Next Article in Journal
TransRFT: A Knowledge Representation Learning Model Based on a Relational Neighborhood and Flexible Translation
Previous Article in Journal
Deep Learning Logging Sedimentary Microfacies via Improved U-Net
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Applied Sciences
Volume 13
Issue 19
10.3390/app131910861
applsci-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles thumb_up
...
Endorse textsms
...
Comment
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Digital Communication Forensics in 6G and beyond Networks

by
Albatool Alqabbani
1,
Kashif Saleem
2,* and
Abdulaziz S. Almazyad
1
1
Department of Computer Engineering, College of Computer and Information Sciences, King Saud University, Riyadh 11495, Saudi Arabia
2
Department of Computer Sciences and Engineering, College of Applied Studies and Community Service, King Saud University, Riyadh 11362, Saudi Arabia
*
Author to whom correspondence should be addressed.
Appl. Sci. 2023, 13(19), 10861; https://doi.org/10.3390/app131910861
Submission received: 22 April 2023 / Revised: 11 September 2023 / Accepted: 25 September 2023 / Published: 29 September 2023
Browse Figures
Review Reports Versions Notes

Abstract

:
6G networks can be truly intelligent wireless systems that have the flexibility for continuous technological improvements. However, security events affecting information systems have grown increasingly complicated and sophisticated. Intruders may be able to operate due to a lack of evidence authenticity. Using network forensics methods can solve many cybercrime instances. These methods can be used to locate the intruder and to determine the intrusion’s origin and how it can be avoided in the future. Existing network forensics techniques confront security threats and vulnerabilities in several networks, such as personal area networks, local area networks, wide area networks, and wireless wide area networks under telecom networks, in practice, but cannot operate in 6G and beyond telecom networks, which are critical at this moment. Thus, a comprehensive literature analysis of telecom networks is conducted to identify existing concerns and challenges in conducting digital communication forensics. Hence, a digital forensics system for 6G and beyond networks is proposed as an initial idea on the basis of the highlighted issues, thereby assessing security incidents and providing justified evidence that explains the footprints of the attackers.

