Identifikasi Bukti Forensik Jaringan Virtual Router Menggunakan Metode NIST

2021 ◽  
Vol 5 (1) ◽  
pp. 91-98
Author(s):  
Firmansyah Yasin ◽  
Abdul Fadlil ◽  
Rusydi Umar
Keyword(s):  
Network Topology ◽  
Network Traffic ◽  
Virtual Machines ◽  
Cyber Attacks ◽  
Analytical Tool ◽  
Digital Evidence ◽  
Digital Forensic ◽  
Virtualization Technology ◽  
Digital Forensic Investigations ◽  
Forensic Testing

The evolution information technology has led to the growth of virtualization technology. Router OS is the operating system of the Mikrotik Router, which supports virtualization. Router Os virtualization technique which is easy to run is a metarouter. Metarouter provides benefits such as, building virtual servers, virtual machines, network topology and savings cost. As an object of research, Metarouter introduces challenges to digital forensic investigations, both practitioners and academics. Investigators need to use methodology and tools in order to prove the perpetrators of crimes. This study uses the Windump forensic tool as a means of recording network traffic activity. Network Miner and Wireshark as an analytical tool for identifying digital evidence. The use of the National Institute of Standard and Technology (NIST) method which collection, examination, analysis and reporting, can be repeated and maintained with the same data. Based on experiments with virtual router network traffic testing, the system built has succeeded in obtaining digital evidence, either by direct or indirectly. The system scenario that has been planned succeeded recording 220494 packages, but by the Windump, it is automatically divided into 9 (nine) parts of the package which are Buktidigital0 to Buktidigital8. The inspection stage produces evidence that has been verified by Wireshark and Network Miner. The analysis stage proves that there were attacks carried out by addresses 192.168.10.10 and 192.168.234.10. Based on the results of forensic testing, the use of the NIST method on a forensic system that has been built with a virtual router object can be used by investigators to identify evidence of cyber-attacks.  

scholarly journals Analisis Forensik Metadata Kamera CCTV Sebagai Alat Bukti Digital

2020 ◽  
Vol 11 (2) ◽  
pp. 257-267
Author(s):  
Desti Mualfah ◽  
Rizdqi Akbar Ramadhan
Keyword(s):  
Reference Data ◽  
Computer Forensics ◽  
Closed Circuit ◽  
Digital Evidence ◽  
Management Information ◽  
Digital Forensic ◽  
Video Recordings ◽  
Chain Of Custody ◽  
Digital Forensic Investigations ◽  
Cctv Camera

Kejahatan konvensial yang terekam kamera CCTV (Closed Circuit Televison) semakin banyak ditemukan di masyarakat, setiap pelaku kejahatan yang terbukti melakukan tindak pidana tertentu akan dihukum sesuai dengan peraturan perundang-undangan. Kamera CCTV memiliki peran penting dalam keamanan, banyak diantaranya hasil tangkapan rekaman kamera CCTV dijadikan sebagai alat bukti digital. Tantangannya adalah bagaimana teknik yang diperlukan untuk penanganan khusus investigasi digital forensik dalam mencari bukti ditgital rekaman kamera CCTV menggunakan metode live forensik, yaitu ketika barang bukti dalam keadan aktif berdasarkan pedoman SNI 27037:2014 sesuai acuan kerangka kerja Common Phases of Computer Forensics Investigation Models untuk di implementasikan ke dalam dokumen Chain of Custody. Hasil penelitian ini berupa hasil analisis video rekaman kamera CCTV tentang karakteristik bukti digital dan informasi metadata yang digunakan untuk memberikan penjelasan komprehensif secara terstruktur serta acuan pengelolaan informasi data yang didapat dari hasil investigasi digital forensik yang dapat dipertanggungjawabkan dalam persidangan.   Kata kunci: Bukti Digital, Live Forensik, Metadata, Kamera CCTV, Chain of Custody.   Abstract Conventional crimes that are recorded on CCTV (Closed Circuit Television) cameras are increasingly being found in society, every crime that commits certain crimes will be in accordance with statutory regulations. CCTV cameras have an important role in security, many of which are recorded by CCTV cameras used as digital evidence. The challenge is how the techniques required for special handling, digital forensics in searching for digital evidence of CCTV camera footage using the live forensic method, namely when the evidence is in an active state based on the latest SNI 27037: 2014 according to the framework reference Common Phases of Computer Forensics Investigation Models for in implement it into the Chain of Custody document. These results of this research are in the form of analysis of CCTV camera video recordings about the characteristics of digital evidence and metadata information used to provide a structured comprehensive explanation and reference data management information obtained from the results of digital forensic investigations that can be accounted for in court.  Keywords: Digital Evidence, Live Forensic, Metadata, CCTV Camera, Chain of Custady.

