Search

Your search keyword '"Imam Riadi"' showing total 84 results
Start Over Author "Imam Riadi" Topic business.industry
84 results on '"Imam Riadi"'

3. Optimasi Keamanan Web Server terhadap Serangan Broken Authentication Menggunakan Teknologi Blockchain

Author

Aulyah Zakilah Ifani, Herman, and Imam Riadi

Subjects
Password, Authentication, Computer science, business.industry, Burp Suite, Hash function, Information technology, T58.5-58.64, Computer security, computer.software_genre, Login, Security testing, Login System, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Burp suite, Blockchain, Broken Authentication, SAFER, The Internet, business, computer
Abstract

The aspect of the internet that needs to be considered a security is the login system. The login system usually uses a username and password as an authentication method because it is easy to implement. However, data in the form of usernames and passwords are very vulnerable to theft, so it is necessary to increase the security of the login system. The purpose of this research is to investigate the security of the system. Whether the system is good at protecting user data or not, minimizing execution errors from the system and minimizing risk errors on the system so that the login system can be used safely. This research is conducted to test the system security with Burp Suite on the login system that has been built. Testing the security of this system by experimenting with POST data which is secured using blockchain technology makes the data sent in the form of hash blocks safer and more confidential so that the system is safer than before. Blockchain technology has successfully secured usernames and passwords from broken authentication attacks. By using the Burp Suite testing system, login is more specific in conducting security testing.

Published
2021

4. Distributed Denial of Service (DDoS) Analysis on Virtual Network and Real Network Traffic

Author

Sri Suharti, Imam Riadi, and Anton Yudhana

Subjects
Computer science, business.industry, Transmission Control Protocol, Reliability (computer networking), Server, Ping of death, Header, The Internet, Denial-of-service attack, business, Virtual network, Computer network
Abstract

Data communication, computers and computer networks increase the needs and facilitation offered by a variety of server services that are owned by individuals and companies. Servers are the core of continuous communication on the internet and the main factor in the life, development and death of individual businesses or companies that rely on the internet. The other side is also developing rapidly targeting server attacks from starting to weaken performance to crippled, the most popular in the hacker world, namely attacks by bombarding servers with many requests from one computer or more, with one machine to thousands of machines. This study implements several DDoS attack techniques targeted at virtual servers and real servers to determine the type of protocol used and its accuracy and reliability. The research method uses the concept of Robert Maribe Branch (2009) or ADDIE which consists of Analysis, Design, Development, Implementation and Evaluation with the results of successful attacks on the HTTP header on the virtual network and on the real network 85.68%, while the TCP has an accuracy value. 87.75% and the real network produces 90.02%. In addition, the attack using the ping of death on the virtual server was successfully carried out and the real server had an accuracy value of 41.45% so that the attack on the TCP protocol was declared very effective in crippling the target PC or server. Â

Published
2021

5. Mitigating Sodinokibi Ransomware Attack on Cloud Network Using Software-Defined Networking (SDN)

Author

Imam Riadi, Rusydi Umar, and Ridho Surya Kusuma

Subjects
Computer science, business.industry, Ransomware, Cloud computing, Safety, Risk, Reliability and Quality, business, Computer security, computer.software_genre, Software-defined networking, computer, General Environmental Science
Abstract

Sodinokibi Ransomware virus becomes a severe threat by targeting data encryption on a server, and this virus infection continues to spread to encrypt data on other computers. This study aims to mitigate by experiment with building a prevention system through computer network management. The mitigation process is carried out through static, dynamic, and Software-Defined Networking (SDN) analysis to prevent the impact of attacks through programmatic network management. SDN consists of two main components in its implementation, the Ryu controller and Open Virtual Switch (OVS). Result testing mitigation system on infected networks by crippling TCP internet protocol access can reduce virus spread by 17.13% and suppress Sodinokibi traffic logs by up to 73.97%. Based on the percentage data, SDN-based mitigation in this study is per the objectives to make it possible to mitigate Ransomware attacks on computer network traffic.

Published
2021

6. Analysis of Conti Ransomware Attack on Computer Network with Live Forensic Method

Author

Ridho Surya Kusuma, Rusydi Umar, and Imam Riadi

Subjects
Network forensics, Computer science, business.industry, Process (computing), computer.software_genre, Research process, Encryption, Server, Command and control, Ransomware, Malware, business, computer, Computer network
Abstract

Ransomware viruses have become a dangerous threat increasing rapidly in recent years. One of the variants is Conti ransomware that can spread infection and encrypt data simultaneously. Attacks become a severe threat and damage the system, namely by encrypting data on the victim's computer, spreading it to other computers on the same computer network, and demanding a ransom. The working principle of this Ransomware acts by utilizing Registry Query, which covers all forms of behavior in accessing, deleting, creating, manipulating data, and communicating with C2 (Command and Control) servers. This study analyzes the Conti virus attack through a network forensic process based on network behavior logs. The research process consists of three stages, the first stage is simulating attacks on the host computer, the second stage is carrying network forensics by using live forensics methods, and the third stage is analysing malware by using statistical and dynamic analysis. The results of this study provide forensic data and virus behavior when running on RAM and computer networks so that the data obtained makes it possible to identify ransomware traffic on the network and deal with zero-day, especially ransomware threats. It is possible to do so because the analysis is an initial step in generating virus signatures based on network indicators.

Published
2021

7. Deteksi Bukti Digital Game Online pada Platform Skyegrid Menggunakan Framework FRED

Author

Yudi Prayudi, Imam Riadi, and Ramansyah Ramansyah

Subjects
Password, Network forensics, World Wide Web, Digital evidence, Computer science, business.industry, Cloud gaming, Ease of Access, Cloud computing, Computer forensics, business, Login
Abstract

Layanan cloud gaming memberikan akses game online berspesifikasi tinggi, namun dapat diakses dengan device minimalis. Kemudahan akses tersebut mengundang celah kejahatan baru dan memunculkan tantangan tersendiri untuk menemukan petunjuk dan bukti digital dalam mengungkap kasus kejahatan yang terjadi. Pendekatan ilmu cloud forensik tetap menjadi kendala dan tantangan bagi investigator dikarenakan setiap penyedia cloud khususnya cloud gaming services memiliki arsitektur yang berbeda sehingga diperlukan penelitian lebih lanjut dalam melakukan forensik cloud gaming service. Berbagai kerangka kerja telah diusulkan oleh para peneliti terdahulu salah satunya adalah kerangka kerja Framework for Reliable Experimental Design (FRED). Fokus penelitian ini adalah melakukan identifikasi bukti digital dari tindak kejahatan yang terjadi pada platform Skyegrid cloud gaming services dengan menerapkan langkah kerja FRED.Hasil temuan penting dari penelitian ini berupa username, password login di Skyegrid, dan file log.txt yang mendeskripsikan adanya riwayat akses Skyegrid dan game online.

