Network Forensic Serangan DoS pada Jaringan Cloud berdasarkan Generic Framework for Network Forensics (GFNF)

Tri Hesti Damayanti, Ira Rosianal Hikmah

Abstract


The attacks on cloud-based networks have increased and could lead to various disadvantages such as the inaccessibility of services until the loss of user’s trust. Owncloud is one cloud implementation that runs on a network with more than 200 million users. The aims of these researches are to find digital evidence from DoS attacks. Some DoS attacks are SSH brute force, SYN flood, ping of death, and port scanning on the Owncloud network and then finding the digital evidence such as the attacker's IP, time occurred of the attack, types of the attack, also the resource usage of CPU and RAM. This research uses Wireshark and Snort tools to analyze the network and the method of Generic Framework for Network Forensic (GFNF) as a framework during the simulation process until performing the evidence. The simulation was carried out for 1 minute with 30 trials for each attack. The results of this study found the attacker’s IP, time of the attack occurred, types of attack, and also the increase of the resource usage on CPU and RAM when an attack occurred. The found of results digital evidence such as the attacker's IP, the time occurred of attack, and the types of attack were visualized as a table and presented on the ELK Stack dashboard. 


Keywords


network forensic; digital evidence; gfnf; snort; elk stack

Full Text:

PDF

References


Abadi, J., Arianti, B. D. D., & Wirasasmita, R. H. (2018). Pengembangan Media Lembar Kerja Siswa (LKS) Berbasis Web Pada Mata Pelajaran Jaringan Dasar. EDUMATIC: Jurnal Pendidikan Informatika, 2(1), 42–51. https://doi.org/10.29408/edumatic.v2i1.939

Fathoni, W., Fitriyani, F., & Nurkahfi, G. N. (2016). Deteksi Penyusupan Pada Jaringan Komputer Menggunana IDS Snort. eProceedings of Engineering, 3(1), 1169-1172.

Firmansyah, M., Masrun, M., & Yudha S, I. D. K. (2021). Esensi Perbedaan Metode Kualitatif Dan Kuantitatif. Elastisitas - Jurnal Ekonomi Pembangunan, 3(2), 156–159. https://doi.org/10.29303/e-jep.v3i2.46

Fadilla, M. K., Sugiantoro, B., & Prayudi, Y. (2022). Membangun Framework Konseptual Terintegrasi Menggunakan Metode Composite Logic untuk Cloud Forensic Readiness pada Organisasi. Jurnal Media Informatika Budidarma, 6(1), 144-153. https://doi.org/10.30865/mib.v6i1.3427

Helmi, I., Widiyasono, N., & Gunawan, R. (2019). Simulasi Analisis Bukti Digital Pada Layanan Cloud Computing Menggunakan Metode NIST 800-86. Jurnal Media Informatika Budidarma, 3(3), 217-224. https://doi.org/10.30865/mib.v3i3.1193

Jupriyadi, & Prabowo, R. (2017). Implementasi ownCloud Sebagai Private Storage Berbasis Web pada Perguruan Tinggi XYZ. Seminar Nasional Sains Dan Teknologi, 2(1), 1–5.

Khalaf, B. A., Mostafa, S. A., Mustapha, A., Ismaila, A., Mahmoud, M. A., Jubaira, M. A., & Hassan, M. H. (2019). A simulation study of syn flood attack in cloud computing environment. AUS journal, 26(1), 188-197.

Lukman, & Suci Melati. (2020). Analisis Perbandingan Kinerja Snort Dan Suricata Sebagai Intrusion Detection System Dalam Mendeteksi Serangan Syn Flood Pada Web Server Apache. Jurnal Teknologi Informasi, XV(1907–2430), 1–15. https://doi.org/http://dx.doi.org/10.35842/jtir.v15i2.343

Muhammad, R. M., Irawati, I. D., & Iqbal, M. (2013). Implementasi Sistem Keamanan Jaringan Lokal Menggunakan Honeypot Dionaea, dan IDS, Serta Analisis Malware. Jurnal Elektro Telekomunikasi Terapan, 7(3), 1–7.

Pichan, A., Lazarescu, M., & Soh, S. T. (2015). Cloud forensics: Technical challenges, solutions and comparative analysis. Digital Investigation, 13(2), 38–57. https://doi.org/10.1016/j.diin.2015.03.002

Pilli, E. S., Joshi, R. C., & Niyogi, R. (2010). A framework for network forensic analysis. In International Conference on Advances in Information and Communication Technologies (pp. 142-147). Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15766-0_21

Rakhmat, E., Dwiyatno, S., Sulistiyon, S., Irawan, A., & Setiawan, F. (2021). Pemanfaatan Aplikasi Owncloud Pada Sistem Keamanan Cloud Computing. Jurnal Sistem Informasi Dan Informatika (Simika), 4(2), 146–155. https://doi.org/10.47080/simika.v4i2.1454

Riadi, I., Fadlil, A., & Hafizh, M. N. (2020). Analisis Bukti Serangan Address Resolution Protocol Spoofing menggunakan Metode National Institute of Standard Technology. Edumatic Jurnal Pendidikan Informatika, 4(1), 1–11. https://doi.org/10.29408/edumatic.v4i1.2046

Riadi, I., Yudhana, A., & Al Barra, M. (2021). Forensik Mobile pada Layanan Media Sosial LinkedIn. JISKA (Jurnal Informatika Sunan Kalijaga), 6(1), 9-20. https://doi.org/10.14421/jiska.2021.61-02

Ridho, F., Yudhana, A., & Riadi, I. (2016). Analisis Forensik Router Untuk Mendeteksi Serangan Distributed Danial of Service (DDoS) Secara Real Time. 2(1), 111–116.

Sahren. (2021). Implementasi Teknologi Firewall Sebagai Keamanan Server dari SYN Flood Attack. JURTEKSI (Jurnal Teknologi Dan Sistem Informasi), 7(2), 159–164. https://doi.org/10.33330/jurteksi.v7i2.933

Satria, A. F., Adam, R. I., & Carudin, C. (2021). Analisis Digital Watermarking untuk Otentikasi pada Citra Manipulasi Menggunakan Metode Least Significant Bit. Edumatic: Jurnal Pendidikan Informatika, 5(2), 204–213. https://doi.org/10.29408/edumatic.v5i2.3901

Sholihah, W., Pripambudi, S., & Mardiyono, A. (2020). Log event management server menggunakan elastic search logstash kibana (elk stack). JTIM: Jurnal Teknologi Informasi dan Multimedia, 2(1), 12-20. https://doi.org/10.35746/jtim.v2i1.79

Suharmanto, A. Y., Lumenta, A. S., & Najoan, X. B. (2018). Analisa Keamanan Jaringan Wireless Di Universitas Sam Ratulangi. Jurnal Teknik Informatika, 13(3), 1-10.

Yazhini, P. (2020). The Survey DDoS Attack Prevention and Defense Technique. International Journal of Innovative Science and Research Technology, 5(2), 65–58.




DOI: https://doi.org/10.29408/edumatic.v6i2.6466

Refbacks

  • There are currently no refbacks.


Copyright (c) 2022 Tri Hesti Damayanti, Ira Rosianal Hikmah

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

 

Statistik Pengunjung

Creative Commons License

Edumatic: Jurnal Pendidikan Informatika is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.