<![CDATA[Purpose: Cybercrime is the misuse of technology as a tool or medium in committing crimes such as hacking, stealing, deleting, hiding, and destroying information. Cybercriminals tend to delete, hide, and format all the data collected to eliminate traces of digital evidence. In digital forensics, file carving techniques can overcome data loss from storage media. This study aims to determine the results of the file carving process in uncovering digital evidence and evaluating the performance of digital forensic software, including Foremost and Scalpel, based on 3 assessment parameters.Methods: In this investigation, the Digital Forensics Research Workshop (DFRWS) research method is used with the following stages: Identification, Preservation, Collection, Examination, Analysis, and Presentation. Results: Comparison results of the data obtained from Foremost and Scalpel forensic tools are based on three primary parameters including the speed of the recovery process, the number of successfully recovered files, and the identical hash value. The Foremost tool managed to recover the carving files in 1 minute and 3 seconds, showing a success rate of 85% with a hash value similarity rate of 70.59%. On the other hand, Scalpel recovered the carving file in 2 minutes 17 seconds, achieving a success rate of 65% with a hash value similarity rate of 7.69%.Novelty: This data results from the performance of both forensic tool applications in collecting digital evidence from Flash disk storage media.]]>
Copyrights © 2023
