Digital Forensic on Secure Digital High Capacity using DFRWS Method

  • Anton Yudhana Department of Electrical Engineering, Universitas Ahmad Dahlan
  • Imam Riadi Department of Information System, Universitas Ahmad Dahlan
  • Budi Putra universitas ahmad dahlan
Keywords: Digital forensic, linux, foremost, dc3dd, sdhc, dfrws


As evidenced in the trial, between 2015 and the second quarter of 2022, there were 54 cases involving secure digital high capacity (SDHC) storage hardware as evidenced in trials. In 2021 there will be an increase in cases involving SDHC. The three cases with the highest number are corruption cases, special crimes, and ITE. SDHC is an advanced technology development of Secure Digital (SD) card hardware which functions as storage. SD Card only has a capacity of up to 2 gigabytes, while the largest SDHC capacity is 32 gigabytes. As a storage device that is small, thin, and has a fairly large capacity. this research needs to be done because of the increasingly widespread increase in cases involving SDHC. This study aims to perform digital forensic analysis on SDHC evidence using forensic applications that run on Linux, namely foremost and DC3DD. This study uses the DFRWS method to retrieve valid evidence in court. Based on the research conducted, it was found that the number of files that can be restored at the examination stage using foremost is 77%, and the accuracy of recovered files is 50% with string file hash validation. From this research, it can be concluded that the processing results of DC3DD and Foremost can be used as valid evidence.



Download data is not yet available.


Mahkamah Agung, “Direktori Putusan Mahkamah Agung 2021-2022,” Direktori Putusan, 2022. (accessed Sep. 19, 2022).

Mahkamah Agung, Tindak Pidana Korupsi. 2021. Accessed: Sep. 19, 2022. [Online]. Available:

A. Amirsoleimani et al., “In-Memory Vector-Matrix Multiplication in Monolithic Complementary Metal–Oxide–Semiconductor-Memristor Integrated Circuits: Design Choices, Challenges, and Perspectives,” Adv. Intell. Syst., vol. 2, no. 11, p. 2000115, Nov. 2020, doi: 10.1002/aisy.202000115.

D. Quick and K.-K. R. Choo, “Pervasive social networking forensics: Intelligence and evidence from mobile device extracts,” Spec. Issue Pervasive Soc. Netw., vol. 86, pp. 24–33, May 2017, doi: 10.1016/j.jnca.2016.11.018.

P. Ruiz-de-Clavijo, E. Ostúa, M.-J. Bellido, J. Juan, J. Viejo, and D. Guerrero, “Minimalistic SDHC-SPI hardware reader module for boot loader applications,” Microelectron. J., vol. 67, pp. 32–37, Sep. 2017, doi: 10.1016/j.mejo.2017.07.007.

G. H. A. Kusuma and I. N. Prawiranegara, “Analisa Digital Forensik Rekaman Video CCTV dengan Menggunakan Metadata dan Hash,” Vol ., no. 1, p. 5, 2019.

D. J. Hartono, “The Criminal Responsibility for Pornography Video Maker Through Digital Forensics on Social Media,” vol. 1, p. 8, 2022.

G. Fanani, I. Riadi, and A. Yudhana, “Analisis Forensik Aplikasi Michat Menggunakan Metode Digital Forensics Research Workshop,” vol. 6, p. 9, 2022, doi:

F. Anggraini and A. Yudhana, “Analisis Forensik Aplikasi TikTok Pada Smartphone Android Menggunakan Framework Association of Chief Police Officers,” vol. 9, no. 4, p. 11, 2022, doi:

I. Riadi, R. Umar, and I. M. Nasrulloh, “Analisis Forensik Digital Pada Frozen Solid State Drive Dengan Metode National Institute Of Justice (NIJ),” Elinvo Electron. Inform. Vocat. Educ., vol. 3, no. 1, pp. 70–82, Jul. 2018, doi: 10.21831/elinvo.v3i1.19308.

A. Yudhana, I. Riadi, and I. Anshori, “Analisis Bukti Digital Facebook Messenger Menggunakan Metode Nist,” IT J. Res. Dev., vol. 3, no. 1, pp. 13–21, Aug. 2018, doi: 10.25299/itjrd.2018.vol3(1).1658.

R. Dinnur Rahman, I. Riadi, and The Society of Digital Information and Wireless Communication, “Framework Analysis of IDFIF V2 in WhatsApp InvestigationProcess on Android Smartphones,” Int. J. Cyber-Secur. Digit. Forensics, vol. 8, no. 3, pp. 213–222, 2019, doi: 10.17781/P002610.

G. Horsman, “Formalising investigative decision making in digital forensics: Proposing the Digital Evidence Reporting and Decision Support (DERDS) framework,” Digit. Investig., vol. 28, pp. 146–151, Mar. 2019, doi: 10.1016/j.diin.2019.01.007.

B. Nikkel, “Fintech forensics: Criminal investigation and digital evidence in financial technologies,” Forensic Sci. Int. Digit. Investig., vol. 33, p. 200908, Jun. 2020, doi: 10.1016/j.fsidi.2020.200908.