Published
2021

9. Integration of Zachman Framework and TOGAF ADM on Academic Information Systems Modeling

Author

Azhar Basir, Imam Riadi, and Abdul Fadlil

Subjects
0106 biological sciences, architecture, lcsh:T58.5-58.64, Computer science, business.industry, adm, lcsh:Information technology, 010604 marine biology & hydrobiology, enterprise, togaf, 010603 evolutionary biology, 01 natural sciences, lcsh:QA75.5-76.95, The Open Group Architecture Framework, zachman framework, Information system, Zachman Framework, lcsh:Electronic computers. Computer science, Software engineering, business
Abstract

Zachman Framework (ZF) and The Open Group Architecture Framework (TOGAF) are Architecture Frameworks often used in Architecture Enterprise's implementation. Each side of the two architecture Frameworks has advantages and disadvantages. Sekolah Tinggi Manajemen Informatika dan Komputer Muhammadiyah Paguyangan Brebes (STMIK MPB) is a new university established on April 28, 2017; STMIK MPB as a new university has no plans in building an information system. The research will select the parts that exist in the ZF and TOGAF methodologies. The two methods will be combined and compiled to be applied to the Academic Information System modeling or blended methods. These research results are architectural blueprints that can be used as a reference in the development of academic information systems.

Published
2021

10. Acquisition of Digital evidence Android-Based Viber Messenger App

Author

Muhammad Irwan Syahib, Rusydi Umar, and Imam Riadi

Subjects
lcsh:T58.5-58.64, Computer science, business.industry, lcsh:Information technology, Instant messenger, Digital forensics, Internet privacy, lcsh:TA168, Workflow, Digital evidence, lcsh:Systems engineering, NIST, viber, nist, digital forensic, mobile forensic, digital evidence, Social media, Viber, NIST, Forensik Digital, Mobile Forensik, Bukti Digital, Android (operating system), business
Abstract

Viber is one of the most popular social media in the Instant Messenger application category that can be used to send text messages, make voice calls, send picture messages and video messages to other users. As many as 260 million people around the world have used this application. Increasing the number of viber users certainly brings positive and negative impacts, one of the negative impacts of this application is the use of digital forensic crime. This research simulates and removes digital crime evidence from the viber application on Android smartphones using the National Institute of Standards Technology (NIST) method, which is a method that has work guidelines on forensic policy and process standards to ensure each investigator follows the workflow the same so that their work is documented and the results can be accounted for. This study uses three forensic tools, MOBILedit Forensic Express, Belkasoft and Autopsy. The results in this study show that MOBILedit Forensic Express gets digital evidence with a percentage of 100% in getting accounts, contacts, pictures and videos. While proof of digital chat is only 50%. Belkasoft gets digital evidence with a percentage of 100% in getting accounts, contacts, pictures and videos. While proof of digital chat is only 50%. For Autopsy does not give the expected results in the extraction process, in other words the Autopsy application gives zero results. It can be concluded that MOBILedit Forensic Express and Belkasoft have a good performance compared to Autopsy and thus this research has been completed and succeeded in accordance with the expected goals., Viber merupakan salah satu media sosial yang popular untuk kategori aplikasi Instant Messenger yang dapat digunakan untuk mengirim pesan teks, melakukan panggilan suara, mengirim pesan gambar dan pesan berupa video kepada sesama penggunanya. Sebanyak 260 juta orang di seluruh dunia telah menggunakan aplikasi ini. Peningkatan jumlah pengguna viber tentu membawa dampak positif dan juga negatif, salah satu dampak negative aplikasi ini adalah penggunaan dalam hal melakukan kejahatan forensik digital. Penelitian ini melakukan simulasi dan pengangkatan barang bukti kejahatan digital dari aplikasi viber pada smartphone Android dengan menggunakan metode National Institute of Standards Technology (NIST) yang merupakan salah satu metode yang memiliki panduan kerja pada kebijakan dan standar proses forensik untuk menjamin setiap investigator mengikuti alur kerja yang sama sehingga pekerjaan mereka terdokumentasikan dan hasilnya dapat dipertanggung jawabkan. Penelitian ini menggunakan tiga alat forensik, MOBILedit Forensic Express, Belkasoft dan Autopsy. Hasil dalam penelitian ini menujukan bahwa MOBILedit Forensic Express mendapatkan hasil bukti digital dengan persentase berupa 100% dalam mendapatkan akun, kontak, gambar dan video. Sedangkan bukti digital chat hanya 50%. Belkasoft mendapatkan hasil bukti digital dengan persentase 100% dalam mendapatkan akun, kontak, gambar dan video. Sedangkan bukti digital chat hanya 50%. Untuk Autopsy tidak memberikan hasil yang diharapkan dalam poses ekstraksi, dengan kata lain aplikasi Autopsy memberikan hasil nol (zero result). Dapat disimpulkan bahwa MOBILedit Forensic Express dan Belkasoft memiliki kinerja yang baik dibandingkan dengan Autopsy dan dengan demikian penelitian ini telah selesai dan berhasil sesuai dengan tujuan yang diharapkan.

Published
2021
Full Text
View/download PDF

12. Steganografi Video Digital dengan Algoritma LSB (Least Significant Bit) dan Rijndael

Author

Sunardi Sunardi, Imam Riadi, and Dwi Aryanto

Subjects
Steganography, Cover (telecommunications), business.industry, Computer science, Advanced Encryption Standard, Frame (networking), ComputingMethodologies_IMAGEPROCESSINGANDCOMPUTERVISION, Byte, Information technology, QA75.5-76.95, T58.5-58.64, Encryption, steganography, Least significant bit, Electronic computers. Computer science, psnr, lsb, Computer vision, Artificial intelligence, Noise (video), business
Abstract

Steganography is the science and art of hiding information so that confidential information cannot be known by others, except the sender and receiver. This research is designed to create a steganography system on video with mp4 format. The message is inserted in one of the video frames, first encrypted with the Rijndael algorithm. The method of inserting messages in the video frame is the Least Significant Bit (LSB) method. Extraction of frames on video using ffmpeg software. Qualitative testing used to identify changes in video frames with human senses. Quantitative testing was carried out by testing six videos with different resolutions, while there were five inserted messages with varying Byte lengths. The frame that has been inserted with a message is measured for noise with the Peak Signal to Noise Ratio (PNSR). The test results show that the LSB method cannot be used for message insertion whose Byte size is greater than the capacity of the cover video. There is a change in image quality if the size of the inserted message bytes is getting bigger.

