Abstract
The utilization of the internet within organizations has surged over the past decade. Though, it has numerous benefits, the internet also comes with its own challenges such as intrusions and threats. Bring Your Own Device (BYOD) as a growing trend among organizations allow employees to connect their portable devices such as smart phones, tablets, laptops, to the organization’s network to perform organizational duties. It has gained popularity over the years because of its flexibility and cost effectiveness. This adoption of BYOD has exposed organizations to security risks and demands proactive measures to mitigate such incidents. In this study, we propose a Digital Forensic Readiness (DFR) framework for BYOD using honeypot technology. The framework consists of the following components: BYOD devices, Management, People, Technology and DFR. It is designed to comply with ISO/IEC 27043, detect security incidents/threats and collect potential digital evidence using low- and high-level interaction honeypots. Besides, the framework proffers adequate security support to the organization through space isolation, device management, crypto operations, and policies database. This framework would ensure and improve information security as well as securely preserve digital evidence. Embedding DFR into BYOD will improve security and enable an organization to stay abreast when handling a security incident.
References
[1] Agnaou, A., Kalam, A. A. El, & Ouahman, A. A. (2018). Towards a collaborative architecture of honeypots. Proceedings of IEEE/ACS International Conference on Computer Systems and Applications, AICCSA, 2017-October. https://doi.org/10.1109/AICCSA.2017.208
[2] Ahmad, A., Webb, J., Desouza, K. C., & Boorman, J. (2019). Strategically-motivated advanced persistent threat: Definition, process, tactics and a disinformation model of counterattack. In Computers and Security (Vol. 86). https://doi.org/10.1016/j.cose.2019.07.001
[3] Cabaj, K. (2015). HoneyPot systems in practice. PRZEGL�D ELEKTROTECHNICZNY, 1(2). https://doi.org/10.15199/48.2015.02.16
[4] Chamotra, S., Sehgal, R. K., & Ror, S. (2016). Bot detection and Botnet tracking in Honeynet context. Smart Innovation, Systems and Technologies, 50. https://doi.org/10.1007/978-3-319-30933-0_56
[5] Dalamagkas, C., Sarigiannidis, P., Ioannidis, D., Iturbe, E., Nikolis, O., Ramos, F., Rios, E., Sarigiannidis, A., & Tzovaras, D. (2019). A Survey on honeypots, honeynets and their applications on smart grid. Proceedings of the 2019 IEEE Conference on Network Softwarization: Unleashing the Power of Network Softwarization, NetSoft 2019. https://doi.org/10.1109/NETSOFT.2019.8806693
[6] Downer, K., & Bhattacharya, M. (2015). BYOD security: A new business challenge. 2015 IEEE International Conference on Smart City/SocialCom/SustainCom (SmartCity), 1128–1133.
[7] Gonzalez, C., Aggarwal, P., Lebiere, C., & Cranford, E. (2020). Design of Dynamic and Personalized Deception: A Research Framework and New Insights. Proceedings of the 53rd Hawaii International Conference on System Sciences. https://doi.org/10.24251/hicss.2020.226
[8] Gudo, M., & Padayachee, K. (2015). SpotMal: A hybrid malware detection framework with privacy protection for BYOD. ACM International Conference Proceeding Series, 28-30-September-2015. https://doi.org/10.1145/2815782.2815812
[9] Ikuesan, A. R., & Venter, H. S. (2017). Digital forensic readiness framework based on behavioral-biometrics for user attribution. 2017 IEEE Conference on Applications, Information and Network Security, AINS 2017, 2018-January. https://doi.org/10.1109/AINS.2017.8270424
[10] Kazadi, J. M., & Jazri, H. (2015). Using digital forensic readiness model to increase the forensic readiness of a computer system. Proceedings of 2015 International Conference on Emerging Trends in Networks and Computer Communications, ETNCC 2015. https://doi.org/10.1109/ETNCC.2015.7184822
[11] Kebande, V. R., Karie, N. M., & Venter, H. S. (2016). A generic Digital Forensic Readiness model for BYOD using honeypot technology. 2016 IST-Africa Conference, IST-Africa 2016. https://doi.org/10.1109/ISTAFRICA.2016.7530590
[12] Kyaw, A., Cusack, B., & Lutui, R. (2019). Digital Forensic Readiness in Wireless Medical Systems. 2019 29th International Telecommunication Networks and Applications Conference, ITNAC 2019. https://doi.org/10.1109/ITNAC46935.2019.9078005
[13] Kyaw, A. K., Tian, Z., & Cusack, B. (2020). Design and Evaluation for Digital Forensic Ready Wireless Medical Systems. Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST, 314 LNICST. https://doi.org/10.1007/978-3-030-42029-1_9
[14] Martin, V., Cao, Q., & Benson, T. (2017). Fending off IoT-hunting attacks at home networks. CAN 2017 - Proceedings of the 2017 Cloud-Assisted Networking Workshop, Part of CoNext 2017. https://doi.org/10.1145/3155921.3160640
[15] Mouhtaropoulos, A., Dimotikalis, P., & Li, C. T. (2013). Applying a Digital forensic readiness framework: Three case studies. 2013 IEEE International Conference on Technologies for Homeland Security, HST 2013. https://doi.org/10.1109/THS.2013.6699003
[16] Nawrocki, M., Wählisch, M., Schmidt, T. C., Keil, C., & Schönfelder, J. (2016). A survey on honeypot software and data analysis. ArXiv Preprint ArXiv:1608.06249.
