CFP last date
20 December 2024
Call for Paper
January Edition
IJCA solicits high quality original research papers for the upcoming January edition of the journal. The last date of research paper submission is 20 December 2024

Submit your paper
Know more
The week's pick
Responsive image
Improved Shuffled Frog Leaping Algorithm with Self-Adaptive Shuffling for Fuzzy Logic PD+G Controller Optimization in Robotic Manipulators

Duc Hoang Nguyen
Random Articles
Reseach Article

Comparison of Freeze Software in Anti Forensic using National Institute of Standard and Technology Method

by Carto Ardiyanto, Imam Riadi
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 184 - Number 32
Year of Publication: 2022
Authors: Carto Ardiyanto, Imam Riadi
10.5120/ijca2022922395

Carto Ardiyanto, Imam Riadi . Comparison of Freeze Software in Anti Forensic using National Institute of Standard and Technology Method. International Journal of Computer Applications. 184, 32 ( Oct 2022), 41-47. DOI=10.5120/ijca2022922395

@article{ 10.5120/ijca2022922395,
author = { Carto Ardiyanto, Imam Riadi },
title = { Comparison of Freeze Software in Anti Forensic using National Institute of Standard and Technology Method },
journal = { International Journal of Computer Applications },
issue_date = { Oct 2022 },
volume = { 184 },
number = { 32 },
month = { Oct },
year = { 2022 },
issn = { 0975-8887 },
pages = { 41-47 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume184/number32/32520-2022922395/ },
doi = { 10.5120/ijca2022922395 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-07T01:22:58.302039+05:30
%A Carto Ardiyanto
%A Imam Riadi
%T Comparison of Freeze Software in Anti Forensic using National Institute of Standard and Technology Method
%J International Journal of Computer Applications
%@ 0975-8887
%V 184
%N 32
%P 41-47
%D 2022
%I Foundation of Computer Science (FCS), NY, USA
Abstract

The development of technology brings rapid changes in the fields of software, hardware and brain ware. Solid State Drive (SSD) is generally used as an operating system container because it is considered more efficient. To reduce maintenance costs for frequently used software such as Deep Freeze, Shadow Defender and Reboot Restore Rx. But software like this can also be exploited for computer crimes, such as removing original data so that an investigator can't find the evidence, he's looking for a trial. it is commonly called Anti-forensic. Previous research on one of the software freezes turned out to be able to inhibit investigators from working. However, there is no definite comparison for each software freeze. To reveal these facts, research was made that is able to display the results of the analysis of the scenarios that have been designed using digital forensic science.The objects of this research are three virtual OS that have been manipulated in the form of steganography in freeze mode Deep Freeze, Shadow Defender and Reboot Restore RX. Methods in collecting data are literature study, experimental and simulation techniques. The stages of the research carried out were starting from looking for literature references, designing case simulations, analyzing simulation and research needs, running case simulations. Next, look for digital evidence to find the third difference in the success or effectiveness of software freezing to become anti-forensic using the National Institute of Standards and Technology method with stages in the form of collection, examination, analysis, and reporting. The results obtained were, in the search for digital evidence, the examination process did not go well. The success rate of software freeze in inhibiting the examination process on a virtual operating system is very high. The operating system installed with the Deep Freeze application has an effectiveness of 93.23%, the Shadow Defender application is 90%, and the Reboot Restore RX application is 100%. Shows software freezes are proven to be effective for investigations on storage forensics cases

