Weaponized IoT: A Comprehensive Comparative Forensic Analysis of Hacker Raspberry Pi and PC Kali Linux Machine Article Swipe
Mohamed Chahine Ghanem
,
Eduardo Almeida Palmieri
,
Wiktor Sowinski-Mydlarz
,
Sahar Al-Sudani
,
Dipo Dunsin
·
YOU?
·
· 2025
· Open Access
·
· DOI: https://doi.org/10.20944/preprints202501.0203.v2
YOU?
·
· 2025
· Open Access
·
· DOI: https://doi.org/10.20944/preprints202501.0203.v2
The proliferation of Internet of Things (IoT) devices has introduced new challenges for digital forensic investigators due to their diverse architectures, communication protocols, and security vulnerabilities. This research paper presents a case study focusing on the forensic investigation of an IoT device, specifically a Raspberry Pi configured with Kali Linux as a hacker machine. The study aims to highlight differences and challenges in investigating Weaponized IoT as well as establish a comprehensive methodology to analyse IoT devices involved in cyber incidents. The investigation begins with the acquisition of digital evidence from the Raspberry Pi device, including volatile memory, and disk images. Various forensic tools and utilities are utilized to extract and analyse data, tools such as Exterro FTK, Magnet AXIOM and open-source tools such as and Volatility, Wireshark, Autopsy. The analysis encompasses examining system artefacts, log files, installed applications, and network connections to reconstruct the device's activities and identify potential evidence proving that the user perpetuated security breaches or malicious activities. The findings of this research contribute to the advancement of IoT forensic capabilities by providing insights into the methodologies and best practices for investigating IoT devices, particularly those configured as hacker machines. The case study serves as a practical demonstration of the forensic techniques applicable to IoT environments, facilitating the development of protocols, standards, and training programs for IoT forensic investigators. Ultimately, enhancing forensic readiness in IoT deployments is essential for mitigating cyber threats, preserving digital evidence, and ensuring the integrity of IoT ecosystems.
Related Topics
Concepts
Metadata
- Type
- preprint
- Language
- en
- Landing Page
- https://doi.org/10.20944/preprints202501.0203.v2
- OA Status
- green
- Related Works
- 10
- OpenAlex ID
- https://openalex.org/W4406185373
All OpenAlex metadata
Raw OpenAlex JSON
- OpenAlex ID
-
https://openalex.org/W4406185373Canonical identifier for this work in OpenAlex
- DOI
-
https://doi.org/10.20944/preprints202501.0203.v2Digital Object Identifier
- Title
-
Weaponized IoT: A Comprehensive Comparative Forensic Analysis of Hacker Raspberry Pi and PC Kali Linux MachineWork title
- Type
-
preprintOpenAlex work type
- Language
-
enPrimary language
- Publication year
-
2025Year of publication
- Publication date
-
2025-01-08Full publication date if available
- Authors
-
Mohamed Chahine Ghanem, Eduardo Almeida Palmieri, Wiktor Sowinski-Mydlarz, Sahar Al-Sudani, Dipo DunsinList of authors in order
- Landing page
-
https://doi.org/10.20944/preprints202501.0203.v2Publisher landing page
- Open access
-
YesWhether a free full text is available
- OA status
-
greenOpen access status per OpenAlex
- OA URL
-
https://doi.org/10.20944/preprints202501.0203.v2Direct OA link when available
- Concepts
-
Kali, Hacker, Raspberry pi, Operating system, Computer science, Internet of Things, Embedded system, Biology, BotanyTop concepts (fields/topics) attached by OpenAlex
- Cited by
-
0Total citation count in OpenAlex
- Related works (count)
-
10Other works algorithmically related by OpenAlex
Full payload
| id | https://openalex.org/W4406185373 |
|---|---|
| doi | https://doi.org/10.20944/preprints202501.0203.v2 |
| ids.doi | https://doi.org/10.20944/preprints202501.0203.v2 |
