Though to some researchers the digitalforensic is in- clusive of computer forensic, network forensic, software forensic and information forensic, but it is largely used interchangeably with computer forensic . Computer forensic implies a connection between computers, the scientific method, and crime detection. It includes de- vices other than general-purpose computer systems such as network devices, cell phones, and other devices with embedded systems. There are over hundreds of digitalforensic investigation procedures developed in digitalforensic investigation practices. An organization tends to develop its own procedures and some focused on the technology aspects such as data acquisition or data analy- sis . Most of these procedures were developed in tack- ling different technology used in the inspected device. As a result, when underlying technology of the target device changes, new procedures have to be developed. However, [7,8] stated that the process of the investigation should be incorporated with the basic procedures in forensic inves- tigation which are preparation, investigation and presen- tation. A categorization of investigation process was done in  to group and merge the similar activities or processes in five phases that provide the same output. The phases are: Phase 1 (Preparation), Phase 2 (Collec- tion and Preservation), Phase 3 (Examination and Analy- sis), Phase 4 (Presentation and Reporting), and Phase 5 (Disseminating the case). The researcher also proposed a mapping process of digitalforensic investigation process model to eliminate the redundancy of the process in- volved in the model and standardize the terms used in achieving the investigation goal.
Di sini penulis menjelaskan timeline analysis serta USB flash drive analysis terkait dengan digitalforensic. Penulis akan menjelaskan proses digitalforensic secara sistematik mulai dari awal sampai dengan akhir yaitu didapatkannya digital evidence.
These components map to the components in Ramesh’s model: stakeholder, subject and object respectively. Stakeholders refer to the people involve in the whole process of digitalforensic investigation such as the auditor, network administrator, complainer (perspective as discussed in ) and forensic expert. In this research, these investigators will manage the source of evidence on the incident reported such as the devices (host and network) and the logs involved in the incident. Meanwhile, the digital evidence is defined as events of incident (see subsection Trace Pattern) that are documented in the source of evidence. This current relationship is further illustrated using the diagram in Fig. 6. For the purpose of this research, the domain selected is malware intrusion incident.
A research done in  introduced a mapping process which occurs inside digitalforensic investigation process model. The mapping is formulated by grouping and merging the same activities or processes in five phases that provide the same output into an appropriate phase. From the analysis, most of the models consist of the critical phases which are Phase 2 – Collection and Preservation, Phase 3 – Examination and Analysis, and Phase 4 – Presentation and Reporting except Phase 1 and Phase 5. Even though, Phase 1 and Phase 5 are not included in some of the model reviewed, the study done by          indicate that both phases are important to ensure the completeness of the investigation. Phases 1 is to ensure the investigation process can start and run in the proper procedure, and protect the chain of evidence. While by eliminating Phase 5, it will lead to the possibility of the incomplete investigation and no improvement in investigation procedures or policies. Therefore, a good model should consist of all important phases; Preparation Phase, Collection and Preservation Phase, Examination and Analysis Phase, Presentation and Reporting, and Disseminating the case.
elektronik/internet, biasa disebut tindak kejahatan dunia maya atau lebih dikenal cyber crime . Merujuk pada pernyataan Dr. Edmond Locard yang terkenal dengan Locard’s Exchange Principle yang menyebutkan “ every contact leaves a trace ” yang artinya “setiap kontak meninggalkan jejak” dan dari jejak – jejak yang ditinggalkan akan dapat terlacak. Prinsip tersebut juga berlaku dalam dunia digital, bahwa kejahatan yang dilakukan di dunia digital/internet akan meninggalkan jejak yang nantinya dapat ditelusuri sumber kejahatan sehingga menghasilkan rekonstruksi bagaimana kejahatan tersebut bisa terjadi sehingga mengarah pada suatu kesimpulan darimana kejahatan itu berasal dan siapa pelakunya, itulah inti dari adanya digitalforensic atau disebut juga computer forensic .
In the digital forensics investigation practices, there are over hundreds of digital forensics investigation procedures developed all over the world. Each organization tends to develop its own procedures and some focused on the technology aspects such as data acquisition or data analysis . To date, the digital investigation process has been directed by technology being investigated and the available tools. Most of these procedures were developed for tackling different technology used in the inspected device. As a result, when underlying technology of the target device changes, new procedures have to be developed. This paper proposes a mapping process which can simplify the overall process of the previous research that occurs inside the DigitalForensic Investigation Framework. The result of the propose map will reveal the balance of the investigation process to produce a suitable concrete evidence for presentation in a court of law.
Menguasai Komp uter Forensik dan Aplikasinya”, DigitalForensic adalah penggunaan sekumpulan prosedur untuk melakukan pengujian secara menyeluruh suatu sistem komputer dengan mempergunakan software dan tools untuk mengekstrak dan memelihara barang bukti tindakan kriminal.