1. Introduction

Despite the fact that the 5G network age is still developing, the limits of 5G technology have already inspired investigations into 6G networks. Therefore, academics and the industry have begun working on 6G wireless communication systems [1]. In March 2019, the first conference was convened at the University of Oulu, where the communications specialists collaborated on the first white paper for this technology [2]. This deed led to the unofficial beginning of the field of 6G networking. Since then, an increasing number of governments and organizations have indicated that their research projects shall be integrated into the 6G network [3]. In the coming decade, zettabytes of digital data will be produced by billions of things, including humans, automobiles, appliances, and robots, ushering in a new era [4]. 6G will have to deal with more difficult applications, such as holographic telepresence, immersive communications, and personal mobile robotics [5].
In telecommunications, 6G is the sixth-generation mobile system standard for cellular data networks and is currently being developed for wireless communications technology. As of 2023, there is no universally accepted definition for what counts as 6G technology. However, there are three core components which could produce the logical beginning of 6G, namely artificial intelligence (AI), photonic technology, and radio-frequency (RF) holography. These components will be the driving force for the development of 6G and are crucial in achieving even faster and more reliable connectivity than 5G [6].
5G wireless technologies are already facing major challenges because of the development of intelligent data-centric systems [7]. In the last 10 years, Internet usage has skyrocketed. According to recent statistics, one out of every three people in developed countries uses the Internet for either personal or business purposes [8]. As more people utilize the Internet, more illegal activities, including data theft, identity theft, and other misdeeds are committed. Given the increasing complexity, volume, and sophistication of digital security incidents, about 95% of Saudi organizations have experienced at least one cyber-attack within the past 12 months [9]. The traditional methods of protecting information systems (e.g., firewalls and intrusion detection systems) are no longer enough [10].
Faced with this issue, security professionals have begun to pay close attention to a new discipline known as digital forensics (DF) of security threats, which is defined as the keeping, identification, gathering, documentation, and explanation of computer data [11]. DF, according to [8,12,13], is the use of scientific methodologies to study the digital evidence to comprehend and recreate an event. Other scholars view DF as branch of forensic science that uses different procedures to locate, gather, secure, analyze, interpret, and present digital evidence relevant to a case to recreate events and to ensure the validity of the legal process. Each step and activity of DF is supported by a high level of personal competence and the availability of various instruments to undertake event reconstruction [14]. DF is the process of gathering and analyzing data from computers, networks, communication streams (wired and wireless), and storage devices in such a way that justified evidence is acquired to be used in court [15]. The goal of network forensics is to track, store, or evaluate network events in order to gather evidence and identify the source of security intrusions [16].
Packet analysis is a typical traceback approach in network forensics. If the packet characteristics gathered are sufficiently detailed, they may replay the whole network traffic for a specified period [11]. This approach can be used to rebuild documents, images, emails, and other materials transported over the network, as well as to find evidence of illegal online activity, such as sensitive information breaches, unauthorized access, malware, and intrusion attacks [1].
Smartphone technology is rapidly evolving, resulting in the design and manufacture of sophisticated smartphones [17]. Smartphones have essential features that allow them to become a vital part of people’s daily routines [7]. Due to users’ reliance on smartphone features and the devices’ ever-increasing storage capacities, a considerable amount of digital evidence, including contacts, text and instant messaging, call logs, geographic information, email, web browsing history, and multimedia activities, can be preserved [8]. Machine learning (ML) and artificial intelligence (AI) can help realize and optimize 6G network applications [18]. In the past 15 years, substantial work on the major obstacles in the field traditionally known as “computer forensics” has been conducted. Among these issues are the massive growth in the amount of digital evidence, the usage of effective encryption, and the innovation of new technologies that lead to the growth of digital evidence. This paper aims to propose a digital forensics system for 6G and beyond networks on the basis of the highlighted issues, thereby assessing security incidents and providing justified evidence that explains the clear steps followed by attackers. The key objectives are summarized as follows:
  • Study security and privacy trends, visions, applications, requirements, and major enabling technologies for 6G telecommunication networks.
  • Review the related literature and enumerate the current network forensics issues in each technology involved in the 6G network.
  • Determine the threat landscape and potential solutions for 6G security.
  • Propose a novel initial idea of digital forensics system for 6G and beyond networks.
In this study, some of the vital strategies and methodologies for solving DF difficulties, as well as some of the most utilized tools by investigators, are highlighted. The main goal is to solve the problems associated with timestamps of evidence that have been altered or referenced to an incorrect clock. The suggested method entails establishing clock adjustment hypotheses and confirming them by comparing observed evidence to the assumptions.
The remainder of this paper is organized as follows. A comprehensive literature review is provided in Section 2. In Section 3, the research methodology is discussed and a digital forensics system architecture for 6G and beyond is described. The discussion about the research is given in Section 4. Finally, the paper is concluded with the future work in Section 5.

