Cybersecurity and Cyber Forensics for Smart Cities: A Comprehensive Literature Review and Survey

Smart technologies, such as the Internet of Things (IoT), cloud computing, and artificial intelligence (AI), are being adopted in cities and transforming them into smart cities. In smart cities, various network technologies, such as the Internet and IoT, are combined to exchange real-time information, making the everyday lives of their residents more convenient. However, there is a lack of systematic research on cybersecurity and cyber forensics in smart cities. This paper presents a comprehensive review and survey of cybersecurity and cyber forensics for smart cities. We analysed 154 papers that were published from 2015 to 2022 and proposed a new framework based on a decade of related research papers. We identified four major areas and eleven sub-areas for smart cities. We found that smart homes and the IoT were the most active research areas within the cybersecurity field. Additionally, we found that research on cyber forensics for smart cities was relatively limited compared to that on cybersecurity. Since 2020, there have been many studies on the IoT (which is a technological component of smart cities) that have utilized machine learning and deep learning. Due to the transmission of large-scale data through IoT devices in smart cities, ML and DL are expected to continue playing critical roles in smart city research.


Introduction
Many countries are exploring the implementation of smart cities to provide better lives for their citizens. The creation of smart and sustainable cities is enabled by current and emerging technologies, such as the Internet of Things (IoT), sensors, artificial intelligence (AI), robotics, unmanned systems, digital twins, Web 3.0 technologies, and smart grids. The rapid penetration of smartphones and information and communication technology (ICT) has been a fundamental enabler of smart cities, providing ubiquitous connectivity for smart city technologies and helping to improve connectivity, share information with the public, and provide better quality government services.
In addition, many countries are making efforts to transform certain cities into smart cities, including Dubai, Tokyo, Singapore, Hong Kong, Seoul, Helsinki, London, and Riyadh [1,2]. In particular, Saudi Arabia is investing 5 billion USD in the construction of NEOM, a new smart city [3]. The city of Riyadh in Saudi Arabia uses anti-congestion measures for traffic, including adaptive traffic control. The city's traffic is monitored and managed by an intelligent transport system (ITS) that uses a variety of sensors and an advanced CCTV surveillance system. To inform traffic dashboards, advanced analytics are used to undertake historical, real-time, and predictive traffic analysis, including contextualized incident and traffic reporting [4].
Singapore is also striving to become a smart city in order to enhance the living environments of its residents [5]. Virtual Singapore is a dynamic 3D city model and collaborative platform created by Singapore to assist city stakeholders in promoting this innovation. Using the Virtual Singapore program, city stakeholders can gain valuable insights for policy and business research, decision-making, and prototyping [4].
The intelligent city platform of Valencia (VLCi) is a cloud-based internal city management system created in Spain. It enables the city to gather crucial information on its urban services, analyse that information using cutting-edge tools, and create dashboards to assist with decision-making [4]. The city of Texel in the Netherlands has recently upgraded to sophisticated, energy-saving street lighting equipment. By combining LEDs and IoT sensors, the city has significantly reduced energy consumption and light pollution [4]. London is also exploring changes to its smart city approach, based on active participation and feedback from its citizens [6].
Cities are constantly striving to make the lives of their citizens more convenient. Not only are traditional cities being transformed into smart cities but new cities are being constructed as smart cities. Smart cities have the potential to improve urban life through efficient transportation, energy efficiency, and improved public services. However, concerns around data privacy, social equity, dependence on technology, and environmental impacts must be addressed to ensure that smart cities can truly benefit all citizens and the environment.
Many new technologies are being applied to facilitate the transition to smart cities, but these can also pose potential risks. Smart homes offer convenient features through the use of new technologies, such as the IoT, but there are also vulnerabilities that hackers can exploit to remotely control smart homes. One experiment highlighted the vulnerability of the Z-Wave technology that is used in smart homes, in which a smart door was opened remotely and the smart valve alert was disabled, leaving the user unaware of a fire in the house [7,8]. Smart mobility provides freedom of movement for residents in smart cities, but it also poses a threat to life if it falls into the hands of attackers [9]. At the Black Hat conference, researchers successfully demonstrated that an autonomous vehicle could be hacked remotely and the brakes forcibly activated while driving [10]. Therefore, if a core element of a smart city is targeted by a cyberattack, it could result in significant damage to life and property.
State-sponsored hackers who employ advanced technologies, such as ransomware, have emerged as significant threats to smart cities [11,12]. Attacks on the core elements of smart cities not only benefit cyberattackers but also cybercriminals. By exploiting the vulnerabilities in smart homes, cybercriminals can remotely open doors or operate smart car keys to gain unauthorized access. In such cases, it is difficult to determine whether an attack was performed by a cybercriminal or a legitimate user. Therefore, further research on the use of cyber forensics to investigate cybercrimes in smart cities is critical.
Given the significance of smart cities, many researchers have been investigating their security and forensics. Research on smart cities has focused on various aspects. For example, Losavio conducted a study on the legal challenges of smart cities and IoT technologies, focusing on digital forensics, privacy, and security perspectives [13]. Baig et al. conducted a study on the future challenges of key elements in smart cities, including smart vehicles, unmanned aerial vehicles (UAVs), building automation systems (BASs), and smart grids [14]. Despite the significance of smart cities, there has been a lack of comprehensive research on identifying their key elements and addressing the challenges in cybersecurity and cyber forensics.
This study focused on reviewing the literature from 2015 to 2022 and analysing cybersecurity and cyber forensics research related to smart cities. To identify the key elements of smart cities, we conducted an initial search for related papers using relevant keywords. Then, for each key element, we systematically reviewed the related literature on cybersecurity and cyber forensics. The following keywords were used to search in Google Scholar: "cybersecurity smart cities", "cyber forensics smart cities", "digital forensics smart cities", "smart home", "smart mobility", "smart vehicle", "smart things", and "smart people".
Additional recently published papers focusing on cybersecurity and cyber forensics were also selected.
This review is intended for readers who are conducting research in the areas of cybersecurity and cyber forensics for smart cities. The contributions of this paper include the following: • A comprehensive review of 154 papers on cybersecurity and cyber forensics for smart cities that were published from 2015 to 2022, which revealed the key areas of research and identified major challenges and opportunities for improving the cybersecurity and cyber forensics readiness of smart cities; • A chronological organization of the research on cybersecurity and cyber forensics for smart cities, based on the key technologies that have been studied over time, such as the IoT, cloud computing, and AI, in order to provide a concise overview of the evolution of research on cybersecurity and cyber forensics for smart cities; • A comprehensive investigation of cybersecurity in smart cities, which found that the most common targets of cyberattacks are smart homes and that attacks related to the IoT are being studied very actively; • The observations that compared studies on cybersecurity in smart cities. There have been relatively few studies related to cyber forensics and that among the key city elements of smart cities, research on cyber forensics for IoT devices has been the most common.
The remainder of this paper is organized as follows. Section 2 discusses the key components of smart cities, including smart homes, smart vehicles, smart factories, and smart people. In Section 3, we provide a summary of cybersecurity research papers that were relevant to smart cities. Section 4 describes the research on cyber forensics that pertained to smart cities. Section 5 addresses the future expectations and research directions to smart cities. Finally, in Section 6, we present our observations and conclusions.

