Garuda - Garba Rujukan Digital

Ekstraksi Logis Forensik Mobile pada Aplikasi E-Commerce Android Anwar, Nuril; Akbar, Son Ali; Azhari, Ahmad; Suryanto, Imam
Mobile and Forensics Vol 2, No 1 (2020)
Publisher : Universitas Ahmad Dahlan

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.12928/mf.v2i1.1791

Pesatnya perkembangan aplikasi android, terutama aplikasi di bidang e-commerce dan transaksi jual beli online yang populer di Indonesia, memaksa pengguna untuk memberikan izin untuk menggunakan fitur dan layanan aplikasi selama pemasangan dan pasca pemasangan. Kurangnya pemahaman pengguna akan resiko dari izin akses yang diminta oleh aplikasi sebelum atau setelah melakukan instalasi menjadikan celah pada keamanan data pengguna untuk mengakses fitur pada perangkat smartphone seperti kamera, media penyimpanan, kontak, akun dan fitur lainnya.Â Logical Extraction MethodÂ menjadi metode yang digunakan untuk mendapatkan data aplikasi dengan mengakusisi seluruh data file sistem pada smartphone menggunakan bantuan toolsÂ MOBILedit Forensic, TWRP (Team Win Recovery Project), dan Aplikasi Migrate. Akusisi data dari masing-masing aplikasi akan diambil Android Package File (APK) yang digunakan untuk proses analisis secara statis dengan menggunakanÂ Tools ForensicÂ MobSF (Mobile Security Framework). Berdasarkan hasil analisis yang dilakukan pada tiga aplikasi teratas e-commerce terdapat 51 izin akses dan dari tiga aplikasiÂ e-commerceÂ terpopuler di Indonesia dengan tingkat keamanan paling berbahaya dengan 49 izin akses, 7 izin akses normal dan 1 izin akses tanda tangan. Aplikasi lazada terdapat 21 izin akses berbahaya yang tidak diketahui pengguna sedangkan aplikasi Tokopedia terdapat 4 izin akses berbahaya yang tidak diketahui pengguna dan aplikasi Blibli.com terdapat 1 izin akses berbahaya yang tidak diketahui pengguna. Berdasarkan temuan celah keamanan dapat disimpulkan bahwa aplikasi e-commerce yang digunakan oleh penggunanya memungkinkan pula disisipi sebuahÂ malwareÂ atau virus sejenis yang berpeluang dalam penggambilan data pribadi penggunanya.Â Â The rapid development of android applications, especially applications in the field of e-commerce and online buying and selling transactions that are popular in Indonesia, force users to give permission to use the features and services of the application during installation and post-installation. Lack of user understanding of the risk of access permissions requested by the application before or after installation creates a gap in the user's data security to access features on smartphone devices such as cameras, storage media, contacts, accounts, and other features. Logical Extraction Method is a method used to obtain application data by acquiring all system file data on smartphones using the help of MOBILedit Forensic tools, TWRP (Team Win Recovery Project), and Migrate Applications. Data acquisition from each application will be taken by Android Package File (APK) which is used for the static analysis process using Tools Forensic MobSF (Mobile Security Framework). Based on the results of an analysis conducted on the top three e-commerce applications there are 51 access permits and of the three most popular e-commerce applications in Indonesia with the most dangerous level of security with 49 access permits, 7 normal access permits, and 1 signature access permit. The Lazada application has 21 dangerous access permits that the user does not know while the Tokopedia application has 4 dangerous access permits that the user does not know and the Blibli.com application has 1 dangerous access permit that the user does not know about. Based on the findings of a security hole, it can be concluded that the e-commerce application used by its users also allows the insertion of a malware or virus that has the opportunity to capture the user's personal data.

