About
170
Publications
312,884
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
1,077
Citations
Introduction
Yudi Prayudi is an Associate Professor at the Informatics Department of Universitas Islam Indonesia (UII), and he currently leads the Center for Digital Forensics Studies (PUSFID). He completed his Doctoral degree in Computer Science at Universitas Gadjah Mada (UGM) in 2020. His research primarily focuses on digital forensics, cyberlaw, digital evidence, steganography, and computer security.
Current institution
Additional affiliations
September 2015 - June 2020
Center for Digital Forensics Studies (CDFS)
Position
- Managing Director
October 1994 - present
Publications
Publications (170)
![Table 1. Investigation Objective From [20]](profile/Yudi-Prayudi/publication/282287345/figure/tbl1/AS:391496642646020@1470351481532/nvestigation-Objective-From-20_Q320.jpg)
![Fig.1. Digital Forensics Analysis on Different Sources From [12]](profile/Yudi-Prayudi/publication/282287345/figure/fig1/AS:669350851772438@1536597087292/Digital-Forensics-Analysis-on-Different-Sources-From-12_Q320.jpg)
Digital forensics will always include at least human as the one who performs activities, digital evidence as the main object, and process as a reference for the activities followed. The existing framework has not provided a description of the interaction between human, interaction between human and digital evidence, as well as interaction between h...
A lot of Malware used to carry and conceal the crime even included as a crime toolskit. This is forcing digital forensics investigators to perform malware forensics activities, namely to identify and analyze unknown malware before. Knowing the characteristics of malware will be one of the solutions from the prevention of cybercrime activity. One me...
The authenticity and the integrity of digital evidence are critical issues in digital forensics activities. Both aspects are directly related to the application of The Locard Exchange Principle (LEP), which is a basic principle of the existence of evidence in an event. This principle, not only applies before and at the time the event occurs, but al...
Digital forensics starts to show its role and contribution in the society as a solution in disclosure of cybercrime. The essential in digital forensics is chain of custody, which is an attempt to preserve the integrity of digital evidence as well as a procedure for performing documentation chronologically toward evidence. The characteristics of dig...
Chain of custody is the procedure to do a chronological documentation of evidence, and it is an important procedure in the investigation process. Both physical and digital evidence is an important part in the process of investigation and courtroom. However, handling the chain of custody for digital evidence is more difficult than the handling of ph...
Penelitian ini bertujuan untuk membandingkan hasil pemulihan file dari sistem file NTFS, FAT32, dan exFAT menggunakan perangkat lunak Foremost. Fokus utama penelitian ini adalah mengevaluasi tingkat keberhasilan pemulihan file berdasarkan jenis, ukuran, dan integritas file yang dapat dipulihkan dari masing-masing sistem file. Penelitian ini juga be...
ABSTRAK Pada saat mengirim pesan kepada pihak tertentu dan tidak ingin pesan tersebut diketahui oleh pihak lain, maka penting untuk menghindari kebocoran informasi. Namun masalah yang teridentifikasi adalah terdapat kekurangan pengetahuan untuk mendeteksi Steganografi audio yang membutuhkan teknik metode yang dapat membaca dan melihat pesan rahasia...
Closed Circuit Television (CCTV) is frequently utilized as legal evidence in judical proceedings. However, the authenticity of
CCTV footage is often contested, requiring forensic analysis to verify its reliability as digital evidence. This study aimed to assess
the authenticity of video footage using the Localization Tampering method. To simulate m...
Information technology has become an indispensable need for humans today, from working, learning, trading, to communicating using information technology. Digital images are an asset that cannot be separated from human communication when using information technology. Cyber security is an important aspect that must be considered when using informatio...
Digital evidence is content that must be protected against access and use by parties who should not have the authority to do so. Some protection parameters for access to digital evidence must be implemented to ensure its integrity and authenticity. Access to digital evidence is not enough to be facilitated only with authorization and authentication...