Published
2020

14. Cyber Security Analysis of Academic Services based on Domain Delivery Services and Support using Indonesian E-Government Ratings (PEGI)

Author

Iwan Tti Riyadi Yanto, Eko Handoyo, and Imam Riadi

Subjects
Service (business), Knowledge management, COBIT, Higher education, business.industry, Process (engineering), media_common.quotation_subject, Information system, Quality (business), Information security, business, media_common, Domain (software engineering)
Abstract

Safe academic services are the most important part of universities. The security of academic services is very important to maintain information optimally and safely. Along with the development of technology, academic information services are often misused by some irresponsible parties that can cause threats. To prevent these things from happening, it is necessary to know the extent of governance of higher education academic information system security by evaluating. So the research was conducted to determine the maturity of the security of Higher Education academic information service security by using the COBIT 5 framework in the DSS05 domain. The DSS05 domain in COBIT 5 is a good framework for use in implementing and evaluating the security of academic information services. Meanwhile, to determine the achievement of the evaluation of the security level of academic information systems, the Indonesian e-government ranking (PEGI) method is required. The combination of the COBIT 5 framework in the DSS05 domain using the PEGI method in academic information security service is able to provide a level of achievement in the form of Customer Value. The results of the COBIT 5 framework analysis of the DSS05 domain using the PEGI method get a score of 3.50 so that the quality of academic information service security evaluation achievement is at a very good level. At this level, universities are increasingly open to technological development. Higher education has applied the concept of quantification in every process, and has always been monitored and controlled for its performance in the security of academic information systems.

Published
2020

15. Comparative analysis of Forensic Tools on Twitter applications using the DFRWS method

Author

Imam Riadi, Anton Yudhana, and Ikhsan Zuhriyanto

Subjects
digital forensics, dfrws, mobile forensics, social media, twitter, Mobile device forensics, lcsh:T58.5-58.64, lcsh:Information technology, business.industry, Computer science, media_common.quotation_subject, Digital forensics, Internet privacy, ComputingMilieux_LEGALASPECTSOFCOMPUTING, lcsh:TA168, Forensic science, Presentation, Identification (information), Software, Digital evidence, lcsh:Systems engineering, Social media, business, media_common
Abstract

Current crime is increasing, one of which is the crime of using social media, although no crime does not leave digital evidence. Twitter application is a social media that is widely used by its users. Acts of crime such as fraud, insults, hate speech, and other crimes lately use many social media applications, especially Twitter. This research was conducted to find forensic evidence on the social media Twitter application that is accessed using a smartphone application using the Digital Forensics Research Workshop (DFRWS) method. These digital forensic stages include identification, preservation, collection, examination, analysis, and presentation in finding digital evidence of crime using the MOBILedit Forensic Express software and Belkasoft Evidence Center. Digital evidence sought on smartphones can be found using case scenarios and 16 variables that have been created so that digital proof in the form of smartphone specifications, Twitter accounts, application versions, conversations in the way of messages and status. This study's results indicate that MOBILedit Forensic Express digital forensic software is better with an accuracy rate of 85.75% while Belkasoft Evidence Center is 43.75%.

Published
2020

16. Komparatif Analisis Keamanan Aplikasi Instant Messaging Berbasis Web

Author

Imam Riadi, Rusydi Umar, and Muhammad Aziz

Subjects
Security analysis, Digital artifact, lcsh:T58.5-58.64, Computer science, business.industry, lcsh:Information technology, Comparability, security, web, lcsh:TA168, World Wide Web, keamanan, instant messaging, lcsh:Systems engineering, acpo, Telephone number, Web application, Social media, Line (text file), business, Vulnerability (computing)
Abstract

Web-based instant messaging applications vulnerability has become one of the main concerns for its users in line with the increasing number of cybercrimes that occur on social media. This research was conducted to determine the comparability of the vulnerability value of the web-based WhatsApp, Telegram, and Skype applications using the Association of Chief Police Officers (ACPO) method. Digital artifacts in the form of text messages, picture messages, video messages, telephone numbers, and user IDs have been acquired in this research process using FTK imager and OSForensic tools. The results of the study using the FTK imager and OSForensic tools show that the web-based Skype application has a vulnerability value of 92%, while WhatsApp and Web-based Telegram have the same vulnerability value with 67% each based on all digital artifacts that successfully acquired. &nbsp, Vulnerability aplikasi instant messaging berbasis web telah menjadi salah satu perhatian utama bagi para penggunanya seiring dengan semakin meningkatnya cybercrime yang terjadi pada media sosial. Penelitian ini dilakukan untuk mengetahui komparatif dari nilai vulnerability aplikasi WhatsApp, Telegram, dan Skype berbasis web menggunakan metode Association of Chief Police Officers (ACPO). Artefak digital berupa pesan teks, pesan gambar, pesan video, nomor telepon, dan user ID telah dapat diakuisisi pada proses penelitian ini dengan menggunakan tool FTK imager dan OSForensic. Hasil dari penelitian menggunakan tool FTK imager dan OSForensic menunjukkan aplikasi Skype berbasis web memiliki nilai vulnerability sebesar 92%, sedangkan WhatsApp dan Telegram berbasis web memiliki nilai vulnerability yang sama dengan perolehan nilai masing-masing sebesar 67% berdasarkan dari keseluruhan artefak digital yang telah berhasil diakuisisi.&nbsp

Published
2020
Full Text
View/download PDF

17. Comparative Analysis of Image Steganography using SLT, DCT and SLT-DCT Algorithm

Author

Yudi Prayudi, Imam Riadi, and Lilik Widyawati

Subjects
business.industry, Computer science, ComputingMethodologies_IMAGEPROCESSINGANDCOMPUTERVISION, Discrete cosine transform, Pattern recognition, Data_CODINGANDINFORMATIONTHEORY, Image steganography, Artificial intelligence, business
Abstract

Steganography is an interesting science to be studied and researched at this time, because steganography is the science of hiding messages on other digital media so that other parties are not aware of the existence of information in the digital media. Steganography is very effective in maintaining information security, because the existence of this information is obscured so that it is difficult to know where it is. This paper discusses hiding text into images using the Slantlet Transform (SLT) method, Descreate Cosine Transform (DCT) and Hybrid of SLT and DCT. The three methods are implemented in the frequency domain where steganographic imagery is transformed from the spatial domain to the frequency domain and the message bit is inserted into the cover image frequency component. The comparison parameters of these three techniques are based on MSE, PSNR, Capacity & Robustness. From the results of the tests that have been done, it is obtained that the highest PSNR value is generated using the SLT-DCT method, the largest storage capacity is the SLT method while the resistance, SLT-DCT method and DCT method are more resistant to attack than the SLT method.

