INTEGRATIVE FORENSICS FRAMEWORK APPROACH FOR INTERNET OF THINGS USING BLOCK CHAIN
IoT devices have been widely embraced in the recent decade, allowing for the collection of varied data from various contexts. Data storage presents difﬁculties since the data may be corrupted and the integrity of the data may be damaged without being discovered. Integrity and data provenance are necessary in these situations in order to discover the source of any occurrence and prove it in legal disputes. To overcome these difﬁculties, blockchain presents signiﬁcant prospects since, due to its distributed nature, it can safeguard data integrity. However, there are also drawbacks associated with keeping large amounts of data on a public block chain, such as substantial transaction fees. In this research, we offer a very cost-effective and trustworthy digital forensics methodology that uses many low-cost block chain networks as interim storage before committing evidence to Ethereum. Merkle trees, which store hashes of recorded event data from IoT devices hierarchically, are used to decrease Ethereum costs. The identiﬁcation of compromised devices, as well as the gathering and storage of evidence about alleged hostile conduct in IoT networks, have emerged as high priority issues. This study describes a block chain-based solution that deals with the collecting and storage of digital forensic data. The system makes use of a private forensic evidence database to store the acquired evidence, as well as a permissioned block chain to provide security services such as integrity, authentication, and non-repudiation, allowing the evidence to be utilized in a court of law.
IoT device, Data Integrity, digital forensics, Ethereum, Block chain