Text

Forensik jaringan serangan malware, port scanning, ping of death berdasarkan network forensics development life cycle (NFDLC)

---

Abstrak:
Perkembangan terus-menerus penggunaan teknologi informasi yang terhubung ke jaringan internet telah membawa manfaat besar bagi kehidupan modern. Namun, penggunaan teknologi juga diikuti dengan meningkatnya berbagai serangan melalui jaringan internet yang dapat menyebabkan kerugian bagi pengguna. Penelitian ini akan melakukan forensik jaringan pada simulasi serangan malware dridex, malware backdoor, port scanning, dan ping of death menggunakan metode Network Forensic Development Life Cycle untuk menemukan bukti serangan melalui jaringan. Intrusion detection system Zeek digunakan untuk memantau traffic jaringan dan membuat log yang selanjutnya divisualisasikan oleh ELK Stack untuk mempermudah menemukan bukti bahwa telah terjadi serangan pada jaringan. Dipilihnya Zeek untuk memantau traffic jaringan karena mampu bekerja pada jaringan yang besar, tahan terhadap serangan, serta menghasilkan log yang ringkas. Hasil dari penelitian ini mampu menemukan bukti serangan menggunakan metode network forensic development life cycle pada log hasil pemantauan traffic jaringan berupa IP penyerang, waktu serangan, dan jenis serangan yang dilakukan. Bukti serangan yang telah ditemukan dapat dijadikan untuk keperluan penegakan hukum dan mencegah terjadinya serangan serupa di masa mendatang.
Abstract:
The continuous development of information technology usage connected to the internet has brought significant benefits to modern life. However, the use of technology is also accompanied by an increasing number of various attacks through the internet that can cause harm to users. This research will conduct network forensics on simulations of Dridex malware attacks, backdoor malware, port scanning, and ping of death using the Network Forensic Development Life Cycle method to find evidence of network attacks. Intrusion detection system Zeek is used to monitor network traffic and create logs, which are then visualized by the ELK Stack to facilitate the discovery of evidence that a network attack has occurred. Zeek was chosen as the network traffic monitoring tool because it can work on large networks, is resilient to attacks, and produces concise logs. The results of this research are able to find evidence of attacks using the network forensic development life cycle method in the form of the attacker's IP, attack time, and the type of attack performed. The evidence of the attack that has been found can be used for law enforcement purposes and to prevent similar attacks in the future.

---

Availability

Detail Information

Series Title

--

Call Number

2023 IGU f

Publisher

Bogor : Politeknik Siber dan Sandi Negara., 2023

Collation

xiii, 36 halaman

Language

Indonesia

ISBN/ISSN

--

Classification

Rekayasa Keamanan Siber

Content Type

-

Media Type

-

Carrier Type

-

Edition

--

Subject(s)

Forensik Jaringan
malware dridex
malware backdoor
NFDLC(4)
port scanning
ping of death

Specific Detail Info

--

Statement of Responsibility

I Gusti Putu Kanda Putra Yoga

Other version/related

File Attachment

Comments

---

You must be logged in to post a comment