References
  1. I. Riadi, R. Umar, and I. M. Nasrulloh, “Experimental Investigation of Frozen Solid State Drive on Digital Evidence with Static Forensic Methods,” Lontar Komput. J. Ilm. Teknol. Inf., vol. 9, no. 3, p. 169, 2018, doi: 10.24843/lkjiti.2018.v09.i03.p06.
  2. I. Riadi and I. M. N. Rusydi Umar, “Forensic Analysis of Digital Evidence on Frozen Solid State Drives Using the National Institute of Standards and Technology (NIST) Method,” J. Insa. Comtech, vol. 2, no. 2, pp. 33–40, 2017.
  3. T. Firman, “Comparing Storage Device Performance: SSD vs HDD,” tirto.id, 2017. https://tirto.id/membandingkan-kinerja-perangkatpenyimpan-data-ssd-vs-hdd-crSk (accessed Apr. 24, 2021).
  4. M. Riskiyadi, “Forensic Investigation of Digital Evidence in Exposing Cybercrime,” CyberSecurity dan Forensik Digit., vol. 3, no. 2, pp. 12–21, 2020.
  5. T. Alsop, “Shipments of hard and solid state disk (HDD/SSD) drives worldwide from 2015 to 2021,” Statista.com,2021.https://www.statista.com/statistics/285474/hdds-and-ssds-in-pcs-global-shipments-2012-2017/ (accessed Apr. 24, 2021).
  6. G. C. Kessler, “Anti-forensics and the digital investigator,” Proc. 5th Aust. Digit. Forensics Conf., pp. 1–7, 2007, doi: 10.4225/75/57ad39ee7ff25.
  7. I. Riadi and I. M. Nasrulloh, “Forensic Analysis of Solid State Drives (SSD) Using the Grr Rapid Response Framework Forensic Analysis of Solid State Drives (SSD) Using The Grr Rapid Response Framework,” J. Teknol. Inf. dan Ilmu Komput., vol. 6, no. 5, pp. 509–518, 2019, doi: 10.25126/jtiik.201961516.
  8. N. Klein, “Backblaze Drive Stats for Q1 2021,” Backblaze,2021.https://www.backblaze.com/blog/backblaze-hard-drive-stats-q1-2021/ (accessed Jul. 09, 2021).
  9. D. T. Yuwono, A. Fadlil, and S. Sunardi, “Performance Comparison of Forensic Software for Carving Files using NIST Method,” J. Teknol. dan Sist. Komput., vol. 7, no. 3, pp. 89–92, 2019, doi: 10.14710/jtsiskom.7.3.2019.89-92.
  10. W. Pranoto, I. Riadi, and Y. Prayudi, “Comparison of Forensics Tools on NVMe SSD TRIM Features Using Live Forensics Method,” It J. Res. Dev., vol. 4, no. 2, pp. 135–148, 2020, doi: 10.25299/itjrd.2020.vol4(2).4615.
  11. S. L. Garfinkel, “Digital forensics research: The next 10 years,” Digit. Investig., vol. 7, no. SUPPL., pp. S64–S73, 2010, doi: 10.1016/j.diin.2010.05.009.
  12. B. Rahardjo and I. P. A. E. Pratama, “Anti-Computer Forensic Testing And Analysis Using Shred Tool,” Lontar Komput. J. Ilm. Teknol. Inf., vol. 7, no. 2, p. 104, 2016, doi: 10.24843/lkjiti.2016.v07.i02.p04.
  13. N. A. Sultan, K. H. Thanoon, and O. A. Ibrahim, “Ethical Hacking Implementation for Lime Worm Ransomware Detection,” J. Phys. Conf. Ser., vol. 1530, no. 1, 2020, doi: 10.1088/1742-6596/1530/1/012078.
  14. S. Lasaharu and I. Riadi, “Network Forensic on Web-based Applications using Network Forensic Development Life Cycle Method,” Int. J. Comput. Appl., vol. 183, no. 47, pp. 8–14, 2022, doi: 10.5120/ijca2022921869.
  15. Z. Rahma and I. Riadi, “Email Forensic from Phishing Attack using Network Forensics Development Life Cycle Method,” Int. J. Comput. Appl., vol. 183, no. 46, pp. 36–42, 2022, doi: 10.5120/ijca2022921865.
  16. M. Masri, H. Alam, M. Masri, Z. Lubis, and M. Izhni Pohan, “Byte Error Correction Simulation Using Hamming Code,” Journal of Electrical Technology, vol. 4, no. 3. pp. 2502–3624, 2019.
  17. T. Rochmadi, “Live Forensics for Anti-Forensic Analysis on a Web Browser Case Study Browzar,” Indonesian Journal of Business Intelligence (IJUBI), vol. 1, no. 1. p. 32, 2019, doi: 10.21927/ijubi.v1i1.878.
  18. A. I. Putra, R. Umar, and A. Fadlil, “Forensic Analysis Video Metadata Authenticity Detection Using Exiftool,” Semin. Nas. Inform. 2018 (semnasIF 2018), vol. 2018, no. November, pp. 21–25, 2018.
  19. F. Corporation, “DFS_GettingStarted.pdf.” 2022, [Online].Available:https://www.faronics.com/assets/DFS_GettingStarted.pdf.
  20. D. L. Tri Yusnanto, “Optimizing the Use of CMD and Sysinternalsuits as Malware Detection,” Jurnal Transformasi, vol. 15, no. 1. pp. 66–74, 2019.
  21. A. Hadi and S. Riadi, Imam, “Digital Evidence Forensics on NVMe Solid State Drives (SSDs) Using National Institute of Standards and Technology (NIST) Methods,” Semnastek 2019, pp. 551–558, 2019.
  22. winrar, “Winrar 6.11,” win.rar GmbH. https://www.win-rar.com/start.html?&L=0.
  23. F. Carbone, Computer Forensics with FTK. 2014.
  24. M. Wazid, A. Katal, R. H. Goudar, and S. Rao, “Hacktivism trends, digital forensic tools and challenges: A survey,” 2013 IEEE Conf. Inf. Commun. Technol. ICT 2013, no. Ict, pp. 138–144, 2013, doi: 10.1109/CICT.2013.6558078.
  25. I. Riadi, R. Umar, and I. M. Nasrulloh, “Digital Forensic Analysis on Frozen Solid State Drive With National Institute of Justice (NIJ) Method,” Elinvo (Electronics, Informatics, Vocat. Educ., vol. 3, no. 1, pp. 70–82, 2018, doi: 10.21831/elinvo.v3i1.19308.
Index Terms

Computer Science
Information Sciences

Keywords

Digital Forensics Anti-forensics software freeze NIST

Powered by PhDFocusTM