2. Literature Review

The constraints of 5G networks are not only being uncovered as additional 5G networks are implemented, but they are also motivating exploratory studies on 6G networks as a next-generation alternative. Fundamental security and privacy issues related with 6G technologies are part of these analyses.
The authors in [8] presented “Security and privacy in 6G networks: New areas and new challenges”, which presented numerous limitations for 5G networks; given its popularity, it has boosted the exploratory research of 6G networks to present solutions to these limitations. Investigations into the basic security and privacy concerns related to 6G technology were part of these solutions. This research involved performing a survey on the existing conditions of security and privacy in 6G, serving as a platform for subsequent studies. The study started with the formulation of a historical analysis of earlier network technologies, the development potential of sixth-generation networks, and the four key factors of security and privacy in 6G.
The authors in [18] presented “Survey on Intelligence Edge Computing in 6G: Characteristics, Challenges, Potential Use Cases, and Market Drivers”. Intelligence edge computing (IEC) is the primary factor that enables the emergence of fifth-generation networks and subsequent generations, that is, it is the promising backbone of future services, as well as the integration of wireless communication systems with 5G. IEC is one of the 5G technologies that allows several other use cases and applications, including big data analytics, virtual and augmented reality, and driverless cars. Future directions in the IEC with 6G networks were also explored. Potential use cases, market drivers, and new difficulties were given special attention.
“A Comprehensive Survey of 6G Wireless Communications” was presented in [19]. After the spread of 5G communications worldwide, much attention has been given to 6G communications, especially by academia and the industry. Compared with the previous generation, 6G has a higher spectrum efficiency, shorter delay, higher transmission rate, wider frequency band, higher communication ability, and wider coverage, as well as a stronger anti-interference ability. An in-depth explanation of 6G wireless communications is surveyed in terms of applications, technologies, requirements, key features, and challenges, as well as a survey of 6G technology from the privacy and security side. It detailed many sixth-generation technologies and the challenges they face, especially smart surfaces, AI, THz, network integration between air, space, land, and sea, and the massive cell-free MIMO network. Given that the current wireless communication systems will be expected to be outperformed by 6G, the techniques of privacy and security that may help in protecting the communication of data in 6G must be discussed, as its development is expected.
The authors in [20] presented the modern network forensics framework challenges that are faced when detecting and preventing cybercrime. The study gives a general description of the fundamental organization of network forensics techniques and explains how they operate to identify the type and severity of network crimes. The paper additionally provides a topic taxonomy for classifying network forensics approaches based on an extensive review of the literature. The categorization was performed during forensic investigations based on the target datasets and implementation strategies. Numerous network forensics techniques have been compared based on their forensic processing, execution definition, target instance, objective functions, target dataset, investigation duration, mechanisms, and framework features. It also discusses various open research issues that may arise when selecting a subject for further network forensics research, as well as the most effective techniques.

2.1. Toward 5G Cellular Network Forensics

Cellular 5G networks offer 100 times more connections, a 1000-fold boost in system capacity, and 10 Gb/s user speeds. 5G networks use technologies, like network slicing, NFV, CIoT, and CUPS, to address these expectations. System adjustments are needed for each of these 5G capabilities in order to enable the gathering and forensic examination of cellular network evidence. There have been four generations of cellular networks, and the fifth is scheduled to enter commercial use in 2022. There are over 7.5 billion mobile subscribers worldwide, and each one generates an average of 5 GB of traffic each month [21].

2.2. WLAN Digital Forensics

Wireless mobile communication technology based on IEEE 802.11 wireless local area networks (WLANs) has proliferated during the past 10 years. However, the risk of cybercrime has grown along with the number of wireless users. In addition to being a solution to cybercrime in wireless networks, WLAN DF is seen to control its growth. Intercepting and preserving all mobile station communications so that a proper digital forensics investigation may be performed on them is the main problem in WLAN DF [22].

