Investigasi Live Forensik Dari Sisi Pengguna Untuk Menganalisa Serangan Man in the Middle Attack Berbasis Evil Twin

Ahmad, Muhammad Sabri; Riadi, Imam; Prayudi, Yudi

doi:10.33096/ilkom.v9i1.103.1-8

Cited by 9 publications

(6 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…2, describing the forensic tools used to capture logs, Wireshark has the advantage of reading the content of each data traffic packet, NetworkMiner has the advantage of reading host-based data logs, and TCPDUMP is usually used for network troubleshooting [34]. These tools are used to obtain traffic network activity as awhole [35].…”

Section: Resultsmentioning

confidence: 99%

Network Forensics Against Ryuk Ransomware Using Trigger, Acquire, Analysis, Report, and Action (TAARA) Method

Kusuma

Umar

Riadi

2021

KINETIK

Self Cite

View full text Add to dashboard Cite

This study aims to reconstruct an attack event and analyze the source of viral infection based on network traffic logs so that the information obtained can be used for a new reference in the security system. Recent attacks on computer network systems cannot be easily detected, as cybercrime has used a variant of the Ryuk Ransomware virus to penetrate security systems, encrypt drives, and computer network resources. This virus is very destructive and has an effective design with a file size of about 200,487 Bytes so it does not look suspicious. The research steps are done through Trigger, Acquire, Analysis, Report, and Action (TAARA). The forensic tools used to obtain log data are Wireshark, NetworkMiner, and TCPDUMP. Based on the results of forensic data obtained include a timestamp, source of the attack, IP address, MAC address, hash signature sha256, internet protocol, and the process of infection. Based on the data obtained in this study has been by the expected objectives.

show abstract

Section: Resultsmentioning

confidence: 99%

Network Forensics Against Ryuk Ransomware Using Trigger, Acquire, Analysis, Report, and Action (TAARA) Method

Kusuma

Umar

Riadi

2021

KINETIK

Self Cite

View full text Add to dashboard Cite

show abstract

“…Aplikasi WA menjadi aplikasi yang terbanyak dipakai oleh berbagai macam komunitas atau kelompok pada masyarakat di Indonesia, tidak luput juga oleh para ilmuwan dan para akademisi dari perguruan tinggi [7]. Kasus kejahatan dan bukti digital pada WA perlu diteliti atau diidentifikasi dengan melakukan analisis forensik menggunakan tools dan metode [8]. Beberapa tools yang dapat digunakan untuk mendapatkan bukti digital diantaranya Wondershare Dr. Fone, MobilEdit, Oxygen Forensics, Belkasoft, dan Metsploit.…”

Section: Pendahuluanunclassified

Forensics Mobile Layanan WhatsApp pada Smartwatch Menggunakan Metode National Institute of Justice

Sunardi¹,

Riadi

Triyanto

2021

JOINTECS

Self Cite

View full text Add to dashboard Cite

Technological developments have a positive impact in the form of ease in gathering data and information includes the growth of smartphone users with Android-based. In other side, technology can also cause cybercrime. This study aims to reveal digital evidence in the process of identifying cybercrime activities by using WhatsApp application as communication media. The method for executing digital forensics in this study uses the framework of the National Institute of Justice (NIJ) with the stages of identification, examination, colection, analysis, and reporting. Wondershare Dr Fone is used as tool for analysis and extraction work. This research that are carried out has 100% success in collecting data in the form of photos, videos, contacts, and documents on the smartwatch but unable to read of the chat mesengger and call history and unable to restore the lost data.

show abstract

“…Penelitian tersebut dilakukan dengan tujuan untuk menyelidiki dan menentukan jenis serangan berdasarkan data log. Untuk penelitian dengan menggun metode Live Forensic, dilakukan penelitian terhadap serangan Man In The Middle Attack berbasis Evil Twin, dimana pada penelitian tersebut lebih fokus dari sisi penggunan [3].…”

Section: Pendahuluanunclassified

Forensik Jaringan Terhadap Serangan ARP Spoofing menggunakan Metode Live Forensic

2020

Self Cite

View full text Add to dashboard Cite

Pada jaringan komputer, protokol yang bertugas untuk untuk menerjemahkan IP address menjadi MAC Address adalah Address Resolution Protocol (ARP). Sifat stateless pada protokol ARP, menyebabkan protokol ARP memiliki celah dari segi keamanan. Celah ini dapat menimbulkan serangan terhadap ARP Protocol, disebabkan karena ARP request yang dikirimkan secara broadcast, sehingga semua host yang berada pada satu broadcast domain dapat merespon pesan ARP tersebut walaupun pesan tersebut bukan ditujukan untuknya. Serangan inilah yang biasa disebut dengan ARP Spoofing. Serangan ini dapat berimbas pada serangan-serangan yang lain, seperti serangan Man In The Middle Attack, Packet Sniffing, dan Distributed Denial of Service. Metode Live Forensic digunakan untuk mengidentifikasi dan mendeteksi serangan ketika sistem dalam keadaan menyala. Berdasarkan hasil penelitian yang dilakukan terbukti bahwa dengan penggunaan metode Live Forensics, investigator dapat dengan cepat mendeteksi suatu serangan dan mengidentifikasi penyerangnya.

show abstract

Investigasi Live Forensik Dari Sisi Pengguna Untuk Menganalisa Serangan Man in the Middle Attack Berbasis Evil Twin

Cited by 9 publications

References 5 publications

Network Forensics Against Ryuk Ransomware Using Trigger, Acquire, Analysis, Report, and Action (TAARA) Method

Network Forensics Against Ryuk Ransomware Using Trigger, Acquire, Analysis, Report, and Action (TAARA) Method

Forensics Mobile Layanan WhatsApp pada Smartwatch Menggunakan Metode National Institute of Justice

Forensik Jaringan Terhadap Serangan ARP Spoofing menggunakan Metode Live Forensic

Contact Info

Product

Resources

About