Investigasi Bukti Digital Optical Drive Menggunakan Metode National Institute of Standard and Technology (NIST)
Abstract
DVD-R is a type of optical drive that can store data in one burning process. However, there is a feature that allows erasing data in a read-only type, namely multisession. The research was conducted to implement the data acquisition process which was deleted from a DVD-R using Autopsy forensic tools and FTK Imager. The National Institute of Standards and Technology (NIST) is a method commonly used in digital forensics in scope storage with stages, namely collection, examination, analysis, and reporting. The acquisition results from Autopsy and FTK-Imager show the same results as the original file before being deleted, validated by matching the hash value. Based on the results obtained from the analysis and presentation stages, it can be concluded from the ten files resulting from data acquisition using the FTK Imager and Autopsy tools on DVD-R. FTK Imager detects two file systems, namely ISO9660 and Joliet, while the Autopsy tool only has one file system, namely UDF. The findings on the FTK Imager tool successfully acquired ten files with matching hash values and Autopsy Tools detected seven files with did not find three files with extensions, *.MOV, *.exe, *.rar. Based on the results of the comparative analysis of the performance test carried out on the FTK Imager, it got a value of 100% because it managed to find all deleted files and Autopsy got a value of 70% because 3 files were not detected because 3 files were not detected and the hash values were empty with the extensions * .exe, * .rar and *.MOV. This is because the Autopsy tool cannot detect the three file extensions.
Downloads
References
N.A.Muhammad, "Digital Forensik:Panduan Praktis Investigasi Komputer".Jakarta:Salemba Infotek.2012.
K. T. Shamlawi Alaa, “Wearables as Digital Evidence,” no. March, 2018.
I. Riadi, Sunardi, and P. Widiandana. “Investigating Cyberbullying on WhatsApp Using Digital Forensics Research Workshop”. Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) 4, no. 4 (August 20, 2020): 730 - 735
Riadi, I., Sunardi, & Firdonsyah, A. "Forensic Investigation Technique on Android’s Blackberry Messenger using NIST Framework". International Journal of Cyber-Security and Digital Forensics, 16(4), 198–205.2017.
Kessler, G.C., “Anti-Forensics and the Digital Investigator”.2007.
Sunardi, Riadi, I., Akbar, H., M. "Penerapan Metode Static Forensics untuk Ekstraksi File Steganografi pada Bukti Digital Menggunakan Framework DFRWS ". Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) Vol. 4 No. 3 (2020) 576 – 583.
Barbosa, E. F., & Ziviani, N. "Data structures and access methods for read-only optical disks". In Computer science (pp. 189-207). Springer, Boston, MA. 1992.
T. Coughlin "Media Drives Storage Growth," https://www.forbes.com/sites/tomcoughlin/2019/08/26/media-drives-storage-growth/#36fa9d804cd8,2019. [Online]. Tersedia:https://www.forbes.com/sites/tomcoughlin/2019/08/26/media-drives-storage-growth/#36fa9d804cd8. [accessed : 28 Januari 2020].
Optical Storage Technology Association. Universal Disk Format™ Specification Revision 1. 1996.
M. Fadli Hasa, A. Yudhana, A. Fadlil. "Implementasi Anti Forensik pada Harddisk Menggunakan Metode DoD 5220.22 M dan British HMG IS5 E".Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi).
Schweikert, A. "An Optical Media Preservation Strategy" Appendix Workflows.2018.
Saudi, M. M. "An overview of disk imaging tool in computer forensics". SANS Institute. 2001.
S. Ningsih, I. Riadi, and Y. Prayudi, “Digital Forensics Workflow as A Mapping Model for People, Evidence, and Process in Digital Investigation,” Int. J. Cyber-Security Digit. Forensics, vol. 7, no. 3, pp. 294–304, 2018, doi: 10.17781/p002463.
M. I. Aulia, I. Riadi, and A. Fadlil, “Storage Forensic Optical drive Menggunakan Metode Statik,” Semnastek 2019, no. 2013, pp. 756–761, 2019.
I. Riadi, A. Fadlil, and M. I. Aulia, “Review Proses Forensik Optical drive Menggunakan Metode National Institute of Justice ( NIJ )” J. Tek. Inform. dan Sist. Inf., vol. 8, no. 3, pp. 107–118, 2019.
Mustafa, I. Riadi, and R. Umar, “Rancangan Investigasi Forensik E-mail dengan Metode National Institute of Standards and Technology (NIST)” Pros. SNST, vol. 9, pp. 121–124, 2018.
V. A. Yuliani and I. Riadi, “Forensic Analysis WhatsApp Mobile Application on Android-Based Smartphones Using National Institute of Standard and Technology ( NIST ) Forensic Analysis WhatsApp Mobile Application On Android Based Smartphones Using National Institute of Standard and Tec,” vol. 8, no. November, pp. 223–231, 2019.
A. Hadi, I. Riadi, and Sunardi, “Forensik Bukti Digital Pada Solid State Drive (SSD) NVMe Menggunakan Metode National Institute of Standards and Technology (NIST),” Semnastek 2019, pp. 551–558, 2019.
A. Tanner and D. Dampier, “Concept mapping for digital forensic investigations,” IFIP Adv. Inf. Commun. Technol., vol. 306, pp. 291–300, 2009, doi: 10.1007/978-3-642-04155-6_22.
I. Riadi, R. Umar, and A. Firdonsyah, “Forensic tools performance analysis on android-based blackberry messenger using NIST measurements,” Int. J. Electr. Comput. Eng., vol. 8, no. 5, pp. 3991–4003, 2018, doi: 10.11591/ijece.v8i5.pp3991-4003.
K. Kent, S. Chevalier, T. Grance, and H. Dang, “Guide to Integrating Forensic Techniques into Incident Response,” Natl. Inst. Stand. Technol., 2006.
Copyright (c) 2020 Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi)
This work is licensed under a Creative Commons Attribution 4.0 International License.
Copyright in each article belongs to the author
- The author acknowledges that the RESTI Journal (System Engineering and Information Technology) is the first publisher to publish with a license Creative Commons Attribution 4.0 International License.
- Authors can enter writing separately, arrange the non-exclusive distribution of manuscripts that have been published in this journal into other versions (eg sent to the author's institutional repository, publication in a book, etc.), by acknowledging that the manuscript has been published for the first time in the RESTI (Rekayasa Sistem dan Teknologi Informasi) journal ;