Nowadays Internet of Things(IoT) technology is prevalent along with Machine Learning and Big Data. It is a technology that connects computerized objects through a network like internet and communicates information with each other. From the smart factory to make efficient manufacturing process, to the electric heater that has remotely controllable function, IoT technology applied almost every home appliances and industrial machinery.
But as many computerized objects emerged and connected to the internet, incidents and cyber terrors utilizing IoT devices have been rapidly grown. And when it comes to investigating the incidents and collecting cyber evidences, There are differences between the IoT forensic and usual digital forensic as much as the system environment differences between the IoT devices and PCs and Servers. Also Limitation that never be seen in the digital forensic exists.
In this talk, We cover how to hack or exploit to IoT devices(Home electric appliances) and the IoT forensic including collecting the evidences in the IoT devices that damaged or utilized for cyber terror, extracting artifacts(i.e., log files) from the IoT devices infected by malware through the IoT forensic, and analyzing the attacker's invasion pathway remaining integrity of the evidence files extracted from the IoT devices.
And we will introduce not only 0-day vulnerabilities with exploits and useful tools developed by ourselves for the IoT forensic but also discuss the limitation of the IoT forensic. We have researched and exploited to one of home electric appliances(robot cleaner) made by a global electronic company (Probably you know which company it is).