| ids.openalex | https://openalex.org/W4406185373 |
| fwci | 0.0 |
| type | preprint |
| title | Weaponized IoT: A Comprehensive Comparative Forensic Analysis of Hacker Raspberry Pi and PC Kali Linux Machine |
| biblio.issue | |
| biblio.volume | |
| biblio.last_page | |
| biblio.first_page | |
| topics[0].id | https://openalex.org/T12034 |
| topics[0].field.id | https://openalex.org/fields/17 |
| topics[0].field.display_name | Computer Science |
| topics[0].score | 0.9968000054359436 |
| topics[0].domain.id | https://openalex.org/domains/3 |
| topics[0].domain.display_name | Physical Sciences |
| topics[0].subfield.id | https://openalex.org/subfields/1710 |
| topics[0].subfield.display_name | Information Systems |
| topics[0].display_name | Digital and Cyber Forensics |
| topics[1].id | https://openalex.org/T11241 |
| topics[1].field.id | https://openalex.org/fields/17 |
| topics[1].field.display_name | Computer Science |
| topics[1].score | 0.9887999892234802 |
| topics[1].domain.id | https://openalex.org/domains/3 |
| topics[1].domain.display_name | Physical Sciences |
| topics[1].subfield.id | https://openalex.org/subfields/1711 |
| topics[1].subfield.display_name | Signal Processing |
| topics[1].display_name | Advanced Malware Detection Techniques |
| topics[2].id | https://openalex.org/T12357 |
| topics[2].field.id | https://openalex.org/fields/17 |
| topics[2].field.display_name | Computer Science |
| topics[2].score | 0.9584000110626221 |
| topics[2].domain.id | https://openalex.org/domains/3 |
| topics[2].domain.display_name | Physical Sciences |
| topics[2].subfield.id | https://openalex.org/subfields/1707 |
| topics[2].subfield.display_name | Computer Vision and Pattern Recognition |
| topics[2].display_name | Digital Media Forensic Detection |
| is_xpac | False |
| apc_list | |
| apc_paid | |
| concepts[0].id | https://openalex.org/C2777629366 |
| concepts[0].level | 2 |
| concepts[0].score | 0.821056604385376 |
| concepts[0].wikidata | https://www.wikidata.org/wiki/Q292351 |
| concepts[0].display_name | Kali |
| concepts[1].id | https://openalex.org/C86844869 |
| concepts[1].level | 2 |
| concepts[1].score | 0.7800475358963013 |
| concepts[1].wikidata | https://www.wikidata.org/wiki/Q2798820 |
| concepts[1].display_name | Hacker |
| concepts[2].id | https://openalex.org/C2985745059 |
| concepts[2].level | 3 |
| concepts[2].score | 0.7341513633728027 |
| concepts[2].wikidata | https://www.wikidata.org/wiki/Q245 |
| concepts[2].display_name | Raspberry pi |
| concepts[3].id | https://openalex.org/C111919701 |
| concepts[3].level | 1 |
| concepts[3].score | 0.5422737002372742 |
| concepts[3].wikidata | https://www.wikidata.org/wiki/Q9135 |
| concepts[3].display_name | Operating system |
| concepts[4].id | https://openalex.org/C41008148 |
| concepts[4].level | 0 |
| concepts[4].score | 0.46471795439720154 |
| concepts[4].wikidata | https://www.wikidata.org/wiki/Q21198 |
| concepts[4].display_name | Computer science |
| concepts[5].id | https://openalex.org/C81860439 |
| concepts[5].level | 2 |
| concepts[5].score | 0.4452960789203644 |
| concepts[5].wikidata | https://www.wikidata.org/wiki/Q251212 |
| concepts[5].display_name | Internet of Things |
| concepts[6].id | https://openalex.org/C149635348 |
| concepts[6].level | 1 |
| concepts[6].score | 0.31760215759277344 |
| concepts[6].wikidata | https://www.wikidata.org/wiki/Q193040 |
| concepts[6].display_name | Embedded system |
| concepts[7].id | https://openalex.org/C86803240 |
| concepts[7].level | 0 |
| concepts[7].score | 0.0517408549785614 |
| concepts[7].wikidata | https://www.wikidata.org/wiki/Q420 |
| concepts[7].display_name | Biology |
| concepts[8].id | https://openalex.org/C59822182 |
| concepts[8].level | 1 |
| concepts[8].score | 0.04967433214187622 |
| concepts[8].wikidata | https://www.wikidata.org/wiki/Q441 |
| concepts[8].display_name | Botany |