P. Reedy, “Interpol review of digital evidence 2016 - 2019,” Forensic Sci. Int. Synergy, vol. 2, pp. 489–520, Jan. 2020, doi: 10.1016/j.fsisyn.2020.01.015.

Imam Riadi, Abdul Fadlil, and Muhammad Immawan Aulia, “Investigasi Bukti Digital Optical Drive Menggunakan Metode National Institute of Standard and Technology (NIST),” J. RESTI Rekayasa Sist. Dan Teknol. Inf., vol. 4, no. 5, pp. 820–828, Oct. 2020, doi: 10.29207/resti.v4i5.2224.

I. Riadi, A. Fadlil, and M. I. Aulia, “Review Proses Forensik Optical Drive Menggunakan Metode National Institute of Justice (NIJ),” vol. 8, no. 3, p. 12, doi:

V. Ivanova, A. Boneva, Y. Doshev, S. Ivanov, and P. Vasilev, “Multifunctional Operating Station Based on Tcl/Tk and Its Applications,” in 2019 Big Data, Knowledge and Control Systems Engineering (BdKCSE), Nov. 2019, pp. 1–7. doi: 10.1109/BdKCSE48644.2019.9010662.

E. Haryanto and I. Riadi, “Forensik Internet Of Things pada Device Level berbasis Embedded System,” J. Teknol. Inf. Dan Ilmu Komput., vol. 6, no. 6, p. 703, Dec. 2019, doi: 10.25126/jtiik.2019661828.

Nurhayati and N. Fikri, “The analysis of file carving process using PhotoRec and Foremost,” in 2017 4th International Conference on Computer Applications and Information Processing Technology (CAIPT), Kuta Bali, Aug. 2017, pp. 1–6. doi: 10.1109/CAIPT.2017.8320663.

Ghoshal, S., Bandyopadhyay, P., Roy, S., & Baneree, M., “A journey from md5 to sha-3,” Trends Commun. Cloud Big Data, pp. 107–112, 2020.

S. U. Lubis, “Implementasi Metode Md5 Untuk Mendeteksi Orisinalitas File Audio,” KOMIK Konf. Nas. Teknol. Inf. Dan Komput., vol. 3, no. 1, Nov. 2019, doi: 10.30865/komik.v3i1.1620.

D. Chang, M. Ghosh, S. K. Sanadhya, M. Singh, and D. R. White, “FbHash: A New Similarity Hashing Scheme for Digital Forensics,” Digit. Investig., vol. 29, pp. S113–S123, Jul. 2019, doi: 10.1016/j.diin.2019.04.006.

Stevens, M., Bursztein, E., Karpman, P., Albertini, A., & Markov, Y., “The first collision for full SHA-1,” Annu. Int. Cryptol. Conf. Cham, pp. 570–596, Aug. 2017.

M. F. Hasa, A. Yudhana, and A. Fadlil, “Analisis Bukti Digital pada Storage Secure Digital Card Menggunakan Metode Static Forensic,” Mob. Forensics, vol. 1, no. 2, pp. 76–84, Nov. 2019, doi: 10.12928/mf.v1i2.1217.

R. Montasari, “A standardised data acquisition process model for digital forensic investigations,” Int J Inf. Comput. Secur., vol. 9, no. 3, p. 21, 2017.

A. Powell and C. Haynes, “Social Media Data in Digital Forensics Investigations,” in Digital Forensic Education: An Experiential Learning Approach, X. Zhang and K.-K. R. Choo, Eds. Cham: Springer International Publishing, 2020, pp. 281–303. doi: 10.1007/978-3-030-23547-5_14.

D. Mualfah and R. A. Ramadhan, “Analisis Forensik Metadata Kamera CCTV Sebagai Alat Bukti Digital,” Digit. Zone J. Teknol. Inf. Dan Komun., vol. 11, no. 2, pp. 257–267, Nov. 2020, doi: 10.31849/digitalzone.v11i2.5174.

I. Yaqoob, I. A. T. Hashem, A. Ahmed, S. M. A. Kazmi, and C. S. Hong, “Internet of things forensics: Recent advances, taxonomy, requirements, and open challenges,” Future Gener. Comput. Syst., vol. 92, pp. 265–275, Mar. 2019, doi: 10.1016/j.future.2018.09.058.

I. Riadi and P. Widiandana, “Cyberbullying Detection On Instant Messaging Services Using Rocchio And Digital Forensics Research Workshop Framework,” vol. 17, p. 15, 2022.

A. Dimitriadis, N. Ivezic, B. Kulvatunyou, and I. Mavridis, “D4I - Digital forensics framework for reviewing and investigating cyber attacks,” Array, vol. 5, p. 100015, Mar. 2020, doi: 10.1016/j.array.2019.100015.

How to Cite
Yudhana, A., Imam Riadi, & Budi Putra. (2022). Digital Forensic on Secure Digital High Capacity using DFRWS Method. Jurnal RESTI (Rekayasa Sistem Dan Teknologi Informasi), 6(6), 1021 - 1027.
Information Technology Articles