Currently there is a social media application that provides additional features in the form of voice changers by utilizing the voice note feature of Whatsapp Mod which can blur the identity of the voice owner. In several articles, Whatsapp Mod claims that this application is an anti-banned application, so it is feared that Whatsapp Mod is an applic...
Serangan file upload pada web server menyebabkan seseorang dapat melakukan Distributed denial-of-service yang bisa melumpuhkan web server dan web shell dapat membuat penyerang mengeksekusi perintah dari jarak jauh. Penelitian ini menggunakan metoide live forensics, dengan mengumpulkan artefak pada perangkat jaringan, yaitu router, menggunakan winbo...
With the rapid growth of technology and the increasing number of smartphone users, social media applications have proliferated. Among them, WhatsApp has emerged as the most widely used application, with over a quarter of the world's population using it since 2009. To meet the increasing customer demands, WhatsApp has introduced a browser version, w...
Cryptocurrency adalah teknologi sistem kriptografi yang bertujuan untuk mengamankan dan mengatur otoritas dengan menggunakan sistem desentralisasi untuk mengelola pengeluaran unit baru, mencatat transaksi, dan memberikan jaminan keamanan yang tidak dapat diduplikasi atau ditiru. Oleh karena itu, tidak diragukan lagi bahwa penjahat juga telah menggu...
Facial recognition is an essential aspect of conducting criminal action investigations. Captured images from the camera or the recording video can reveal the perpetrator's identity if their faces are deliberately or accidentally captured. However, many of these digital imagery results display the results of image quality that is not good when seen...
According to reports in 2021 by Kaspersky, requests for investigations into suspicious network activity, such as ARP Spoofing, which can result in sophisticated attacks, reached up to 22%. Several difficulties with examining network systems have been overcome thanks to network forensic investigations. This study aims to perform a network forensic a...
Since it was first launched in 1990, the Web Server is still in use today. No exception, almost all companies entering industry 4.0 use Web Servers to show the existence of the company's website and its products. Starting from the websites provided for free by WordPress and Blogspot to independent websites created by their respective companies. The...
Facial recognition is a significant part of criminal investigations because it may be used to identify the offender when the criminal's face is consciously or accidentally recorded on camera or video. However, a majority of these digital photos have poor picture quality, which complicates and lengthens the process of identifying a face image. The p...
One of the common causes of cybercrime is the lack of education and public awareness of cybercrime and digital forensics, such as acquisition techniques. So far, only a few people know in general the digital forensic acquisition technique, because learning about this acquisition technique is difficult to obtain and difficult to understand. This stu...
Abstrak Kasus nyata yang terjadi dilapangan bahwa banyak didapat gambar image yang berasal dari CCTV yang memerlukan identifikasi tentang kecocokan wajah dengan seseorang. Penelitian ini bertujuan untuk memberikan solusi menyelesaikan masalah pendeteksian kecocokan objek pada citra. Algoritma SIFT untuk menyelesaikan pendeteksian kecocokan objek ka...
Social Media, in addition to having a positive impact on society, also has a negative effect. Based on statistics, 95 percent of internet users in Indonesia use the internet to access social networks. Especially for young people, Instagram is more widely used than other social media such as Twitter and Facebook. In terms of cyberbullying cases, cas...
Social Media, in addition to having a positive impact on society, also has a negative effect. Based on statistics, 95 percent of internet users in Indonesia use the internet to access social networks. Especially for young people, Instagram is more widely used than other social media such as Twitter and Facebook. In terms of cyberbullying cases, cas...
I am one of the foreign members of the editorial board of this journal. Journal of Digital Technologies and Law is an online peer-reviewed periodical scientific and practical journal devoted to the study of the synergy of digital technologies and law, as well as possible risks and threats posed by the combination of technological progress, digitali...
Data recovery is one of the forensic techniques used to recover data that has been lost or deleted. Data recovery is carried out if there is a condition where the data that has been owned is deleted or damaged. If the data has been lost or deleted or even tampered with, then a forensic expert has several ways to restore data that has been lost or d...
