Abstract:
Internet of Things (IoT) is the network of physical objects for communication and data
sharing. However, these devices can become shadow IoT devices when they connect to an existing
network without the knowledge of the organization’s Information Technology team. More often than
not, when shadow devices connect to a network, their inherent vulnerabilities are easily exploited
by an adversary and all traces are removed after the attack or criminal activity. Hence, shadow
connections pose a challenge for both security and forensic investigations. In this respect, a forensic
readiness model for shadow device-inclusive networks is sorely needed for the purposes of forensic
evidence gathering and preparedness, should a security or privacy breach occur. However, the hidden
nature of shadow IoT devices does not facilitate the effective adoption of the most conventional
digital and IoT forensic methods for capturing and preserving potential forensic evidence that might
emanate from shadow devices in a network. Therefore, this paper aims to develop a conceptual
model for smart digital forensic readiness of organizations with shadow IoT devices. This model will
serve as a prototype for IoT device identification, IoT device monitoring, as well as digital potential
evidence capturing and preservation for forensic readiness
