Umit, you're Assistant Professor of Computer & Information Technology at Purdue University. Tell us about your role; what does a typical day in your life look like?
I identify myself as Digital and Cyber Forensics researcher and educator. As a researcher, I lead my Digital and Mobile Forensics laboratory where I conduct applied forensics research with my graduate and undergraduate students. There is an amazing culture at Purdue and we collaborate with law enforcement as well as industry for mutual research interests.As an educator, I teach courses in our Cybersecurity (undergraduate) and Digital and Cyber Forensics (graduate) in which we focus on hands-on and active learning. My educator role never ends in the classroom or labs, it also continues during our research meetings, one-on-one meetings, and when I’m advising my students. My daily routine is simply a mixture of the three major goals – discovery, learning and engagement – with some time dedicated to my personal development. I would say keeping up with the deadlines is kind of my routine.
What digital forensics programmes does Purdue offer, and what can students expect to gain from these?
In the Computer and Information Technology department we offer a Cybersecurity undergraduate program. We also offer a CIT MS degree in which students may follow a Cyberforensics area of specialization.
At the college level, Purdue Polytechnic Institute offers a PhD in Technology, and one of its concentrations is Digital and Cyber Forensics. Regardless of the degree level, students have access to the state of the art facilities, which helps them to be successful both in learning and discovery. The majority of the core courses are designed with integrated hands-on laboratory sections where students are able to apply the materials they learn in class. In short, students will gain the necessary knowledge and skills that they need to reach their post-graduation goals with great satisfaction.
You've recently published a paper on digital forensics for IoT and WSNs. Can you briefly describe the aims of the research?
As we are taking advantage of being constantly connected via the Internet, this connectedness also comes with the risk of an increasing number of cyber attacks through WSNs and IoT. While significant research has been dedicated to secure WSN/IoT, this still indicates that there need to be forensic mechanisms to be able to conduct investigations and analysis. Our research aims to fill this gap by providing an overview and classification of digital forensics research and applications in these emerging domains in a comprehensive manner. In addition to analyzing the technical challenges, it also provides a survey of the existing efforts from the device level to network level while also pointing out future research opportunities.
Why is it so important to understand the relevance of digital forensics applications to IoT and WSNs?
We become aware of cyber-attacks to personal, enterprise, government systems and infrastructures every day, if not several times a day. IoT and WSNs are rapidly becoming part of our life, from smart home devices to technologies used in our cars; from medical wearable devices to smart grid components. Most of these new technologies have been designed without security in mind in the first place, therefore they become prone to cyber-attacks. As these attacks are inevitable, we not only need to understand how to secure the devices, but also comprehend how and when these incidents happen, who and/or what is accountable for such attacks. This is where digital forensics techniques play a crucial role.
What are some of the technical challenges involved in investigating IoT and WSNs?
The first and foremost difficulty is the lack of standardization in IoT and WSN technologies and propriety data formats. As a result of these issues, the forensic tools that are used in investigations may not yield good results and the investigation requires a more hands-on approach with low level data. This clearly causes the investigations to take a longer time and the forensic analysis becomes quite difficult.
In your opinion, how will the IoT change over the next few years, and what do we as digital forensic practitioners need to do to keep up?
It would not be difficult to foresee that use of IoT will be even more prolific. Our homes, businesses, vehicles, medical services, public infrastructures and many other areas of life will be part of the IoT ecosystem which will constantly collect, store/transfer, and analyze tremendous amounts of data.
As digital forensics researchers and practitioners we need to value cross-disciplinary research particularly with experts in artificial intelligence, data science, engineering, mathematics and statistics, and constant discussions with law enforcement and industry. Through these collaborations, we can find holistic solutions related to safety and security of the people and cyber-physical infrastructures as well as security and privacy of the data being produced by them.
What conclusions did you come to in your research, and what potential future avenues of research could be explored?
As digital forensics in IoT and WSNs is a relatively new concept particularly for the digital forensic community, our research reveals significant weaknesses and important future work to be conducted. One of the most important findings was the lack of available standard investigative techniques and models, particularly for IoT.
In addition, new digital forensic solutions and frameworks are also lacking, particularly for the low memory footprint and low power requirement devices used in WSNs.
As for future research, we identified a significant amount of future work. For instance, we are in immediate need of collaborative work with data analytics and fault-tolerance experts to cooperatively analyze data from IoT devices not only related to user activity but also related to hardware and embedded systems, as well as creating robust and standard solutions particularly for live data acquisition, automated data collection and analysis for IoT and WSNs.
What are you working on currently? Do you have any other research projects in the pipeline?
I’m currently working on a U.S. National Institute of Justice funded project on a Targeted Data Extraction System for mobile device forensics. As user privacy is a serious concern in mobile forensic investigations, courts are now ruling limited searches for mobile devices. In the case of analyzing mobile devices belonging to victims or witnesses, targeted acquisition at finer granularity becomes a necessity and we are helping law enforcement with that.
In another piece of research, we are exploring effective simulation training topics and designing through Virtual Reality technology for Incident First Responders and Digital Forensic Investigators. Our main goal is to develop an immersive experience by simulating unconventional real-world scenarios and conditions where physical evidence (post-it notes, camcorder boxes, etc.) might be crucial for digital investigations.
Well, there is always a project in the pipeline. For instance, we are developing a new system to identify fingerprints that are not recognized by the Automated Fingerprint Identification System (a.k.a. AFIS) because of the level of their distortion. On another project, we are working on incident response and forensic analysis of remotely piloted aerial systems such as drones. As I said, more to come!
Finally, when you're not working, what do you enjoy doing in your spare time?
I spend most of my spare time with my family. It is amazing how time passes when it’s spent with them. Cooking is something I especially enjoy. Besides that, biking, soccer, and swimming are some other activities I enjoy in my spare time.
Umit Karabiyik is Assistant Professor of Computer & Information Technology at Purdue University. His recent paper, Digital Forensics for IoT and WSNs, can be accessed via Academia.edu.