Introduction
The article Digital Forensic Analysis of Fitbit examines how data is collected from the Fitbit devices, its extraction with the purpose of conducting a forensic analysis, and its examination using open-source tools. Thus, researchers have conducted the study with the hypothesis that open-source tools can be effective in forensic data investigation of Fitbit devices comparable to specialized tools commonly used in the domain of forensic science. For the research question to be addressed, Almogbil et al. [1] chose Autopsy Sleuth Kit and Bulk Extractor Viewer to gain access to Fitbit users’ information before scrutinizing it for a comprehensive conclusion. According to MacDermott et al. [2], Fitbits store data for 31 days, which allowed the authors of the study to have enough data. The importance of the hypothesis, as highlighted by Odom et al. [3], is highlighted by the lack of guidelines for investigators in regards to smartwatches in comparison to smartphones and laptops. Thus, the question examined by the authors of the article has practical significance.
Methodology
Supervised Learning to Detect DDoS Attacks is an article that examines how supervised learning techniques and detection systems explore backscatter darknet traffic in terms of effectiveness and timing. The question that Balkanli et al. [4] chose to analyze was which one of the classifiers (CART Decision Tree or Naïve Bayes) and NIDSs (Bro v2.2 or Corsaro v2.0.0 is more proficient in regards to their performances in effectively and quickly detecting attacks. The same question has been extensively analyzed in another research with similar motives by Kim [5]. Bindra and Sood [6] also concluded that machine-learning techniques are accurate in detecting such issues. The comparison of the results and the analyses of the data as a result of the research gave the authors of the article a conclusion in regards to the methodology that has evidence-based results in being more effective.
Both pieces of research rely on the methodology of using derived quantitative data compiled through existing databases. The study examining Fitbit in terms of forensic research used VMWare Workstation Pro to structurize the data population. Moreover, the Fitbit application itself was downloaded and synchronized on all user devices. The researchers used publicly available information from Autopsy 4.10.0 due to the fact that the aim was to investigate whether open sources are enough for a comprehensive forensic examination. MacDermott et al. [2], however, have pointed out that information available on Autopsy was often non-readable. Nonetheless, the authors of the article managed to gain access to enough data, illustrating the usefulness of using public platforms, which Dawson & Akinbi [7] mention to be easier to decode. The researchers who examined the detection of DDoS attacks also chose to rely on existing and publicly available data from CAIDA’s archive.
Controversial Findings
Instead of using newer information as the authors of the previous study, this research used information gathered from November 2008. This was the time when extensive internet attacks took place, now evident from the database that has been examined. Researchers used more than 1,000,000 packets to experiment. The tools studied were Decision Tree and Naive Baye Here, as well as Corsaro and Bro in regards to processing time, rules, features, and effectiveness. Polat et al. [8], however, highlight that Naïve Baye and Decision Tree, in particular, are often performing differently based on the subject that is being examined. For example, Yadav and Thareja [9] found Naïve Baye to be a more accurate tool. On the other hand, the findings of Rahmadani et al. [10] suggest that the Decision Tree is superior in terms of data analysis. The research in question found Decision Tree to be more accurate and time-effective to use. The study examining Fitbits is also controversial due to the ambiguous opinions on the efficacy of using data acquired from smartwatches as reliable forensic evidence. According to Feehan et al. [11], the devices are too often compromised, which is why the data is not accurate. This may limit the investigators in using Fitbits for data identification in the first place, which is also supported by Reid et al. [12]. Thus, the study becomes limited in having importance in the domain of forensic science.
Importance
Both researchers are important due to the problems that correlate with a lack of solutions to the problems assessed during the studies. For example, Khuphiran et al. [13] consider DDoS attacks as the most time and financially costly IT problems. Furthermore, Yoon and Karabiyik [14] refer to the importance of police officers being up-to-date with new devices for gathering evidence as being critical due to the fast technological advancement. Moreover, Sunde and Dror [15] suggest this minimizes the risk of human error since the extensive use of technology in forensics simplifies the investigation process. Both researchers rely on publicly available data. However, the one examining detection of DDoS attacks used relatively old information from 2009. This, however, does not compromise the research since the attacks that have remained in the database do not significantly differ from one’s occurring nowadays. The two studies, while similar in methodologies are different in regards to the design. While one provides a guideline for obtaining, storing, and using data obtained from Fitbits, the other observes the best ways to detect DDoS attacks by comparing the timing and accuracy of applying different techniques.