Live Forensics on GPS inactive Smartphone Anwar, Nuril; Mardhia, Murein Miksa; Ryanto, Luthfi
Mobile and Forensics Vol 3, No 1 (2021)
Publisher : Universitas Ahmad Dahlan

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.12928/mf.v3i1.3847

Google is known to still track the user's location despite the GPS settings and location history in smartphone settings has been turned off by the user. This requires special handling to prove the location on smartphones with inactive GPS and view its Location History previously used by user. The research investigates if Google is still recording its user data location. Live Forensic requires data from the running system or volatile data which is usually found in Random Access Memory (RAM) or transit on the network. Investigations are carried out using a Google account with a method used by live forensics to obtain results from the location history. Smartphones have been checked manually through data backup through custom recovery that has been installed. When checking the backup filesystem, turned out that no location data is stored. Therefore, researchers conducted an analysis on the Google Account which was analyzed using a forensic tool to analyze cloud services to obtain location data results. The results of the analysis carried out obtained a similarity in location from 8-days investigations. Google can still find the location of smartphones with GPS disabled, but the location results are not accurate. Google can store user location data via cellular networks, Wi-Fi, and sensors to help estimate the user's location. The process of extracting the results from the google maps log using a Google account will be analyzed using the Elcomsoft Cloud eXplorer and Oxygen Forensic Cloud Extractor so that the log location results are still available by Google.

Ekstraksi Logis Forensik Mobile pada Aplikasi E-Commerce Android Anwar, Nuril; Akbar, Son Ali; Azhari, Ahmad; Suryanto, Imam
Mobile and Forensics Vol. 2 No. 1 (2020)
Publisher : Universitas Ahmad Dahlan

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.12928/mf.v2i1.1791

Pesatnya perkembangan aplikasi android, terutama aplikasi di bidang e-commerce dan transaksi jual beli online yang populer di Indonesia, memaksa pengguna untuk memberikan izin untuk menggunakan fitur dan layanan aplikasi selama pemasangan dan pasca pemasangan. Kurangnya pemahaman pengguna akan resiko dari izin akses yang diminta oleh aplikasi sebelum atau setelah melakukan instalasi menjadikan celah pada keamanan data pengguna untuk mengakses fitur pada perangkat smartphone seperti kamera, media penyimpanan, kontak, akun dan fitur lainnya. Logical Extraction Method menjadi metode yang digunakan untuk mendapatkan data aplikasi dengan mengakusisi seluruh data file sistem pada smartphone menggunakan bantuan tools MOBILedit Forensic, TWRP (Team Win Recovery Project), dan Aplikasi Migrate. Akusisi data dari masing-masing aplikasi akan diambil Android Package File (APK) yang digunakan untuk proses analisis secara statis dengan menggunakan Tools Forensic MobSF (Mobile Security Framework). Berdasarkan hasil analisis yang dilakukan pada tiga aplikasi teratas e-commerce terdapat 51 izin akses dan dari tiga aplikasi e-commerce terpopuler di Indonesia dengan tingkat keamanan paling berbahaya dengan 49 izin akses, 7 izin akses normal dan 1 izin akses tanda tangan. Aplikasi lazada terdapat 21 izin akses berbahaya yang tidak diketahui pengguna sedangkan aplikasi Tokopedia terdapat 4 izin akses berbahaya yang tidak diketahui pengguna dan aplikasi Blibli.com terdapat 1 izin akses berbahaya yang tidak diketahui pengguna. Berdasarkan temuan celah keamanan dapat disimpulkan bahwa aplikasi e-commerce yang digunakan oleh penggunanya memungkinkan pula disisipi sebuah malware atau virus sejenis yang berpeluang dalam penggambilan data pribadi penggunanya. The rapid development of android applications, especially applications in the field of e-commerce and online buying and selling transactions that are popular in Indonesia, force users to give permission to use the features and services of the application during installation and post-installation. Lack of user understanding of the risk of access permissions requested by the application before or after installation creates a gap in the user's data security to access features on smartphone devices such as cameras, storage media, contacts, accounts, and other features. Logical Extraction Method is a method used to obtain application data by acquiring all system file data on smartphones using the help of MOBILedit Forensic tools, TWRP (Team Win Recovery Project), and Migrate Applications. Data acquisition from each application will be taken by Android Package File (APK) which is used for the static analysis process using Tools Forensic MobSF (Mobile Security Framework). Based on the results of an analysis conducted on the top three e-commerce applications there are 51 access permits and of the three most popular e-commerce applications in Indonesia with the most dangerous level of security with 49 access permits, 7 normal access permits, and 1 signature access permit. The Lazada application has 21 dangerous access permits that the user does not know while the Tokopedia application has 4 dangerous access permits that the user does not know and the Blibli.com application has 1 dangerous access permit that the user does not know about. Based on the findings of a security hole, it can be concluded that the e-commerce application used by its users also allows the insertion of a malware or virus that has the opportunity to capture the user's personal data.

