Phases of digital forensics. Credit: International Journal of Electronic Security and Digital Forensics (2026). DOI: 10.1504/ijesdf.2026.150991

A new forensic framework designed specifically for the Internet of Things (IoT) is discussed in the International Journal of Electronic Security and Digital Forensics. This deep learning-driven system offers benefits over earlier approaches in detecting and reconstructing cyberattacks on components of the vast network of connected sensors, appliances and machines. It achieves an accuracy of almost 98%, according to the researchers, and cuts analysis time by more than three-quarters.

There has been a sharp rise in malware aimed at IoT environments. Standard digital forensics tools struggle in this space with the volume, diversity, and the enormous and constant flow of data. The researchers suggest that existing methods, built for relatively static computers and servers, are increasingly mismatched to the IoT world. Given that IoT systems now underpin a lot of transport networks, domestic technologies, and urban infrastructure, they will be increasingly vulnerable unless security systems can keep up.

At the heart of this new approach is a hybrid deep learning model that includes a convolutional neural network. This can identify patterns in data using its long short-term memory architecture. When applied to IoT network traffic, the system can detect the subtle signatures of a cyberattack as they evolve over time, rather than simply spotting isolated events.

The team has improved performance by refining the detection approach with a so-called particle swarm optimization. This technique was inspired by collective behavior in nature, such as starling murmurations, and honeybee swarming. It can dynamically adjust the detection parameters to home in on the optimal approach without heavily increasing computational cost. This is particularly important for protecting IoT devices, many of which operate with limited processing power and low energy budgets.

Tests conducted across simulated vehicle networks, smart homes, and smart city infrastructures showed that the model works better than existing forensic tools. It is faster and more accurate, but also has the ability to trace and classify multiple forms of cyberattack.

More information: Waad Almadud et al, Efficient digital forensics in the IoT environment: a hybrid framework using deep-federated learning, International Journal of Electronic Security and Digital Forensics (2026). DOI: 10.1504/ijesdf.2026.150991

Citation: Forensic system cuts IoT attack analysis time by three-quarters (2026, January 15) retrieved 15 January 2026 from https://techxplore.com/news/2026-01-forensic-iot-analysis-quarters.html

This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.