References
[1] A. Almogbil, A. Alghofaili, C. Deane, T. Leschke, A. Almogbil, and A. Alghofaili, “The accuracy of GPS-enabled Fitbit activities as evidence: A Digital Forensics Study,” 2020 7th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/2020 6th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom), 2020.
[2] A. MacDermott, S. Lea, F. Iqbal, I. Idowu, and B. Shah, “Forensic analysis of wearable devices: Fitbit, Garmin and HETP watches,” 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS), 2019.
[3] N. Odom, J. Lindmar, J. Hirt, and J. Brunty, “Forensic inspection of Sensitive User Data and artifacts from Smartwatch Wearable Devices,” Journal of Forensic Sciences, vol. 64, no. 6, pp. 1673–1686, 2019.
[4] E. Balkanli, J. Alves, and A. N. Zincir-Heywood, “Supervised learning to detect DDoS attacks,” 2014 IEEE Symposium on Computational Intelligence in Cyber Security (CICS), 2014.
[5] M. Kim, “Supervised learning‐based DDoS attacks detection: Tuning hyperparameters,” ETRI Journal, vol. 41, no. 5, pp. 560–573, 2019.
[6] N. Bindra and M. Sood, “Detecting DDoS attacks using machine learning techniques and contemporary Intrusion detection dataset,” Automatic Control and Computer Sciences, vol. 53, no. 5, pp. 419–428, 2019.
[7] L. Dawson and A. Akinbi, “Challenges and opportunities for wearable IOT forensics: Tomtom SPARK 3 as a case study,” Forensic Science International: Reports, vol. 3, p. 100198, 2021.
[8] H. Polat, O. Polat, and A. Cetin, “Detecting DDoS attacks in software-defined networks through feature selection methods and Machine Learning Models,” Sustainability, vol. 12, no. 3, p. 1035, 2020.
[9] K. Yadav and R. Thareja, “Comparing the performance of naive Bayes and decision tree classification using R,” International Journal of Intelligent Systems and Applications, vol. 11, no. 12, pp. 11–19, 2019.
[10] S. Rahmani, A. Dongoran, M. Zarlis, and Zakarias, “Comparison of naive Bayes and decision tree on feature selection using genetic algorithm for classification problem,” Journal of Physics: Conference Series, vol. 978, p. 012087, 2018.
[11] L. M. Feehan, J. Geldman, E. C. Sayre, C. Park, A. M. Ezzat, J. Y. Yoo, C. B. Hamilton, and L. C. Li, “Accuracy of Fitbit devices: Systematic review and narrative syntheses of quantitative data,” JMIR mHealth and uHealth, vol. 6, no. 8, 2018.
[12] R. E. R. Reid, J. A. Insogna, T. E. Carver, A. M. Comptour, N. A. Bewski, C. Sciortino, and R. E. Andersen, “Validity and reliability of Fitbit activity monitors compared to actigraph GT3X+ with female adults in a free-living environment,” Journal of Science and Medicine in Sport, vol. 20, no. 6, pp. 578–582, 2017.
[13] P. Khuphiran, P. Leelaprute, P. Uthayopas, K. Ichikawa, and W. Watanakeesuntorn, “Performance comparison of machine learning models for DDoS attacks detection,” 2018 22nd International Computer Science and Engineering Conference (ICSEC), 2018.
[14] Y. H. Yoon and U. Karabiyik, “Forensic analysis of Fitbit Versa 2 data on Android,” Electronics, vol. 9, no. 9, p. 1431, 2020.
[15] N. Sunde and I. E. Dror, “Cognitive and human factors in digital forensics: Problems, Challenges, and the way forward,” Digital Investigation, vol. 29, pp. 101–108, 2019.