Intelligent IoT forensics: Secure evidence acquisition and autonomous intrusion detection

The rapid adoption of the Internet of Things (IoT) presents significant challenges to digital forensics, particularly in securing evidence acquisition and detecting intrusions. Traditional forensic methods struggle with the decentralized and heterogeneous nature of IoT environments, resulting in gaps in forensic investigations. This study presents the Forensic-Based (FB) Framework, an intelligent solution for secure evidence acquisition and autonomous intrusion detection in IoT environments. Designed with smartwatch-controlled automation and lightweight forensic logging, the framework utilizes a Python-based simulation and machine learning algorithms, including LSTM, to enable real-time anomaly detection and log analysis. The results demonstrate a 92% detection accuracy, a 350 ms response time, and superior performance compared to existing models. The framework ensures data integrity through hashing mechanisms and supports scalable, low-latency forensic investigations across smart environments. It offers practical benefits for digital investigators and security practitioners working with resource-constrained IoT systems.