Live Forensics on GPS inactive Smartphone Anwar, Nuril; Mardhia, Murein Miksa; Ryanto, Luthfi
Mobile and Forensics Vol. 3 No. 1 (2021)
Publisher : Universitas Ahmad Dahlan

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.12928/mf.v3i1.3847

Google is known to still track the user's location despite the GPS settings and location history in smartphone settings has been turned off by the user. This requires special handling to prove the location on smartphones with inactive GPS and view its Location History previously used by user. The research investigates if Google is still recording its user data location. Live Forensic requires data from the running system or volatile data which is usually found in Random Access Memory (RAM) or transit on the network. Investigations are carried out using a Google account with a method used by live forensics to obtain results from the location history. Smartphones have been checked manually through data backup through custom recovery that has been installed. When checking the backup filesystem, turned out that no location data is stored. Therefore, researchers conducted an analysis on the Google Account which was analyzed using a forensic tool to analyze cloud services to obtain location data results. The results of the analysis carried out obtained a similarity in location from 8-days investigations. Google can still find the location of smartphones with GPS disabled, but the location results are not accurate. Google can store user location data via cellular networks, Wi-Fi, and sensors to help estimate the user's location. The process of extracting the results from the google maps log using a Google account will be analyzed using the Elcomsoft Cloud eXplorer and Oxygen Forensic Cloud Extractor so that the log location results are still available by Google.

Image Forensics Using Error Level Analysis and Block Matching Methods Sudianto, Iis; Anwar, Nuril
Mobile and Forensics Vol. 6 No. 2 (2024)
Publisher : Universitas Ahmad Dahlan

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.12928/mf.v6i2.5719

The development of image editing tools today makes everyone able to manipulate images easily so that many images are doubtful of their authenticity. The current image can be used as evidence in a legal case in court. The authenticity of the image is a topic that many have tried to solve various studies. This study discusses the authenticity of the image using the Error Level Analysis (ELA) method to determine the authenticity of the image, especially in the JPEG image. Block Matching is used in the process of dividing an image into several square or block parts. The ELA method has been successfully implemented with 95% image compression resulting in MSE and PSNR values in distinguishing the edited image. The average MSE is 23.8 dB and the average PSNR is 34.47 dB. Block Matching results as a whole show that the pixel value for x values that reach 30 there are 9 images, x values that reach 24 there are 9 images, x values that reach 23 there are 1 image, and for x values that reach 19 there is 1 image. The result of pixel (y) of all images exceeds the value of 12 which in pixel (y) undergoes many changes marked by the presence of white spots.

Hybird Autokey Cipher Algorithm Implementation Reverse Key and Standard Data Encryption for App-Based Text Messages Lazuardi, Risandio Ilham; Anwar, Nuril
Mobile and Forensics Vol. 5 No. 2 (2023)
Publisher : Universitas Ahmad Dahlan

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.12928/mf.v5i2.8451

The development of the internet facilitates public communication in sharing information. Along with the advancement of technology in the communication segment, there were various threats to it. Many applications had sophisticated security systems, but the actions in exploiting these security systems were also increasingly diverse. This study implemented a combination of classic and modern algorithms, namely autokey cipher reverse key and DES to protect data from these crimes. This research develops encryption and decryption applications using the agile method, the technique used because of the time spent on the built progress of applications with a cycle for the development process. With this cycle utilized, the method was suitable for developing applications in the short term and revising or improving applications in each cycle. The research resulted in security applications having the function of helping people secure data so that they could prevent and complicate digital criminal acts.

Impact Analysis of Web Application Firewall on Website-Based Application Security (Case Study PPDB Kak Seto School Website) Pratama, Krisna Dewa; Anwar, Nuril
Mobile and Forensics Vol. 5 No. 1 (2023)
Publisher : Universitas Ahmad Dahlan

