Instant Messaging is a popular smartphone's application. One example of Instant Messaging application is WhatsApp. WhatsApp is widely used judging from its users that reach more than 1 Billion users in January 2017. WhatsApp's security recently has been updated with latest encryption type and technology by implementing end-to-end encryption. The number of users or possible crime target and security features in WhatsApp can lead to crime by people that have criminal intentions. Investigators need to use mobile forensic methodologies and tools for investigating smartphone and finding out the crime evidence. However, investigators are often facing challenges during the investigation because of incompatibility between forensic tools and mobile technology. This research will experiment using available forensic tools with NIST forensic method for extracting latest WhatsApp's artifacts. Forensics tools capabilities will be evaluated and compared to find its strengths and weaknesses.
Kejahatan komputer memiliki bukti digital dari tindak kejahatan dan perlu dilakukan analisa. Perkembangan teknologi komputer yang demikian pesat telah membawa perubahan pada bidang perangkat keras. Pada perangkat keras saat ini terdapat Solid State Drive (SSD) sebagai media penyimpanan utama komputer, karena teknologi SSD memiliki kecepatan akses data yang cepat. Penggunaan software pembeku drive pada komputer sering dilakukan oleh teknisi komputer, karena dapat menghemat biaya perawatan. Software tersebut digunakan untuk melindungi komputer dari perubahan yang tidak dikehendaki, sistem komputer yang tanam software tersebut menjadikan perubahan yang terjadi pada sistem komputer tidak disimpan pada media penyimpanan setelah komputer dimatikan. Ketika hal ini terjadi apa yang harus dilakukan oleh penyidik forensik digital. Penelitian ini membahas perbandingan terkait tool Forensik yang digunakan untuk proses eksaminasi dan analisa. Pengambilan salinan bukti digital dilakukan dengan metode forensik statik, sedangkan tahapan penelitian dan analisa mengadaptasi dan mengimplementasikan metode forensik dari National Institute of Justice (NIJ) untuk mendapatkan bukti digital. Software pembeku drive seperti Shadow Defender terbukti berpengaruh terhadap praktik eksaminasi forensik digital terhadap didapatkannya bukti-bukti digital, dengan kondisi tersebut prosentase keberhasilannya merestorasi file hanya 28,7% sehingga dapat menjadi hambatan dalam proses forensik digital.
Facebook Messenger menjadi media sosial yang populer kedua setelah Whatsapp di tahun 2017. Meningkatnya jumlah pengguna Facebook Messenger tentu membawa dampak positif dan negatif, salah satu efek negatifnya adalah beberapa orang yang menggunakan Facebook Messenger melakukan kejahatan digital. Jika sebuah smartphone android menjadi bukti dalam kasus pidana dan Facebook Messenger terinstall di smartphone tersebut, maka pada aplikasi ini bukti digital dapat diidentifikasi dan dapat diharapkan menjadi pilihan untuk membantu penegakan hukum dalam mengungkap kejahatan digital. Proses identifikasi berdasarkan proses forensic mobile yang berdasarkan metode NIST (National Institute of Standards Technology). NIST memiliki panduan kerja baik itu kebijakan dan standar untuk menjamin setiap examiner mengikuti alur kerja yang sama sehingga pekerjaan mereka terdokumentasikan dan hasilnya dapat di ulang (repeatable) dan dapat dipertahankan (defendable). Penelitian ini menjelaskan gambaran umum bagaimana teknik-teknik yang dapat digunakan untuk mengembalikan bukti digital berupa text,gambar, dan audio pada Facebook Mesenger yang ada di Smartphone Android.
Telecommunication in Indonesia has increased rapidly since the internet -based instant AbstrakPerkembangan telekomunikasi meningkat sangat pesat semenjak layanan pesan instan berbasis internet merambat cepat ke Indonesia. WhatsApp adalah aplikasi pesan instan paling populer dibanding layanan pesan instan lain, menurut situs website statista pengguna per Januari 2017 sebanyak 1,2 miliar orang secara aktif menggunakan aplikasi ini. Seiring pembaruan WhatsApp berbagai fitur disematkan dalam aplikasi ini diantaranya Whatsapp Berbasis Web untuk Komputer, fitur ini mempermudah pengguna dalam berbagi file tertentu serta dapat tersinkronisasi terhadap smartphone maupun komputer penggunanya. Disamping sisi positif yang didapati aplikasi, WhatsApp juga memberikan celah keamanan akan privasi penggunanya salah satunya yaitu penyadapan percakapan yang melibatkan kedua devices ; smartphone dan komputer. Penanganan tindak kejahatan yang melibatkan piranti digital perlu ditekankan sehingga dapat membantu proses peradilan akan efek yang ditimbulkannya. Investigasi Forensika Digital turut berperan serta terhadap penindakan penyalahgunaan fitur layanan pesan instan WhatsApp diantaranya langkah investigasi penanganan kasus penyadapan percakapan WhatsApp melalui serangkaian tahapan baku sesuai prosedur forensika digital. Eksplorasi barang bukti (digital evidence) percakapan WhatsApp akan menjadi acuan akan tindak kejahatan penyadapan telekomunikasi yang selanjutnya akan dilakukan report investigation forensics yang melibatkan barang bukti smartphone dan komputer korban.Kata kunci : forensik; investigasi; whatsapp messenger web.