2.3. Digital Forensics for Mobile Devices in 5G and Modern Networks

In order to store data in connected blocks in the form of a decentralized database, blockchain technology requires a peer-to-peer network. Decentralization is a core property of blockchain technologies that well meet the needs of evidence integrity and provenance in DF across jurisdictional borders. Existing DF are confronted with new issues with regard to cyber–physical systems, such as data that are difficult to access, data that have multiple sources, transparent and traceable evidences, and the forensic analysis of huge numbers of datasets [23].
Global usage of mobile smart devices has skyrocketed during the past ten years. As these gadgets’ processing speeds and storage capacities have grown, so too has their attraction. Mobile smart devices are often utilized and incorporated into the networks of most enterprises, including phablets, smartphones, personal digital assistants, and tablets. Furthermore, huge amounts of private, commercial, and personal data are stored on these devices. They are now a target for fraudsters as a result. It was found that they were engaged in cybercrime [24].
There is a lot of interest throughout the world in the future 5G heterogeneous networks (HetNets). Large volumes of high-velocity data may be transferred using the HetNets bandwidth spectrum, with considerable advantages but a number of drawbacks. If key visual information, such as videos and photographs, is fraudulently targeted and posted to the Internet, it may spread quickly and, as a result, severe harm to the community might happen [25].
In the coming years, the development of 5G cellular and Internet of Things (IoT) technologies will be widely deployed. In addition, investigators are expected to handle a variety of cyber and internet difficulties in their investigations as crime rates rise. IoT devices can, therefore. be utilized to expedite the investigative process, particularly when it comes to identifying suspects. Few studies have examined the effectiveness of face sketch synthesis (FSS) models based on deep learning across a variety of application areas, including traditional face recognition [26].
Despite its potential involvement in a wide range of cyber-attacks, IoT bot malware is still relatively young and there is little forensic knowledge of it. Consider, for example, the distributed denial of service (DDoS) assault that prevented millions of Internet users from accessing more than 1200 websites, including social media, in 2016. This attack lasted for practically the whole day. IoT botnet forensics are essential due to an increasing number of an estimated 50 billion IoT devices and their expanding interconnectivity to traditional networks and even to one another with the deployment of 5G networks. Mirai botnet has had a widespread and considerable effect due to the weak defenses and access protections found in many IoT devices. The 2016 public release of its source code1 resulted in numerous Mirai variants and an increase in the frequency of DDoS attacks [27].
In a BYOD context driven by IoT [28], the authors examine the ecosystem for cyber forensics as well as security problems. They performed a simulation in three stages to find trends in the traffic that was being targeted. In the first stage, BYOD users from outside the company were tested utilizing mobile devices linked to the corporate network without VPN services. The second stage entailed inserting BYOD customers using untrusted personal devices into the company’s corporate wireless network and monitoring harmful activity. In the third phase, a model of the typical BYOD environment process was constructed, and a systematic procedure for BYOD secured ecosystem development modes was established. They discovered that in order to safeguard corporate networks against unreliable BYOD devices, a whole ecosystem of harmful traffic detection and management is required. The recommendation for a cyber forensics BYOD secure infrastructure requires advanced level security as its conclusion.

2.4. Cloud Digital Forensics

The difficulties that forensic investigators encounter when collecting evidence from the cloud computing environment are covered in [29]. The authors give a fictitious case study that looks at the importance of using both a partial and complete strategy for data collecting as well as how each approach impacts the time it takes to conduct a forensics investigation and the accuracy of the results. The investigative framework proposed by Martini and Choo is utilized to examine the crime covered in the case study. The study also offers statistical analysis findings to assist investigators in choosing the best techniques for evidence acquisition.
The authors in [30] proposed a logging scheme called eCLASS, which preserves log confidentiality by taking into account edge–cloud properties when collecting logs from distributed edge nodes. The suggested scheme takes on issues with cloud forensics, like collecting user activity logs in virtualized and multitenancy environments. A security analysis and performance evaluation that demonstrate the effectiveness of the eCLASS system are also discussed.
In order to combat cloud crime, it is now urgently necessary to develop powerful cloud computing systems digital forensics architectures and frameworks. A DDoS attack or DDoS malicious concept is used in this research to disrupt the targeted server or services by flooding their network resources with Internet traffic. DDoS attacks are efficient because they use a variety of ignored computers as attack traffic sources. Computers and other network resources, such as IoT devices, can be installed in the machines [31]. Table 1 provide a comparison of the discussed DF solutions.

3. Method

First, an extensive literature review was conducted, and the issues were identified. Each of the technologies involved in the 6G and beyond networks were studied individually. Current DF solutions were then considered for further enhancements while keeping every issue in front. Cross-layer and cross-technological methods were applied for improved monitoring and keeping digital records on multiple places. AI-enabled mechanisms can further help in tackling zero-knowledge attacks and other network track analysis. The integration of multiple solutions as a hybrid model can provide us with an enhanced network forensics system to attain justified evidence where required. The developed network forensics system architecture was developed to contribute to the field.
Compared to other forensic sciences, computer forensics is a recent field. The border between the extraction and analysis processes is difficult to clearly define. Therefore, the position of these two processes in the forensic process is uncertain. Figure 1 from the Cybercrime Lab depicts an overview of the procedure. The three steps that are underlined and highlighted as grey area in Figure 1 (i.e., preparation/extraction, identification, and analysis) are emphasized in this study.

3.1. Preparation/Extraction

First, examiners decide whether there is enough information to continue. They make sure the request is clear and that there are sufficient data to try to address it. If anything is missing, they work with the requester to coordinate. If all of the necessary information becomes ready, they proceed with setting up the process as shown in Figure 2.
Any forensics process must start with the validation of all hardware and software to ensure their functionality. The frequency at which a system should be assessed is a point of contention in the forensics community. The majority concur that every piece of a system should at the very least be verified after purchase and before use. They should be retested following any upgrade, patch, or configuration change as shown in Figure 2.

3.2. Identification

The identification process must be carried out for each item in the list of collected data as shown in Figure 3. The examiners start by determining what kind of item it is. In case that it is unrelated to the request, they just record it as processed and continue. If the examiner finds something damaging but beyond the purview of the initial request, they must immediately halt all work and notify the proper parties, including the requester as given in Figure 3. After that, he waits for further instructions.

3.3. Analysis

Examiners put all the pieces together and give the requester a full picture during the analysis step as graphically demonstrated by Figure 4. For every item on the collected data list, examiners provide answers to what, who, where, when, and how queries. This is performed in an effort to identify which source created, updated, sent, or received each item. Examiners also explain how they found this information. Finally, they explain why each piece of information is pertinent and what it signifies in light of the case as shown in Figure 4.

4. Discussion

In network forensics, network packet analysis is crucial for gathering the information required to build a complete picture of the behavior of an online user at a certain point in time and to produce evidence that may be used as evidence in court. Network packets complement other information sources, such as firewall logs or surveillance video, despite the fact that some people are uncertain regarding the validity of the information collected or rebuilt from packet data; in many cases, they are the only source that provides details about what happened during an Internet activity and who was involved in it. The potential of packets as evidence in forensic cases, as well to their limitations, have been described. This is because packet analysis associated with network forensics is different than other application areas, for instance, the detection of intrusion.

5. Conclusions

In this paper, a comprehensive literature review is conducted to show the security and privacy issues of 6G and beyond networks and to highlight the challenges. The study also demonstrates the characteristics, benefits, problems, and new open applications of IEC in 6G. Hence, a novel digital forensics system for 6G and beyond networks is proposed. The presented architecture is the initial proposed idea based on the issues that are extracted from the extensive literature. Cross-layer and technological techniques are applied for improved monitoring and keeping of digital records on multiple places. Furthermore, integrated AI mechanisms can further help in tackling zero-knowledge attacks and other network track analysis. The integration of multiple solutions as a hybrid model can provide an enhanced network forensics system to attain justified evidence where required. In future, we will generate results and compare the performance of the proposed architecture with the most recently implemented forensics architecture. Furthermore, according to the performance, the parameters will be updated, and multiple datasets will be applied.

Author Contributions

Conceptualization, A.A., K.S. and A.S.A.; methodology, A.A. and K.S.; software, A.A.; validation, A.A.; formal analysis, A.A.; investigation, A.A.; resources, A.A., K.S. and A.S.A.; writing original draft preparation, A.A. and K.S.; writing—review and editing, A.A., K.S. and A.S.A.; visualization, A.A., K.S. and A.S.A.; supervision, K.S. and A.S.A.; project administration, K.S. and A.S.A.; funding acquisition, K.S. and A.S.A. All authors have read and agreed to the published version of the manuscript.

Funding

This work was supported by the King Saud University, Riyadh, Saudi Arabia, under researchers supporting project number RSPD2023R697.

Institutional Review Board Statement

Not applicable.

Informed Consent Statement

Not applicable.

Data Availability Statement

No new data were created or analyzed in this study. Data sharing is not applicable to this article.

Acknowledgments

Thankful to the “Researchers Supporting Project number (RSPD2023R697), King Saud University, Riyadh, Saudi Arabia” for supporting the work.

Conflicts of Interest

The authors declare no conflict of interest.

References

  1. Pieterse, H. Assisting Digital Forensics Investigations by Identifying Social Communication Irregularities. In Proceedings of the European Conference on Information Warfare and Security, ECCWS, Dublin, Ireland, 29–30 June 2017; pp. 322–331. [Google Scholar]
  2. Latva-Aho, M.; Leppänen, K. Key Drivers and Research Challenges for 6G Ubiquitous Wireless Intelligence—6G Research Visions 1, September 2019. White Pap. 2019, 1, 1–36. [Google Scholar]
  3. Chen, W.; Lin, X.; Lee, J.; Toskala, A.; Sun, S.; Chiasserini, C.F.; Liu, L. 5G-Advanced Towards 6G: Past, Present, and Future. IEEE J. Sel. Areas Commun. 2023, 41, 1592–1619. [Google Scholar] [CrossRef]
  4. Asghar, M.Z.; Memon, S.A.; Hämäläinen, J. Evolution of Wireless Communication to 6G: Potential Applications and Research Directions. Sustainability 2022, 14, 6356. [Google Scholar] [CrossRef]
  5. Bhat, J.R.; Alqahtani, S.A. 6G Ecosystem: Current Status and Future Perspective. IEEE Access 2021, 9, 43134–43167. [Google Scholar] [CrossRef]
  6. Zong, B.; Fan, C.; Wang, X.; Duan, X.; Wang, B.; Wang, J. 6G Technologies: Key Drivers, Core Requirements, System Architectures, and Enabling Technologies. IEEE Veh. Technol. Mag. 2019, 14, 18–27. [Google Scholar] [CrossRef]
  7. Rekkas, V.P.; Sotiroudis, S.; Sarigiannidis, P.; Wan, S.; Karagiannidis, G.K.; Goudos, S.K. Machine Learning in beyond 5g/6g Networks—State-of-the-Art and Future Trends. Electronics 2021, 10, 2786. [Google Scholar] [CrossRef]
  8. Wang, M.; Zhu, T.; Zhang, T.; Zhang, J.; Yu, S.; Zhou, W. Security and Privacy in 6G Networks: New Areas and New Challenges. Digit. Commun. Netw. 2020, 6, 281–291. [Google Scholar] [CrossRef]
  9. Tenable. The Rise of the Business-Aligned Security Executive; Forrester: Cambridge, MA, USA, 2020. [Google Scholar]
  10. Mustafa, A.S.; Habbala, A. Toward 6G Network: Requirements, Key Technologies, and Challenges in Future Research. Comput. Netw. 2021, 194. [Google Scholar] [CrossRef]
  11. Prayudi, Y.; Ashari, A. A Study on Secure Communication for Digital Forensics Environment. Int. J. Sci. Eng. Res. 2015, 6, 1036–1043. [Google Scholar] [CrossRef]
  12. Meghanathan, N.; Allam, S.R.; Moore, L.A. Tools and Techniques for Network Forensics. Int. J. Netw. Secur. Its Appl. 2009, 1. [Google Scholar]
  13. Raghavan, S. Digital Forensic Research: Current State of the Art. CSI Trans. ICT 2013, 1, 91–114. [Google Scholar] [CrossRef]
  14. Agarwal, A.; Gupta, M.; Gupta, S.; Gupta, S.C. Systematic Digital Forensic Investigation Model. Int. J. Comput. Sci. Secur. 2011, 5, 118–131. [Google Scholar]
  15. Rekhis, S.; Krichene, J.; Boudriga, N. Forensic Investigation in Communication Networks Using Incomplete Digital Evidences. Int. J. Commun. Netw. Syst. Sci. 2009, 2, 857–873. [Google Scholar] [CrossRef]