[17] Negi, P. S., Garg, A., & Lal, R. (2020). Intrusion detection and prevention using honeypot network for cloud security. Proceedings of the Confluence 2020 - 10th International Conference on Cloud Computing, Data Science and Engineering. https://doi.org/10.1109/Confluence47617.2020.9057961
[18] Pawlick, J., Nguyen, T. T. H., Colbert, E., & Zhu, Q. (2020). Optimal Timing in Dynamic and Robust Attacker Engagement During Advanced Persistent Threats. https://doi.org/10.23919/wiopt47501.2019.9144123
[19] Pickett, M. (2003). A Guide to the honeypot concept. Sans Institute.
[20] Ratchford, M. M., & Wang, Y. (2019). Byod-insure: A security assessment model for enterprise byod. 2019 5th International Conference on Mobile and Secure Services, MOBISECSERV 2019. https://doi.org/10.1109/MOBISECSERV.2019.8686551
[21] Ros, E. (2018). Digital Forensic Readiness in Mobile Device Management Systems. University of Pretoria.
[22] Rowlingson, R. (2004). A ten step process for forensic readiness. International Journal of Digital Evidence, 2(3), 1-28.
[23] Ryan, F., & Schukat, M. (2019). Wi-fi user profiling via access point honeynets. 30th Irish Signals and Systems Conference, ISSC 2019. https://doi.org/10.1109/ISSC.2019.8904968
[24] Sachowski, J. (2016). Investigative Process Models. In Implementing Digital Forensic Readiness. https://doi.org/10.1016/b978-0-12-804454-4.00002-2
[25] Simmons, R., & Vandeven, S. (2017). BYOD Security Implementation for Small Organizations. SANS Institute InfoSec Reading Room.
[26] Singh, A., Ikuesan, A. R., & Venter, H. S. (2019). Digital Forensic Readiness Framework for Ransomware Investigation. Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST, 259. https://doi.org/10.1007/978-3-030-05487-8_5
[27] Spitzner, L. (2003). Honeypots: tracking hackers (Vol. 1). Reading: Addison-Wesley.
[28] Valjarevic, A., Venter, H., & Petrovic, R. (2017). ISO/IEC 27043:2015 - Role and application. 24th Telecommunications Forum, TELFOR 2016. https://doi.org/10.1109/TELFOR.2016.7818718
[29] Valjarevic, A., & Venter, H. S. (2011). Towards a digital forensic readiness framework for public key infrastructure systems. 2011 Information Security for South Africa - Proceedings of the ISSA 2011 Conference. https://doi.org/10.1109/ISSA.2011.6027536
[30] Velasco Silva, D., & Rodríguez Rafael, G. D. (2017). A review of the current state of Honeynet architectures and tools. International Journal of Security and Networks, 12(4). https://doi.org/10.1504/ijsn.2017.10009165
[31] Vignesh, U., & Asha, S. (2015). Modifying security policies towards BYOD. Procedia Computer Science, 50. https://doi.org/10.1016/j.procs.2015.04.023
[32] Wang, X., Guo, N., Gao, F., & Feng, J. (2019). Distributed denial of service attack defence simulation based on honeynet technology. Journal of Ambient Intelligence and Humanized Computing. https://doi.org/10.1007/s12652-019-01396-x
[33] Wang, Y., Wei, J., & Vangury, K. (2014). Bring your own device security issues and challenges. 2014 IEEE 11th Consumer Communications and Networking Conference, CCNC 2014. https://doi.org/10.1109/CCNC.2014.6866552
Recommended Citation
ASANTE, AUDREY and Amankona, Vincent
(2021)
"DIGITAL FORENSIC READINESS FRAMEWORK BASED ON HONEYPOT AND HONEYNET FOR BYOD,"
Journal of Digital Forensics, Security and Law: Vol. 16
, Article 2.
DOI: https://doi.org/10.58940/1558-7223.1706
Available at:
https://commons.erau.edu/jdfsl/vol16/iss2/2