Scroll Top

IoTest

Digital Witnesses: trusted devices for Cybersecurity in IoT

  • Spanish Ministry of Economy and Competitiveness, National Programme for Fostering Excellence in Scientific and Technical Research (TIN2015-72634-EXP /AEI).
  • Duration: 14/06/2017 to 14/06/2019
Project Overview: 
The Internet of Things (IoT) is growing to be a major global technological force, and also becoming a cornerstone of the European economic fabric in the short and medium term. However, it is also among the environments most threatened by the incessant increase of cybercrime. In this sense, within the IoT, cyber attacks can be perpetrated by any device with minimal computing and communications capabilities, from anywhere, and with total impunity; thus it becomes a problem that is impossible to solve only with existing tools.

This project aims to help solve this problem by introducing a security solution that is radically different from those that have been used until now. In particular, this project proposes the design and development of Digital Witnesses, trusted electronic devices capable of obtaining electronic evidence and safeguarding it in a protected area. Using these devices as a foundation, the IoTest project aims to offer a dynamic solution that will record events on heterogeneous, unpredictable and uncertain scenarios.

Moreover, since existing digital evidence processes and regulations are not prepared to deal with the new cybersecurity issues created by these highly dynamic and distributed scenarios, the deployment of digital witnesses will result on a qualitative advancement in the evolution of electronic evidence management systems, improving their effectiveness in the detection of attacks and identification of cybercriminals.

 
Figure - Digital Chain of Custody for IoT (DCoC-IoT)
Figure - Digital Chain of Custody for IoT (DCoC-IoT)
References
  1. A. Nieto, A. Acien, and J. Lopez, Capture the RAT: Proximity-based Attacks in 5G using the Routine Activity Theory“,
    The 16th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC 2018), IEEE, pp. 520-527, 08/2018. DOI   
  2. A. Nieto, R. Rios, and J. Lopez, A Methodology for Privacy-Aware IoT-Forensics“,
    16th IEEE International Conference On Trust, Security And Privacy In Computing And Communications (TrustCom 2017), IEEE, pp. 626-633, 08/2017. DOI   
  3. A. Nieto, R. Rios, and J. Lopez, Digital Witness and Privacy in IoT: Anonymous Witnessing Approach“,
    16th IEEE International Conference On Trust, Security And Privacy In Computing And Communications (TrustCom 2017), IEEE, pp. 642-649, 08/2017. DOI  
  4. A. Nieto, and R. Rios, Requisitos y soluciones de privacidad para la testificación digital“,
    III Jornadas Nacionales de Investigación en Ciberseguridad (JNIC 2017), vol. Actas del JNIC 2017, Servicio de Publicaciones de la URJC, pp. 51-58, 2017.   
  5. A. Nieto, R. Rios, and J. Lopez, PRoFIT: modelo forense-IoT con integración de requisitos de privacidad“,
    XIII Jornadas de Ingeniería Telemática (JITEL 2017), vol. Libro de actas, Editorial Universitat Politècnica de València, pp. 302-309, 01/2018, 2017. DOI   
  6. A. Nieto, R. Roman, and J. Lopez, Digital Witness: Safeguarding Digital Evidence by using Secure Architectures in Personal Devices“,
    IEEE Network, IEEE Communications Society, pp. 12-19, 2016. DOI   (I.F.: 7.230)A. NietoR. Roman, and J. LopezTestificación Digital“,
    Revista SIC, vol. 122, Ediciones CODA, pp. 94-98, Nov 2016.  
  7. A. Nieto, R. Roman, and J. Lopez, Digital Witness: Digital Evidence Management Framework for the Internet of Things“,
    ERCIM News, no. 106, ERCIM EEIG, pp. 9-9, 07/2016. 
  8. A. Nieto, R. Roman, and J. Lopez, Testigo digital: delegación vinculante de evidencias electrónicas para escenarios IoT“,
    II Jornadas Nacionales de Investigación en Ciberseguridad (JNIC 2016), pp. 109-116, 06/2016.   
  9. A. Nieto, R. Roman, and J. Lopez, Arquitectura funcional para la cadena de custodia digital en objetos de la IoT“,
    XIV Reunión Española sobre Criptología y Seguridad de la Información, pp. 168-173, 10/2016.   

Proyecto TIN2015-72634-EXP financiado por: