An Enhanced Blockchain-Based IoT Digital Forensics Architecture Using Fuzzy Hash

Due to businesses’ growing use of IoT services in their day-to-day operations and the increased use of smart devices, digital forensic investigations involving such systems will need increasingly sophisticated digital evidence collection and processing. The majority of IoT systems are composed of disparate software and hardware components, which may pose security and privacy concerns. Recently, blockchain technology was presented as one of the options for achieving IoT security via the use of an immutable ledger, a decentralized architecture, and strong cryptographic primitives. Integrating blockchain platforms with IoT-based applications, on the other hand, poses a number of difficulties owing to the trustworthiness, integrity, and real-time responsiveness of IoT data. However, certain IoT devices may be incompatible with existing blockchain-based IoT forensic methods for additional digital evidence processing owing to their usage of conventional hash. A critical feature of cryptographic hash functions is that even if just one bit of the input is altered, the output acts pseudo-randomly, making it impossible to identify identical files. However, in the field of computer forensics, it is essential to locate comparable files (e.g., various versions of a file); therefore, we need a hash function that preserves similarity. It is getting more difficult to establish how forensic investigators might utilize traces from such devices. To effectively deal with IoT digital forensics applications, this article presents an improved blockchain-based IoT digital forensics architecture that uses the fuzzy hash to construct the Blockchain’s Merkle tree in addition to the conventional hash for authentication. Fuzzy hashing enables the identification of potentially damning documents that might otherwise remain undiscovered using conventional hashing techniques. By comparing blocks/files to all nodes in the blockchain network using fuzzy hash similarity, the digital forensics investigator will be able to verify their authenticity. To support the proof of concept, we simulated the suggested model.