Dari perkembangan teknologi yang begitu semakin bersaing dan semakin diperlukan dalam kehidupan masyarakat untuk keperluan sehari-harinya di media social seperti yang sering di gunakan oleh masyarakat yaitu Twitter, Facebook, Instagram, Youtube, WhatsApp dan social media lainnya. Tapi di masyarakat umum tidak tahu bahwa data yang di kirim tersebut...
Dengan perkembangan teknologi digital, gambar digital bisa didapat kapan dan dimana saja melalui kamera dan telepon genggam. Orang dapat memperoleh gambar dengan mudah dan dapat juga memanipulasi sumber informasi pada konten dan bahkan dapat melakukan manipulasi gambar. Sehingga perlu melakukan verifikasi sumber gambar yang merupakan pekerjaan utam...
This study aims to obtain attack evidence and reconstruct commonly used address resolution protocol attacks as a first step to launch a moderately malicious attack. MiTM and DoS are the initiations of ARP spoofing attacks that are used as a follow-up attack from ARP spoofing. The impact is quite severe, ranging from data theft and denial of service...
Teknologi informasi yang terus berkembang membuat manusia harus bisa menyeimbangkan perkembangan tersebut ke dalam kehidupan sehari-hari karena akan sangat membantu apabila dimanfaatkan dengan benar. Sebelum dilaksanakan pengabdian masyarakat, dilakukan observasi ke Kapanewon Ngaglik, ternyata penggunaan teknologi informasinya masih belum maksimal....
Aplikasi pesan singkat saat ini sudah menjadi bagian yang melekat pada masyarakat. Selain fitur yang ditawarkan, keamanan dan privasi adalah hal yang penting bagi pengguna. Keamanan dan privasi menjadi penting karena beberapa pengguna aplikasi ini menjadi khawatir dengan data pesan yang mereka kirimkan akan disalahgunakan oleh perusahaan aplikasi p...
Dalam pendekatan Forensic Readiness, kesiap-siagaan insiden menjadi tujuan perusahaan ataupun organisasi dalam menghadapi insiden yang swaktu-waktu terjad. Forensic Readiness dapat terdiri dari tindakan atau langkah, teknis dan non- teknis, yang memaksimalkan kemampuan organisasi untuk menggunakan bukti digital. Sebuah Cloud Forensic Readiness Fram...
Considering the trend of social interaction and relationships on the internet, online social media has greatly affected people's daily lives. Everyone can now easily connect in their social circle via smartphone, making it an easier choice by users. Social media applications definitely leave their mark on smartphones. The attractive trait of smartp...
The Hospital Management Information System (SIMRS) functions as a medium for hospital information and hospital management. There are patient medical record data, which is the result of interactions between doctors and sufferer. Medical records are sensitive data so that the security of the hospital management information system needs to be improved...
Bukti digital yang disimpan dalam blok mengurangi kinerja blok, mengurangi kecepatan akses blok dan mengurangi kapasitas media penyimpanan data. Informasi-informasi metadata yang diambil dari bukti digital yang hanya berupa informasi dasar terkait bukti digital dapat mengurangi integritas bukti digital dan juga menyulitkan penyidik dalam mengidenti...
Kejahatan multimedia melalui platform dan transmisi digital merupakan kondisi yang
sangat serius dan merugikan. Dewasa ini, kasus digital multimedia tidak sedikit menjadi perhatian, terutama dalam penanganan bukti multimedia yang dapat digunakan sebagai instrumen penentu kebenaran ilmiah di pengadilan. Selain itu juga, barang bukti digital multimed...
Perkembangan smartphone membuat aktivitas manusia lebih muda, dengan fitur-fitur yang diberikan, perkembangan tersebut tidak menutup kemungkinan dengan kecanggihan fitur smartphone dimanfaatkan sebagai media komunikasi untuk mendukung bentuk aksi kejahatan. Proses investigasi forensik dalam penanganan barang bukti elektronik pada smartphone menjadi...
