Maxim Chernyshev

Internet of Things (IoT): Research, Simulators, and Testbeds

The Internet of Things (IoT) vision is increasingly being realized to facilitate convenient and efficient human living. To conduct effective IoT research using the most appropriate tools and techniques, we discuss recent research trends in the IoT area along with current challenges faced by the IoT research community. Several existing and emerging IoT research areas such as lightweight energy-efficient protocol development, object cognition and intelligence, as well as the critical need for robust security and privacy mechanisms will continue to be significant fields of research for IoT. IoT research can be a challenging process spanning both virtual and physical domains through the use of simulators and testbeds to develop and validate the initial proof-of-concepts and subsequent prototypes. To support researchers in planning IoT research activities, we present a comparative analysis of existing simulation tools categorized based on the scope of coverage of the IoT architecture layers. We compare existing large-scale IoT testbeds that have been adopted by researchers for examining the physical IoT prototypes. Finally, we discuss several open challenges of current IoT simulators and testbeds that need to be addressed by the IoT research community to conduct large-scale, robust and effective IoT simulation, and prototype evaluations.

On 802.11 Access Point Locatability and Named Entity Recognition in Service Set Identifiers

The 802.11 active service discovery mechanism requires the transmission of various attributes in a plain text. These attributes can be collected using passive monitoring and can be used to enumerate the preferred network list (PNL) of client devices. In this paper, we focus on the information that can be obtained using the service set identifiers (SSIDs) that make up the PNL. First, we describe a simple model based on a wireless access point geolocation technique to gauge the potential device locatability using data available on WiGLE.net. Second, we look at additional information that can be extracted from the SSID strings. Our hypothesis is that the entities of potential interest, such as locations and personal names contained within SSIDs, can be recognized in an automated fashion. Using two freely available pretrained named entity recognizers, we were able to identify up to 49% of SSIDs as possibly carrying entities of interest based on multiple data sets. We also show that extracted attributes can be used as an inference basis for additional inference attacks, which presents further opportunities in forensic and intelligence contexts.

Service Set Identifier Geolocation for Forensic Purposes: Opportunities and Challenges

We discuss the use of selected passive wireless device fingerprinting and prior location inference techniques from a forensic perspective. With specific focus on 802.11 signals, we examine how fingerprints based on the Preferred Network List (PNL) enumerations can be utilized to obtain the locational dimension. This dimension may act as a bridge between the digital fingerprint and the physical world. Using a data set of 147,944 network names contextualized to a particular geographical area, we discuss the associated opportunities, challenges and limitations.

Internet of Things Forensics: The Need, Process Models, and Open Issues

The Internet of Things (IoT) brings a set of unique and complex challenges to the field of digital forensics. To take advantage of the volume and variety of data captured by and stored in ubiquitous IoT services, forensic investigators need to draw upon evidence-acquisition methods and techniques from all areas of digital forensics and possibly create new IoT-specific investigation processes. Although a number of conceptual process models have been developed to address the unique characteristics of the IoT, many challenges remain unresolved.

Mobile Forensics: Advances, Challenges, and Research Opportunities

The proliferation of mobile devices has led to advanced cybercriminal activities that exploit their ubiquity. Contemporary mobile forensics techniques and the challenges facing forensic investigators are discussed. Also identified are research opportunities that must be explored to enable more efficient mobile forensic techniques and technologies.

Revisiting Urban War Nibbling: Mobile Passive Discovery of Classic Bluetooth Devices Using Ubertooth One

The ubiquitous nature of Bluetooth technology presents opportunities for intelligence gathering based on historical and real-time device presence data. This information can be of value to law enforcement agencies, intelligence organizations, and industry. Despite the introduction of the Bluetooth Low Energy standard that incorporates anonymity preservation mechanisms, the presence of devices that support Classic Bluetooth that uses unique and persistent device identifiers is expected to remain significant for a number of years. The common approach to finding discoverable Classic Bluetooth devices relies on a standard inquiry process that is not truly passive. Furthermore, this approach fails to detect devices that remain undiscoverable. Ubertooth One, a low-cost open source Bluetooth development platform, can assist with overcoming this limitation in a truly passive manner, making it an attractive digital forensic instrument. Using vehicle-based sensors and parallel multi-method device discovery, we conduct a practical evaluation of Ubertooth One for passive discovery and contrast its discovery rate to the standard method. Based on 83 comparative field experiments, we show that Ubertooth One can produce forensically sound observations while able to discover up to ten times as many devices. We also show that this method can identify repeat device presence, as we observe 2370 instances of repeat observations on different days in single and multiple location scenarios. We conclude that this passive technique can complement the standard method and has the potential be used as a viable alternative.