Published
2020

18. Steganalysis Bukti Digital pada Media Storage Menggunakan Metode GCFIM

Author

Imam Riadi, Sunardi Sunardi, and Muh. Hajar Akbar

Subjects
Steganalysis, Steganography, business.industry, Computer science, ComputingMethodologies_IMAGEPROCESSINGANDCOMPUTERVISION, Process (computing), Information technology, Data mining, T58.5-58.64, business, computer.software_genre, computer, Digital media
Abstract

Steganography is an anti-forensic technique that allows a criminal to hide information in other messages, so that during an examination it will be difficult to obtain evidence of the crime information. Therefore we need a technique to detect hidden messages in the data. This technique is known as steganalysis. Steganalysis is an anti-steganography science whose main purpose is to study the hiding characteristics of data on digital media and detect the existence of secret messages that are hidden using steganography techniques. The purpose of this study is to apply steganalysis techniques to detect the presence of messages that are hidden in other messages by using the forensic method, namely Generic Computer Forensic Investigation Model (GCFIM). In this study, the process of inserting steganographic messages using the Hiderman application, while the steganalysis process uses the StegSpy application. The results obtained in this study were the process of steganalysis using the help of the StegSpy application proved to be successful in detecting the presence of hidden messages in the five files that were scanned by steganographic messages.

Published
2020

19. Investigasi Cyberbullying pada WhatsApp Menggunakan Digital Forensics Research Workshop

Author

Panggah Widiandana, Imam Riadi, and Sunardi

Subjects
instan messaging, lcsh:T58.5-58.64, business.industry, Computer science, lcsh:Information technology, Digital forensics, Internet privacy, Cosine similarity, lcsh:TA168, Identification (information), Procurement, Digital evidence, lcsh:Systems engineering, cosine similarity, mobiledit forensic express, Social media, Instant messaging, business, digital forensic, dfrws
Abstract

Cyberbullying in group conversations in one of the instant messaging applications is one of the conflicts that occur due to social media, specifically WhatsApp. This study conducted digital forensics to find evidence of cyberbullying by obtaining work in the Digital Forensic Research Workshop (DFRWS). The evidence was investigated using the MOBILedit Forensic Express tool as an application for evidence submission and the Cosine Similarity method to approve the purchase of cyberbullying cases. This research has been able to conduct procurement to reveal digital evidence on the agreement in the Group's features using text using MOBILedit. Identification using the Cosine method. Similarities have supported actions that lead to cyberbullying with different levels Improved Sqrt-Cosine (ISC) value, the largest 0.05 and the lowest 0.02 based on conversations against requests. &nbsp, Cyberbullying dalam percakapan group pada salah satu aplikasi instant messaging merupakan salah satu konflik yang terjadi akibat dampak negatif penggunaan media sosial khususnya WhatsApp. Penelitian ini melakukan forensik digital untuk menemukan barang bukti cyberbullying dengan kerangka kerja Digital Forensics Research Workshop (DFRWS). Barang bukti dilakukan investigasi menggunakan tools MOBILedit Forensic Express sebagai aplikasi pengangkatan barang bukti dan metode Cosine Similarity untuk mengidentifikasi terjadinya kasus cyberbullying. Penelitian ini telah dapat melakukan akuisisi untuk mengungkap bukti digital pada pelaku di fitur Group berupa teks menggunakan MOBILedit. Identifikasi menggunakan metode Cosine Similarity telah mampu mengidentifikasi tindakan yang mengarah pada cyberbullying dengan tingkat yang berbeda, nilai Improved Sqrt-Cosine (ISC) terbesar 0,05 dan nilai ISC terendah 0,02 berdasar pada percakapan terhadap query. &nbsp

Published
2020
Full Text
View/download PDF

20. Detection of Metasploit Attacks Using RAM Forensic on Proprietary Operating Systems

Author

Danar Cahyo Prakoso, Yudi Prayudi, and Imam Riadi

Subjects
Exploit, business.industry, Computer science, Digital forensics, Process (computing), Information technology, computer.software_genre, Digital evidence, Trojan, Operating system, Confidentiality, Digital forensic process, business, computer
Abstract

Information technology has become an essential thing in the digital era as it is today. With the support of computer networks, information technology is used as a medium for exchanging data and information. Much information is confidential. Therefore, security is also essential. Metasploit is one of the frameworks commonly used by penetration testers to audit or test the security of a computer system legally, but it does not rule out the possibility that Metasploit can also be used for crime. For this reason, it is necessary to carry out a digital forensic process to uncover these crimes. In this study, a simulation of attacks on Windows 10 will be carried out with Metasploit. Then the digital forensics process uses live forensics techniques on computer RAM, where the computer RAM contains information about the processes running on the computer. The live forensic technique is important because information on RAM will be lost if the computer is off. This research will use FTK Imager, Dumpit, and Magnet RAM Capture as the RAM acquisition tool and Volatility as the analysis tool. The results of the research have successfully shown that the live forensics technique in RAM is able to obtain digital evidence in the form of an attacker's IP, evidence of exploits/Trojans, processes running on RAM, operating system profiles used and the location of the exploits/Trojan when executed by the victim.

Published
2020

21. Steganalysis Using Yedrodj-net net's Convolutional Neural Networks (CNN) Method on Steganography Tools

Author

Yudi Prayudi, Imam Riadi, and Nurmi Hidayasari

Subjects
Steganalysis, Steganography tools, Computer science, business.industry, Pattern recognition, General Medicine, Artificial intelligence, business, Net (mathematics), Convolutional neural network
Abstract

Steganalysis method is used to detect the presence or absence of steganography files or can be referred to anti-steganography. Steganalysis can be used for positive purposes, which is to know the weaknesses of a steganography method, so that improvements can be made. One category of steganalysis is blind steganalysis, which is a way to detect secret files without knowing what steganography method is used. Blind steganalysis is difficult to implement, but then machine learning techniques emerged that could be used to create a detection model using experimental data, one of which is Convolutional Neural Networks (CNN). A study proposes that the CNN method can detect steganography files using the latest method with a low error probability value compared to other methods, CNN Yedroudj-net. As one of the steganalysis methods with the latest machine learning steganalysis techniques, an experiment is needed to find out whether Yedroudj-net can be a steganalysis for the output of many tools commonly used for steganography applications. Knowing the performance of CNN Yedroudj-net on several steganography tools is very important, to measure the level of ability in terms of steganalysis of some of these tools. Especially so far, machine learning performance is still doubtful in blind steganalysis. Plus some previous research only focused on certain methods to prove the performance of the proposed technique, including Yedroudj-net. This study will use five tools that are Hide In Picture (HIP), OpenStego, SilentEye, Steg and S-Tools, which are not known exactly what steganography methods are used on the tools. Yedroudj-net method will be implemented in the steganography file from the output of the five tools. Then a comparison with the popular steganalysis tool is used, StegSpy. The results show that Yedroudj-net is quite capable of detecting the presence of steganography files, slightly better than StegSpy.