Layanan cloud gaming memberikan akses game online berspesifikasi tinggi, namun dapat diakses dengan device minimalis. Kemudahan akses tersebut mengundang celah kejahatan baru dan memunculkan tantangan tersendiri untuk menemukan petunjuk dan bukti digital dalam mengungkap kasus kejahatan yang terjadi. Pendekatan ilmu cloud forensik tetap menjadi ken...
Dark Web merupakan konten online yang terenkripsi dan hanya dapat di akses menggunakan jaringan khusus seperti TOR (The Onion Router) . Saat ini perkembangan konten online menjadi perhatian serius karena pertumbuhan bagi kegiatan dan layanan terlarang seperti penjualan barang illegal , narkoba dan pornografi anak. Kejahatan komputer dalam dunia int...
Teknologi informasi di era saat ini menunjukkan perkembangan yang pesat khususnya dalam bidang komputer berbasis jaringan. Di sisi lain, terdapat beberapa oknum-oknum tertentu yang menyalahgunakan teknologi tersebut salah satunya dengan melakukan serangan pada jaringan komputer. Router merupakan perangkat jaringan yang dapat membuat jaringan lokal...
Covid-19 has a major impact on human life, including the process of managing digital evidence. Management of digital evidence requires special handling that can store and maintain the integrity of digital evidence. The current problem is there is no concept of storing digital evidence that can be accessed online in wider accessibility. Online digit...
Metadata is information in a file which its contents are an explanation of the file. Metadata contains information about the contents of data for file management purposes. In various cases involving digital evidence, investigators can uncover a case through the metadata file. Problems that arise when file metadata has changed or deleted information...
Kejahatan komputer memiliki 2 jenis barang bukti, yaitu: bukti fisik dan bukti digital. Penyimpanan pada bukti fisik membutuhkan sebuah ruang khusus yang dapat menampung bukti fisik tersebut. Namun dibutuhkan sebuah sistem yang dapat menyimpan dan mengelola bukti fisik tersebut. Permasalahan yang ada saat ini adalah tidak adanya konsep penyimpanan...
Abstrak-Audio merupakan salah satu barang bukti digital yang digunakan dalam cybercrime. Seringkali bahwa bukti audio ini membawa peran krusial untuk mengungkapkan adanya kasus kejahatan sehingga diperlukan proses analisis audio forensic. Audio tersebut berisi rekaman suara seseorang yang memiliki karakter dengan pengucapan kosakata yang berbeda-be...
Steganography is an interesting science to be studied and researched at this time, because steganography is the science of hiding messages on other digital media so that other parties are not aware of the existence of information in the digital media. Steganography is very effective in maintaining information security, because the existence of this...
Pemanfaatan teknologi informasi tidak hanya pada pemanfaatan sektor bisnis, tetapi juga sektor publik yang salah satunya adalah lembaga perguruan tinggi melalui Sistem Informasi Akademiknya. Efisiensi dan efektifitas proses informasi dengan menggunakan sistem informasi hanya akan terjadi apabila teknologi tersebut terjamin kualitas serta keamananny...
Steganalysis is used to detect the presence or absence of steganograpy files. One category of steganalysis is blind
steganalysis, which is a way to detect secret files without knowing what steganography method is used. A study proposes that the Convolutional Neural Networks (CNN) method can detect steganographic files using the latest method with a...
Terdapat banyak framework forensika digital masih tersebar dalam berbagai paper. Diperlukan sebuah upaya untuk menghimpun framework yang ada dalam sebuah repository untuk memudahkan mendapatkan informasi dan dokumentasi tentang framework tersebut. Selain itu, framework sebagai sebuah output dari kajian ilmiah perlu dilengkapi dengan review dari pak...
The rapid development of the IT world has covered all aspects of life and among IT technology products is the creation of Operating Systems and Web browser applications. Privacy in the use of IT in the open era is now highly expected, therefore now widely developed Operating Systems and Web browser applications that have facilities to protect user...
