Technological advances have enabled multiple countries to consider
implementing Smart City Infrastructure to provide in-depth insights into
different data points and enhance the lives of citizens. Unfortunately, these
new technological implementations also entice adversaries and cybercriminals to
execute cyber-attacks and commit criminal acts on these modern infrastructures.
Given the borderless nature of cyber attacks, varying levels of understanding
of smart city infrastructure and ongoing investigation workloads, law
enforcement agencies and investigators would be hard-pressed to respond to
these kinds of cybercrime. Without an investigative capability by
investigators, these smart infrastructures could become new targets favored by
cybercriminals.
To address the challenges faced by investigators, we propose a common
definition of smart city infrastructure. Based on the definition, we utilize
the STRIDE threat modeling methodology and the Microsoft Threat Modeling Tool
to identify threats present in the infrastructure and create a threat model
which can be further customized or extended by interested parties. Next, we map
offences, possible evidence sources and types of threats identified to help
investigators understand what crimes could have been committed and what
evidence would be required in their investigation work. Finally, noting that
Smart City Infrastructure investigations would be a global multi-faceted
challenge, we discuss technical and legal opportunities in digital forensics on
Smart City Infrastructure.
Go to Source of this post
Author Of this post: <a href="http://arxiv.org/find/cs/1/au:+Tok_Y/0/1/0/all/0/1">Yee Ching Tok</a>, <a href="http://arxiv.org/find/cs/1/au:+Chattopadhyay_S/0/1/0/all/0/1">Sudipta Chattopadhyay</a>