Published
2020

22. Comparative Analysis of Image Quality Values on Edge Detection Methods

Author

Imam Riadi, Wicaksono Yuli Sulistyo, and Anton Yudhana

Subjects
digital image, edge detection, operator detection, citra digital, deteksi tepi, operator deteksi, lcsh:T58.5-58.64, lcsh:Information technology, business.industry, Image quality, Sobel operator, Image processing, Pattern recognition, Blob detection, Edge detection, lcsh:TA168, Kirsch operator, lcsh:Systems engineering, Prewitt operator, Artificial intelligence, business, Laplace operator, Mathematics
Abstract

Identification of object boundaries in a digital image is developing rapidly in line with advances in computer technology for image processing. Edge detection becomes important because humans in recognizing the object of an image will pay attention to the edges contained in the image. Edge detection of an image is done because the edge of the object in the image contains very important information, the information obtained can be either size or shape. The edge detection method used in this study is Sobel operator, Prewitt operator, Laplace operator, Laplacian of Gaussian (LoG) operator and Kirsch operator which are compared and analyzed in the five methods. The results of the comparison show that the clear margins are the Sobel, Prewitt and Kirsch operators, with PSNR calculations that produce values ​​above 30 dB. Laplace and LoG operators only have an average PSNR value below 30 dB. Other quality comparisons use the histogram value and the contrast value with the highest value results in the Laplace and LoG operators with an average histogram value of 110 and a contrast value of 24. The lowest histogram and contrast value are owned by the Sobel and Prewitt operators. &nbsp, Identifikasi batas tepi objek pada suatu citra digital berkembang pesat sejalan dengan kemajuan teknologi komputer untuk pengolahan citra. Deteksi tepi menjadi penting karena manusia dalam mengenali obyek suatu citra akan memperhatikan tepi yang terdapat dalam citra. Pendeteksian tepi suatu citra dilakukan karena tepi objek pada citra mengandung informasi yang sangat penting, informasi yang diperoleh dapat berupa ukuran maupun bentuk. Metode deteksi tepi yang digunakan pada penelitian ini berupa operator Sobel, operator Prewitt, operator Laplace, operator Laplacian of Gaussian (LoG) dan operator Kirsch yang dibandingkan dan dianalisis pada kelima metode. Hasil perbandingan menunjukkan bahwa garis tepi yang jelas adalah operator Sobel, Prewitt dan Kirsch, dengan perhitungan PSNR yang menghasilkan nilai diatas 30 dB. Operator Laplace dan LoG hanya memiliki nilai PSNR rata-rata dibawah 30 dB. Perbandingan kualitas lainnya menggunakan nilai histogram dan nilai kontras dengan hasil nilai tertinggi pada operator Laplace dan LoG dengan nilai rata-rata nilai histogram sebesar 110 dan nilai kontras sebesar 24. Nilai histogram dan nilai kontras yang terendah dimiliki oleh operator Sobel dan Prewitt.

Published
2020

24. Live Forensics Analysis of Line App on Proprietary Operating System

Author

Sunardi Sunardi, Muhamad Ermansyah Rauli, and Imam Riadi

Subjects
lcsh:Computer engineering. Computer hardware, Computer science, business.industry, media_common.quotation_subject, Digital forensics, line, live forensics, digital evidence, lcsh:TK7885-7895, computer.software_genre, Live forensics, Digital evidence, Operating system, NIST, Conversation, The Internet, Line (text file), business, computer, media_common, Computer technology
Abstract

The development of computer technology is increasing rapidly. This has positive and negative effects. One of the negative effects that occurred was the use of Line applications to conduct online shop fraud. Line is one of the instant messenger applications that can be used on computers, especially on Windows 8.1 operating system computers. Applications that run on the computer leave traces of data on Random Access Memory (RAM). Data left in RAM can be obtained using digital forensic techniques, namely live forensics which is used when the computer is running and connected to the internet. This study aims to find digital evidence regarding cases of online shop fraud using the National Institute of Standards and Technology (NIST) method. Digital evidence can be obtained using forensic tools, namely RamCapturer, FTK Imager and Winhex. RamCapturer is used to acquire data in RAM, FTK Imager is used for imaging and Winhex is used to analyze data that has been taken. The results obtained in this study were conversational recordings consisting of conversation time, conversation content and conversation status which could be digital evidence in uncovering the online shop fraud crime that occurred.

Published
2019

25. ANALISIS PERBANDINGAN DETECTION TRAFFIC ANOMALY DENGAN METODE NAIVE BAYES DAN SUPPORT VECTOR MACHINE (SVM)

Author

Imam Riadi, Fadhilah Dhinur Aini, and Rusydi Umar

Subjects
classification naive bayes, Access network, Computer science, business.industry, Pattern recognition, Rule-based system, support vector machine (svm), QA75.5-76.95, Intrusion detection system, Support vector machine, Naive Bayes classifier, Software, Data access, intrusion detection system (ids), Electronic computers. Computer science, Graph (abstract data type), Artificial intelligence, business, traffic anomaly
Abstract

Intrusion Detection System (IDS) is a software or hardware that can be used to detect any abnormal activity in the network. Situations often arise from various network access in the form of information or data that can cause problems. Detection is a system for detecting activities that are disturbing data access in information. IDS has two methods of doing detection, namely Rule Based (Signature Based) and Behavior-Based. Anomaly traffic can detect an increase in the number of user access and at any time there will be an attack from another party on the network. This study uses 2 algorithm methods are Naïve Bayes and Support Vector Machine (SVM). Naïve Bayes results through the Distributions and Radviz graph data samples have a probability value of 0.1 and the highest probability value is 0.8. Support Vector Machine (SVM) produces a graph that has greater accuracy.