Information technology has become an essential thing in the digital era as it is today. With the support of computer networks, information technology is used as a medium for exchanging data and information. Much information is confidential. Therefore, security is also essential. Metasploit is one of the frameworks commonly used by penetration teste...
![Figure 2. SNI Acquisition 27037:2014 [23]](profile/Imam-Riadi-2/publication/341278618/figure/fig1/AS:896154468372483@1590671283937/SNI-Acquisition-270372014-23_Q320.jpg)
SSD currently has a new storage media technology namely Solid State Drive Non-volatile Memory Express (SSD NVMe). In addition, SSD has a feature called TRIM. The TRIM feature allows the operating system to tell SSDs which blocks are not used. TRIM removes blocks that have been marked for removal by the operating system. However, the TRIM function h...
![Figure 2. SNI Acquisition 27037:2014 [23]](publication/341761017/figure/fig1/AS:899486545104896@1591465712349/SNI-Acquisition-270372014-23_Q320.jpg)
SSD currently has a new storage media technology namely Solid State Drive Non-volatile Memory Express (SSD NVMe). In addition, SSD has a feature called TRIM. The TRIM feature allows the operating system to tell SSDs which blocks are not used. TRIM removes blocks that have been marked for removal by the operating system. However, the TRIM function h...
Steganalysis method is used to detect the presence or absence of steganography files or can be referred to anti-steganography. Steganalysis can be used for positive purposes, which is to know the weaknesses of a steganography method, so that improvements can be made. One category of steganalysis is blind steganalysis, which is a way to detect secre...
Kebutuhan akan akses internet saat ini sangat dibutuhkan oleh hampir semua orang khususnya wi-fi ( wireless fidelity ). Seiring meningkatnya pengguna pada wi-fi saat ini berbanding lurus dengan kejahatan yang mengeksploitasi wi-fi dengan melancarkan serangan berbahaya dengan tujuan untuk mendapatkan informasi dengan cara ilegal seperti serangan Man...
SSD saat ini memiliki teknologi media penyimpanan yang baru yaitu Solid State Drive Non-volatile Memory Express (SSD NVMe). Selain itu, SSD memiliki fitur bernama TRIM. Fitur TRIM memungkinkan sistem operasi untuk memberitahu SSD terkait block mana saja yang sudah tidak digunakan. TRIM berfungsi menghapus block yang telah ditandai untuk dihapus ole...
The increasing of cybercrime means an increase in the number of digital evidences produced in these criminal activities. Also, to pay attention to the security and integrity of digital data, the construction of digital evidence storage must pay attention to the need for convenience in adding storage and the need for investigators to avoid geographi...
Digital evidence has a different meaning from physical evidence, but even though it is different, both are a unity of evidence that supports each other in the investigation process. Unfortunately, laws and regulations generally have not been oriented to the terminology of digital evidence that should be. It becomes a research challenge in how the h...
Server virtualization is a technology that can run multiple operating systems simultaneously on one computer. The emergence of server virtualization invites a new crime gap that is different from the challenge of finding clues and digital evidence in uncovering cases of crime. This certainly makes it difficult for investigators to make acquisitions...
Keamanan informasi merupakan ranah multidisiplin dalam konsentrasi pengembangan dan pelaksanaan dari berbagai mekanisme yang ada untuk menjaga informasi sesuai pada tempatnya. Secara umum, unsur keamanan informasi terdiri dari ketersediaan, integritas, dan kerahasiaan informasi tersebut. Keamanan informasi erat kaitannya dengan konsep manajemen res...
Digital Evidence Storage is placed to store digital evidence files. Digital evidence is very vulnerable to damage. Therefore, making digital evidence storage need access control. Access control has several models, one of them is ABAC (Attribute-Based Access Control). ABAC is a new access control model. ABAC model has a flexible function, allows int...
p class="Abstrak"> Resource digital memerlukan sebuah mekanisme untuk mengatur policy terhadap kontrol untuk mendapatkan hak akes ke dalam suatu sistem. Akses kontrol lebih fleksibel dibanding dengan pendekatan otorisasi, autentikasi ataupun verifikasi yang sangat sederhana. Mekanisme access control policy dengan pendekatan atribut diyakini sebagai...