Key Elements of Smart Cities
To investigate and study smart cities, it was essential to identify their key elements. For this purpose, we used keywords, such as "smart city elements", "smart city layers", "smart city architecture", and "smart city ecosystem", to identify the key elements of smart cities. As shown in Table 1, several authors have attempted to identify the key elements of smart cities. By analysing the papers found using these keywords [15][16][17][18][19][20][21], we derived the core elements of smart cities, as shown in Figure 1.
As depicted in Figure 1, smart cities can be divided into four layers. In the top layer, there is the provision of services and applications for residents living in the smart cities. Below this, there are the technology, network communication, and device layers.
Within the service and application layer, four key sub-areas were identified: smart transportation, smart communities, smart living, and smart environments. The smart transportation area comprises smart parking and smart mobility, while smart communities include smart economy and smart governance. Smart living can also be further divided into sub-areas, which include smart healthcare, smart people, smart homes, and smart education. Lastly, smart environments can be classified into smart factories, smart buildings, and smart energy.

Service and Application Layer
Smart city services and applications aim to enhance the quality of life of residents in smart cities. These services enable citizens to use urban services efficiently and conveniently by utilizing advanced technologies.
Smart transportation systems offer a range of services, from guiding users to better routes or sharing traffic conditions to car and bike sharing opportunities, making public transportation systems and citizen mobility more efficient and convenient. Additionally, smart services can also cater to the parking needs of citizens, such as the identification of available parking spaces [23].
From the governmental perspective, ICT can be used to promote transparency and community participation and effectively manage crowds and solve emergency problems based on public data [20]. Smart economy enhances the flexibility of the labour market, as well as regional productivity and competitiveness.
Smart living services allow citizens in smart cities to share information in real time, thereby enabling them to efficiently solve everyday challenges and stay connected [20]. Remote health monitoring and e-health services provide citizens with customized health and medical care [24].
Smart home systems allow users to remotely control IoT home appliances, such as smart TVs, by using smartphone applications to perform specific tasks [25]. Additionally, urban facilities can be utilized more conveniently and education systems can be improved to provide flexible education options for residents.
One of the key goals of smart cities is to promote environmental sustainability through digitally integrated and improved energy management systems. Smart services can carry out the real-time monitoring and management of smart buildings, smart factories, and smart energy systems, which can enhance energy efficiency and waste management [20].
Cyberattacks are primarily directed towards smart city services and applications, making cybersecurity countermeasures essential for ensuring the safety of smart cities. The risk of cybercrime also increases with the implementation of these technologies. To address cybercrime, policing must also evolve in the future, with data analysis playing a central role in this evolution [26]. Research is also being conducted on data-driven policing for smart cities. In addition, current and developing technologies have been analysed, along with the opportunities they provide for smart policing in smart cities [26]. Section 2.1 discussed the service and application layer of smart cities, which aims to improve the quality of life of citizens by providing efficient and convenient urban services. Through our investigation of the key elements of smart cities, we identified four major categories and eleven sub-categories in the service and application layer, such as smart transportation, smart communities, smart living, and smart environments.

Technology Layer
Innovative and popular technologies play crucial roles in more efficiently and safely solving various problems with smart cities by utilizing the vast amounts of data that are generated. The IoT is a fundamental technology that connects various ICT devices and lays the foundations for advanced smart cities [27]. Research has been conducted on applying IoT technologies to various smart city applications, including pollution issues [28][29][30]. Cloud infrastructure and platforms are also crucial in smart cities and data separation is a significant concern [31,32]. Data can be collected in real time using sensors in IoT devices, such as RFID, infrared radiation (IR), global positioning systems (GPSs), and laser scanners, and stored in the cloud or edge data storage. IoT applications enable the remote control and management of devices [27,33].
AI technology is rapidly evolving to enable the fast and efficient delivery of complex services for small-scale smart city elements, such as smart homes and smart buildings, as well as large-scale elements, such as smart infrastructure and smart transportation [34]. Big data technology is a key enabler of AI as it can collect and analyse the vast amount of data generated in smart cities, thereby allowing AI to predict or infer future results and make better decisions. Additionally, blockchain and deep learning technologies can be used to provide smarter automation services for smart cities as data can be learned and determined autonomously [35]. Authentication technology is also being researched for smart cities from a blockchain perspective [36].
However, privacy and security issues arise when data are exchanged across a wide range of areas in smart cities. As a potential solution, blockchain is increasingly being used for some data exchanges. By enabling smart transactions through smart contracts and decentralized applications, blockchain provides a high degree of autonomy for the operation of smart cities [37]. Additionally, research is being conducted on cybersecurity issues related to the use of augmented reality (AR) technologies in smart cities [38].
User perceptions of smart city techniques depend on various factors, such as personal experiences, data privacy, and data security. Users are more likely to perceive smart city techniques positively when they see clear benefits, such as enhanced public services. A study conducted by Silver Spring Networks found that 75% of US consumers had a positive view of smart cities after being educated about their benefits, while only 3% had a negative view. The top two benefits perceived by respondents were reducing pollution and enhancing public safety, while the top two concerns were costs and privacy. Additionally, the study found that positive sentiments towards smart cities were expressed as an interest in living with smart city technologies. Section 2.2 highlighted the use of the IoT and cloud infrastructure for data collection, storage, and management, as well as the roles of AI and big data technology in providing advanced services via prediction and inference. Blockchain technology was also introduced as a potential solution for privacy and security concerns in smart cities as it provides a high degree of autonomy when executing smart transactions. However, due to the increasing use of technologies in smart cities, cybersecurity countermeasures are necessary to prevent cyberattacks and cybercrime.