| keywords[0].id | https://openalex.org/keywords/kali |
| keywords[0].score | 0.821056604385376 |
| keywords[0].display_name | Kali |
| keywords[1].id | https://openalex.org/keywords/hacker |
| keywords[1].score | 0.7800475358963013 |
| keywords[1].display_name | Hacker |
| keywords[2].id | https://openalex.org/keywords/raspberry-pi |
| keywords[2].score | 0.7341513633728027 |
| keywords[2].display_name | Raspberry pi |
| keywords[3].id | https://openalex.org/keywords/operating-system |
| keywords[3].score | 0.5422737002372742 |
| keywords[3].display_name | Operating system |
| keywords[4].id | https://openalex.org/keywords/computer-science |
| keywords[4].score | 0.46471795439720154 |
| keywords[4].display_name | Computer science |
| keywords[5].id | https://openalex.org/keywords/internet-of-things |
| keywords[5].score | 0.4452960789203644 |
| keywords[5].display_name | Internet of Things |
| keywords[6].id | https://openalex.org/keywords/embedded-system |
| keywords[6].score | 0.31760215759277344 |
| keywords[6].display_name | Embedded system |
| keywords[7].id | https://openalex.org/keywords/biology |
| keywords[7].score | 0.0517408549785614 |
| keywords[7].display_name | Biology |
| keywords[8].id | https://openalex.org/keywords/botany |
| keywords[8].score | 0.04967433214187622 |
| keywords[8].display_name | Botany |
| language | en |
| locations[0].id | doi:10.20944/preprints202501.0203.v2 |
| locations[0].is_oa | True |
| locations[0].source.id | https://openalex.org/S6309402219 |
| locations[0].source.issn | |
| locations[0].source.type | repository |
| locations[0].source.is_oa | True |
| locations[0].source.issn_l | |
| locations[0].source.is_core | False |
| locations[0].source.is_in_doaj | False |
| locations[0].source.display_name | Preprints.org |
| locations[0].source.host_organization | |
| locations[0].source.host_organization_name | |
| locations[0].source.host_organization_lineage | https://openalex.org/P4310310987 |
| locations[0].source.host_organization_lineage_names | Multidisciplinary Digital Publishing Institute |
| locations[0].license | cc-by |
| locations[0].pdf_url | |
| locations[0].version | acceptedVersion |
| locations[0].raw_type | posted-content |
| locations[0].license_id | https://openalex.org/licenses/cc-by |
| locations[0].is_accepted | True |
| locations[0].is_published | False |
| locations[0].raw_source_name | |
| locations[0].landing_page_url | https://doi.org/10.20944/preprints202501.0203.v2 |
| indexed_in | crossref |
| authorships[0].author.id | https://openalex.org/A5101549630 |
| authorships[0].author.orcid | https://orcid.org/0000-0002-7067-7848 |
| authorships[0].author.display_name | Mohamed Chahine Ghanem |
| authorships[0].author_position | first |
| authorships[0].raw_author_name | Mohamed Chahine Ghanem |
| authorships[0].is_corresponding | False |
| authorships[1].author.id | https://openalex.org/A5115788287 |
| authorships[1].author.orcid | |
| authorships[1].author.display_name | Eduardo Almeida Palmieri |
| authorships[1].author_position | middle |
| authorships[1].raw_author_name | Eduardo Almeida Palmieri |
| authorships[1].is_corresponding | False |
| authorships[2].author.id | https://openalex.org/A5114336303 |
| authorships[2].author.orcid | |
| authorships[2].author.display_name | Wiktor Sowinski-Mydlarz |
| authorships[2].author_position | middle |
| authorships[2].raw_author_name | Wiktor Sowinski-Mydlarz |
| authorships[2].is_corresponding | False |
| authorships[3].author.id | https://openalex.org/A5115788288 |
| authorships[3].author.orcid | |
| authorships[3].author.display_name | Sahar Al-Sudani |
| authorships[3].author_position | middle |
| authorships[3].raw_author_name | Sahar Al-Sudani |
| authorships[3].is_corresponding | False |
| authorships[4].author.id | https://openalex.org/A5025816613 |
