Article Per Year (5 Year)
p-Index From 2020 - 2025
0.408
P-Index
This Author published in this journals
All Journal CESS (Journal of Computer Engineering, System and Science) Jurnal Ilmiah Sistem Informasi dan Ilmu Komputer
Fahmi Fachri
Unknown Affiliation
Computer Science & IT Industrial & Manufacturing Engineering

Published : 2 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 2 Documents
Search

 1 
Analisis Forensik pada Pemalsuan Email menggunakan Metode National Institute of Justice (NIJ) Rokhmatun Nazila; Fahmi Fachri
Jurnal ilmiah Sistem Informasi dan Ilmu Komputer Vol. 5 No. 2 (2025): Juli : Jurnal ilmiah Sistem Informasi dan Ilmu Komputer
Publisher : Lembaga Pengembangan Kinerja Dosen

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.55606/juisik.v5i2.1452

Abstract

Email spoofing is a form of cybercrime that often occurs by taking advantage of weaknesses in email protocols to deceive recipients through spoofing sender identities. This attack is a serious threat because it can be used to commit fraud, data theft, and the spread of malware. This study aims to analyze email spoofing cases with a digital forensic approach using the National Institute of Justice (NIJ) methodology, which includes five important stages: identification, collection, examination, analysis, and reporting. The main problem studied is the difficulty of detecting fake emails on internal networks that have not implemented modern email authentication mechanisms such as the Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting & Conformance (DMARC). The research method used was qualitative, experimental, with controlled simulation. Some of the tools used in this experiment include Postfix, SWAKS, tcpdump, and Mozilla Thunderbird. In simulations, fake billing emails are sent from fake addresses (e.g. finance@bankxyz.com) through an open SMTP service to see the extent to which spoofing can be done without being detected. During this process, email traffic is recorded, and various digital artifacts such as .eml files, .pcap packet captures, SMTP logs, and PDF attachments are successfully collected for further analysis. The results of forensic analysis showed that there were inconsistencies in the email headers, especially in the Return-Path, From, and Received fields, which were the main indicators of spoofing activity. This study proves that email spoofing is very likely to occur on unprotected systems, so strengthening email server configuration and implementing authentication is an important step. In addition, the NIJ method has proven to be effective in providing a systematic and valid forensic investigation structure, and can be a reference in handling email-based cybercrime cases in the future.
Analisis Keamanan Enkripsi End-To-End Pada Aplikasi WhatsApp Untuk Menanggulangi Ancaman Kriminalitas Siber Menggunakan Burp Suite Hana Meylia Nurohmah; Fahmi Fachri
CESS (Journal of Computer Engineering, System and Science) Vol. 10 No. 2 (2025): Juli 2025
Publisher : Universitas Negeri Medan

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.24114/cess.v10i2.66931

Abstract

Penelitian ini bertujuan untuk mengevaluasi efektivitas sistem enkripsi end-to-end (E2EE) pada aplikasi WhatsApp dalam melindungi komunikasi pengguna dari potensi intersepsi data. Pengujian dilakukan melalui metode penetration testing dengan menggunakan Burp Suite Community Edition, difokuskan pada lalu lintas jaringan dalam tiga skenario pengujian: komunikasi teks satu arah, komunikasi dua arah, dan pengiriman file media. Setiap skenario diuji sebanyak satu kali pada dua perangkat Android serta laptop sebagai perantara analisis jaringan yang terhubung melalui jaringan lokal dengan konfigurasi proxy aktif. Hasil pengujian menunjukkan bahwa metadata komunikasi seperti alamat IP, host server, dan jenis permintaan protokol berhasil ditangkap oleh alat, tetapi isi pesan tetap tidak dapat diakses dalam bentuk plaintext. Hal ini menunjukkan bahwa WhatsApp telah mengimplementasikan sistem E2EE secara efektif, sehingga mampu mencegah intersepsi isi komunikasi meskipun lalu lintas data terpantau. Keterbatasan penelitian ini terletak pada cakupan alat dan jaringan yang digunakan, tanpa bypass certificate pinning atau analisis mendalam terhadap sisi klien. Oleh karena itu, disarankan agar penelitian lanjutan menggunakan tools lanjutan seperti Frida atau Wireshark dan mencakup analisis terhadap potensi kebocoran metadata dan keamanan endpoint. Temuan ini diharapkan dapat menjadi referensi dalam evaluasi keamanan aplikasi pesan instan serta meningkatkan kesadaran pengguna terhadap pentingnya perlindungan privasi digital.
Co-Authors Hana Meylia Nurohmah Rokhmatun Nazila