FORENSIK JARINGAN UNTUK INVESTIGASI KEJAHATAN CYBER
DOI:
https://doi.org/10.69714/zxrv9q19Keywords:
Insider threat, Snort, network forensics, digital evidenceAbstract
This study investigates the application of Snort as an intrusion detection tool for addressing insider threats in network environments. The primary focus is on utilizing network forensic techniques to identify, analyze, and respond to suspicious activities conducted by internal users. The analysis method involves implementing Snort on a Linux platform to monitor network traffic in real-time and collect digital evidence that can be used in forensic investigations. The study successfully demonstrates that Snort is effective in detecting suspicious behavior patterns associated with insider threats, such as unauthorized access attempts and potentially malicious application usage. The digital evidence gathered by Snort aids in further forensic analysis, assisting in the identification of threat sources and facilitating a swift and appropriate response to security incidents. The discussion highlights the strengths and weaknesses of using Snort in the context of insider threat detection, emphasizing the importance of meticulous configuration and regular maintenance for optimal performance. The study concludes that employing Snort within a network forensic framework enhances an organization's ability to detect, analyze, and respond to insider threats, providing better protection for organizational assets and information from various internal cyber threats. This research lays the foundation for developing more effective security policies and improving cybersecurity awareness within organizations.
References
Ahmad Sakhowi Amin, and Pipit Dewi Arnesia. “Pengembangan Sistem Keamanan Jaringan Menggunakan Network Forensics.” Bit, vol. 20, no. 1, 30 Apr. 2023, pp. 50–50, https://doi.org/10.36080/bit.v20i1.2180. Accessed 14 June 2024.
Ashilah, A. P., & Rahman, R. (2024). FORENSIK JARINGAN UNTUK INVESTIGASI KEJAHATAN CYBER PADA STUDI KASUS PEMBOBOLAN DATA KOMINFO OLEH BJORKA. Jurnal Riset Sistem Informasi, 1(3), 17-26.
Julias Sulicdio, et al. “Comparative Analysis of Wireshark and Windump Software in Network Security Monitoring.” Deleted Journal, vol. 1, no. 1, 25 Jan. 2022, https://doi.org/10.37676/jmcs.v1i1.1901. Accessed 14 June 2024.
Rizdqi Akbar Ramadhan, et al. “Network Forensic: Analysis of Client Attack and Quality of Service Measurement by ARP Poisoning Using Network Forensic Generic Process (NFGP) Model.” Sistemasi, vol. 13, no. 2, 23 Mar. 2024, pp. 713–713, https://doi.org/10.32520/stmsi.v13i2.3804 . Accessed 14 June 2024.
R. Sanjeetha, “Mitigating HTTP GET FLOOD DDoS Attack Using an SDN Controller,” International Conference on Recent Trends on Electronic, Information, Communictioan & Technology, pp. 6–10, 2020.
suharti, sri, Yudhana, A., & Riadi, I. (2022). Forensik Jaringan DDoS menggunakan Metode ADDIE dan HIDS pada Sistem Operasi Proprietary. MATRIK : Jurnal Manajemen, Teknik Informatika Dan Rekayasa Komputer, 21(3), 567-582.
Sutarti, et al. “ANALISIS WEB PHISHING MENGGUNAKAN METODE NETWORK FORENSIC DAN BLOCK ACCESS SITUS DENGAN ROUTER MIKROTIK.” PROSISKO Jurnal Pengembangan Riset Dan Observasi Sistem Komputer, vol. 10, no. 1, 14 June 2024, pp. 71–83, https://doi.org/10.30656/prosisko.v10i1.7048.
P. Bhale, S. Biswas, and S. Nandi, “LORD: Low Rate DDoS Attack Detection and Mitigation Using Lightweight Distributed Packet Inspection Agent in IoT Ecosystem,” International Symposium on Advanced Networks and Telecommunication Systems, ANTS, vol. 2019-December, pp. 2–7, 2019.
