Niken Dwi Wahyu Cahyani scite author profile

Niken Dwi Wahyu Cahyani

3Publications

56Citation Statements Received

67Citation Statements Given

How they've been cited

128

How they cite others

Affiliations

Telkom University, University of South Australia, Telkom Institute of Management

Publications

Order By: Most citations

Cloud incident handling and forensic‐by‐design: cloud storage as a case study

Rahman

Cahyani

Choo

2016

Concurrency and Computation

View full text Add to dashboard Cite

Summary Information security incident handling strategies or models are important to ensure the security of organisations, particularly in cloud and big data environments. However, existing strategies or models may not adequate as cloud data are generally virtualised, geographically distributed and ephemeral, presenting both technical and jurisdictional challenges. We present an integrated cloud incident handling and forensic‐by‐design model. We then seek to validate the model using a set of controlled experiments on a cloud‐related incident. Three popular cloud storage applications were deployed namely, Dropbox, Google Drive, and OneDrive. This study demonstrates the utility of the model for organisational cloud users to undertake incident investigations (e.g. collect and analyse residual data from cloud storage applications). Copyright © 2016 John Wiley & Sons, Ltd.

show abstract

Forensic data acquisition from cloud‐of‐things devices: windows Smartphones as a case study

Cahyani

Martini

Choo

et al. 2016

Concurrency and Computation

View full text Add to dashboard Cite

The continued amalgamation of cloud technologies into all aspects of our daily lives and the technologies we use (i.e. cloud-of-things) creates business opportunities, security and privacy risks, and investigative challenges (in the event of a cybersecurity incident). This study examines the extent to which data acquisition from Windows phone, a common cloud-of-thing device, is supported by three popular mobile forensics tools. The effect of device settings modification (i.e. enabling screen lock and device reset operations) and alternative acquisition processes (i.e. individual and combined acquisition) on the extraction results are also examined. Our results show that current mobile forensic tool support for Windows Phone 8 remains limited. The results also showed that logical acquisition support was more complete in comparison to physical acquisition support. In one example, the tool was able to complete a physical acquisition of a Nokia Lumia 625, but its deleted contacts and SMSs could not be recovered/extracted. In addition we found that separate acquisition is needed for device removable media to maximize acquisition results, particularly when trying to recover deleted data. Furthermore, enabling flight-mode and disabling location services are highly recommended to eliminate the potential for data alteration during the acquisition process. These results should provide practitioners with an overview of the current capability of mobile forensic tools and the challenges in successfully extracting evidence from the Windows phone platform.commonplace. It is also likely that when criminals communicate, their communications are intentionally or even unintentionally captured by a smartphone prior to being stored in the interconnected cloud computing environment.When law enforcement agencies (LEAs) seek to extract evidence from smartphones, they turn to digital forensic practitioners, who in turn undertake a forensic investigation. Generally, there are four main stages in a digital forensic investigation that aim to bring digital evidence to a court [2]. The first three stages, identification, preservation and analysis of the digital evidence, are mainly conducted at the scene and/or at a forensic laboratory. The last stage, presentation, mainly involves the actual presentation of the collected evidence in a court of law. Data acquisition is part of the digital forensic investigation process and often falls within the preservation stage. Before data can be analyzed, it must be acquired, and often initially examined. However, few consumer devices are designed with forensic investigation in mind. This means that digital forensic researchers and practitioners are frequently examining new technologies to determine best practices and techniques for acquiring data and extracting evidence, within the bounds of the inherent limitations imposed by the device's hardware and software configuration. In a recent work, Ab Rahman et al. highlighted the importance of forensic readiness and proposed a forensic-by-design framework f...

show abstract

The Detection of 8 Type Malware botnet using Hybrid Malware Analysis in Executable File Windows Operating Systems

Satrya

Cahyani

Andreta

2015

View full text Add to dashboard Cite

Nowadays a lot of botnet are being used for the purpose of cybercrime such as distributed denial of services (DDos) or information stealing. Botnet is a collection of computers connected through Internet that has been taken over by an attacker using malwares. These infected computer are known as bot or zombie. These bot are controllable for the attacker through an infrastructure called Command and Control (C&C) server. In general, the spread of botnets Windows operating system as its main target in the form of executable file (.exe).Right now Windows have a massive number of application in the form of executable file and almost all of it doing connection to the Internet. So it make it very difficult to distinguish an executable file as a malware botnet or not. Therefore, to identify and detecting a malware botnet required malware analysis on Windows executable file. Many ways can be done in analyzing a malware. However, generally speaking there are two techniques in malware analysis. That is static analysis and dynamic analysis. By combining both the results of static analysis, dynamic analysis can produce data for detecting malware botnet in the executable files of Windows operating system that are Herpestnet, Ann Loader, mbot, Vertexnet, Athena, Elite Loader, Gbot, dan Cythosia.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.