Forensic Analysis of the IoT Operating System Ubuntu Core

Authors

  • Juan Manuel Castelo Gómez University of Castilla-La Mancha, Avda. de España s/n, 02071, Albacete, Spain
  • José Roldán-Gómez University of Oviedo, Federico García Lorca 18, 33007, Gijón, Spain
  • Sergio Ruiz-Villafranca University of Castilla-La Mancha, Avda. de España s/n, 02071, Albacete, Spain
  • Álvaro del Amo Mínguez University of Castilla-La Mancha, Avda. de España s/n, 02071, Albacete, Spain

DOI:

https://doi.org/10.31577/cai_2024_3_529

Keywords:

Internet of Things, IoT forensics, digital forensics, cybersecurity

Abstract

The number of cyber incidents in which the Internet of Things (IoT) device or system is present is increasing every day, requiring the opening of forensic investigations that can shed light on what has occurred. In order to be able to provide investigators with proper solutions for performing complete and efficient examinations in this new environment, IoT systems and devices are being studied from a forensic perspective so that tools and procedures can be designed accordingly. In this article, besides reviewing the proposals from the community on this matter, the multi-purpose IoT operating system Ubuntu Core is studied to determine in what way a forensic investigation of this system should be performed, detailing how to approach the acquisition and analysis phases. In addition, both the volatile and non-volatile artifacts that might hold useful information are listed and described, and a forensic tool is presented for their recovery as well as for the acquisition of the non-volatile memory.

Downloads

Download data is not yet available.

Downloads

Published

2024-06-24

How to Cite

Castelo Gómez, J. M., Roldán-Gómez, J., Ruiz-Villafranca, S., & del Amo Mínguez, Álvaro. (2024). Forensic Analysis of the IoT Operating System Ubuntu Core. Computing and Informatics, 43(3), 529–560. https://doi.org/10.31577/cai_2024_3_529