Text
Analisis bukti digital pada fitur view once Whatsapp dan self destruct Telegram menggunakan metode NIST SP 800-101 Rev 1
Penelitian dilakukan untuk mencari bukti digital dari fitur view once WhatsApp dan self destruct Telegram dengan skenario smartphone dalam keadaan unroot dan root. Smartphone yang digunakan dalam penelitian adalah smarphone android. Metode yang dijadikan pedoman dalam penelitian adalah NIST 800-101 Revision 1. Skenario yang dijalankan berupa pesan gambar dan video sekali lihat yang dimiliki oleh fitur tersebut. Selanjutnya, data diambil menggunakan tools MobilEdit Forensic dan Magnet Axiom yang selanjutnya data hasil pengambilan akan diperiksa dan dianalisis oleh MobilEdit Forensic dan Magnet Axiom. Hasil dari analisis yang didapatkan fitur view once WhatsApp berhasil ditemukan berupa artefak foto dan video dengan skenario root. Sedangkan artefak foto dan video dari fitur self destruct Telegram dengan skenario root tidak dapat ditemukan, namun artefak berupa riwayat pengiriman fitur tersebut dapat ditemukan. Fitur view once WhatsApp dan self destruct Telegram tidak dapat ditemukan pada smartphone dengan kondisi unroot. Fitur view once WhatsApp dengan smartphone kondisi root kurang efektif dalam mencapai anti forensik, dikarenakan artefak fitur tersebut dapat ditemukan, sedangkan fitur self destruct Telegram dengan kondisi smartphone root, fitur view once WhatsApp dan self destruct Telegram dengan smartphone kondisi unroot lebih efektif dalam mencapai tujuan anti forensik dikarenakan artefak fitur tersebut tidak ditemukan. Penelitian ini diharapkan dapat memberikan informasi hasil analisis bukti digital, mengetahui keefektifan dari fitur tersebut dalam mencapai tujuan anti forensik dengan kondisi smartphone root dan unroot, serta memberikan tambahan referensi bagi penelitian lain tentang digital forensik berbasis mobile agar dikembangkan di masa yang akan datang --
The research was conducted to find evidence of digital view once whatsapp and self destruct Telegram with smartphone scenarios in unrooted and rooted state. The smartphone used in this study is an android smartphone. The method used as a guide in this research is NIST 800-101 Revision 1. The scenario is run in the form of a one-time message, images and videos owned by the feature. Furthermore, the data is taken using MobilEdit Forensic and Magnet Axiom tools, which will then be examined and analyzed by MobilEdit Forensic and Magnet Axiom. The results of the analysis obtained by the view once WhatsApp feature were found in the form of photo and video artifacts with a root scenario. Meanwhile, photo and video artifacts from self-destruct telegram feature with the root scenario could not be found, but artifacts in the form of the delivery history of the feature could be found. The view once WhatsApp and self destruct Telegram features cannot be found on smartphones with unrooted conditions. The view once WhatsApp feature with a root condition is less effective in anti-forensic, because artifacts of the feature can be found. Meanwhile, self-destruct Telegram feature with a root condition, view once WhatsApp and self-destruct Telegram features with an unrooted condition are more effective in anti-forensic because the feature artifact was not found. This research is expected to provide information on the results of digital evidence analysis, determine the effectiveness of these features in achieving anti-forensic goals with root and unrooted smartphone conditions, and provide additional references for other research on mobile-based digital forensics to be developed in the future.
No other version available