Published
2019

31. Measurement of Copy-Move Forensic Image Similarity Using Distance Function

Author

Abdul Fadlil, Titi Sari, and Imam Riadi

Subjects
0209 industrial biotechnology, Health (social science), General Computer Science, Computer science, business.industry, General Mathematics, General Engineering, Pattern recognition, 02 engineering and technology, Education, Image (mathematics), 020901 industrial engineering & automation, General Energy, Similarity (network science), 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Artificial intelligence, business, Copy move, General Environmental Science
Published
2018

32. DDoS Detection Using Artificial Neural Network Regarding Variation of Training Function

Author

Arif Wirawan Muhammad, Imam Riadi, and Sunardi

Subjects
Health (social science), General Computer Science, Artificial neural network, Computer science, business.industry, General Mathematics, General Engineering, Training (meteorology), Pattern recognition, Denial-of-service attack, Function (mathematics), Variation (game tree), Education, General Energy, Artificial intelligence, business, General Environmental Science
Published
2018

33. Network Forensics Against Ryuk Ransomware Using Trigger, Acquire, Analysis, Report, and Action (TAARA) Method

Author

Ridho Surya Kusuma, Imam Riadi, and Rusydi Umar

Subjects
Network forensics, business.industry, Computer science, MAC address, Hash function, Computer security, computer.software_genre, Encryption, law.invention, File size, law, Internet Protocol, Ransomware, Timestamp, business, computer
Abstract

This study aims to reconstruct an attack event and analyze the source of viral infection based on network traffic logs so that the information obtained can be used for a new reference in the security system. Recent attacks on computer network systems cannot be easily detected, as cybercrime has used a variant of the Ryuk Ransomware virus to penetrate security systems, encrypt drives, and computer network resources. This virus is very destructive and has an effective design with a file size of about 200,487 Bytes so it does not look suspicious. The research steps are done through Trigger, Acquire, Analysis, Report, and Action (TAARA). The forensic tools used to obtain log data are Wireshark, NetworkMiner, and TCPDUMP. Based on the results of forensic data obtained include a timestamp, source of the attack, IP address, MAC address, hash signature sha256, internet protocol, and the process of infection. Based on the data obtained in this study has been by the expected objectives.

Published
2021

34. Implementasi Metode Jaccard pada Analisis Investigasi Cyberbullying WhatsApp Messenger Menggunakan Kerangka Kerja National Institute of Standards and Technology

Author

Panggah Widiandana, Imam Riadi, and Sunardi

Subjects
Jaccard index, jaccard, nist, digital forensics, cyberbullying, lcsh:T58.5-58.64, lcsh:Information technology, business.industry, Computer science, Human life, Digital forensics, Internet privacy, Information technology, lcsh:TA168, Digital evidence, lcsh:Systems engineering, Crime rate, NIST, business
Abstract

The development of information technology is increasingly showing a great influence on human life. Based on the survey, it was stated that every year the users of the WhatsApp application grew very rapidly in 2015, 900 million users and in March 2020, it increased to 2000 million users. The data is straight-line with the increasing crime rate, one of which is cyberbullying which always increases every year. The purpose of research that has been carried out is to add references for investigators in conducting, including cases of cyberbullying. The National Institute of Standards and Technology (NIST) method is used to make it easier for researchers to conduct digital forensics on the evidence that has been obtained. The Jaccard method is used to identify evidence that has been obtained to obtain digital evidence to prove that cyberbullying has occurred. The results of research that have been done prove that the NIST method can simplify the process, in cyberbullying identity starting from the lifting of evidence to the reporting stage of evidence. The similarity jaccard method is able to identify cyberbullying with different levels, with the highest value of jaccard which is 0.21 (21%), and the lowest value obtained from a value of 0 (0%). The NIST method and the cyberbullying method can make it easier for investigators in cyberbullying cases., Perkembangan teknologi informasi semakin menunjukkan pengaruh yang besar bagi kehidupan manusia. Berdasarkan survei menyatakan bahwa setiap tahunnya pengguna aplikasi whatsap bertambah sangat pesat yaitu tahun pada tahun 2015 pengguna 900 juta pengguna dan pada tahun 2020 bulan maret naik menjadi 2000 juta pengguna. Data tersebut bergaris lurus dengan nilai tingkat kriminalitas yang meningkat, salah satunya adalah tindakan cyberbullying yang selalu meningkat dalam setiap tahunnya. Tujuan penelitian yang telah dilakukan untuk menambah referensi untuk investigator dalam melakukan investigasi, khususnya investigasi kasus cyberbullying. Metode National Institute of Standards and Technology (NIST) digunakan untuk mempermudah peneliti untuk melakukan forensik digital pada barang bukti yang telah didapatkan. Metode Jaccard digunakan untuk mengidentifikasi barang bukti yang telah didapatkan untuk mendapatkan bukti digital untuk membuktikan identifikasi cyberbullying yang telah terjadi. Hasil penelitian yang telah dilakukan membuktikan bahwa metode NIST dapat mempermudah proses investigasi dalam mengidentifikasi cyberbullying mulai dari pengangkatan barang bukti sampai dengan tahap pelaporan barang bukti. Metode jaccard similarity mampu untuk mengidentifikasi cyberbullying dengan tingkat yang berbeda-beda, dengan nilai tertinggi jaccard yaitu 0,21 (21%), dan nilai terendah jaccard yang didapat yaitu 0 (0%). Metode NIST dan metode cyberbullying dapat mempermudah investigator dalam investigasi kasus cyberbullying

Published
2020
Full Text
View/download PDF

35. Live forensics method for acquisition on the Solid State Drive (SSD) NVMe TRIM function

Author

Yudi Prayudi, Wisnu Pranoto, and Imam Riadi

Subjects
File system, Hardware_MEMORYSTRUCTURES, business.industry, Computer science, NVM Express, Hash function, Digital forensics, Process (computing), computer.software_genre, Solid-state drive, Trim, Data recovery, Operating system, Data_FILES, business, computer
Abstract

SSD currently has a new storage media technology namely Solid State Drive Non-volatile Memory Express (SSD NVMe). In addition, SSD has a feature called TRIM. The TRIM feature allows the operating system to tell SSDs which blocks are not used. TRIM removes blocks that have been marked for removal by the operating system. However, the TRIM function has a negative effect for the digital forensics specifically related to data recovery. This study aimed to compare the TRIM disable and enable functions to determine the ability of forensics tools and recovery tools to restore digital evidence on the NVMe SSD TRIM function. The operating system used in this study was Windows 10 professional with NTFS file system. Typically, acquisition is conducted by using traditional or static techniques. Therefore, there was a need of a technique to acquire SSD by using the live forensics method without shutting down the running operating system. The live forensics method was applied to acquire SSD NVMe directly to the TRIM disable and enable functions. The tools used for live acquisition and recovery were FTK Imager Portable. The inspection and analysis phases used Sleutkit Autopsy and Belkasoft Evidence Center. This research found that in the recovery process of TRIM disabled and enabled, TRIM disabled could find evidence while maintaining the integrity of evidence. It was indicated by the same hash value of the original file and the recovery file. Conversely, when TRIM is enabled, the files were damaged and could not be recovered. The files were also not identical to the original so the integrity of evidence was not guaranteed.