Network Communication Layer
Network communication is a crucial element in smart cities. Applications that require communication over short distances, such as smart grids, smart water services, and smart buildings with very limited energy usage, typically utilize the IEEE 802.15.4 (Zigbee). These applications can last for years using the same battery. IEEE 802. 15.1 (Bluetooth) can also be used for these applications. The wireless local area network (WLAN) protocol uses the 2.4 GHz band, with a data rate of 1 Mbps and a master/slave time division duplex (TDD) ranging from 10 to 100 m.
The IEEE 802.11a/b/g/n protocols are used in almost all smart city systems. The latest version, the IEEE 802.11n protocol, operates in the 2.4 and 5.1 GHz ranges and uses orthogonal frequency division multiplexing (OFDM) and a direct sequence spread spectrum (DSSS). This protocol also enables reservation-based operations using point coordination functions (PCFs) and best effort operations using distributed coordination functions (DCFs). PCF services are useful for video, real-time, and multimedia audio data traffic that requires QoS guarantees for specific parameters, such as bandwidth, delay, and delay jitter [39].
Smart water services, UAVs, smart grids, and pipeline monitoring can use cellular 3G and 4G protocols that employ packet switching for data communication and circuit switching or selective packets for voice communication [39]. Long-term evolution (LTE), which is an advanced technology, can also be used and coverage is available worldwide when roaming is employed.
UAVs, pipeline monitoring, and smart transportation can also utilize satellite communication, which typically uses frequencies in the 1.53 and 31 GHz ranges and employs time division multiple access (TDMA) and frequency division multiple access (FDMA) at the data link layer [39]. It also has data rates of 1 Gbps (upload) and 10 Mbps (download), making continuous coverage possible due to the trade-off between satellites worldwide [39].
The efficient spectra of narrow-band technologies are suitable for smart cities [40] as they can support several IoT devices in smart grids, smart homes, and smart meters, among others [40]. However, despite their advantages, narrow-band technologies have limitations regarding security, which can make them vulnerable to cyberattacks [40]. The information-centric networking (ICN) routers can be used in smart home networks for more efficient content distribution due to their increased caching capacity and improved cybersecurity [41].
It is essential to protect smart city wireless sensor networks (WSNs) and a comparative study on anomaly detection technology was conducted for this purpose [42]. Research on attacks on smart city WSNs is also active and frameworks for attack classification and defence have been developed [43,44]. Section 2.3 discussed the various communication technologies that can be used in smart cities. These include IEEE 802.15.4 (Zigbee) and IEEE 802. 15.1 (Bluetooth) for shortdistance applications, such as smart grids and smart buildings, IEEE 802.11a/b/g/n protocols for large-scale smart city systems, and cellular 3G and 4G protocols and satellite communication for UAVs, pipeline monitoring, and smart transportation.

Device and Sensor Layer
The device and sensor layer is an essential component of smart cities. Smart devices equipped with sensors and actuators can measure, collect, and control various types of data [45]. Data from across smart cities, including information on citizen movement, parking, and building or city data (such as light, noise, temperature, and humidity), can be collected using IoT sensors and processed by converging them with ICT [45].
Citizens can visually receive and control data through physical devices, such as wearable devices and smartphones. Facilities equipped with IoT sensors can monitor data in real time and analyse and control these data according to their own specific purposes.
Smart city sensing is a new paradigm that promotes the transition to smart city services. A number of studies have been conducted on current and historic smart city sensing and its influence on related issues [46].
While the mass proliferation of IoT devices has provided advanced services based on hyperconnectivity, end-node devices focus on confidentiality and have weak security [16], which can affect connected smart devices.

Cybersecurity in Smart Cities
Cybersecurity for smart cities includes a combination of technologies that have emerged to address the highly complex challenges of insecure devices and networks, which can lead to unbounded attacks. In this section, we highlight the issues discovered by research and their proposed solutions.
Several studies have been conducted on the cybersecurity challenges in smart cities. For example, Kalinin et al. [47] classified common cyber threats to smart city infrastructure, as depicted in Figure 2. AlDairi et al. [48] conducted a literature review of security and privacy issues in smart cities and proposed solutions to address them. Neshenko [49] designed a method to detect smart city industrial control system (ICS) attacks by investigating unnoticed changes in network traffic patterns and using interactive visualization to filter out false alarms. Alassad et al. [50] proposed a model to prevent damage from cyberattacks originating from online social networks using focal structure analysis (FSA) and deviant cyber flash mob detection (DCFM). Hamid and Bawany [51] presented a security framework called ACIDS, which identifies potential security threats in the five layers of smart city systems and helps to develop security measures in different fields. Alibasic et al. [52] explained the main concepts of smart cities and their components. They also reviewed different cybersecurity threats and challenges and proposed solutions.
Al-Turjman et al. [53] discussed the security and privacy issues of smart city applications, as well as their data-centric architecture, and addressed the main security issues of smart city architecture. Alamer and Almaiah [54] presented the challenges and threats of cybersecurity in smart cities and devised possible solutions. They also explained the advantages and opportunities of smart cities. Duan et al. [55] discussed large-scale video issues, as well as the future of using deep learning features to manage these issues in smart cities. Lakhouil et al. [56] explained the concepts, services, limitations, and investigations of ICT cybersecurity threats in smart cities. Furthermore, they discussed solutions to reduce the risks of these threats.
Ma [57] provided functional solutions for maintaining both user privacy and security in smart cities and also explained relevant cybersecurity threats. Figueiredo et al. [58] discussed the cybersecurity issues and risks in smart city operations. They also presented the current cybersecurity techniques and their applications and discussed possible future directions for smart cities. Wang et al. [59] proposed strategies for reducing cybersecurity attacks on smart city systems and protecting misused data. Furthermore, they demonstrated the highly effective mitigation of threats by following this approach. Biswas and Muthukkumarasamy [45] used smart devices with blockchain technology to secure data communication in a smart city. The main purpose of using blockchain is to improve resilience against cybersecurity threats and create secure communication among devices in disturbed environments.
Butt and Afzaal [60] discussed the security and privacy issues in smart cities and also investigated solutions that have been proposed in previous research. Furthermore, they identified the details of smart city applications and their vulnerabilities. Andrade et al. [61] analysed various issues and challenges with implementing IoT systems in smart cities and discussed the related security risks. Juma and Shaalan [62] reviewed cyber-physical system (CPS) trends in smart cities. They surveyed related works, discussed the challenges, and identified expected solutions from big data, the IoT, and cloud computing. They emphasized that these solutions could help to create significant impacts on smart cities and their applications. These studies highlighted the details of smart cities and provided valuable insights into improving the security of smart city systems.
In this section, we summarized the cybersecurity-related research on each service element within smart cities, as shown in Table 2.

