Yudi Prayudi

Digital Chain of Custody: State of the Art

Digital forensics starts to show its role and contribution in the society as a solution in disclosure of cybercrime. The essential in digital forensics is chain of custody, which is an attempt to preserve the integrity of digital evidence as well as a procedure for performing documentation chronologically toward evidence. The characteristics of digital evidence have caused the handling chain of custody is becoming more complicated and complex. A number of researchers have contributed to provide solutions for the digital chain custody through a different point of views. This paper gives an overview of the extent to which the problem and challenges are faced in the digital chain of custody issue as well as the scope of researches that can be done to contribute in the issue of the digital chain of custody.

Live Forensics Method for Analysis Denial of Service (DOS) Attack on Routerboard

Denial of Service (DoS) attacks are structured network attacks that originate from multiple sources and converge to form large packet currents. A DoS attack aims to disrupt the services available on the target network by flooding the bandwidth or processing capacity system making the target server network become overloaded. Wireshark is a tool that can be used to detect DoS attacks on a Router network and perform network traffic analysis that has functions that are useful for network professionals, network administrators, researchers, and network software development, requiring the detection of DoS attacks on the Router and multiplying information as well as attracting forensics data as a digital evidence of DoS attacks on the Router through the Live Forensics method. This research succeeded in pulling data information of DoS attack on Router form activity log data and attacker IP address list.

Wi-Fi Security Level Analysis for Minimizing Cybercrime

The increasing human need for Internet access requires Internet access service that is easy to do as the availability of Wi-Fi hotspot. Among the many Wi-Fi hotspots in public service locations in Yogyakarta is still very little attention to the security of data communications on the wireless network. This makes the hacker be interested to discover his ability to perform various activities of cybercrime. This study aims to analyze and test the Wi-Fi network security contained in locations of public services in Yogyakarta. The method used in this study is a qualitative method that consists of five main steps, namely the study of literature, the issue of criteria Wi-Fi, research instruments, data collection, and analysis. The location of public services, Wi-Fi hotspot providers selected in three categories: hotel, restaurant / cafe, and educational institutions. Each public service category taken sample 5 different locations. Testing is done with action that leads to crime by type of action such as sniffing, DNS spoofing and hijacking. The results showed that the majority of Wi-Fi located at the location of public service vulnerable to criminal attack. Wi-Fi throughout the studied (100%) are not secure against sniffing activities, 80% are not secure against DNS spoofing activities, and 66.6% are not

Cyber Profiling Using Log Analysis And K-Means Clustering

The Activities of Internet users are increasing from year to year and has had an impact on the behavior of the users themselves. Assessment of user behavior is often only based on interaction across the Internet without knowing any others activities. The log activity can be used as another way to study the behavior of the user. The Log Internet activity is one of the types of big data so that the use of data mining with K-Means technique can be used as a solution for the analysis of user behavior. This study has been carried out the process of clustering using K-Means algorithm is divided into three clusters, namely high, medium, and low. The results of the higher education institution show that each of these clusters produces websites that are frequented by the sequence: website search engine, social media, news, and information. This study also showed that the cyber profiling had been done strongly influenced by environmental factors and daily activities.

Digital Evidence Cabinets: A Proposed Framework for Handling Digital Chain of Custody

Chain of custody is the procedure to do a chronological documentation of evidence, and it is an important procedure in the investigation process. Both physical and digital evidence is an important part in the process of investigation and courtroom. However, handling the chain of custody for digital evidence is more difficult than the handling of physical evidence. Nevertheless, the handling of digital evidence should still have the same procedure with the handling of physical evidence. Until now handling the chain of custody for digital evidence is still an open problem with a number of challenges, including the business model of the interaction of the parties that deal with digital evidence, recording of metadata information as well as issues of access control and security for all the handling digital chain of custody. The solution offered in this research is to build a model of Digital Evidence Cabinets as a new approach in implementing the digital evidence handling and chain of custody. The model is constructed through three approaches: Digital Evidence Management Frameworks, Digital Evidence Bags with Tag Cabinets as well as access control and secure communication. The proposed framework is expected to be a solution for the availability of an environment handling of digital evidence and to improve the integrity and credibility of digital evidence.