IJCOPE Journal

UGC Logo DOI / ISO Logo

International Journal of Creative and Open Research in Engineering and Management

A Peer-Reviewed, Open-Access International Journal Supporting Multidisciplinary Research, Digital Publishing Standards, DOI Registration, and Academic Indexing.
Journal Information
ISSN: 3108-1754 (Online)
Crossref DOI: Available
ISO Certification: 9001:2015
Publication Fee: 599/- INR
Compliance: UGC Journal Norms
License: CC BY 4.0
Peer Review: Double Blind
Volume 02, Issue 6

Published on: June 2026

DIGITAL FORENSIC CHALLENGES IN INVESTIGATING AIR-GAPPED INFRASTRUCTURE ATTACKS

Achyutha Sri Sai Koushik

K.V. Ravikumar

School of Forensic Science, Centurion University of Technology and Management, Andhra Pradesh
DOI:https://doi.org/10.55041/ijcope.v2i6.213

Article Status

Plagiarism Passed Peer Reviewed Open Access

Available Documents

Download PDF Review Report

Abstract

The quick digitalisation of the key infrastructure and industry control systems has contributed to a high level of operational efficiency, automation, and connectivity. Nevertheless, it is this technological reliance that has also led to an increase in the cyber threat environment, especially when it comes to systems that handle critical services like power, industrial production, defence, and water cleanup. These environments are the most sensitive of them all; one being the air-gapped systems, which are based on physical isolation in protecting critical missions. Although they believe that their infrastructure is safe, real-life experience has shown that even air-gapped infrastructure can fall prey to advanced cyberattacks. The given paper is a detailed analysis of hacking methodology and the specifics of infrastructure hacking in air-gapped systems. It categorically examines the nature of hacking in terms of intent and legality, such as ethical hacking, malicious hacking, hacktivism, cyber espionage, insider threats and supply chain attacks. The paper also discusses the special attack vectors used against air-gapped systems, including infected removable media, breached maintenance systems, insider activities, and supply chain weaknesses. One of the key contributions of this paper is the fact that it provides an in-depth examination of how the forensic investigation process is conducted in air-gapped infrastructure attacks. It identifies the problems of the limited logging, the constraints of the operation, and the safety-critical environment, and the significance of the multidisciplinary approach to forensics. Digital forensics, malware and memory analysis, industrial control system forensics, firmware and hardware analysis and correlation of cyber-physical systems are comprehensively discussed. The paper shows limitations of physical isolation and the importance of forensic intelligence in protecting infrastructure by discussing real-world cases like Stuxnet, German steel mills attack and the intrusion of the Ukrainian power grid. The results support the need to prepare forensically, adopt an integrated approach to security, and maintain a continuous risk evaluation to protect air-gapped critical infrastructure against the changing cyber threats.

 KEY WORDS:

Air-Gapped Systems, Infrastructure Hacking, Cyber Forensics, Industrial Control Systems (ICS), Critical Infrastructure Security.

How to Cite this Paper

Koushik, A. S. S. (2026). Digital Forensic Challenges in Investigating Air-Gapped Infrastructure Attacks. International Journal of Creative and Open Research in Engineering and Management, <i>02</i>(6). https://doi.org/10.55041/ijcope.v2i6.213

Koushik, Achyutha. "Digital Forensic Challenges in Investigating Air-Gapped Infrastructure Attacks." International Journal of Creative and Open Research in Engineering and Management, vol. 02, no. 6, 2026, pp. . doi:https://doi.org/10.55041/ijcope.v2i6.213.

Koushik, Achyutha. "Digital Forensic Challenges in Investigating Air-Gapped Infrastructure Attacks." International Journal of Creative and Open Research in Engineering and Management 02, no. 6 (2026). https://doi.org/https://doi.org/10.55041/ijcope.v2i6.213.

Search & Index

Google Scholar Crossref DOI ResearchGate

References


  1. Alsmadi, I., Dwekat, Z., Cantu, R., & Al-Ahmad, B. (2022). Vulnerability assessment of industrial systems using Shodan. Cluster Computing, 25(3), 1563–1573. https://doi.org/10.1007/s10586-021-03330-3

  2. Bozkir, A. S., Tahillioglu, E., Aydos, M., & Kara, I. (2021). Catch them alive: A malware detection approach through memory forensics, manifold learning and computer vision. Computers & Security, 103, 102166. https://doi.org/10.1016/j.cose.2020.102166

  3. Busetti, S., & Scanni, F. M. (2025). Evaluating incident reporting in cybersecurity. From threat detection to policy learning. Government Information Quarterly, 42(1), 102000. https://doi.org/10.1016/j.giq.2024.102000

  4. Casey, E., Daywalt, C., & Johnston, A. (2010). Intrusion investigation. Handbook of Digital Forensics and Investigation, 135–206. https://doi.org/10.1016/B978-0-12-374267-4.00004-5

  5. Chng, S., Lu, H. Y., Kumar, A., & Yau, D. (2022). Hacker types, motivations and strategies: A comprehensive framework. Computers in Human Behaviour Reports, 5, 100167. https://doi.org/10.1016/j.chbr.2022.100167

  6. Day, C. (2009). Intrusion prevention and detection systems. Computer and Information Security Handbook, 293–306. https://doi.org/10.1016/B978-0-12-374354-1.00018-2

  7. Farwell, J. P., & Rohozinski, R. (2011). Stuxnet and the future of cyber war. Survival, 53(1), 23–40. https://doi.org/10.1080/00396338.2011.555586

  8. Goel, S., & Nussbaum, B. (2021). Attribution across Cyber Attack Types: Network Intrusions and Information Operations. IEEE Open Journal of the Communications Society, 2, 1082–1093. https://doi.org/10.1109/OJCOMS.2021.3074591

  9. Gokkaya, B., Aniello, L., & Halak, B. (2026). Software supply chain: A taxonomy of attacks, mitigations and risk assessment strategies. Journal of Information Security and Applications, 97, 104324. https://doi.org/10.1016/j.jisa.2025.104324

  10. Hunorfi, P., & Farkas, T. (2025). Cybersecurity of Operational Technology in Critical Infrastructures. Belügyi Szemle, 73(1.ksz), 183–197. https://doi.org/10.38146/bsz-ajia.2025.v73.i1si.pp183-197

Ethical Compliance & Review Process

  • All submissions are screened under plagiarism detection.
  • Review follows editorial policy.
  • Authors retain copyright.
  • Peer Review Type: Double-Blind Peer Review
  • Published on: Jun 17 2026
CCBYNC

This article is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License. You are free to share and adapt this work for non-commercial purposes with proper attribution.

View License
Back to Volume 02, Issue 6View All Issues Next Article

← Previous Article

Development of Low-Cost Activated Carbon Based Filtration Media for Water Quality Improvement in Raipur Region, Chhattisgarh

Next Article →

Ecomnex: A Scalable and Secure Multi-Vendor E-Commerce Platform Using Mern Architecture
Scroll to Top