Smart Transportation/Mobility
Javed et al. [63] conducted a security study on next-generation intelligent transport system (ITS) applications in smart cities, as shown in Figure 3. After analysing the security architecture of the European Telecommunications Standards Institute (ETSI) ITS standard, they implemented ECC-based digital signatures and encryption procedures using experimental test beds. In their study, a network simulation model was used to reproduce the smart city scenario. From the experimental results, they found that existing security solutions could directly affect the quality of service and safety perception of vehicle applications. Wang et al. [64] provided strategies to protect connected vehicles and the AI in the vehicles and also discussed automobile cybersecurity attacks. Kim et al. [9] discussed the implications of attacks on autonomous vehicles and how to defend against such attacks when integrated with the AI within the main components of smart cities, based on a systemic survey. Table 2. Cybersecurity for the service and application layer of smart cities.

Category Authors
Year Approach/Experiment

Smart Mobility
Javed et al. [63] 2016 ECC-based digital signatures and the encryption of smart city ITSs Wang et al. [64] 2019 Key protection strategies for smart vehicles Kim et al. [9] 2021 A systemic survey of research on autonomous attacks and defence Sharmila et al. [65] 2022 A mitigation model of cybersecurity vulnerabilities and threats Chen and Quan [66] 2022 Security solutions for the BIoV and its security challenges

Smart Homes
Ryu and Kwak [67] 2015 Authenticated devices and safe access controls for smart homes McGee [68] 2016 The development of SECaaS to evaluate smart home ecosystem data-link layers Liu and Hu [69] 2016 Algorithms to prevent hackers from altering energy bills Nsunza et al. [70] 2017 An evaluation of the performance of TCP and UDP network traffic by FPGA Gamundani et al. [71] 2018 Cyberattack and authentication threats on the IoT in smart homes Ghirardello et al. [72] 2018 An analysis of various attacks and key vulnerabilities Kraemer and Flechais [73] 2018 A systematic review of research on privacy in smart homes Bastos et al. [74] 2018 IoT security solutions and anticipated attacks on data protocols Sturgess et al. [75] 2018 A discussion of heterogeneous threats to personal information Siddhanti et al. [76] 2019 Good practice in cybersecurity maturity assessment Elmisery and Sertovic [77] 2020 The preservation of event log privacy for smart homeowners Rossi et al. [78] 2020 Monitoring and defence against exploiting devices using Shodan APIs Giannoutakis et al. [79] 2020 Blocking malicious IPs using dynamic and immutable management Rauti et al. [80] 2021 A demonstration of a man-in-the-browser attack on a smart home system Awang et al. [81] 2021 Solutions for threats to smart home operational environments Turner et al. [82] 2021 Best practice and recommendations for smart homeowners Alshboul et al. [83] 2021 Protecting sensor identities from being recognized Mahor et al. [84] 2022 A multivariate correlation analysis and correlation detection Bringhenti et al. [85] 2022 Cybersecurity personalization based on policy-based management Allifah and Zualkernan [86] 2022 A ranking of the critical vulnerabilities of smart home devices Thammarat and Techapanupreeda [87] 2022 A symmetric cryptographic protocol for smart homes Sharmila et al. [65] analysed the different vulnerabilities and threats in autonomous vehicles and provided a model to mitigate security threats. Chen and Quan [66] discussed various attacks and targets within the Internet of Vehicles (IoV). They also proposed a framework for the IoV based on blockchain and suggested solutions for security, authentication, and privacy issues in the IoV.
ITSs and autonomous vehicles are essential components of smart cities. Researchers have analysed the security of these systems, including their architecture, vulnerabilities, and potential attacks. They have proposed various strategies to safeguard connected vehicles and mitigate security threats, including digital signatures and encryption procedures, as well as the use of blockchain frameworks. Studies have also shown that existing security solutions can affect the quality of service and safety perception of vehicle applications.

Smart Homes
Several research papers have addressed the cybersecurity and privacy concerns regarding smart homes. Ryu and Kwak [67] investigated the risk of unauthorized access to smart homes and proposed a secure data access control scheme to prevent data leakage, privacy invasion, and the falsification of data. McGee [68] evaluated the personally identifiable information (PII) vulnerabilities in smart home ecosystems and developed a security as a service (SECaaS) capability to assess the results. Liu and Hu [69] highlighted the cybersecurity vulnerabilities in smart home infrastructure, particularly energy bill scheduling techniques, and described current detection methods and cyberattack tools. Nsunza et al. [70] conducted an experiment to assess the performance of TCP and UDP network traffic using field programmable gate arrays (FPGAs) and system-on-chip (SoC) platforms in smart home routers.
Gamundani et al. [71] and Ghirardello et al. [72] investigated the vulnerabilities of authentication and home automation systems in smart homes and potential attack opportunities. Kraemer and Flechais [73] explored the future directions of privacy research within the smart home domain. Bastos et al. [74] proposed solutions for security issues in IoT devices in smart homes and predicted possible future cyberattacks. Sturgess et al. [75] identified three factors that contributed to smart home privacy risks. The first factor involved evaluating heterogeneous devices from a top-down perspective. The second factor concerned the various cyberthreats that exist in smart homes. The final factor explained the difficulties in aggregating the highly valuable private data of homeowners. They suggested a capability-oriented model to facilitate the rapid development of smart homes. Siddhanti et al. [76] suggested using a cybersecurity maturity assessment tool to secure smart home environments from cyberthreats.
Elmisery and Sertovic [77] suggested a permission-based approach for revealing log records that require involvement with third parties. Personal usage logs from homes that are shared with third parties can lead to attacks on smart home environments. Rossi et al. [78] identified a solution for detecting the exploitation of smart home systems by monitoring vulnerabilities in the systems-of-systems domain using a combination of defensive programming and Shodan APIs. Shodan APIs are a set of application programming interfaces (APIs) provided by the Shodan search engine that enable users to search and access information about Internet-connected devices and systems. Giannoutakis et al. [79] presented a framework to address this issue by using blockchain technology to ensure the integrity of smart home devices and block malicious IPs from accessing smart home environments.
In 2021, Rauti et al. [80] demonstrated attacks on the Chrome web browser by implementing a malicious browser extension. The user activities were modified, which affected the management consoles of smart homes. They showed that the connection of IoT devices to smart home networks caused potential man-in-the-browser attacks to target the remote control systems. Awang et al. [81] proposed solutions to enhance the IoT ecosystems in smart homes and analysed the possible threats to smart home operational environments. Turner et al. [82] discussed how the Internet connection between devices introduces security risks to smart homes as it allows access to private user information. They also provided recommendations for users regarding safely accessing cybersecurity data. Alshboul et al. [83] also proposed a methodology for detecting and predicting intruders attempting to recognize the identities of smart home sensors. They emphasized that data should preserve their identity by knowing their sources and not adding extra loads to the network.
In 2022, Mahor et al. [84] proposed a security solution using blockchain to evaluate performance parameters and analyse and detect correlations between traffic functions in smart home networks. Bringhenti et al. [85] presented a configurable automation security system to secure personalization data in smart homes and improve usability by minimizing human interventions and implementing policy-based management. Allifah and Zualkernan [86] presented a novel methodology to rank the security of home consumer devices. They also discussed the analytic hierarchy process (AHP) and applied it to ranking the overall security risks. Thammarat and Techapanupreeda [87] proposed a protocol to fill the gap in security messages in smart homes regarding confidentiality, integrity, and mutual authentication using symmetric cryptography. They demonstrated the efficacy of their protocol using the Burrows-Abadi-Needham (BAN) logic and scyther tool framework.
The security and privacy of smart homes are of concern within the field of cybersecurity. Research on IoT security in smart homes has focused on identifying and addressing issues, such as unauthorized device access, vulnerabilities in PII, cybersecurity vulnerabilities in smart home infrastructure, and potential attacks on authentication and home automation systems. Proposed solutions to these security concerns include using blockchain technology to ensure the integrity of smart home devices and implementing policy-based management to secure personalization data. Additionally, protocols using symmetric cryptography have been suggested to protect confidentiality, integrity, and mutual authentication in smart homes.