| authorships[4].author.orcid | https://orcid.org/0009-0009-7376-0477 |
| authorships[4].author.display_name | Dipo Dunsin |
| authorships[4].author_position | last |
| authorships[4].raw_author_name | Dipo Dunsin |
| authorships[4].is_corresponding | False |
| has_content.pdf | False |
| has_content.grobid_xml | False |
| is_paratext | False |
| open_access.is_oa | True |
| open_access.oa_url | https://doi.org/10.20944/preprints202501.0203.v2 |
| open_access.oa_status | green |
| open_access.any_repository_has_fulltext | False |
| created_date | 2025-10-10T00:00:00 |
| display_name | Weaponized IoT: A Comprehensive Comparative Forensic Analysis of Hacker Raspberry Pi and PC Kali Linux Machine |
| has_fulltext | False |
| is_retracted | False |
| updated_date | 2025-11-06T03:46:38.306776 |
| primary_topic.id | https://openalex.org/T12034 |
| primary_topic.field.id | https://openalex.org/fields/17 |
| primary_topic.field.display_name | Computer Science |
| primary_topic.score | 0.9968000054359436 |
| primary_topic.domain.id | https://openalex.org/domains/3 |
| primary_topic.domain.display_name | Physical Sciences |
| primary_topic.subfield.id | https://openalex.org/subfields/1710 |
| primary_topic.subfield.display_name | Information Systems |
| primary_topic.display_name | Digital and Cyber Forensics |
| related_works | https://openalex.org/W577659537, https://openalex.org/W1547909849, https://openalex.org/W1138682028, https://openalex.org/W2113553913, https://openalex.org/W3083176566, https://openalex.org/W2277237559, https://openalex.org/W1564974942, https://openalex.org/W2955233056, https://openalex.org/W4385672676, https://openalex.org/W3019147085 |
| cited_by_count | 0 |
| locations_count | 1 |
| best_oa_location.id | doi:10.20944/preprints202501.0203.v2 |
| best_oa_location.is_oa | True |
| best_oa_location.source.id | https://openalex.org/S6309402219 |
| best_oa_location.source.issn | |
| best_oa_location.source.type | repository |
| best_oa_location.source.is_oa | True |
| best_oa_location.source.issn_l | |
| best_oa_location.source.is_core | False |
| best_oa_location.source.is_in_doaj | False |
| best_oa_location.source.display_name | Preprints.org |
| best_oa_location.source.host_organization | |
| best_oa_location.source.host_organization_name | |
| best_oa_location.source.host_organization_lineage | https://openalex.org/P4310310987 |
| best_oa_location.source.host_organization_lineage_names | Multidisciplinary Digital Publishing Institute |
| best_oa_location.license | cc-by |
| best_oa_location.pdf_url | |
| best_oa_location.version | acceptedVersion |
| best_oa_location.raw_type | posted-content |
| best_oa_location.license_id | https://openalex.org/licenses/cc-by |
| best_oa_location.is_accepted | True |
| best_oa_location.is_published | False |
| best_oa_location.raw_source_name | |
| best_oa_location.landing_page_url | https://doi.org/10.20944/preprints202501.0203.v2 |
| primary_location.id | doi:10.20944/preprints202501.0203.v2 |
| primary_location.is_oa | True |
| primary_location.source.id | https://openalex.org/S6309402219 |
| primary_location.source.issn | |
| primary_location.source.type | repository |
| primary_location.source.is_oa | True |
| primary_location.source.issn_l | |
| primary_location.source.is_core | False |
| primary_location.source.is_in_doaj | False |
| primary_location.source.display_name | Preprints.org |
| primary_location.source.host_organization | |
| primary_location.source.host_organization_name | |
| primary_location.source.host_organization_lineage | https://openalex.org/P4310310987 |
| primary_location.source.host_organization_lineage_names | Multidisciplinary Digital Publishing Institute |
| primary_location.license | cc-by |
| primary_location.pdf_url | |
| primary_location.version | acceptedVersion |
| primary_location.raw_type | posted-content |
