The rise of the Internet of Things (IoT) has transformed how technology is used in our daily life and critical sectors. However, this rapid growth in the usage of IoT devices also brings new challenges for digital forensics. Traditional forensic tools are often not suitable for IoT devices due to factors like volatile data, distributed storage, strong encryption, and legal and jurisdiction complexity. This thesis investigates the main challenges that forensic investigators face when investigating IoT devices and explores how current methods and tools can be improved.
A mixed method approach is used in this study combining a literature review with a survey. The results confirm that encryption, cloud dependency, and a lack of standardized procedures are among the most critical IoT forensic challenges. Many participants in the survey reported limited forensic readiness in their organizations, and existing tools were often seen as only moderately effective. There was also strong interest in future solutions such as AI assisted analysis and blockchain for securing digital evidence.
The results show a clear gap between theoretical frameworks and practical implementation. The thesis also highlights the need for better tool support, improved forensic readiness, and better cooperation between investigators, vendors, and policymakers. It also presents the importance of designing IoT systems with forensic needs in mind. Future work should focus on real world testing of tools and frameworks, as well as developing clearer legal and ethical guidelines for investigating IoT devices.