IoT Cybersecurity Research
In this section, we summarized the IoT cybersecurity research papers related to smart cities, as shown in Table 3. Abomhara and Køien [88] classified the types of cyberthreats to IoT devices and services and analysed the characteristics of attackers. Rohokale and Prasad [89] proposed an approach for designing robust cybersecurity solutions for IoT device networks since heterogeneous networks are targeted by attackers and often encounter cyberthreats.
Saadeh et al. [90] presented a literature review of authentication and communication processes between IoT objects. Sivanathan et al. [91] evaluated the vulnerabilities of IoT devices to cyberattacks by rating their confidentiality, integrity, availability, and reflectiveness capabilities as either good, average, or poor. The evaluation process was divided into four categories: confidentiality, integrity, availability, and reflectiveness capabilities against attacks.
Neshenko [92] generated cyberthreat intelligence related to Internet-scale inference and the assessment of malicious activity generated by compromised IoT devices for the immediate detection, mitigation, and prevention of IoT exploitation. Ainane et al. [93] described how flooding occurs when data are exchanged between citizens and smart cities. They also identified the types of protocols that revolve around the IoT applications that are used during these exchanges. Vrabie [94] presented IoT services that could help to develop smart cities and provided numerous examples of cities that have implemented these concepts. Viswanadham and Jayavel [95] surveyed related research on blockchain technology implemented within IoT devices and applications. They aimed to provide an understanding of blockchain security and privacy features for IoT services. Lewis [96] used a graph database to understand the complexity of IoT networks, as well as different devices that impact the security of networks and associated data. Wu et al. [97] proposed a framework for the development of future IoT applications and analysed the future directions of IoT communication and its challenging aspects. Table 3. A summary of the approaches and experiments presented in existing IoT cybersecurity research.

