This project explores the evidentiary value of information gathered from devices connected to the Internet of Things, more precisely – Amazon Echo Dot, and report the impact on digital forensic investigators.
The increasing popularity of innovative technology in consumers’ homes provides alternative opportunities for investigators to gather evidential information. As innovative technology continues to advance, additional features, such as virtual assistants, allow consumers to become more productive and handle workload efficiency; thus, police forces cannot ignore the investigation into the types of data sources such devices generate cannot be ignored. These devices can attain and store large amounts of data belonging to users, either on the device, on the associated application, or in the cloud. Investigation into the amount of information these devices could store has been Widley undertaken. However, how this data could be extracted to support a forensic analysis or recommended guidelines for handling the evidence still needs further research. This research is set to focus on the Amazon Echo Dot and the associated application “Alexa”. This report will explore the potential data sources, and the most appropriate way to extract forensically relevant information from either the device or associated application will be explored. Additionally, this research aims to discuss how this data may support analysts when investigating and handling the device. Privacy concerns regarding Amazon Echo devices’ data privacy mean that investigating these devices contents increases in difficulty. Because of this, this project uses various tools and methods to capture forensically relevant information. MSAB XRY will be used to perform data extraction on the Amazon Echo Dot utilising both a logical and Agent Extraction. The results derived from this investigation will be compared. Wireshark is an open-source network packet sniffing tool that will analyse traffic between the Amazon Echo Dot unit and the cloud. A test to establish the accuracy of the Alexa Virtual Assistant will be undertaken using secure methods.
This project explored the forensically valuable information sources useful to a forensic Examiner. Furthermore, a range of tools and methods have been performed to determine the most efficient approach of extracting data from IoT enabled devices.