Abstrak Resource digital memerlukan sebuah mekanisme untuk mengatur policy terhadap kontrol untuk mendapatkan hak akes ke dalam suatu sistem. Akses kontrol lebih fleksibel dibanding dengan pendekatan otorisasi, autentikasi ataupun verifikasi yang sangat sederhana. Mekanisme access control policy dengan pendekatan atribut diyakini sebagai solusi ada...
The handling of the chain of custody for digital evidence is a complex issue and more difficult than physical evidence. The main problem in the chain of custody of digital evidence is related to how to record and what should be documented the information of evidence in an investigative process. This paper provides a mechanism for recording and docu...
In recent years, the use of drones by civilians is increasing rapidly by the presentation of total sales continued to increase rapidly every year. With the increasing possibility of Unmanned Aerial Vehicle (UAV) abuse, crime in the use of UAVs to be larger. Through forensic analysis of data using static forensic and live forensic to obtain data tha...
Social media is an application that can make everyone interact with each other and can consume information by sharing content quickly, efficiently and real time. Various kinds of information about someone's activities that we can find on social media, making social media can help to conduct investigations. Some research, using visualization with se...
Social media has become a major part of society. But most of the time social media is used as a way people commit the crime. Due to numerous crimes that use social media, it is essential to design a framework to gather digital evidence on social media. This study develops the design of Framework by implementing Composite Logic Model. A logic Compos...
Abstrak Bukti digital sangat rentan terhadap kerusakan. Oleh sebab itu dalam membuat lemari penyimpanan bukti digital (LPBD) diperlukan adanya access control. Access control sendiri memiliki beberapa model, salah satunya yaitu ABAC. ABAC merupakan salah satu model dari access control yang baru. Karena model ABAC ini mempunyai fungsi yang fleksibel,...
Network devices as media file sharing and can be used as file servers have begun to appear, just as smart router devices can be used as file servers by adding USB Thumb drive as storage media. With the diversity of router devices, it becomes a challenge in digital forensic science when a case occurs by utilizing a smart router device related to fil...
Information security is a need to secure organizational information assets. The government as the regulator issues an Information Security Management System (ISMS) and Information Security Index (US) as a measure of information security in the agency of a region. Security Information and Event Management (SIEM) is a security technology to secure in...
Digital evidence handling and preservation are one stage of digital forensic process. This part is very crucial because digital evidence is the basis of digital forensic process. The credibility of digital evidence must be maintaned for law and court process. Process of preservation of digital evidence known as chain of custody (CoC). CoC is a docu...
The important thing that every digital forensic investigator must take into account in carrying out digital forensics activities is the following steps and procedures in digital forensics. These stages are known as frameworks or SOP investigations. Stages of the digital forensic process must be in accordance with the rule of law and also the right...
An audio recorder is one of the multimedia content that is often found at the crime scene and is used as evidence in the trial process. Audio recorders that can be made as legal evidence in court must follow the rules and audio forensic standards that apply in the process of obtaining the evidence, this is because audio digital evidence is very eas...
Today is the era of the Internet of Things (IoT), millions of devices such as smart city, smart home, smart retail, automotive, automatic car tracking, smartphone detection, smart lighting, temperature monitoring etc. are being connected to the Internet. There are various devices which are interconnected to the other devices on the internet of thin...
Chain of custody is a key process of disclosure of cyber crime cases. Chain of custody contains information about the identity of electronic evidence and the digital evidence which obtained from acquisition process result. The data of Chain of custody is stored in an XML structure. One such advantage of using XML that is effortless to understand by...