Category Authors Year Approach/Experiment
IoT Abomhara and Køien [88] 2015 Threat classification, attack characterization and an analysis of IoT devices Rohokale and Prasad [89] 2015 A critical systematic review of cyberthreats to heterogeneous IoT networks Saadeh et al. [90] 2016 A survey of IoT authentication techniques Sivanathan et al. [91] 2017 An evaluation of vulnerabilities through CIA and the capability of DDoS attacks Neshenko [92] 2018 An evaluation of large-scale malicious IoT data from cyberthreat intelligence Ainane et al. [93] 2018 An identification of data and protocol exchanges between users and IoT applications Vrabie [94] 2018 How IoT networks and services can develop smart cities Viswanadham and Jayavel [95] 2018 The implementation of blockchain in IoT security and its domain Lewis [96] 2018 The security of IoT networks and devices Wu et al. [97] 2018 Hyperconnected interdependent IoT services and future applications James [98] 2019 The detection of critical attacks on IoT devices by executing cybersecuritybased attacks Shokeen et al. [99] 2019 An accurate evaluation of each vulnerability of IoT systems Roukounaki et al. [100] 2019 The identification of threats using security analytics algorithms, vulnerabilities, and attacks Van Kleek et al. [101] 2019 The classification of IoT device data in privacy-empowering networks Thorburn et al. [102] 2019 Basic future frameworks for IoT devices that share data with third parties Nwafor and Olufowobi [103] 2019 An anomaly detection system for events in IoT ecosystems Ullah et al. [104] 2019 The detection of infected SW and files across IoT networks using deep learning (DL) Sharma et al. [105] 2020 The computerized security of IoT devices Karie et al. [106] 2020 A literature review of IoT threat detection and security challenges Andrade et al. [107] 2020 An evaluation of IoT cybersecurity maturity in smart cities according to its risk levels Singh et al. [108] 2020 The types of IoT security threats and their countermeasures Cvitić et al. [109] 2021 The detection of DDoS traffic attack using logistic model trees on different IoT devices Jhanjhi et al. [110] 2021 An investigation of cyberattacks that target the four layers of the IoT Strecker et al. [111] 2021 The detection of malicious and anomalous data in IoT systems using machine learning (ML) Ahmed et al. [112] 2021 An analysis of the security and privacy concepts in IoT networks using ML and DL Houichi et al. [113] 2021 The detection of infected IoT devices, alerts, and reports based on ML and other methods Bhargava et al. [114] 2021 The implementation of ML/DL on IoT platforms to prevent security issues Al Solami [115] 2021 The use of secure resource administration to stop IoT services from being replicated Hulicki and Hulicki [116] 2021 The threats to network security mechanisms and their vulnerabilities to attacks Ali et al. [117] 2021 A literature review of IoT security issues, their classification, and solutions Debnath and Chettri [118] 2021 A literature review of the security challenges in IoT applications Toutsop et al. [119] 2021 DoS attacks on IoT devices through networks Balaji et al. [120] 2021 An analysis of cyberthreats and prevention methods for avoiding IoT attacks Khan [121] 2021 Privacy preservation based on pseudonymization and anonymization Nakkeeran and Mathi [122] 2021 The detection of anomalies in IoT networks and solutions for cross-layer issues Kowta et al. [123] 2022 A identification of security threats to different IoT devices by implementing attacks on them Maidamwar et al. [124] 2022 An intrusion detection design for the WSN-based IoT Raimundo and Rosário [125] 2022 A literature review of cybersecurity threats to the IoT Fan et al. [126] 2022 Security guidelines for developing IoT-enabled smart cities In 2019, James [98] attempted to fill the gap in the research on cybersecurity challenges in IoT services and applications by conducting intrusion attacks on several IoT devices within smart homes. They also established a method to protect affected devices and smart home systems from future attacks using an intrusion prevention system. Shokeen et al. [99] suggested a framework to assess the risks of cyberthreats to IoT systems that avoids external factors from being involved in the evaluation. Furthermore, it also reduces existing vulnerabilities. Roukounaki et al. [100] proposed deploying security data collection systems in complex IoT devices and applying effective secu-rity analysis algorithms to identify threats, vulnerabilities, and related attack patterns. Van Kleek et al. [101] proposed disaggregating the privacy of IoT networks to help prevent private end-user data from being collected. Thorburn et al. [102] presented possible future development directions for third-party entities that collect personal information without the knowledge of homeowners, based on data flows in smart home environments. Nwafor and Olufowobi [103] presented a framework to detect anomalous system events in IoT ecosystems and associated devices. Ullah et al. [104] proposed a solution to classify the performance of measuring cyberthreats to IoT devices.
In 2020, Sharma et al. [105] discussed the IoT cybersecurity issues and noted that the innovation of IoT devices is growing and expanding progressively. Karie et al. [106] focused on developing combat strategies against IoT cybersecurity threats and also discussed future directions in this domain. Andrade et al. [107] proposed a model for evaluating the risk levels related to IoT cybersecurity. The assessment model was based on a systematic literature review of research on developing smart city applications and cybersecurity risk levels. Singh et al. [108] provided several examples of cyberthreats and countermeasures, as well as discussing how the combination of cloud computing and IoT devices could be used in smart city applications to identify these types of security threats.
In 2021, research on IoT was very active, especially in relation to smart cities. Cvitić et al. [109] presented a model to detect DDoS traffic and identify IoT devices that were categorized into four different classes. Jhanjhi et al. [110] proposed a solution to analyse cybersecurity privacy challenges by understanding the current state of cybersecurity. Ahmed et al. [112] discussed various aspects of cybersecurity in IoT networks and analysed MLP, CNN, LSTP, and AI/ML models. Strecker et al. [111] presented a cyberthreat intelligence model to evaluate and infer malicious activities targeting IoT devices and their data integrity. This model could also mitigate the exploitation of IoT devices. Houichi et al. [113] discovered that ML could be used to detect anomalous threats and vulnerabilities in IoT devices and localize them, as well as generating reports and alerts for the threats. This solution was evaluated experimentally using the NSL-KDD dataset and demonstrated high accuracy (99.31%).
Bhargava et al. [114] suggested enhancing the experience in smart cities by addressing security and privacy issues in IoT platforms and provided an overview of how ML and DL could be implemented in IoT devices and services. Al Solami [115] presented a framework for secure resource administration that enhances IoT services in smart city applications by preventing replication. This involves the distribution of the cloud, networks, IoT platforms, and sensors. They also demonstrated how to prevent unintended attacks from original supplier sources by monitoring non-replicated services. Hulicki and Hulicki [116] explored cyberthreats and vulnerabilities of customer premises networks and the resulting attacks associated with IoT applications and services. Ali et al. [117] discussed the security issues in IoT devices and services that have been gathered and reported. They also classified these issues and provided solutions. Debnath and Chettri [118] reviewed the current trends in IoT research, as well as identifying the recent issues and challenges in IoT applications and industries. Toutsop et al. [119] proved that hackers can exploit sensors and gain unauthorized access to IoT networks. Furthermore, they attempted to carry out DoS attacks on IoT devices to understand the device vulnerabilities and provide intrusion detection using ML and DL. Balaji et al. [120] analysed the types of cyberthreats and consequences that IoT systems may face. They also discussed how to prevent and avoid these attacks.
Khan [121] suggested different privacy protection methods based on pseudonymization, clustering, anonymization, and more to prevent private data from being exchanged with service providers and third parties. Kowta et al. [123] discussed the various cybersecurity threats and vulnerabilities in IoT devices. They performed several attacks on IoT devices and devised with solutions and methods to prevent these attacks. Nakkeeran and Mathi [122] provided a framework for end-to-end IoT sensor and device solutions and a detection method for identifying suspicious and anomalous network behaviour through cross-layer analysis. Maidamwar et al. [124] reviewed the design of an intrusion detection framework for the WSN-based IoT, which they described as being able to increase confidence in the reliability of IoT networks and contain network intrusions. Raimundo and Rosário [125] filled a gap in the research on cybersecurity risks in the IoT domain by discussing the existing solutions and cyberthreats in the industrial Internet of Things (IIoT), based on a literature review. Fan et al. [126] provided general security guidelines for enhancing the IoT in smart cities, which were presented in four main points. Firstly, they provided an overview of recent innovations and common security challenges. Secondly, they discussed the latest security implementations that use cryptography in the IoT. Thirdly, they analysed the security challenges using the activity-network-things architecture. Lastly, they discussed potential IoT security prospects.
Cybersecurity is a critical concern for the widespread adoption of IoT devices and services. To address this challenge, robust cybersecurity solutions have been proposed, including vulnerability assessments for IoT devices, cyberthreat intelligence generation, AI/ML-based threat detection, and models for mitigating malicious activities targeting IoT devices. The combination of cloud computing and IoT devices is also being explored as a means of enhancing the security of smart city applications.

Cyber Forensics in Smart Cities
Next, we summarized the findings of studies on smart city components from a cyber forensics perspective. Although research on cyber forensics related to IoT devices has been active for some time, progress in research on cyber forensics for smart cities is still slow compared to that on smart city cybersecurity. Most studies related to cyber forensics have focused on smart homes and autonomous vehicles.

Cyber Forensics for the Service and Application Layer
In this section, we summarized the Cyber forensics-related research on each service element within smart cities, as shown in Table 4. Ryu et al. [127] examined certain challenges in digital forensics for smart home systems based on the IoT. The experimental results revealed that cookies could provide information pertaining to user locations. Awasthi et al. [128] conducted forensics research on Almond+, a smart home hub that includes iOS/Android companion apps, a home hub, and a cloud environment. They identified important log locations across the Almond+ and companion applications that could be crucial for investigations. Brotsis et al. [129] presented a blockchain-based solution, cyber-trust blockchain (CTB), that was built on the HyperLedger Fabric. They proposed forensic evidence collection for small offices/home offices in smart home networks using a simulated adversarial model. The authors found the sources of cyberattacks by capturing suspicious network traffic detected by smart home gateway agents (SGPs), inspecting compromised devices, and collecting forensic evidence. This evidence was then securely stored in an off-chain database and hashes and metadata were stored on blockchain to ensure a chain of custody.
Iqbal et al. [130] explored the feasibility of the forensic analysis of different smart plugs brands (D-Link, TP-Link, Telldus, Amazon, and LG) and examined the challenges in resource-constrained devices, such as smart plugs. The authors also reviewed the current related work in the field of the forensic analysis of smart plugs. Kim et al. [131] primarily focused on acquiring, categorizing, and forensically analysing data from Google Nest Hub, Samsung Smart Things, and Kasa cam. The authors examined smart home data collected by companion apps, web interfaces, and APIs. They described how various smart home data could be used as key evidence in certain forensics situations.
Several researchers have also conducted forensics studies on autonomous vehicles to identify artefacts and evidence for investigations. Feng et al. [132] discussed the vulnerabilities in smart autonomous automated vehicles (AAVs) against the backdrop of smart cities and identified potential attack vectors and sources of digital evidence collection. They also proposed a forensics model for vehicle data investigations. Hossain et al. [133] presented a Trust-IoV framework consisting of a forensics gateway and an IoV forensics service to support investigations involving cybercrime cases in IoV environments. They also proposed a model to collect evidence from distributed IoV frameworks. Table 4. A summary of the research on cyber forensics for smart homes and autonomous vehicles.

Category Authors Year Approach/Experiment
Smart Homes Ryu et al. [127] 2017 Smart home forensics models based on attack scenarios Awasthi et al. [128] 2018 Forensic data acquisition and analysis based on the smart home Wi-Fi system Almond+ Brotsis et al. [129] 2019 Smart home data collection and the preservation of evidence using blockchain Iqbal et al. [130] 2020 Challenges in smart plug forensic analysis and investigation Kim et al. [131] 2020 Google Nest Hub, Samsung Smart Things, and Kasa Cam forensics

Autonomous Vehicles
Feng et al. [132] 2017 Digital forensics models for autonomous vehicle cases Hossain et al. [133] 2017 Trusting the IoV to collect and store evidence from distributed infrastructure Zhang et al. [134] 2022 An incentive lightweight authentication scheme for forensics services in the IoV Tyagi et al. [135] 2022 Using local Ethereum blockchain to collect evidence from connected vehicles In 2022, Zhang et al. [134] implemented a lightweight incentive authentication system (LIAS) developed using a three-tier architecture, including a user layer, fog layer, and cloud layer. They used the fog-assisted IoV with the pairing-free certificateless signcryption to create an anonymous authentication system. A pseudonym update mechanism was used to defend against DDoS attacks and provide a fair mechanism to allow vehicles to join the forensics services. Vehicles with cameras could record pictures of roadside infrastructure and send them to the cloud anonymously. These stored images could then be valuable evidence in future investigations. Tyagi et al. [135] proposed an AI-enabled blockchain solution that was implemented on a local Ethereum blockchain platform as a proof of concept for intelligent digital forensics for automated connected vehicles (ACVs) in smart cities. Short random signatures could be used to anonymously authenticate witness identities, privacy, and trust.

IoT Cyber Forensics Research
In this section, we summarized the IoT Cyber forensics-related research on smart cities, as shown in Table 5. Zia et al. [136] proposed an application-specific forensics model for the IoT that included the collection, examination, analysis, and reporting of IoT devices in smart environments. They also identified potential sources of digital evidence and artefacts from smart homes (Nest smart), smart cities with intelligent traffic management system (ITMSs), wearable devices (VitalPatch), and network and cloud forensics. Rizal et al. [137] presented a network forensics model for detecting flooding attacks on IoT devices. They used a Bluetooth Arduino device to simulate flooding attacks and then monitored and stored the logs of abnormal activity on the infected Arduino device. These logs were further analysed using packet monitoring tools, such as Wireshark, to identify malicious IPs.
In 2019, Hou et al. [138] presented a systematic review of the impacts of the IoT on digital forensics. They reviewed 58 papers that were published from 2010 to 2018. They then presented the landscape of the IoT in three different dimensions: spatial, temporal, and technical. The spatial dimension focuses on the potential sources of evidence, the temporal dimension focuses on the legal acceptance of evidence, and the technical dimension focuses on the needed tools and technologies for data collection and analysis. Jayakrishnan and Vasanthi [139] presented an analysis of IoT attacks on Wi-Fi cameras and side-channel attacks (SCAs) to obtain AES keys to aid investigators in understanding attack patterns. Qatawneh et al. [140] proposed a new digital forensics investigation model (DFIM) for the IoT. They categorized three zones (cloud, fog, and precipitation) as the potential sources of IoT digital evidence. The model consists of a data provider zone (DPZ), which is responsible for assigning all data gathered by sensor nodes into groups and assigning investigators to the case. Yaqoob et al. [141] examined novel IoT issues within conventional computer forensics. They also analysed the advantages and disadvantages of recent studies on IoT forensics by creating a taxonomy based on forensic stages. Table 5. A summary of the approaches and experiments presented in existing IoT and multi-area research.