| primary_location.license_id | https://openalex.org/licenses/cc-by |
| primary_location.is_accepted | True |
| primary_location.is_published | False |
| primary_location.raw_source_name | |
| primary_location.landing_page_url | https://doi.org/10.20944/preprints202501.0203.v2 |
| publication_date | 2025-01-08 |
| publication_year | 2025 |
| referenced_works_count | 0 |
| abstract_inverted_index.a | 30, 43, 51, 70, 198 |
| abstract_inverted_index.Pi | 45, 93 |
| abstract_inverted_index.an | 39 |
| abstract_inverted_index.as | 50, 66, 68, 115, 124, 190, 197 |
| abstract_inverted_index.by | 174 |
| abstract_inverted_index.in | 62, 78, 226 |
| abstract_inverted_index.is | 229 |
| abstract_inverted_index.of | 2, 4, 38, 87, 163, 170, 201, 212, 242 |
| abstract_inverted_index.on | 34 |
| abstract_inverted_index.or | 158 |
| abstract_inverted_index.to | 17, 57, 73, 108, 142, 167, 206 |
| abstract_inverted_index.IoT | 40, 65, 75, 171, 185, 207, 219, 227, 243 |
| abstract_inverted_index.The | 0, 54, 81, 129, 161, 193 |
| abstract_inverted_index.and | 23, 60, 98, 104, 110, 120, 125, 139, 147, 180, 215, 238 |
| abstract_inverted_index.are | 106 |
| abstract_inverted_index.due | 16 |
| abstract_inverted_index.for | 12, 183, 218, 231 |
| abstract_inverted_index.has | 8 |
| abstract_inverted_index.log | 135 |
| abstract_inverted_index.new | 10 |
| abstract_inverted_index.the | 35, 85, 91, 144, 153, 168, 178, 202, 210, 240 |
| abstract_inverted_index.FTK, | 117 |
| abstract_inverted_index.Kali | 48 |
| abstract_inverted_index.This | 26 |
| abstract_inverted_index.aims | 56 |
| abstract_inverted_index.best | 181 |
| abstract_inverted_index.case | 31, 194 |
| abstract_inverted_index.disk | 99 |
| abstract_inverted_index.from | 90 |
| abstract_inverted_index.into | 177 |
| abstract_inverted_index.such | 114, 123 |
| abstract_inverted_index.that | 152 |
| abstract_inverted_index.this | 164 |
| abstract_inverted_index.user | 154 |
| abstract_inverted_index.well | 67 |
| abstract_inverted_index.with | 47, 84 |
| abstract_inverted_index.(IoT) | 6 |
| abstract_inverted_index.AXIOM | 119 |
| abstract_inverted_index.Linux | 49 |
| abstract_inverted_index.cyber | 79, 233 |
| abstract_inverted_index.data, | 112 |
| abstract_inverted_index.paper | 28 |
| abstract_inverted_index.study | 32, 55, 195 |
| abstract_inverted_index.their | 18 |
| abstract_inverted_index.those | 188 |
| abstract_inverted_index.tools | 103, 113, 122 |
| abstract_inverted_index.Magnet | 118 |
| abstract_inverted_index.Things | 5 |
| abstract_inverted_index.begins | 83 |
| abstract_inverted_index.files, | 136 |
| abstract_inverted_index.hacker | 52, 191 |
| abstract_inverted_index.serves | 196 |
| abstract_inverted_index.system | 133 |
| abstract_inverted_index.Exterro | 116 |
| abstract_inverted_index.Various | 101 |
| abstract_inverted_index.analyse | 74, 111 |
| abstract_inverted_index.device, | 41, 94 |
| abstract_inverted_index.devices | 7, 76 |
| abstract_inverted_index.digital | 13, 88, 236 |
| abstract_inverted_index.diverse | 19 |
| abstract_inverted_index.extract | 109 |
| abstract_inverted_index.images. | 100 |
| abstract_inverted_index.memory, | 97 |
| abstract_inverted_index.network | 140 |
| abstract_inverted_index.proving | 151 |
| abstract_inverted_index.Autopsy. | 128 |
| abstract_inverted_index.Internet | 3 |
| abstract_inverted_index.analysis | 130 |
| abstract_inverted_index.breaches | 157 |
| abstract_inverted_index.device's | 145 |
| abstract_inverted_index.devices, | 186 |
| abstract_inverted_index.ensuring | 239 |
| abstract_inverted_index.evidence | 89, 150 |
| abstract_inverted_index.findings | 162 |
| abstract_inverted_index.focusing | 33 |
| abstract_inverted_index.forensic | 14, 36, 102, 172, 203, 220, 224 |
| abstract_inverted_index.identify | 148 |
| abstract_inverted_index.insights | 176 |
| abstract_inverted_index.involved | 77 |
