Unveiling the hidden dangers: Security risks and forensic analysis of smart bulbs

People often dispose of their useless smart digital gadgets without realizing the potential presence of useful information inside these devices. This is also true for faulty smart bulbs, which cybercriminals might exploit to gain unauthorized access to a smart home and manipulate or steal private information. This research delves into the potential security risks associated with smart bulbs and provides recommendations for mitigating such risks. Through a comprehensive analysis of the functionality of smart bulbs, this study introduced the data extraction framework DEF-IoTF for collecting both hardware and application-level digital artifacts from smart bulbs. This paper presents the FIvM-IoT model for collecting and analyzing evidence from companion app data on mobile phones and Wifi modules at the hardware level. We conduct examinations on the smart bulb's Wifi module and extract its firmware using the developed Wifi_Cred tool. These include evidence related to user credentials, log time stamps, Wifi details, potential forensic information, and investigation procedures for IoT devices. Finally, this study provides prominent IoT forensic use cases along with the key requirements for hardware-level forensic investigation of Wifi modules. •Study the systematic & comprehensive reverse engineering of smart bulb hardware and software platforms.•To acquire digital evidence from software & hardware levels data extraction framework for IoT (DEF-IoTF) is used.•Lightweight Forensic Investigation Model (FIvM-IoT) is proposed to extract data from smart bulbs' applications and Wifi module.•Proposed DFA-DL algorithm for device-level forensic investigations & Wifi_Cred tool is developed to retrieve Wifi credentials.