| | Traditional digital forensics | IoT forensics |
| | Source of evidence | Traditional storage media such as computers, mobile phones, USB flash drives, cameras, and servers such as switches and routers | Smart terminals such as cars, drones, smartwatches, smart bracelets, smart sensors, smart industrial equipment, smart appliances, smart wearable devices | | Equipment quantity | Tens of billions of magnitudes | Trillions of magnitude | | Type of evidence | Electronic documents, standard format files (JPG, MP3, MP4, etc.) | Added a large number of nonstandard data files for IoT smart terminals | | Evidence data size | Megabyte | Exabytes | | Network type | Wired network, WIFI, Bluetooth, wireless network, internet, mobile communication network | Added RFID, wireless sensor network, Internet of things (Internet of vehicles, industrial Internet of things, etc.) | | Protocol | Ethernet, wireless (802.11a/b/g/n), bluetooth, IPv4, IPv6, TCP/IP, etc. | RFID,TCP/IP,B/S和C/S,HTTP, Ajax,Websocket, MQTT,CoAP, etc. | | Owner of the evidence (equipment) | Victims, suspects, related contacts | Anyone | | Judicial | The relevant legislation is basically complete | The relevant legislation is not yet complete | | Privacy | Infringement of citizens' privacy is less problematic | Legislation and borders are not clear, and privacy issues are involved |
|
|
