Browse > Article
http://dx.doi.org/10.7472/jksii.2022.23.5.69

A Study on the remote acuisition of HejHome Air Cloud artifacts  

Kim, Ju-eun (Department of Computer Science and engineering, Seoul National University of Science and Technology)
Seo, Seung-hee (Department of Computer Science and engineering, Seoul National University of Science and Technology)
Cha, Hae-seong (Department of Computer Science and engineering, Seoul National University of Science and Technology)
Kim, Yeok (Institute of Electric and Information Technology, Seoul National University of Science and Technology)
Lee, Chang-hoon (Department of Computer Science and engineering, Seoul National University of Science and Technology)
Publication Information
Journal of Internet Computing and Services / v.23, no.5, 2022 , pp. 69-78 More about this Journal
Abstract
As the use of Internet of Things (IoT) devices has expanded, digital forensics coverage of the National Police Agency has expanded to smart home areas. Accordingly, most of the existing studies conducted to acquire smart home platform data were mainly conducted to analyze local data of mobile devices and analyze network perspectives. However, meaningful data for evidence analysis is mainly stored on cloud storage on smart home platforms. Therefore, in this paper, we study how to acquire stored in the cloud in a Hey Home Air environment by extracting accessToken of user accounts through a cookie database of browsers such as Microsoft Edge, Google Chrome, Mozilia Firefox, and Opera, which are recorded on a PC when users use the Hey Home app-based "Hey Home Square" service. In this paper, the it was configured with smart temperature and humidity sensors, smart door sensors, and smart motion sensors, and artifacts such as temperature and humidity data by date and place, device list used, and motion detection records were collected. Information such as temperature and humidity at the time of the incident can be seen from the results of the artifact analysis and can be used in the forensic investigation process. In addition, the cloud data acquisition method using OpenAPI proposed in this paper excludes the possibility of modulation during the data collection process and uses the API method, so it follows the principle of integrity and reproducibility, which are the principles of digital forensics.
Keywords
Smart home; Dgital forensics; AccessToken; Open API; Cloud forensics;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Corp.Goqual, "Hej home OpenAPI Guide-API List", goqual.notion.site, 2022.08.26., access 2022.09.07. https://goqual.notion.site/OpenAPI-Guide-1177102881b345c3aa001d15d1788601
2 GH Nam, SH Gong, BJ Seok, CH Lee, "Study onRemote Data Acquisition Methods Using OAuth Protocol of Android Operating System", Journal of the Korea Institute of Information Security & Cryptology, Vol. 28, No. 1, pp. 111-122, 2018. https://doi.org/10.13089/JKIISC.2018.28.1.111   DOI
3 SH Kim, "Last year, the number of digital forensic analyses doubled in three years", ITBizNews, 2021.10.10., access 2022.07.09. https://www.itbiznews.com/news/articleView.html?idxno=51592
4 YC Jung, "Smart home data to secure criminal cues.. Supreme Prosecutors' Office Launches Research on Forensic Techniques", etnews, 2022.03.17., access 2022.07.09. https://www.etnews.com/20220317000157
5 MJ Kim, TS Shon, "Smart Home IoT Forensics Technology Trends", REVIEW OF KIISC, Vol. 31, No. 6, pp. 31-35, 2021.
6 SJ Kang, SM Shin, SR Kim, GY Kim, JS Kim, "Artifacts Analysis of Xiaomi Smart Home and Utilization Method for Digital Forensics". Journal of Digital Forensics, Vol. 15, No. 1, pp. 54-66, 2021.   DOI
7 MJ Kim, TS Shon, "Research on Network-based Smart Home Device Forensic Technology", Journal of Digital Forensics, Vol. 15, No. 4, pp. 84-94, 2021.   DOI
8 SR Kim, MS Park, SH Kim, JS Kim, "Smart Home Forensics-Data Analysis of IoT Devices", Electronics, vol. 9, No. 8, pp.1215-1228, 2020. https://doi.org/10.3390/electronics9081215   DOI
9 YJ Chung, JH Park, SJ Lee, "Digital forensic approaches for Amazon Alexa ecosystem", Digital Investigation, Vol. 22, Supplement, pp. S15-S25, 2017. https://doi.org/10.1016/j.diin.2017.06.010   DOI
10 SM Moon, SH Seo, CH Lee, "Digital Forensic Analysis for Smart-home Platform Hejhome", Summer Conference of Korea Institute of information Security & Cryptology, 2021.
11 Microsoft Docs, "dpapi.h header", Microsoft technical documentation, 2022.08.03., access 2022.09.07. https://docs.microsoft.com/en-us/windows/win32/api/dpapi/
12 Microsoft Docs, "CryptGenKey function (wincrypt.h)", Microsoft technical documentation, 2021.10.13., access 2022.09.07. https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptgenkey