Hasil Pencarian  ::  Simpan CSV :: Kembali

"ABSTRAKSejak diberlakukannya UU Nomor 11 Tahun 2008 tentang ITE, dokumen atau informasi elektronik telah menjadi alat bukti hukum yang sah di Indonesia. Hal ini membuat beberapa tindak kejahatan dipecahkan dengan menggunakan bukti berupa informasi elektronik termasuk salah satu diantaranya adalah aplikasi WhatsApp yang saat ini menjadi sarana utama dalam pertukaran pesan dan informasi di Indonesia. Data percakapan WhatsApp yang sangat banyak menjadi kendala bagi seorang analis forensik dalam melakukan analisis. Pada penelitian ini dilakukan analisis forensik terhadap aplikasi WhatsApp dengan menggunakan alur proses pada NIST 800-101 yang merupakan panduan dalam melakukan penanganan mobile forensik. Target dari penelitian ini adalah perangkat smarphone berbasis android dan iOS sehingga dapat dihasilkan sebuah dokumen profile artefak aplikasi WhatsApp dari kedua platform yang dapat membantu dalam proses analisis.

---

ABSTRACTSince released UU No 11 2008 about ITE, document or information electronic have become legal evidence in Indonesia. This has caused several crimes being solved by using information electronic as evidence including one of them WhatsApp application which is currently the primary medium for exchanging messages and information in Indonesia. Data of WhatsApp conversation is very much an obstacle for a forensic analyst in conducting analysis. In this research about analysis forensic for WhatsApp application using flow process on NIST 800-101 which is a guide in handling mobile forensics. The target of this research is smartphone device base Android and iOS so that resulted a profile document of WhatsApp artifact form both platforms that can assist in the analysis process."

"SynopsisPraise for the first and second editions: "Author Eoghan Casey does a superb job of applying forensic science to computers." -- Ben Rothke, SecurityManagement.com "...Casey does a great job making difficult concepts easy to understand." ComputerWorl"

"Salah satu tantangan utama investigasi insiden kebocoran data adalah tidak tersedianya kerangka kerja spesifik yang sesuai dengan karakteristik insiden kebocoran, disertai langkah-langkah yang jelas dan memberikan hasil investigasi yang komprehensif. Tantangan lain berupa proses analisis terhadap logs berjumlah besar akan menghabiskan waktu dan berpotensi terjadi human-error bila dilakukan secara manual. Pendekatan machine learning (ML) dapat dijadikan solusi, namun kinerja ML seringkali tidak optimal dikarenakan kondisi ketidakseimbangan dataset. Untuk itu, pada penelitian ini dikembangkan kerangka kerja forensik digital baru yang bernama KARAFFE (Kalamullah Ramli–Arif Rahman Hakim–Forensic Framework for Exfiltration), yang bersifat spesifik sesuai dengan karakteristik kebocoran data. Tahapan dan komponen pada KARAFFE mampu menghasilkan jawaban atas pertanyaan investigatif berupa What, When, Who, Where, Why dan How (5WH) dari insiden yang diinvestigasi. Berdasarkan karakteristik pembanding yang ditetapkan, KARAFFE memenuhi enam indikator karakteristik mengungguli kerangka kerja existing lainnya. Lebih lanjut, analisis studi kasus menunjukkan bahwa KARAFFE mampu menginvestigasi insiden secara utuh disertai jawaban 5WH yang lengkap atas insiden yang diuji. Metode lain yang dikembangkan adalah ARKAIV (Arif Rahman Hakim-Kalamullah Ramli-Advanced Investigation). Metode ARKAIV berbasis ML mampu memprediksi terjadinya exfilration berdasarkan event logs yang dipetakan ke adversarial tactics. Untuk prediksi tersebut dilakukan modifikasi dataset berupa rangkain tactics dengan exfiltration sebagai target dan didesain skema resampling untuk mengatasi kondisi ketidakseimbangan dataset. SMOTEENN menghasilkan kinerja terbaik mengungguli empat teknik resampling lainnya, dengan meningkatkan nilai geometric-mean 0 pada initial dataset menjadi 0.99 pada resampled dataset. Selain itu, model ML pada metode ARKAIV dipilih dengan kinerja paling optimal berdasarkan lima teknik feature selection, menerapkan lima classifiers ML, dan dua teknik validasi model. Hasil ML-ARKAIV menunjukkan bahwa Random Forest melampaui kinerja empat classifiers lainnya (XGBoost, Logistic Regression, Naive Bayes, dan Support Vector Machine), dengan mean accuracy sebesar 99.1% (5-folds), 99.8% (10-folds), 99.7% (5-folds 5-repetitions), dan 99.74% (10-folds 10-repetitions). Selain itu, analisis studi kasus menunjukkan bahwa ARKAIV mampu memprediksi secara akurat dua insiden exfiltration dan satu insiden non-exfiltration. Dengan demikian, ARKAIV menunjukkan konsistensi kinerja dan efektifitasnya dalam memprediksi terjadinya exfiltration dalam berbagai skenario.

---

One of the primary challenges in investigating data breach incidents is the lack of a specific framework tailored to the characteristics of such incidents, accompanied by clear steps to ensure comprehensive investigative results. Another challenge lies in the analysis of large volumes of logs, which is time-consuming and prone to human error when performed manually. Machine learning (ML) approaches offer a potential solution; however, their performance is often suboptimal due to the imbalance in datasets. This study proposes a novel digital forensic framework named KARAFFE, designed specifically to address the unique characteristics of data breach incidents. The stages and components of KARAFFE are structured to answer investigative questions encompassing What, When, Who, Where, Why, and How (5WH) of the incidents under investigation. Case study analysis demonstrates that KARAFFE provides a complete investigation of incidents, delivering comprehensive 5WH responses for the examined cases. Based on the established comparative characteristics, KARAFFE meets six key indicators, outperforming other existing frameworks. Furthermore, the case study analysis demonstrates that KARAFFE enables comprehensive incident investigation, providing complete 5WH answers for the tested incidents. Additionally, this study introduces the ARKAIV method. ARKAIV is an ML-based approach capable of predicting exfiltration attacks based on event logs mapped to adversarial tactics. To facilitate these predictions, the dataset was modified to include a sequence of tactics with exfiltration as the target, and a resampling scheme was designed to address dataset imbalance. SMOTEENN achieved the best performance, surpassing four other resampling techniques by improving the geometric mean value from 0 on the initial dataset to 0.99 on the resampled dataset. Furthermore, the ML models in ARKAIV were selected for optimal performance through the application of five feature selection techniques, five ML classifiers, and two model validation methods. The results of ML-ARKAIV indicate that Random Forest outperformed four other classifiers (XGBoost, Logistic Regression, Naive Bayes, and Support Vector Machine), with mean accuracy rates of 99.1% (5-folds), 99.8% (10-folds), 99.7% (5-folds with 5 repetitions), and 99.74% (10-folds with 10 repetitions). Additionally, the case study analysis demonstrated that ARKAIV accurately predicted two exfiltration incidents and one non-exfiltration incident. These findings underscore ARKAIV's consistent performance and effectiveness in predicting exfiltration across various scenarios."

"Tindak kejahatan yang sering terjadi pada mata uang kripto salah satunya adalah pencurian aset mata uang melalui serangan dompet mata uang kripto smartphone. Banyak fitur keamanan yang telah diterapkan pada dompet mata uang kripto smartphone, namun berbagai fitur tersebut hanya berperan dalam mencegah terjadinya pencurian. Ketika fitur keamanan berhasil ditembus dan terjadi tindak pencurian, maka perlu mencari cara untuk dapat mendapatkan bukti atau informasi dari pencurian, yang membantu dalam proses forensik digital untuk menemukan pelaku. Penelitian forensik saat ini hanya berfokus pada kejahatan yang melibatkan mata uang kripto, seperti kasus pemerasan, ransomware, dan drugs. Belum terdapat penelitian forensik yang berfokus pada pencurian aset kripto melalui dompet mata uang kripto. Hal ini dikarenakan belum terdapat penelitian berupa penerapan fitur keamanan yang berperan saat setelah kejadian pencurian pada dompet mata uang kripto, dimana fitur keamanan tersebut berfungsi untuk mendapatkan bukti yang berguna dalam membantu proses forensik digital seperti, monitoring dan pelacakan aktivitas pada perangkat atau aplikasi yang digunakan. Ini diduga disebabkan karena penerapan fitur keamanan diatas sangat rentan terhadap pelanggaran privasi pengguna serta perlindungan data pribadi. Kami mengusulkan fitur keamanan pada dompet mata uang kripto smartphone yang dapat digunakan untuk mendapatkan bukti yang berguna dalam membantu proses forensik digital ketika terjadi tindak pencurian, dapat diterima masyarakat serta terhindar dari masalah privasi pengguna dan pelanggaran perlindungan data pribadi. Dalam menentukan kebutuhan fitur keamanan pada dompet mata uang kripto smartphone, kami menganalisis beberapa aspek seperti, forensik pada perangkat sejenis, skenario pencurian dompet mata uang kripto smartphone, serta aspek privasi pengguna dan perlindungan data pribadi. Terdapat 7 requirement yang dibutuhkan dalam penerapan fitur keamanan pada dompet mata uang kripto smartphone yaitu, (1) sistem dapat melakukan pencatatan pada saat transaksi berupa titik koordinat dan rekaman suara devices, (2) sistem dapat melakukan pencatatan pada saat import private key pertama kali berupa titik koordinat, IMEI dan MAC Address devices, (3) sistem selalu aktif dan tidak dapat dimatikan secara paksa, (4) Sistem dapat melakukan pencatatan informasi pada dompet secara tidak terlihat dan tersembunyi, (5) sistem memiliki penyimpanan pencatatan data informasi berupa cloud storage yang dapat menjamin integrity serta enkripsi data yang dikelola oleh wallet provider, (6) sistem dapat mengirimkan hasil pencatatan ke cloud storage, (7) sistem memiliki biometrics security untuk mengakses pencatatan informasi yang disimpan pada cloud storage. Hasil penelitian ini didapatkan bahwa fitur forensik yang diusulkan dapat diterima baik oleh masyarakat, dimana sebanyak 93,9% responden menginginkan dan merekomendasikan fitur keamanan tersebut. Fitur forensik yang diimplentasikan juga terbukti mampu mencatat data informasi pelaku pencurian berdasarkan skenario pencurian dompet mata uang kripto smartphone yang dapat membantu dalam proses penyelidikan.

---

One of the crimes that often occur in cryptocurrencies is the theft of currency assets through smartphone cryptocurrency wallet attacks. Many security features have been implemented in smartphone cryptocurrency wallets, but these features only play a role in preventing theft. When the security features are penetrated and theft occurs, it is necessary to find a way to obtain evidence or information from the theft, which helps in the digital forensics process to find the perpetrator. Forensic research currently only focuses on crimes involving cryptocurrencies, such as cases of extortion, ransomware, and drugs. There has been no forensic research focused on theft of crypto assets via cryptocurrency wallets. This is because there has been no research in the form of implementing security features that play a role after the theft incident on cryptocurrency wallets, where these security features function to obtain legal evidence in assisting digital forensic processes such as monitoring and tracking activity on the device or application used. This is allegedly because the implementation of the above security features is very vulnerable to violations of user privacy and personal data protection. We propose a security feature in smartphone cryptocurrency wallets that can be used to obtain legal evidence to assist digital forensics when theft occurs, is acceptable to the public and avoids user privacy problems and violations of personal data protection. In determining the need for security features in smartphone cryptocurrency wallets, we analyze several aspects such as forensics on similar devices, smartphone cryptocurrency wallet theft scenarios, as well as aspects of user privacy and personal data protection. There are 7 requirements needed in implementing security features on smartphone cryptocurrency wallets, namely, (1) the system can record transactions at the time of coordinates and voice recordings of devices, (2) the system can record at the time of importing private keys for the first time in the form of coordinates, IMEI and MAC Address devices, (3) the system is always active and cannot be forcibly turned off, (4) The system can record information on wallets in an invisible and hidden way, (5) the system has storage for recording information data in the form of cloud storage blockchain-based that guarantees the integrity and encryption of data managed by the wallet provider, (6) the system can send recording results to cloud storage, (7) the system has biometrics security to access recorded information stored in cloud storage. The results of this study found that the proposed forensic features were well received by the community, where as many as 93.9% of respondents wanted and recommended these security features. The implemented forensic feature has also been shown to be able to record information on the perpetrators of theft based on smartphone cryptocurrency wallet theft scenarios that can assist in the investigation process."

"Hackers, cyber-criminals, Dark Web users, and techno-terrorists beware! This book should make you think twice about attempting to do your dirty work in the smart cities of tomorrow.Scores of cities around the world have begun planning what are known as “smart cities.” These new or revamped urban areas use the latest technology to make the lives of residents easier and more enjoyable.They will have automated infrastructures such as the Internet of Things, “the Cloud,” automated industrial controls, electronic money, mobile and communication satellite systems, wireless texting and networking. With all of these benefits come new forms of danger, and so these cities will need many safeguards to prevent cyber criminals from wreaking havoc. This book explains the advantages of smart cities and how to design and operate one. Based on the practical experience of the authors in projects in the U.S. and overseas in Dubai, Malaysia, Brazil and India, it tells how such a city is planned and analyzes vital security concerns that must be addressed along the way.Most of us will eventually live in smart cities. What are the advantages and the latest design strategies for such ventures? What are the potential drawbacks? How will they change the lives of everyday citizens? This book offers a preview of our future and how you can help prepare yourself for the changes to come."