Sabidur, tell us a bit about yourself. What's your background, and what are you currently working on?
I am a PhD student at University of California, Davis. I have competed my BS from Bangladesh University of Engineering and Technology (BUET) and MS from University of Texas at San Antonio, respectively.
Between my times in academia, I have worked with Samsung R&D, Epic Systems, Ennetix Inc. and AT&T Labs. My research focus at UC Davis is on network optimization and IoT/Mobility forensics.How did you first become interested in digital forensics as a field?
I started to work on digital forensics from my research on INSuRE projects in 2016. 14 universities collaborated on the the INSuRE project lead by Centers of Academic Excellence in Information Assurance Research (CAE-R) and the National Security Agency (NSA), the Department of Homeland Security and other federal agencies.
I strongly feel that digital forensics, especially IoT/Mobility forensics, is an area which needs more attention from users, developers, the security community and policy-makers.
You recently published a paper about mobility forensics for IoT devices. Could you give us an overview of your research and its aims?
Mobility forensics is a relatively unexplored branch of digital forensics. To the best of my knowledge, our study is the first work that looks into IoT devices from the mobility forensics point of view. The growing use of IoT devices in homes / factories / streets / cars is concerning from a security point of view.
Instead of just focusing on securing the communication and devices, our research focuses on the new role that the IoT devices can play in cyber crime investigation. Our study shows how proper data collection and proposed forensic models can help in evidence collection and forensic investigations. We also hope that our study would help to raise awareness among users regarding IoT security and privacy issues.
What did you discover in the course of your research?
First, we were surprised to discover that the devices currently available are far from secure. Second, the data/traces collected from IoT devices can help a lot in securing against cyber crimes, with proper management. But, unfortunately, this field is unexplored.
Third, we have a long way to go securing the emerging technologies. Mobility forensics is a key area which can help us in achieving that goal. Last but not least, to ensure the security and privacy of our devices and data, we all have to work together. Researchers, developers, users, media; everyone has to share the understanding and the knowledge of the threat we face and the methods we can use to keep us safe from the threats.
In your opinion, what can we expect from the future of IoT forensics?
We proposed some important future research directions in our study. More work should be done on IoT forensic models which would help the investigators in practical scenarios. I believe data analytics and machine learning can help a lot to improve the field of IoT forensics.
Privacy of the user is very vulnerable with the increase in IoT devices, which should be a major drive in future. Manufactures of IoT devices have to understand that securing the device is no less important than adding a new feature to it.
Are you working on any research projects currently, or do you have any more planned for the future?
Yes. I have plans to extend my research on mobility forensics. I am also working on a study focusing on intrusion detection systems for IoT devices. I always welcome discussion on new research problems and collaborations.
Finally, when you're not researching digital forensics, what do you like to do in your spare time?
In my spare time, I like to work on my pet-projects. I am also addicted to road trips, I like to start my the car engine and go out driving, to explore the unknown!
You can find the full paper on the INSuReCon'16 website (INSuReCon'16_paper_4).