Chain of custody is a key process of disclosure of cyber crime cases. Chain of custody contains information about the identity of electronic evidence and the digital evidence which obtained from acquisition process result. The data of Chain of custody is stored in an XML structure. One such advantage of using XML that is effortless to understand by...
Digital forensic investigations must have references and procedures, and so many digital forensic models are developed according to different needs and focus. The average model focuses on the Phases of investigation, but has not yet explained the mechanism of the digital forensic process. This makes the interaction between digital forensic componen...
Digital Evidence Storage (DES) should have been established not only using simple authentication and authorization methods, namely authentication and authorization processes of username and password only, but also had to use more complex authentication and authorization processes by implementing rule policy as the determiner in request access. RBAC...
Through using tools of image processing on digital images just like gimp and adobe photoshop applications, an image on digital images can be a source of information for anyone who observes it. On one hand, those applications can easily change or manipulate the authenticity of the image. On the other hand, they can be misused to undermine the credib...
GPS (Global Positioning System) is the main device that record location based on coordinate . The purpose of location recording is making digital maps and the output are printed-maps. Digital maps and printed-maps that have been authorized by the government will become reference for every activities like terminating the location objects or borderli...
Internet as media to do political movement. Since that, the Indonesian people understand internet-based activities until this current progress. Use of internet in Indonesia most frequently utilize units to access internet, namely, handphone, laptop/notebook, Personal Computer (PC), and tablet. Media used to access internet include mobile (47.6%), c...
Smart Router is a router device that is equipped with Smart Wi-Fi software that allows us to easily manage and monitor the home network, and has more features or services than regular routers in general. Routers of this type include one solution in building a local area network that can be used as file server in file sharing. But regardless of the...
An important factor of the investigation into cybercrime cases is the case relating to the evidence found. Electronic evidence and digital evidence found in criminal cases should be maintained from the outset, to be held accountable for justice. Sistem digital evidence storage cabinets (LPBD) is one solution to overcome the management of digital ev...
ABSTRAK Kasus kejahatan yang banyak terjadi di era modern ini adalah kejahatan di dunia maya yang meninggalkan jejak berupa barang bukti elektronik. Barang bukti elektronik tersebut harus diakuisisi terlebih dahulu untuk menemukan bukti didalamnya dengan mengunakan aplikasi. Salah satu hasil dari akuisisi bukti elektronik adalah berupa DFXML. DFXML...
Metadata is the information that is embedded
in a file whose contents are the explanation of the file. In the handling of the main evidence with a metadata-based approach is still a lot of manually in search for correlation related files to uncover various cases of computer crime. However, when correlated files are in separate locations (folders) a...
The development of computer technology now have an impact on the increasing cases of cybercrime crime that occurred either directly or indirectly. Cases of cybercrime now are able to steal digital information is sensitive and confidential. Such information may include email, user_id, and password. In addition to browser cookies stored on your compu...
Audio forensik merupakan salah satu ilmu yang mnyandingkan antara ilmu pengetahuan dan metode ilmiah dalam proses analisis rekaman suara untuk membantu dan mendukung pengungkapan suatu tindak kejahatan yang diperlukan dalam proses persidangan. Undang-undang ITE No.19 Tahun 2016 menyebutkan bahwa rekaman suara merupakan salah satu alat bukti digital...
Virtual machine has been the most one of virtualization technology used today for working and saving hardware resources, besides as a tool conduct research on malware, network installations etc. The wide use of virtualization technology is becoming a new challenge for digital forensics experts to carry out further research on the recovery of eviden...
Digital evidence should be handled by the same mechanism with the physical evidence. Both types of such evidence should be complementary to support the investigation and data required in digital forensics activities. An appropriate business model is required to be able to support this mechanism. The existing business models, not yet able to explain...
DFXML (Digital Forensics XML) adalah sebuah tool forensik yang dikembangkan untuk menghasilkan output dalam bentuk dokumen XML. Tools ini dirancang untuk menampilkan metadata dari file hasil disk imaging dari perangkat elektronik. Umumnya output DFXML berupa dokumen XML dalam bentuk plaintext. Hal ini memunculkan permasalahan dalam aspek keamanan d...
