| | Traditional digital forensics | IoT forensics |
| Source of evidence | Traditional storage media such as computers, mobile phones, USB flash drives, cameras, and servers such as switches and routers | Smart terminals such as cars, drones, smartwatches, smart bracelets, smart sensors, smart industrial equipment, smart appliances, smart wearable devices | Equipment quantity | Tens of billions of magnitudes | Trillions of magnitude | Type of evidence | Electronic documents, standard format files (JPG, MP3, MP4, etc.) | Added a large number of nonstandard data files for IoT smart terminals | Evidence data size | Megabyte | Exabytes | Network type | Wired network, WIFI, Bluetooth, wireless network, internet, mobile communication network | Added RFID, wireless sensor network, Internet of things (Internet of vehicles, industrial Internet of things, etc.) | Protocol | Ethernet, wireless (802.11a/b/g/n), bluetooth, IPv4, IPv6, TCP/IP, etc. | RFID,TCP/IP,B/S和C/S,HTTP, Ajax,Websocket, MQTT,CoAP, etc. | Owner of the evidence (equipment) | Victims, suspects, related contacts | Anyone | Judicial | The relevant legislation is basically complete | The relevant legislation is not yet complete | Privacy | Infringement of citizens' privacy is less problematic | Legislation and borders are not clear, and privacy issues are involved |
|
|