Published
2020

36. Comparison of SVM, RF and SGD Methods for Determination of Programmer's Performance Classification Model in Social Media Activities

Author

Purwono, Imam Riadi, and Rusydi Umar

Subjects
lcsh:T58.5-58.64, Computer science, business.industry, lcsh:Information technology, Machine learning, computer.software_genre, Cross-validation, support vector machine, random forest, stochastic gradient descent, programmer, Random forest, lcsh:TA168, Support vector machine, Stochastic gradient descent, classification, support vector machine, random forest, stochastic gradient descent, programmer, lcsh:Systems engineering, Classification methods, Social media, Artificial intelligence, business, Programmer, computer
Abstract

The failure of most startups in Indonesia is caused by team performance that is not solid and competent. Programmers are an integral profession in a startup team. The development of social media can be used as a strategic tool for recruiting the best programmer candidates in a company. This strategic tool is in the form of an automatic classification system of social media posting from prospective programmers. The classification results are expected to be able to predict the performance patterns of each candidate with a predicate of good or bad performance. The classification method with the best accuracy needs to be chosen in order to get an effective strategic tool so that a comparison of several methods is needed. This study compares classification methods including the Support Vector Machines (SVM) algorithm, Random Forest (RF) and Stochastic Gradient Descent (SGD). The classification results show the percentage of accuracy with k = 10 cross validation for the SVM algorithm reaches 81.3%, RF at 74.4%, and SGD at 80.1% so that the SVM method is chosen as a model of programmer performance classification on social media activities., Kegagalan kebanyakan startup di Indonesia disebabkan oleh kinerja tim yang tidak solid dan kompeten. Programmer merupakan profesi yang tidak terpisahkan dalam sebuah tim startup. Perkembangan media sosial bisa digunakan sebagai alat strategis untuk merekrut kandidat programmer terbaik dalam suatu perusahaan. Alat strategis ini berupa sistem klasifikasi otomatis postingan media sosial dari kandidat programmer. Hasil klasifikasi diharapkan mampu memprediksi pola kinerja dari setiap kandidat dengan predikat kinerja baik atau buruk. Metode klasifikasi dengan akurasi terbaik perlu dipilih agar mendapatkan alat strategis yang efektif sehingga diperlukan adanya perbandingan dari beberapa metode. Penelitian ini melakukan perbandingan metode klasifikasi antara lain algoritma Support Vector Machines (SVM), Random Forest (RF) dan Stochastic Gradient Descent (SGD). Hasil klasifikasi menunjukan persentase akurasi dengan k=10 cross validation untuk algoritma SVM mencapai angka 81,3%, RF pada angka 74,4 %, dan SGD pada angka 80,1% sehingga metode SVM dipilih sebagai model klasifikasi kinerja programmer pada aktivitas media sosial.

Published
2020

37. Validation Analysis of Scalable Vector Graphics (SVG) File Upload using Magic Number and Document Object Model (DOM)

Author

Abdul Fadlil, Imam Riadi, and Fahmi Anwar

Subjects
General Computer Science, Database, Computer science, computer.internet_protocol, business.industry, Scalable Vector Graphics, computer.file_format, JavaScript, computer.software_genre, Security testing, Upload, Data_FILES, ComputingMethodologies_DOCUMENTANDTEXTPROCESSING, The Internet, Document Object Model, business, computer, XML, computer.programming_language
Abstract

The use of technology is increasing rapidly, such as applications or services connected to the Internet. Security is considered necessary because of the growing and increasing use of digital systems. With the number of threats to attacks on digital form or server systems is required to handle the risk of attacks on the server, the file upload feature. The system usually processes the file upload feature on a website or server with server-side (back-end) validation or filtering of digital object file types or a client-side (front-end) web browser in HTML or Javascript. Filtering techniques for Scalable Vector Graphics (SVG) usually files only see the file extension or Multipurpose Internet Mail Extension (MIME) type of an uploaded file. However, this filtering can still manipulate, for example, in ASCII prefix checking, which has two writes, namely "xml” and “

Published
2020

38. DETEKSI BUKTI DIGITAL ONLINE GAMBLING MENGGUNAKAN LIVE FORENSIK PADA SMARTPHONE BERBASIS ANDROID

Author

Andrian Sah, Imam Riadi, and Yudi Prayudi

Subjects
Password, business.product_category, Digital evidence, Computer science, business.industry, Laptop, Personal computer, Internet privacy, The Internet, Online gambling, business, Social issues, Database transaction
Abstract

Internet as media to do political movement. Since that, the Indonesian people understand internet-based activities until this current progress. Use of internet in Indonesia most frequently utilize units to access internet, namely, handphone, laptop/notebook, Personal Computer (PC), and tablet. Media used to access internet include mobile (47.6%), computer (1.7%) and both (50.7%). Use of internet increases so that criminal action rate is higher; for example, online gambling. In general, online gambling is done using smartphone. However, today smartphone can load more than one type of online gambling. So speedy progress of online gambling must contain criminal action. Criminal action is taken by involving smartphone having online gambling with impact on challenge to prove digital evidences and analyze it. Online gambling is a crime or criminal action being social problems resulting in negative impacts such as morale and mental disorders in society, especially young generation. Questions asked in this study are how to find characteristic of online gambling and digital evidences available to smartphone. This study focuses on characteristic and digital evidences in smartphone based on facts found in thing of evidence. Based on results of study, we found some types of online gambling in smartphone. Characteristic and digital evidences found in smartphone were found by using forensic media, namely, XRY. Forensic media of XRY were used to find thing of digital evidence in smartphone, such as, ID, Password and transaction of online gambling via social applications.

Published
2018

41. Analysis of Forensic Video in Storage Data Using Tampering Method

Author

Imam Riadi and Amirul Putra Justicia

Subjects
Forensic science, 021110 strategic, defence & security studies, Multimedia, Computer science, business.industry, 0211 other engineering and technologies, 0202 electrical engineering, electronic engineering, information engineering, Wireless, 020207 software engineering, 02 engineering and technology, business, computer.software_genre, computer
Published
2018

42. Digital Forensics Workflow as A Mapping Model for People, Evidence, and Process in Digital Investigation

Author

Subekti Ningsih and Imam Riadi Yudi Prayudi

Subjects
Multimedia, Process (engineering), Computer science, business.industry, Digital forensics, 020206 networking & telecommunications, 02 engineering and technology, computer.software_genre, Workflow, 0202 electrical engineering, electronic engineering, information engineering, Wireless, 020201 artificial intelligence & image processing, business, computer
Published
2018

43. Review Article : Investigasi Forensik Email dengan Berbagai Pendekatan dan Tools

Author

Imam Riadi, Rusydi Umar, and Mustafa Mustafa

Subjects
World Wide Web, business.industry, Computer science, Face (sociological concept), ComputingMilieux_LEGALASPECTSOFCOMPUTING, The Internet, Computer forensics, business
Abstract

Computer forensic science is a relatively new science and not even widely known among the public. Unlike the real world, crime in the world of computers and the internet has so many variations, one of which is forgery or spam email, where spam e-mail can be a means of transporting malicious content on a network. The problem that arises at this time is that very little research is conducted in the case of forensic investigations in the face of crime in the cyber world, especially in the spam e-mail. The method used is observation of literature, in this case in the form of original articles that analyze about crimes that use email, including the flow and tools used. The results obtained in this article review are that each investigation and tools approach has advantages and disadvantages of each, so that users can adjust to their needs.

