<![CDATA[This study was conducted to find evidence of attacks and restore data after an attack on the Open Journal System (OJS) service hosted on a computer server. The method used in this research is a new approach developed from the previous Network Forensic Digital Life Cycle (NFDLC) method. This new method, KUAD, consists of several stages for collecting evidence of cyber attacks and restoring data post-attacks. The stages in the KUAD method include initiation, acquisition, execution, mitigation, and disposition. Compared to the previous one, the novelty of this method lies in the mitigation phase, which aims to restore data or documents after an attack. The tool used to detect attacks and gather evidence is Tripwire, while the tool used to recover lost data is Crontab, which executes backup commands using rsync in four steps. Tripwire detects attacks by displaying the number of files added, deleted, or modified. This backup technique successfully recovered a hundred deleted files in .docx, .pdf, and .jpg formats. The success rate of this technique in performing post-cyber attack mitigation reaches 100%.]]>
Copyrights © 2025