| abstract_inverted_index.machine. | 53 |
| abstract_inverted_index.presents | 29 |
| abstract_inverted_index.programs | 217 |
| abstract_inverted_index.research | 27, 165 |
| abstract_inverted_index.security | 24, 156 |
| abstract_inverted_index.threats, | 234 |
| abstract_inverted_index.training | 216 |
| abstract_inverted_index.utilized | 107 |
| abstract_inverted_index.volatile | 96 |
| abstract_inverted_index.Raspberry | 44, 92 |
| abstract_inverted_index.enhancing | 223 |
| abstract_inverted_index.essential | 230 |
| abstract_inverted_index.establish | 69 |
| abstract_inverted_index.evidence, | 237 |
| abstract_inverted_index.examining | 132 |
| abstract_inverted_index.highlight | 58 |
| abstract_inverted_index.including | 95 |
| abstract_inverted_index.installed | 137 |
| abstract_inverted_index.integrity | 241 |
| abstract_inverted_index.machines. | 192 |
| abstract_inverted_index.malicious | 159 |
| abstract_inverted_index.potential | 149 |
| abstract_inverted_index.practical | 199 |
| abstract_inverted_index.practices | 182 |
| abstract_inverted_index.providing | 175 |
| abstract_inverted_index.readiness | 225 |
| abstract_inverted_index.utilities | 105 |
| abstract_inverted_index.Weaponized | 64 |
| abstract_inverted_index.Wireshark, | 127 |
| abstract_inverted_index.activities | 146 |
| abstract_inverted_index.applicable | 205 |
| abstract_inverted_index.artefacts, | 134 |
| abstract_inverted_index.challenges | 11, 61 |
| abstract_inverted_index.configured | 46, 189 |
| abstract_inverted_index.contribute | 166 |
| abstract_inverted_index.incidents. | 80 |
| abstract_inverted_index.introduced | 9 |
| abstract_inverted_index.mitigating | 232 |
| abstract_inverted_index.preserving | 235 |
| abstract_inverted_index.protocols, | 22, 213 |
| abstract_inverted_index.standards, | 214 |
| abstract_inverted_index.techniques | 204 |
| abstract_inverted_index.Ultimately, | 222 |
| abstract_inverted_index.Volatility, | 126 |
| abstract_inverted_index.acquisition | 86 |
| abstract_inverted_index.activities. | 160 |
| abstract_inverted_index.advancement | 169 |
| abstract_inverted_index.connections | 141 |
| abstract_inverted_index.deployments | 228 |
| abstract_inverted_index.development | 211 |
| abstract_inverted_index.differences | 59 |
| abstract_inverted_index.ecosystems. | 244 |
| abstract_inverted_index.encompasses | 131 |
| abstract_inverted_index.methodology | 72 |
| abstract_inverted_index.open-source | 121 |
| abstract_inverted_index.perpetuated | 155 |
| abstract_inverted_index.reconstruct | 143 |
| abstract_inverted_index.capabilities | 173 |
| abstract_inverted_index.facilitating | 209 |
| abstract_inverted_index.particularly | 187 |
| abstract_inverted_index.specifically | 42 |
| abstract_inverted_index.applications, | 138 |
| abstract_inverted_index.communication | 21 |
| abstract_inverted_index.comprehensive | 71 |
| abstract_inverted_index.demonstration | 200 |
| abstract_inverted_index.environments, | 208 |
| abstract_inverted_index.investigating | 63, 184 |
| abstract_inverted_index.investigation | 37, 82 |
| abstract_inverted_index.investigators | 15 |
| abstract_inverted_index.methodologies | 179 |
| abstract_inverted_index.proliferation | 1 |
| abstract_inverted_index.architectures, | 20 |
| abstract_inverted_index.investigators. | 221 |
| abstract_inverted_index.vulnerabilities. | 25 |
| cited_by_percentile_year | |
| countries_distinct_count | 0 |
| institutions_distinct_count | 5 |
| sustainable_development_goals[0].id | https://metadata.un.org/sdg/16 |
| sustainable_development_goals[0].score | 0.5199999809265137 |
| sustainable_development_goals[0].display_name | Peace, Justice and strong institutions |
| citation_normalized_percentile.value | 0.00593501 |
| citation_normalized_percentile.is_in_top_1_percent | False |
| citation_normalized_percentile.is_in_top_10_percent | True |