Attacks on Internet-of-Things (IoT) devices have grown immensely and there is an urgent need to empower Digital Forensic Investigators (DFI) who are tasked to investigate such attacks. In this accepted journal paper, we conduct a user study with 39 digital forensic investigators from both public and private sectors to document the challenges they faced in traditional and IoT digital forensics.
As part of my Masters’ research, I investigated the firmware of a widely popular smart home security device – the iSmartAlarm CubeOne. Two (2) vulnerabilities were found and disclosed responsibly to the vendor. The vulnerabilities have been assigned the CVE IDs CVE-2017-13663 and CVE-2017-13664.
Research on an IoT product for vulnerabilities have yielded some results.