  16. Porambage, P.; Gur, G.; Osorio, D.P.M.; Liyanage, M.; Gurtov, A.; Ylianttila, M. The Roadmap to 6G Security and Privacy. IEEE Open J. Commun. Soc. 2021, 2, 1094–1122. [Google Scholar] [CrossRef]
  17. Sikos, L.F. Packet Analysis for Network Forensics: A Comprehensive Survey. Forensic Sci. Int. Digit. Investig. 2020, 32, 200892. [Google Scholar] [CrossRef]
  18. Al-Ansi, A.; Al-Ansi, A.S.A.; Muthanna, A.; Elgendy, I.A.; Koucheryavy, A. Survey on Intelligence Edge Computing in 6G: Characteristics, Challenges, Potential Use Cases, and Market Drivers. Futur. Internet 2021, 13, 118. [Google Scholar] [CrossRef]
  19. Zhao, Y.; Zhai, W.; Zhao, J.; Zhang, T.; Sun, S.; Niyato, D.; Lam, K.-Y. A Comprehensive Survey of 6G Wireless Communications. arXiv Prepr. 2020, arXiv:2101.03889. [Google Scholar] [CrossRef]
  20. Qureshi, S.; Li, J.; Akhtar, F.; Tunio, S.; Khand, Z.H.; Wajahat, A. Analysis of Challenges in Modern Network Forensic Framework. Secur. Commun. Netw. 2021, 2021, 8871230. [Google Scholar] [CrossRef]
  21. Sharevski, F. Towards 5G Cellular Network Forensics. Eurasip J. Inf. Secur. 2018, 2018, 8. [Google Scholar] [CrossRef]
  22. Ngobeni, S.J. Digital Forensic Readiness for Wireless Local Area Networks. Ph.D. Thesis, University of Pretoria, Pretoria, South Africa, 2016. [Google Scholar]
  23. Li, S.; Qin, T.; Min, G. Blockchain-Based Digital Forensics Investigation Framework in the Internet of Things and Social Systems. IEEE Trans. Comput. Soc. Syst. 2019, 6, 1433–1441. [Google Scholar] [CrossRef]
  24. Lutui, P.R. Digital Forensic Process Model for Mobile Business Devices: Smart Technologies. Ph.D. Thesis, Auckland University of Technology, Auckland, New Zealand, 2015. [Google Scholar]
  25. DIng, F.; Zhu, G.; Alazab, M.; Li, X.; Yu, K. Deep-Learning-Empowered Digital Forensics for Edge Consumer Electronics in 5G HetNets. IEEE Consum. Electron. Mag. 2022, 11, 42–50. [Google Scholar] [CrossRef]
  26. Elhoseny, M.; Selim, M.M.; Shankar, K. Optimal Deep Learning Based Convolution Neural Network for Digital Forensics Face Sketch Synthesis in Internet of Things (IoT). Int. J. Mach. Learn. Cybern. 2020, 12, 3249–3260. [Google Scholar] [CrossRef]
  27. Zhang, X.; Upton, O.; Beebe, N.L.; Choo, K.K.R. IoT Botnet Forensics: A Comprehensive Digital Forensic Case Study on Mirai Botnet Servers. Forensic Sci. Int. Digit. Investig. 2020, 32, 300926. [Google Scholar] [CrossRef]
  28. Ali, M.I.; Kaur, S.; Khamparia, A.; Gupta, D.; Kumar, S.; Khanna, A.; Al-Turjman, F. Security Challenges and Cyber Forensic Ecosystem in IoT Driven BYOD Environment. IEEE Access 2020, 8, 172770–172782. [Google Scholar] [CrossRef]
  29. Thethi, N.; Keane, A. Digital Forensics Investigations in the Cloud. In Proceedings of the Souvenir of the 2014 IEEE International Advance Computing Conference, IACC 2014, Haryana, India, 21–22 February 2014; pp. 1475–1480. [Google Scholar] [CrossRef]
  30. Park, J.; Huh, E.N. ECLASS: Edge-Cloud-Log Assuring-Secrecy Scheme for Digital Forensics. Symmetry 2019, 11, 1192. [Google Scholar] [CrossRef]
  31. Sachdeva, S.; Ali, A. Machine Learning with Digital Forensics for Attack Classification in Cloud Network Environment. Int. J. Syst. Assur. Eng. Manag. 2022, 13, 156–165. [Google Scholar] [CrossRef]
Applsci 13 10861 g001
Figure 1. Process approach.