Category Authors
Year Approach/Experiment

Multi-Area
Sharma and Singh [153] 2015 A forensic analysis of deep packet inspection (DPI) networks Mishra et al. [154] 2021 The identification of suspicious packets to detect cybercrimes using a packet analyser Numerous studies related to IoT forensics were published in 2020. In the same year, Stoyanova et al. [142] identified the main issues involved in IoT investigations, including legal challenges, privacy concerns, and cloud security challenges, as illustrated in Figure 4. They proposed decentralized blockchain-based solutions to secure digital evidence obtained from IoT devices. They also created the IoT challenge mind map and IoT attack taxonomy. In addition, Patil et al. [143] presented a methodology for cyber forensics in IoT architectures, which includes a sensing layer, network layer, service layer, and interface layer. They conducted a study on events in wireless cyber-physical systems (WCPs), revealing API calls to RESTFul web services from an Amazon Echo. They also performed a comparative analysis of the existing research on IoT forensics. Jayakrishnan and Vasanthi [144] presented the HoneyNetCloud investigation model (HIM), which uses honeypots to record attacker behaviour. They captured IoT network attack data for one year and classified them using the Dempster-Shafer theory (DST). The proposed model was designed to assist investigators in conducting investigations on IoT network attacks.
Atlam et al. [145] reviewed IoT forensics by emphasizing the need for AI in this field. They discussed IoT security challenges within digital forensics and the investigation processes for IoT forensics. Patel and Malek [146] discussed existing forensics frameworks, security aspects, and tools for IoT forensics. They also covered some of the open issues in IoT forensics, such as device storage limits, heterogeneous ecosystems, and cloud forensics. Yang et al. [147] introduced biometric-based IoT authentication in two stages: the enrolment stage and authentication stage, including a feature extraction module. They classified IoT forensics into three different layers (device forensics, network forensics, and cloud forensics) and analysed recent advances in IoT forensics. Bandil and Al-Masri [148] found abnormalities in real-time events connected to IoT data streams. They suggested VTA-IH, a fog-based digital forensics platform that uses the complex events processing (CEP) concept.
In 2021, Janarthanan et al. [149] reviewed the solutions and frameworks related to IoT forensics that were presented in recent studies. They analysed various digital forensics frameworks specific to the IoT, based on the forensic process stages, and evaluated their strengths and limitations. Surange and Khatri [150] presented a comparison of IoT frameworks, with a focus on the level of forensics in the IoT at the device, cloud, fog/edge, cloud/fog, and device/network levels. They also classified IoT challenges based on forensic processing, investigation, and IoT architectures. Kim et al. [151] demonstrated a data acquisition framework for wearable devices from Xiaomi (Amazft Stratos 3 and Mi Band4), Huawei, LG, and Fitbit. They analysed the devices using ADB to extract artefacts pertaining to health and device information. Ganesh et al. [152] investigated AI use cases in forensics in different areas, such as blockchain, the IoT, and cloud computing, and examined forensic application cases in these areas using AI. They also conducted a systematic literature review to achieve the study's objective. Some studies have also been conducted across multiple domains. Sharma and Singh [153] discussed the deep packet inspection (DPI)-based forensic analysis of network traffic, along with the use of grid infrastructure to lower the computational costs of processing packet captures in real time. Mishra et al. [154] demonstrated the use of various open-source network analysis tools and presented various packet capture and aggregating information from different sources in different environments, such as honeypots and honeynets, virtual honeypots, and parallel and serial architectures.

Future Expectations and Research Directions
Based on our literature review, the IoT was identified as the most critical technological component of smart cities. Consequently, numerous researchers have been conducting research on IoT cybersecurity. Previous studies have focused on DoS attacks, authentication, and the control of access to IoT devices. Furthermore, various frameworks for defending IoT devices against attacks have been proposed and research on intrusion detection and prevention systems is also ongoing. With the recent technological advancements, research on the use of ML/DL for IoT devices is also progressing.
Smart homes consist of smart hubs and other devices that are connected either via Zigbee, Z-Wave, or IoT communication protocols. As previous studies have suggested, digital forensics in smart homes is vital to reconstruct past events during forensic investigations. Relevant artefacts collected from smart home devices can help to identify the location of devices connected to the smart homes. Traces from these devices can be found in different data types, such as XML, protobuf, JSON, DB, and archive logs, which can coexist on devices or smartphone applications. Forensic investigators must familiarize themselves with device-level knowledge, communication protocols, and data types before attempting to investigate such events.
The emergence of autonomous and semi-autonomous vehicles in smart cities is gaining popularity due to their relation to the highly connected infrastructure that is a perfect enabler of such vehicles. The control systems at the hearts of these vehicles collect data from sensors for collision warning systems (CWSs) and collision avoidance systems (CASs) to prevent accidents, often involving communication with smart city ITS. However, the susceptibility of AVs to cyberattacks cannot be ignored due to their connectivity with other IoT devices. Previous studies have suggested a few preventive measures to defend against such cyberattacks, as well as the use of Ethereum blockchain as a platform for AV digital forensics. Recent research on this new technology has not only helped to identify potential threats but has also guided investigators when examining AV incidents, such as crash investigations and security and privacy breaches.
The potential of the IoT to meet the needs of smart cities is immense; however, the heterogeneity of IoT devices, embedded software, and hardware, coupled with their limited local data processing capabilities, presents new challenges for forensic investigators. According to some studies, digital forensics for the IoT should be tailored to specific applications within smart cities, while traditional digital forensics should be employed for smart homes. These studies have also suggested identifying potential data of interest in the IoT applications within smart cities. The integration of edge and fog computing in IoT ecosystems is on the rise due to its interoperability and increased efficiency. Meanwhile, although theoretical and conceptual IoT forensics frameworks for the device, cloud, fog, and edge levels exist, practical solutions are still lacking.
In addition to the research areas mentioned, there are other emerging research areas in the smart city field that are attracting attention. For instance, the integration of blockchain technology into smart cities is a growing area of interest due to its potential for secure and transparent transactions. Blockchain technology can be used to secure IoT devices and protect the privacy of citizens living in smart cities. Furthermore, the use of drones for various purposes, such as monitoring and delivering goods, is another emerging research area.

Summary and Conclusions
A thorough review of research on cybersecurity and cyber forensics in smart cities, which included papers that were published from 2015 to 2022, was conducted. Smart transportation, smart communities, smart living, and smart environments were identified as the major components of smart cities. Additionally, the service and application layer, technical layer, network communication layer, and device layer were recognized as the different layers of smart cities.
Through our review of cybersecurity and cyber forensics studies, we discovered that research related to smart homes and smart mobility was the most active. Moreover, many studies have been conducted on IoT devices from a technical point of view. Compared to cybersecurity, research on cyber forensics in smart cities is relatively scarce, despite the fact that smart cities promote urban regeneration by creating more inclusive, safe, and sustainable cities. Research on IoT devices is still being carried out but not many studies have been conducted specifically on smart cities, highlighting the lack of research on cyber forensics.
Since 2020, numerous studies based on ML and DL have been conducted on the IoT, which is an important technological element of smart cities. Because large-scale data are transmitted through IoT devices in smart cities, ML and DL remain essential factors in smart city research. Moreover, because cybercrime that affects everyday life in smart cities has become more complicated, research on cyber forensics in related devices is of great importance.
Another important aspect to consider is the ethical implications of cybersecurity and cyber forensics in smart cities. Smart cities collect vast amounts of data from citizens, raising concerns about privacy and security. Researchers need to address the ethical concerns related to data collection, storage, and analysis in smart cities.
Overall, the fields of cybersecurity and cyber forensics in smart cities are rapidly evolving and present numerous research opportunities. This review article aimed to assist scholars who are interested in cybersecurity and cyber forensics for smart cities in gaining a better understanding of their current status and possible future directions. In this