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.12928/mf.v5i1.8914

The swift advancement of web-based applications has posed security challenges. Insufficient security awareness among web developers has resulted in a surge of cybercrime incidents due to website vulnerabilities. To counter this, implementing a Web Application Firewall (WAF) is proposed for the vulnerable PPDB Sekolah Kak Seto website, aiming to mitigate threats in the public network. The WAF acts as a defense against potential cyber breaches. Employing an experimental approach, this research encompasses identification, observation, literature review, analysis of WAF system requirements, implementation, testing, and pre/post-implementation analysis using ModSecurity as the security system. The study analyzes the impact of WAF adoption and provides recommendations for enhancing security. Findings demonstrate WAF's effectiveness in fortifying the Kak Seto School web application by efficiently identifying and blocking potential attacks, thereby reducing breach success rates. Post-WAF implementation, Pingdom tests show a slight drop in Performance Grade (70 to 69) and a minor increase in Load Time (2.76 to 3.23 seconds). GTmetrix tests reveal a Grade downgrade from B to C and an increase in Largest Contentful Paint time (2.2 to 2.7 seconds). In conclusion, despite minor performance effects, WAF significantly enhances security, as evident in improved loading times during tests.

Network Security Monitoring System via Android Mobile App With IDS Prasetyo, Hamas; Anwar, Nuril
Mobile and Forensics Vol. 6 No. 1 (2024)
Publisher : Universitas Ahmad Dahlan

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.12928/mf.v6i1.10317

Network security is an important factor in securing data on a server, so a server needs to be kept safe from things that could threaten the validity and integrity of stored data. One way that can be used to detect threats on a server is implementing an Intrusion detection system on the server. A literature study conducted on research that implemented intrusion detection systems, found that there was a lack of intrusion detection system research that could detect one type of network security attack with a variety of attack variables and it was also found in research that had successfully implemented an intrusion detection system to detect network security attacks but still incorrectly identifying the type of attack. This research uses the Snort intrusion detection system method with an experimental model of an attack detection system and an Android application which is applied to monitor the statistics of attacks detected on the Xyz University network. The research results showed that the rules created on the IDS can detect network security attacks, especially DoS/DDoS and PortScan attacks. Then an IDS was created that can send application alert notifications and SMS with a response time that is quite responsive based on the NIST Cybersecurity reference with an average of 22 seconds for DoS/DDoS attacks and 21 seconds for Port Scanning attacks. For the percentage results from 3 times testing the rule by sending DoS/DDoS attack packets of 309,462 to 1,459,548, getting a high level of accuracy with an average of 92.1% on first test, 91.7% on the second test and 91.5% on the third test. In the results of testing the PortScan rule by sending 1,001 to 10,564 attack packets, a high level of accuracy was obtained with an average result of 92.2% in the first test, 94.2% in the second test and 93.4% in the third test.

A Security Development Life Cycle (SDLC)-Based Approach for Designing Intrusion Detection and Prevention Systems to Counter SQL Injection Attacks at MAN 2 Magetan Hafizh, Muhammad Naufal; Anwar, Nuril; Azhari, Ahmad
Mobile and Forensics Vol. 7 No. 1 (2025)
Publisher : Universitas Ahmad Dahlan

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.12928/mf.v7i1.9365

Information security is a critical aspect of ensuring the validity, integrity, and availability of data while protecting users’ access to services. Inadequate security measures can expose systems to various threats, potentially compromising their functionality. One such threat is SQL Injection, a common attack vector targeting web applications. MAN 2 Magetan, an Islamic high school located in Purwosari, Magetan Regency, East Java, Indonesia, operates an online admission system on its website. However, this website contains input fields that are not properly validated, creating a vulnerability to SQL Injection attacks. This study aims to design and implement an Intrusion Detection and Prevention System (IDPS) to mitigate SQL Injection attacks using the Security Development Life Cycle (SDLC) methodology. The SDLC process for the system development consists of five stages: Analysis, Design, Implementation, Enforcement, and Enhancement. A hybrid system combining Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) was utilized to create an effective solution. The results of the research demonstrate that the developed IDPS successfully detects and prevents SQL Injection attacks, ensuring the security and integrity of the online admission system. The integration of IDS and IPS within the SDLC framework has proven to be an effective approach to enhancing web application security at MAN 2 Magetan.

Title

Found 9 Documents
Search
Journal : Mobile and Forensics

Abstract

Abstract

Abstract

Abstract

Abstract

Abstract

Abstract

Abstract

Abstract

Title Search

Found 9 Documents Search Journal : Mobile and Forensics

Abstract

Abstract

Abstract

Abstract

Abstract

Abstract

Abstract

Abstract

Abstract

Title

Found 9 Documents
Search
Journal : Mobile and Forensics