Given the exponential expansion of the internet, the possibilities of security attacks and cybercrimes have increased accordingly. However, poorly implemented security mechanisms in the Internet of Things (IoT) devices make them susceptible to cyberattacks, which can directly affect users. IoT forensics is thus needed for investigating and mitigating such attacks. While many works have examined IoT applications and challenges, only a few have focused on both the forensic and security issues in IoT. Therefore, this paper reviews forensic and security issues associated with IoT in different fields. Future prospects and challenges in IoT research and development are also highlighted. As demonstrated in the literature, most IoT devices are vulnerable to attacks due to a lack of standardized security measures. Unauthorized users could get access, compromise data, and even benefit from control of critical infrastructure. To fulfil the security-conscious needs of consumers, IoT can be used to develop a smart home system by designing a FLIP-based system that is highly scalable and adaptable. Utilizing a blockchain-based authentication mechanism with a multi-chain structure can provide additional security protection between different trust domains. Deep learning can be utilized to develop a network forensics framework with a high-performing system for detecting and tracking cyberattack incidents. Moreover, researchers should consider limiting the amount of data created and delivered when using big data to develop IoT-based smart systems. The findings of this review will stimulate academics to seek potential solutions for the identified issues, thereby advancing the IoT field.

翻译：随着互联网的指数级扩张，安全攻击与网络犯罪的可能性相应增加。然而，物联网设备中安全机制实施不力，使其易受网络攻击，并可直接对用户造成影响。因此，需要物联网取证来调查和缓解此类攻击。尽管已有诸多研究审视了物联网的应用与挑战，但仅有少数工作同时聚焦于物联网的取证与安全问题。为此，本文综述了不同领域中与物联网相关的取证及安全问题，并着重指出了物联网研发的未来前景与挑战。正如文献所示，由于缺乏标准化安全措施，大多数物联网设备易受攻击。未授权用户可能获取访问权限、损害数据，甚至从关键基础设施的控制中获利。为满足消费者对安全性的需求，可通过设计基于FLIP（高度可扩展与自适应）的系统来开发物联网智能家居系统。利用基于区块链的多链结构认证机制，可提供不同信任域之间的额外安全保护。深度学习可被用于开发高性能的网络取证框架，以检测和追踪网络攻击事件。此外，研究人员在利用大数据开发基于物联网的智能系统时，应考虑限制所创建与传输的数据量。本综述的发现将激励学术界为已识别的问题寻求潜在解决方案，从而推动物联网领域的发展。