Figure 1. Process approach.
Applsci 13 10861 g001
Applsci 13 10861 g002
Figure 2. Flowchart of preparation/extraction.
Figure 2. Flowchart of preparation/extraction.
Applsci 13 10861 g002
Applsci 13 10861 g003
Figure 3. Flowchart of identification.
Figure 3. Flowchart of identification.
Applsci 13 10861 g003
Applsci 13 10861 g004
Figure 4. Flowchart of analysis.
Figure 4. Flowchart of analysis.
Applsci 13 10861 g004
Table 1. Comparison of DF Solutions.
Table 1. Comparison of DF Solutions.
Ref. NoType of NetworksIssuesAlgorithm UsedParameters/Metrics
[22]Wireless local area networksThe main challenge in WLAN DF is intercepting and preserving all mobile station communications to conduct a proper digital forensics investigation on them.Genetic algorithmsEffectiveness
Filter control
Flow graphs
[23]5G networksBlockchain-based DF investigation framework in IoT and social systemsBlockchain technologyIntegrity
Transparency
Traceability
Modeling
[24]Business networksModel of the digital forensics procedure for mobile business devices
Smart technology		PDDSBusiness data
[25]5G HetNetsConsumer electronics at the periphery of 5G HetNets using deep learning-enabled DFForensics algorithmsBandwidth spectrum
Velocity
[26]5G cellularConvolution neural network with optimal deep learning for DF FSS in IoTFSS, improved elephant herd optimization algorithmSurveillance videos
Performance of ODL-CNN
Peak signal-to-noise ratio
Structural similarity
[27]5G networksIncreasing interconnectivity to traditional networks, let alone to one another with the advent of 5G networks, highlight the need for IoT botnet forensicsIoTFrequency of DDoS attacks
[28]BYODSecurity challenges and cyber forensics ecosystem in IoT-driven BYOD environment5G and IoTVPN
[29]Cloud computingComparing collection durations for different storage sizes when obtaining data from cloud virtual machines utilizing remote acquisitionCloud computingHacking
Fraud
Scams
Money laundering
Industrial espionage
Prostitution
Abduction
Drug smuggling
Suicide assistance
Defamatory allegations
Cyber stalking
Cyber terrorism
[30]5G networksIn digital forensics investigations, user activity logs are critical pieces of evidence. Given virtualization technologies and the multitenancy environment, collecting user activity logs in cloud forensics is difficult, which can infringe user privacy when collecting logs.Edge–cloud log assuring secrecy schemeSecurity threats
[31]Cloud computingAttack categorization using ML and DF in a cloud computing environmentDDoS attackNeglected computer systems as attack traffic sources
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Alqabbani, A.; Saleem, K.; Almazyad, A.S. Digital Communication Forensics in 6G and beyond Networks. Appl. Sci. 2023, 13, 10861. https://doi.org/10.3390/app131910861

AMA Style

Alqabbani A, Saleem K, Almazyad AS. Digital Communication Forensics in 6G and beyond Networks. Applied Sciences. 2023; 13(19):10861. https://doi.org/10.3390/app131910861

Chicago/Turabian Style

Alqabbani, Albatool, Kashif Saleem, and Abdulaziz S. Almazyad. 2023. "Digital Communication Forensics in 6G and beyond Networks" Applied Sciences 13, no. 19: 10861. https://doi.org/10.3390/app131910861

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop