide the security experts with tools that would help them identify and attribute the threats. Towards this direction, in this paper, we present a tool that automatically matches cyber threat intelligence reports based on cluster analysis. Through this tool, the security experts can correlate an incoming attack with previously reported ones and follow similar techniques to analyze it, aiming to speed up the attack attribution process.

show abstract

“…The model provided by ISO/IEC 27043:2015 is too abstract. But, the implementation of DFR in an financial company entail a systematic and complex work, including the incorporation of infrastructural readiness strategies, such as risk assessment, tool deployment, and evaluation metrics [82]. From the perspective of information security based on the ISO/IEC 27043:2015, K-FFRaaS needs to be organized by referring to the main contents of Table 2.…”

Section: Dfr For Financial Company a K-ffraas Modelmentioning

confidence: 99%

K-FFRaaS: A Generic Model for Financial Forensic Readiness as a Service in Korea

Lee

Kim

2021

IEEE Access

View full text Add to dashboard Cite

While Korean financial companies are currently providing electronic financial services by establishing the high-level information technology and security system in accordance with the Electronic Financial Supervision Regulations (EFSR), they are rarely equipped with digital forensic readiness (DFR) to maximize the capability to collect critical digital evidence (DE). So, there is a limit to identifying the root cause of financial incidents and securing admissible DE. In this paper, there, the authors present Financial Forensic Readiness as a Service in Korea (K-FFRaaS), as DFR of financial companies to secure the admissible DE. Based on ISO/IEC 27043:2015 international standard, K-FFRaaS consists of 3 processes groups, namely: Planning processes group, Implementation processes group, and Assessment processes group. Planning processes group is the processes group to prepare the organization to be forensically ready before potential incidents happen. Implementation processes group is the stage to carry out the processes defined in the planning group. Assessment processes group consists of activities that evaluate whether the result of the implementation process group is consistent with the objective of K-FFRaaS. The contribution of this research is to present that the financial company can adopt the systematic management procedure for mitigating the causes of incidents, store admissible DE, and present scientific evidence to a court of law through K-FFRaaS.

show abstract

Enabling Digital Forensics Readiness for Internet of Vehicles

Cited by 11 publications

References 15 publications

A Systematic Literature Review on Automotive Digital Forensics: Challenges, Technical Solutions and Data Collection

A Systematic Literature Review on Automotive Digital Forensics: Challenges, Technical Solutions and Data Collection

Towards Automated Matching of Cyber Threat Intelligence Reports based on Cluster Analysis in an Internet-of-Vehicles Environment

K-FFRaaS: A Generic Model for Financial Forensic Readiness as a Service in Korea

Contact Info

Product

Resources

About