Forensic Data Extraction and Analysis of Left Artifacts on emulated Android Phones: A Case Study of Instant Messaging Applications

2017 ◽  
Vol 2 (11) ◽  
pp. 8-16
Author(s):  
Moses Ashawa ◽  
Innocent Ogwuche
Keyword(s):  
Mobile Phones ◽  
Instant Messaging ◽  
Data Extraction ◽  
Digital Evidence ◽  
Cyber Attack ◽  
Forensic Evidence ◽  
Digital Forensic ◽  
Proportional Increase ◽  
Forensic Tools

The fast-growing nature of instant messaging applications usage on Android mobile devices brought about a proportional increase on the number of cyber-attack vectors that could be perpetrated on them. Android mobile phones store significant amount of information in the various memory partitions when Instant Messaging (IM) applications (WhatsApp, Skype, and Facebook) are executed on them. As a result of the enormous crimes committed using instant messaging applications, and the amount of electronic based traces of evidence that can be retrieved from the suspect’s device where an investigation could convict or refute a person in the court of law and as such, mobile phones have become a vulnerable ground for digital evidence mining. This paper aims at using forensic tools to extract and analyse left artefacts digital evidence from IM applications on Android phones using android studio as the virtual machine. Digital forensic investigation methodology by Bill Nelson was applied during this research. Some of the key results obtained showed how digital forensic evidence such as call logs, contacts numbers, sent/retrieved messages, and images can be mined from simulated android phones when running these applications. These artefacts can be used in the court of law as evidence during cybercrime investigation.

scholarly journals Utilising Flow Aggregation to Classify Benign Imitating Attacks

Sensors ◽  
2021 ◽  
Vol 21 (5) ◽  
pp. 1761
Author(s):  
Hanan Hindy ◽  
Robert Atkinson ◽  
Christos Tachtatzis ◽  
Ethan Bayne ◽  
Miroslav Bures ◽  
...  
Keyword(s):  
Machine Learning ◽  
Feature Extraction ◽  
Network Traffic ◽  
Cyber Attacks ◽  
Detection Accuracy ◽  
Computational Power ◽  
Human Understanding ◽  
Flow Aggregation ◽  
Additional Level ◽  
Attack Surfaces

Cyber-attacks continue to grow, both in terms of volume and sophistication. This is aided by an increase in available computational power, expanding attack surfaces, and advancements in the human understanding of how to make attacks undetectable. Unsurprisingly, machine learning is utilised to defend against these attacks. In many applications, the choice of features is more important than the choice of model. A range of studies have, with varying degrees of success, attempted to discriminate between benign traffic and well-known cyber-attacks. The features used in these studies are broadly similar and have demonstrated their effectiveness in situations where cyber-attacks do not imitate benign behaviour. To overcome this barrier, in this manuscript, we introduce new features based on a higher level of abstraction of network traffic. Specifically, we perform flow aggregation by grouping flows with similarities. This additional level of feature abstraction benefits from cumulative information, thus qualifying the models to classify cyber-attacks that mimic benign traffic. The performance of the new features is evaluated using the benchmark CICIDS2017 dataset, and the results demonstrate their validity and effectiveness. This novel proposal will improve the detection accuracy of cyber-attacks and also build towards a new direction of feature extraction for complex ones.

Wireless Network Topology Control: Adjustable Resiliency and Network Traffic Delivery

2021 ◽  
Author(s):  
Joseph P. Macker ◽  
Caleb Bowers ◽  
Sastry Kompella ◽  
Clement Kam ◽  
Jeffery W. Weston
Keyword(s):  
Wireless Network ◽  
Network Topology ◽  
Network Traffic ◽  
Topology Control

scholarly journals Intrusion Dataset Over Network Traffic of SDN and TCP/IP Network

2021 ◽  
pp. 694-701
Author(s):  
Karan Shingare ◽  
Rohit Nandurkar ◽  
Prashant Shrivastav ◽  
Shailesh Bendale
Keyword(s):  
Intrusion Detection ◽  
Network Topology ◽  
Network Traffic ◽  
Intrusion Detection System ◽  
Detection System ◽  
Host System ◽  
Ip Network ◽  
The World

As the world is moving toward newer technologies and to meet the requirements of the same adapting toward different network topology. SDN is such example of a network which solves many issues or limitations of a traditional TCP/IP network. As majority of workspace is moving towards SDN, many new vulnerabilities are also emerging, and to protect the network and systems on these networks, in this paper we discuss and propose a dataset which would be helpful in training an intrusion detection system over SDN which would also include the intrusion dataset for traditional TCP/IP network too. We generate this data over SDN topology by attacking the host system present in the network, then analyse the generated data using CICFlowmeter which would give us the desired dataset for intrusion detection.

scholarly journals Scalable Fog Computing Orchestration for Reliable Cloud Task Scheduling

2021 ◽  
Vol 11 (22) ◽  
pp. 10996
Author(s):  
Jongbeom Lim
Keyword(s):  
Internet Of Things ◽  
Task Scheduling ◽  
Industrial Revolution ◽  
Virtual Machines ◽  
Fog Computing ◽  
Industrial Internet Of Things ◽  
Industrial Internet ◽  
Virtualization Technology ◽  
Computing Environments ◽  
One Machine

As Internet of Things (IoT) and Industrial Internet of Things (IIoT) devices are becoming increasingly popular in the era of the Fourth Industrial Revolution, the orchestration and management of numerous fog devices encounter a scalability problem. In fog computing environments, to embrace various types of computation, cloud virtualization technology is widely used. With virtualization technology, IoT and IIoT tasks can be run on virtual machines or containers, which are able to migrate from one machine to another. However, efficient and scalable orchestration of migrations for mobile users and devices in fog computing environments is not an easy task. Naïve or unmanaged migrations may impinge on the reliability of cloud tasks. In this paper, we propose a scalable fog computing orchestration mechanism for reliable cloud task scheduling. The proposed scalable orchestration mechanism considers live migrations of virtual machines and containers for the edge servers to reduce both cloud task failures and suspended time when a device is disconnected due to mobility. The performance evaluation shows that our proposed fog computing orchestration is scalable while preserving the reliability of cloud tasks.

Sign in / Sign up

Export Citation Format

Share Document