Security of IoT Device: Perspective Forensic/Anti-Forensic Issues on Invalid Area of NAND Flash Memory

TL;DR

This paper investigates the forensic and anti-forensic challenges of NAND flash memory in IoT devices, proposing secure deletion methods and verification techniques to prevent residual data leaks and enhance privacy protection.

Contribution

It introduces a novel verification method for secure deletion in NAND flash memory based on cell count analysis, addressing forensic issues in IoT device data management.

Findings

Proposed a cell count-based verification technique for secure deletion

Demonstrated the effectiveness of the method in preventing data remnants

Highlighted the importance of secure deletion for privacy in IoT devices

Abstract

NAND flash memory-based IoT device can potentially still leave behind original personal data in an invalid area even if the data has been deleted. In this paper, we raise the forensic issue of original data remaining in unmanaged blocks caused by NAND flash memory and introduce methods for secure deletion of such data in the invalid area. We also propose a verification technique for secure deletion that is performed based on cell count information, which refers to the difference in bits between personal data and data stored in the block. The pass/fail of the verification technique according to the cell count information is determined in consideration of error correction capabilities. With the forensic issue of de-identification being a vital theme in the big data industry, the threat of serious privacy breaches coupled with our proposal to prevent these attacks will prove to be critical technological necessities in the future.