Digital Forensic Investigation for Virtual Machines

Khangar, Smita V.; Nagpur, G. H. R. C. E.; Dharaskar, R. V.

doi:10.7763/ijmo.2012.v2.205

Cited by 3 publications

(2 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Pada kasus network forensics, investigator dapat menggunakan teknik static forensics untuk mendapatkan informasi mengenai aktivitas yang terjadi pada jaringan. Static forensics tidak menyediakan skenario lengkap pada saat memeriksa sistem [9] Akan tetapi investigator dapat memasang packet sniffer untuk menangkap trafik yang berjalan pada jaringan dan menganalisisnya. Seperti menggunakan alat batu perangkat lunak FTK (forensics toolkit), Net Intercept, dan Wireshark [6].…”

Section: B Static Forensicunclassified

Analisa Investigasi Static Forensics Serangan Man in the Middle Berbasis Arp Poisoning

Kamajaya

2020

JIKO

View full text Add to dashboard Cite

AbstrakKebutuhan akan akses internet saat ini sangat dibutuhkan oleh hampir semua orang khususnya wi-fi (wireless fidelity). Seiring meningkatnya pengguna pada wi-fi saat ini berbanding lurus dengan kejahatan yang mengeksploitasi wi-fi dengan melancarkan serangan berbahaya dengan tujuan untuk mendapatkan informasi dengan cara ilegal seperti serangan Man In The Middle berbasis ARP Poisoning. Dimana penyerang menggunakan teknik menyadapan pada frame data dalam jaringan lokal, kemudian mengubah lalu lintas data atau memberhentikan lalu lintas data. Penelitian ini dilakukan dengan menerapkan pendekatan metode Statik forensik, untuk mendeteksi aktivitas ilegal yang terjadi di dalam jaringan Wifi. Proses investigasi dibagi menjadi sepuluh tahapan, dimulai dari proses preparation, detection, incident respon,collection, examination,presevations, examinations, analysis ,investigation dan reporting. penelitian ini akan difokuskan pada analisa network trafik untuk proses penemuan barang bukti digital berupa informasi, traffik data dari serangan Man In The Middle berbasis ARP Poisoning. Hasil dari penelitian ini dapat menganalisa data dan menemukan barang bukti maupun informasi pelaku yang dapat dipertanggung jawabkan. AbstractThe need for internet access is currently needed by almost everyone, especially Wi-Fi (wireless fidelity). As the increase in users on Wi-Fi is now directly proportional to the crime that exploits Wi-Fi by launching malicious attacks with the aim of obtaining information through illegal means such as ARP Poisoning Man In The Middle attacks. Where the attacker uses tapping techniques on data frames in the local network, then changing data traffic or stopping data traffic. This research was conducted by applying the static forensic method approach, to detect illegal activities that occur within the Wifi network. The investigation process is divided into ten stages, starting from the process of preparation, detection, incident response, collection, examination, pre-evaluation, examination, analysis, investigation and reporting. This research will focus on traffic network analysis for the discovery of digital evidence in the form of information, data traffic from the ARP Poisoning Man In The Middle attack. The results of this study aim to analyze data and find evidence and information that can be accounted for the perpetrators.

show abstract

Section: B Static Forensicunclassified

Analisa Investigasi Static Forensics Serangan Man in the Middle Berbasis Arp Poisoning

Kamajaya

2020

JIKO

View full text Add to dashboard Cite

show abstract

“…Then [11] in his research conducted an analysis of the evidence of VMware workstation virtual machines using the forensic live view tool. The tool can protect VM evidence from data changes in the analysis process.…”

Section: Research Reviewmentioning

confidence: 99%

Server Virtualization Acquisition Using Live Forensics Method

Soni¹,

Prayudi²,

Sugiantoro³

et al. 2019

Proceedings of the International Conference of CELSciTech 2019 - Science and Technology Track (ICCELST-ST 2019)

View full text Add to dashboard Cite

Server virtualization is a technology that can run multiple operating systems simultaneously on one computer. The emergence of server virtualization invites a new crime gap that is different from the challenge of finding clues and digital evidence in uncovering cases of crime. This certainly makes it difficult for investigators to make acquisitions of one of the operating systems in server virtualization without disturbing and shutting down the computer given the importance of the server. So far, acquisition techniques are generally used singly which only contains one operating system. Therefore, it is necessary to have a technique to acquire server virtualization by using the live forensics method without interrupting or shutting down other running operating systems. The use of the live forensics method to acquire server virtualization is done by applying three acquisition techniques. Three acquisition technique models are carried out by acquiring one of the operating systems that are in the virtual machine on server virtualization through the Proxmox server without turning off the other operating systems that are running. Of the three acquisition models that have been tested, it is known that there are two models of acquisition techniques that are well used and recommended based on the situation and conditions that are occurring.

show abstract

Profiling software applications for forensic analysis

Rafique¹,

Khan²

2015

Computer Fraud & Security

View full text Add to dashboard Cite

Digital Forensic Investigation for Virtual Machines

Cited by 3 publications

References 1 publication

Analisa Investigasi Static Forensics Serangan Man in the Middle Berbasis Arp Poisoning

Analisa Investigasi Static Forensics Serangan Man in the Middle Berbasis Arp Poisoning

Server Virtualization Acquisition Using Live Forensics Method

Profiling software applications for forensic analysis

Contact Info

Product

Resources

About