Forensika merupakan sesuatu yang berhubungan dengan masalah-masalah hukum. Dengan menghadirkan bukti bukti yang sudah dilakukan analisa pada saat persidangan. Ilmu forensika digital merupakan gabungan antara ilmu forensic dengan menggabungkan analisa data dalam komputer, jaringan, dan perangakat penyimpanan digital yang nantinya digunakan dalam penyelesaian masalah hokum . Dalam praktiknya metode ini kemudian digunakan dalam kepolisian sebagai bentuk barang bukti kejahatan yang dapat digunakan dalam persidangan. Barang bukti tersebut bisa berupa file, gambar, suara, dan video. Sebagian besar barang bukti yang paling banyak digunakan adalah barang bukti suara, dikarenakan suara memiliki tingkat ketepatan yang lebih dibanding barang bukti lain untuk sementara ini. Untuk itu diperlukan Forensik digital suara yang berfokus menguji dan menganalisa kesesuaian dan orisinalitas dari materi konten suara tersebut dengan konten aslinya untuk diuji reabilitas dan validitasnya .
Pada dasarnya untuk melakukan DigitalForensic dibutuhkan suatu pendidikan dan pelatihan khusus yang menghasilkan SERTIFIKASI dari setiap orang yang mengikuti pendidikan dan pelatihan DigitalForensic tersebut. Tidak setiap orang yang mengerti dan ahli di bidang komputer dapat diandalkan datau dapat melakukan DigitalForensic dan di dalam persidanganpun, apabila diajukan AHLI yang akan menerangkan menegani DigitalForensic, harus terlebih dahulu ditanyakan mengenai catatan akademiknya yang harus berkaitan dengan Ilmu Komputer dan SERTIFIKASI dari AHLI yang bersangkutan, apabila AHLI tersebut tidak memiliki catatan akademik yang berkaitan dengan Ilmu Komputer dan memiliki SERTIFIKASI tentang DigitalForensic, maka pendapat yang disampaikan di persidangan, patut dikesampingkan.
5. Prosedur pemeriksaan : menjelaskan tahapan-tahapan yang dilakukan selama proses pemeriksaan dan analisis barang bukti tersebut secara digitalforensic. Sebaiknya penjelesana panjang mengenai tahapan tersebut yang akan ditulis dalam laporan, diringkas menjadi SOP ( Standard Operating Procedure ) yang baku dan lengkap. Misalnya DFAT (DigitalForensic Analyst Tean) PUSLABFOR BARESKRIM POLRI memiliki sejumlah SOP, Antara lain. a. SOP 1 tentang Prosedur Pemeriksaan DigitalForensic
Security is assured to minimize losses caused by network security attack. Network security system is an impor- tant factor to ensure the ability, integrity and validity of data. Such security can be built using the Network Fo- rensic Approach. Network forensic focuses on data obtained based on observation on the network. Observing attacks can use Snort Intrusion Detection System (IDS) tool. Snort is an open source-based NIDS software, wide- ly used to secure a network from malicious activity. The working of snort similar to tcpdump, but focus as a secu- rity packet sniffing. The aim of this study is to analyze the log snort as a result of network forensic. In the experi- ment using topology star. There is 1 PC as a snort, 3 PC client that perform attacks, 7 PC as a client too. In the test conducted set as rules as intelegence. The experimental results show that snort is able to monitor network traffic, so that when the suspicious packet containing the attack will send alerts snort, but it also stores the data in the log. The logs can be investigated using the forensic process model. The results of the investigation indicate there are 3 IP attack, as well as showing the attack data are the date of the attack, attacker IP, attack time, and type of attack.
This particular project is developed for speaker recognition for unknown sources with the known sources. The unknown sources might be from the crime scene itself or from any phone conversation that has been tapped to the local, police department. This unknown source can be assumed as forensic evidence. The forensic evidence can be defined as the relationship between such trace, whose source is unknown and some other material, which was generated by a known source or known as suspect. Usually, both of them related to a given crime or offense . Therefore, this project would substantially important to help the jury give their judge and it is done by the use of feature extraction technique such as Mel- Frequency Cepstrum Coefficient (MFCC) and the feature matching technique such as Vector Quantization LBG (VQ LBG).
The scen es of what are generally referred to as ‘major crime’ such as rape or murder require stringent attention to control and preservation. Access to the scene of crime should be controllable and limited, achieved by creation of at least one access cordon; in some cases a second inner cordon may be used. A record should be retained of all persons entering and leaving the scene of crime. All personnel entering the scene shall wear personal protective equipment that ensures that they do not contaminate the scene. The forensic unit shall dispose of relevant items used or worn at the scene of crime in a timely manner, to ensure that exhibits recovered from other scenes of crime are not compromised.
Ramaswamy (2005) believed that forensic accountant are distinctively positioned to be able to uncover financial deceptions,” his prominent skills being an in-depth knowledge of financial statements, the ability to critically analyze them, and a thorough understanding of fraud schemes. He also believed that forensic accountant should have the ability to comprehend the internal-control systems of corporations and be able to assess their risks. The knowledge of psychology helps forensic accountant to understand the impulses behind criminal behavior that motivate and encourage financial deception. Also, interpersonal and communication skills that aid in disseminating information about the company‟s ethics and an understanding of criminal and civil law and of the legal system and court procedures are skills that aid FA‟s. Moreover, Rezaee, Crumbley and Elmore (2006) surveyed opinions of practitioners and academics regarding the importance, relevance, and delivery of forensic accounting education. Their results indicated that “the demand for and the interest in forensic accounting will continue to increase.” Their study further shows that both practitioners and academics viewed accounting education as relevant and beneficial to accounting students. However, the groups differed in opinions regarding topical coverage of forensic accounting.