Published
2019

44. Image Forensic for detecting Splicing Image with Distance Function

Author

Abdul Fadlil, Imam Riadi, and Titi Sari

Subjects
021110 strategic, defence & security studies, Computer science, business.industry, RNA splicing, 0211 other engineering and technologies, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Computer vision, Image forensics, 02 engineering and technology, Artificial intelligence, business, Image (mathematics)
Published
2017

45. Wi-Fi Security Level Analysis for Minimizing Cybercrime

Author

Anis Susila Abadi, Yudi Prayudi, and Imam Riadi

Subjects
Cybercrime, business.industry, Computer science, Internet privacy, 0202 electrical engineering, electronic engineering, information engineering, 020206 networking & telecommunications, 020201 artificial intelligence & image processing, 02 engineering and technology, Security level, business, Computer security, computer.software_genre, computer
Published
2017

46. Live Forensics for Anti-Forensics Analysis on Private Portable Web Browser

Author

Yudi Prayudi, Tri Rochmadi, and Imam Riadi

Subjects
World Wide Web, Web browser, Live forensics, Computer science, business.industry, Internet privacy, 0202 electrical engineering, electronic engineering, information engineering, 020206 networking & telecommunications, 020201 artificial intelligence & image processing, 02 engineering and technology, business
Published
2017

48. Forensic Analysis of Docker Swarm Cluster using Grr Rapid Response Framework

Author

Andi Sugandi, Imam Riadi, and Sunardi

Subjects
Web server, General Computer Science, Computer science, business.industry, Swarm behaviour, 020207 software engineering, Denial-of-service attack, 02 engineering and technology, computer.software_genre, Server, Container (abstract data type), 0202 electrical engineering, electronic engineering, information engineering, Operating system, Web application, 020201 artificial intelligence & image processing, The Internet, DevOps, business, computer
Abstract

An attack on Internet network does not only hap-pened in the web applications that are running natively by a web server under operating system, but also web applications that are running inside container. The currently popular container machines such as Docker is not always secure from Internet attacks which result in disabling servers that are attacked using DoS/DDoS. Therefore, to improve server performance running this web application and provides the application log, DevOps engineer builds advance method by transforming the system into a cluster computers. Currently this method can be easily implemented using Docker Swarm. This research has successfully investigated digital evidence on the log file of containerized web application running on cluster system built by Docker Swarm. This investigation was carried out by using the Grr Rapid Response (GRR) framework.

Published
2019

49. Vulnerability Analysis of E-voting Application using Open Web Application Security Project (OWASP) Framework

Author

Pradana Ananda Raharja, Imam Riadi, and Sunardi

Subjects
Authentication, General Computer Science, business.industry, Computer science, media_common.quotation_subject, Cross-site scripting, Serialization, Vulnerability, 02 engineering and technology, Audit, Directory, Web application security, Computer security, computer.software_genre, Directory traversal attack, Vulnerability assessment, 020204 information systems, Voting, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, computer, media_common
Abstract

This paper reports on security concerns in the E-voting used for the election of village heads. Analysis of the system and server uses two different tools to determine the accuracy of scanning vulnerabilities based on the OWASP Framework. We reported that the results of the scanning using the ZAP tool got vulnerability information with the following risk level, one high level, three medium levels, and eleven low levels. The Arachni tool got vulnerability information with the following risk level, one high level, three medium levels, and two low levels. ZAP has a more complex vulnerability view than Arachni. Fatal findings on E-voting in this E-voting system is XSS, which impacts clients, which can be exploited by attackers to bypass security. Directory Traversal allows attackers to access directories and can execute commands outside of the web server’s base directory. Cyber Hiscox Readiness report in 2018 in several European countries such as The United States, Britain, Germany, Spain, and the Netherlands, that the Attackers target through the most vulnerable security holes such as injection, Broken Authentication, Sensitive Data Exposure, XXE, Merged, Security Misconfiguration, XSS, Insecure Deserialization, Using Components with Known Vulnerabilities, Insufficient Logging, and Monitoring. The purpose of cyberattacks alone can threaten the stability of the country and disturb other factors. E-voting, as part of an electronic government system, needs to be audited in terms of security, which can cause the system to disrupt.

Published
2019

50. Experimental Investigation of Frozen Solid State Drive on Digital Evidence with Static Forensic Methods

Author

Imam Mahfudl Nasrulloh, Imam Riadi, and Rusydi Umar

Subjects
Computer science, business.industry, Digital forensics, Computer maintenance, computer.software_genre, lcsh:QA75.5-76.95, Computer virus, Software, Computer data storage, Disk storage, lcsh:Electronic computers. Computer science, Digital forensic process, business, computer, Simulation, Computer technology
Abstract

The rapid development of computer technology in hardware, is currently developing non-volatile computer storage media Solid State Drive (SSD). SSD technology has a faster data access speed than Hard Disk and is currently starting to replace Hard Disk storage media. Freezing software on computer systems is often carried out by computer technicians, because it can save a computer maintenance costs due to errors, be exposed to computer viruses or malware. This software is used to prevent unwanted changes to the computer system, when the computer is restarted changes that occur in the computer system will not be stored on storage media. When this happens, what should be done by digital forensic investigators. This study discusses experimental forensic investigations on SSD media storage with frozen conditions or in this study said the frozen SSD. Frozen SSD is the condition of the drive that is locked so that there is no change in the computer system. Software used to lock and prevent changes such as Deep Freeze, Shadow Defender, Windows Steady State, and Toolwiz Time Freeze. Forensic research stages using methods NIST. The result shows that from comparative analysis conducted with Deep Freeze the results of the RecoverMyFile gives 76.38% and Autopsy gives 75,27%, while frozen condition with Shadow Defender the results of the RecoverMyFile gives 59.72% and Autopsy gives 74.44%. So the results of this study indicate the drive freezing software has an effect obtained can be an obstacle in the digital forensic process.

Published
2018

Catalog

Books, media, physical & digital resources
See catalog results