Abstract-One of the popularly used features on Android smartphone is WhatsApp. WhatsApp can be misused, such as for criminal purposes. To conduct investigation involving smartphone devices, the investigators need to use forensic tools. Nonetheless, the development of the existing forensic tool technology is not as fast as the development of mobile technology and WhatsApp. The latest version of smartphones and WhatsApp always comes up. Therefore, a research on the performance of the current forensic tools in order to handle a case involving Android smartphones and WhatsApp in particular need to be done. This research evaluated existing forensic tools for performing forensic analysis on WhatsApp using parameters from NIST and WhatsApp artifacts. The outcome shows that Belkasoft Evidence has the highest index number, WhatsApp Key/DB Extractor has superiority in terms of costs, and Oxygen Forensic has superiority in obtaining WhatsApp artifact.
Distributed Denial of Service (DDoS) is a network security problem that continues to grow dynamically and has increased significantly to date. DDoS is a type of attack that is carried out by draining the available resources in the network by flooding the package with a significant intensity so that the system becomes overloaded and stops. This attack resulted in enormous losses for institutions and companies engaged in online services. Prolonged deductions and substantial recovery costs are additional losses for the company due to loss of integrity. The activities of damaging, disrupting, stealing data, and everything that is detrimental to the system owner on a computer network is an illegal act and can be imposed legally in court. Criminals can be punished based on the evidence found with the Forensics network mechanism. DDoS attack classification is based on network traffic activity using the neural network and naïve Bayes methods. Based on the experiments conducted, it was found that the results of accuracy in artificial neural networks were 95.23% and naïve Bayes were 99.9%. The experimental results show that the naïve Bayes method is better than the neural network. The results of the experiment and analysis can be used as evidence in the trial process.
Forensic Tools Performance Analysis on Android-based Blackberry Messenger using NIST Measurements
Blackberry Messenger is one of the popularly used instant messaging applications on Android with user’s amount that increase significantly each year. The increase off Blackberry Messenger users might lead to application misuse, such as for commiting digital crimes. To conduct investigation involving smartphone devices, the investigators need to use forensic tools. Therefore, a research on current forensic tool’s performance in order to handle digital crime cases involving Android smartphones and Blackberry Messenger in particular need to be done. This research focuses on evaluating and comparing three forensic tools to obtain digital evidence from Blackberry Messenger on Android smartphones using parameter from National Institute of Standard Technology and Blackberry Messenger’s acquired digital evidences. The result shows that from comparative analysis conducted, Andriller gives 25% performance value, Oxygen Forensic Suite gives 100% performance value, and Autopsy 4.1.1 gives 0% performance value. Related to National Institute of Standard Technology parameter criterias, Andriller has performance value of 47.61%. Oxygen Forensic Suite has performance value of 61.90%. Autopsy 4.1.1 has performance value of 9.52%.
The growth of Android-based smartphone users to access media in communicating using Instagram social media is very fast. Activities are carried out when using Instagram social media in communicating to share information such as sending chat texts and pictures. A large number of Instagram users make this application vulnerable to abuse of Instagram such as pornography crimes from Instagram users. This case can be forensic to get digital evidence in the form of chat text and pictures from Instagram messenger is a feature of Instagram. The investigation in this study uses the National Institute of Standards and Technology (NIST) method which provides several stages of collecting, examining, analyzing, reporting while forensic tools use forensic oxygen and axiom magnets. The results of the recovery and comparison of data result using Oxygen forensics and Axiom Magnets obtained digital evidence in the form of data in the form of images and chat. The data obtained by Magnet Axiom is 100% while forensic oxygen is 84%. These data are the results of the performance of both forensic applications in obtaining digital evidence that has been deleted from the Instagram messenger.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
Contact Info
hi@scite.ai
334 Leonard St
Brooklyn, NY 11211
Product
Resources
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.