Audio forensik merupakan penerapan ilmu pengetahuan dan metode ilmiah dalam penanganan barang bukti berupa audio demi mendukung pengungkapan berbagai kasus tindak kriminal dan mengungkap berbagai informasi yang diperlukan dalam proses persidangan. Namun, rekaman suara sangat rentan dan mudah untuk dirubah/dimanipulasi baik untuk kepentingan pribadi...
Questions
Questions (18)
One security metric for measuring the security of a system / application is to use the CWSS (common weakness scoring system) from MITRE. Can anyone provide an explanation of the relationship between the CWSS and the evaluation of the CIA Triad from security? Are there any references that explain the example of the using of CWSS to the security of an system.
I am building a system, as an evaluation of the system it is necessary to test the CIA aspects of the system.To measure the Confidentiality - Integrity - Availability that has been applied to a system, what is the most appropriate measurement method or metrics that can be used ?
I am studying ABAC (Attribute Based Access Control), specifically for application in the context of access to digital evidence. Is there a document that gives an overview of step by step how to make ABAC policy, then how to implement and mechanism for testing of policy validation. Are there any tools that can be used for ABAC's purposes ?
what is the method that can be done to evaluate a metadata concept. Are there any tools that can be used? Are there any papers discussing metadata evaluation
Is there any paper that discusses about the mathematical model for digital forensics, digital evidence or digital investigation process ?
Can anyone help me to share what is the current issue of xml excryption, is there any reference I can read?
Files with the extension of dd and E01 from EnCase, can be represented as the results of acquisition process. I'm trying to do a research about metadata of digital evidence file. How to read the metadata of file with extension of dd / E01. FITS and TIKA could not be used to read the metadata of both of those file extensions.
How to evaluate the security of a computer system ? Is there a framework that is currently used as a standard for measuring computer security ?
In technology adoption frameworks there are three frameworks are commonly used are: DOI (Diffusion of Innovation), TAM (Technology Acceptance Model) and PCI (Perceived Characteristic of Innovation) is there any papers that discuss the similarities and differences of the implementation of the three frameworks mentioned above?
If I have a framework as a solution for such a real problem, What is the current method to evaluate the user satisfaction of these solution. Do EUCS (end user computing satisfaction) can be used to measure the success of the application of these frameworks among practitioners. Is there any methods that can we used to do an evaluation of user satisfaction ?
I have an evidence file in the form of digital files generated from the imaging process using dd and EnCase applications, in addition to using standard tools for analysis of imaging files such as sleuthkit, FTK, EnCase, is there any other tools that can be used to read the metadata of digital evidence file ?
There are many papers have been discussing frameworks in digital forensics, but no one gives a definition of what is meant by the term frameworks in the field of digital forensics. Is the use of terminology frameworks have the same purpose and meaning to the stages, procedures, models or steps in implementing digital investigative activity ?
In the case of file digital evidence resulting from the acquisition and imaging of electronic device, is there any metadata standard used to be applied to digital evidence. Are there any similar research that discusses about metadata (standard / specification / schema / element) for digital evidence ?
In the field of access control policy, anyone can provide an explanation of the difference between SAML and XACML. In an Attribute Based Access Control models, can both be applied simultaneously?
Currently, I'm developing the concept of attribute-based access control (ABAC) model for a digital chain of custody system in law enforcement. How to perform testing of attribute-based access control model that has been developed is. Some paper write testing methods through a formal methods approach.
Are there other ways to do the testing other than using the formal methods approach.
What is the real meaning of pseudo metadata ?
in what field of study the term pseudo metadata commonly used ?
Currently I'm doing research to build a proper access control model for digital forensics environment activities. Based on the characteristics of business models in the digital investigator activity, which is the most appropriate access control model to be implemented as well as the right tools to implement them.
