These Days, IoT devices are increasing rapidly and are being used everywhere. IoT stands for Internet of Things which are devices ranging from smart homes (thermostats, light switches, etc) to security systems (cameras, locks, etc). Sooner than later these devices will be utilized in digital investigations. Currently, there are over 26 million activated devices used all around the country. Now that there is more interaction between man and computer, there will be more ways to utilize data from IoT devices to help digital forensics analysts with their endeavors. The goal behind this project is to show that IoT devices are still systems and can be investigated through Linux Forensics.The Project Starts
My first couple of weeks were catching up on where the other team members left off from. The initial phase of the project was to catalog all the IoT devices in the Leahy Center. Basically, the catalog consisted of Inventory, Open Ports, and Physical Access, and Data Validation. For the inventory section, we noted the device’s serial number, model number, ethernet ports, USB connector, and JTAG Access. We also logged the device name with the mac address and open ports in the Open Ports section. For the Physical Access section, team members Austin Grupposo and Joe McCormack disassembled and performed physical access to the devices listed in the inventory. They each noted the exploit source and collected data through JTAG.Linux and the Internet of Things
With the initial phase of the project almost complete, I continued their research while Austin and Joe proceeded with physical access to those devices. IoT devices tend to utilize an operating system type called RTOS, or Real-time operating system. Commonly referred to as a not-a-full-featured operating system, RTOS is straightforward and does not rely heavily on resources to run. Because of this, I researched Linux commands and did a small workshop to understand IoT Linux. Austin helped me disassemble IoT devices and explained DUART/JTAG. Furthermore, I researched articles and videos on IoT devices related to Linux.
Next Step For Project
The next phase of the project focuses on data generation. At the time I joined the team, they had already nearly passed this step, so I joined the meetings to get an idea of what data generation is and how it works. I have read Austin’s and Joe’s notes related to this subject. Later on, in the internship, I learned a bit more about data generation and the goal of OSDFCon. I’m excited to take these skills that I’ve learned to continue with the project in the future.
Be sure to look for future posts and stay up to date with @leahycenter on Twitter and Instagram, and @theleahycenter on Facebook!
The post Using Linux to Catalog The Leahy Center’s Devices appeared first on The Leahy Center for Digital Forensics & Cybersecurity.