CFP last date
20 June 2024
Reseach Article

Network Forensic on Web-based Applications using Network Forensic Development Life Cycle Method

by Sukmawati Lasaharu, Imam Riadi
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 183 - Number 47
Year of Publication: 2022
Authors: Sukmawati Lasaharu, Imam Riadi
10.5120/ijca2022921869

Sukmawati Lasaharu, Imam Riadi . Network Forensic on Web-based Applications using Network Forensic Development Life Cycle Method. International Journal of Computer Applications. 183, 47 ( Jan 2022), 8-14. DOI=10.5120/ijca2022921869

@article{ 10.5120/ijca2022921869,
author = { Sukmawati Lasaharu, Imam Riadi },
title = { Network Forensic on Web-based Applications using Network Forensic Development Life Cycle Method },
journal = { International Journal of Computer Applications },
issue_date = { Jan 2022 },
volume = { 183 },
number = { 47 },
month = { Jan },
year = { 2022 },
issn = { 0975-8887 },
pages = { 8-14 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume183/number47/32245-2022921869/ },
doi = { 10.5120/ijca2022921869 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-07T01:20:12.467745+05:30
%A Sukmawati Lasaharu
%A Imam Riadi
%T Network Forensic on Web-based Applications using Network Forensic Development Life Cycle Method
%J International Journal of Computer Applications
%@ 0975-8887
%V 183
%N 47
%P 8-14
%D 2022
%I Foundation of Computer Science (FCS), NY, USA
Abstract

It is important to note computer network security. At any point, a web server can be attacked. There are many types of attacks that can be carried out by attackers. One type of attack that is often carried out is a Distributed Denisal of Service (DDOS) attack. Distributed Denial of Service (DDOS) attacks are one type of attack that attackers frequently use to increase traffic to the point where the server cannot handle client requests and may even cause the server to fail. To limit the likelihood of an attack, a network security system able to detect attacks is required. Snort is a software program that is capable of detecting an attack in real time by executing a rule that produces a log file containing information about network activity. Additionally, it is used to conduct network forensic analysis using the Network Forensics Development Life Cycle (NFDLC) method, which is a branch of digital forensic science concerned with the steps necessary to discover evidence of attacks originating from log files. The analysis method is comprised of the following stages: Initiations, Acquisition, Implementation, Operations, and Disposition. According to the findings of the research, Snort's Intrusion Detection System (IDS) is capable of detecting DDOS attacks on web servers. Based on the analysis of the log files using wireshark, there are 3 IP addresses, who tried to commit crimes against the web server. From the results of the DDOS attack analysis, it can be used as digital evidence from the results of network forensic investigations.

References
  1. Adani, M. (2018). Web-Based Applications: Definition, Types, Examples, and Advantages. Sekawanmedia.
  2. Ahmad, M. S., Riadi, I., & Prayudi, Y. (2017). Live Forensics Investigation From User Side To Analyze Evil Twin-Based Man in the Middle Attack. ILKOM Scientific Journal, 9(1).
  3. University, S., Mada, G., & Mada, G. (2013). Network Forensic Analysis Case Study of SQL Injection Attack on Gadjah Mada University Server. IJCCS (Indonesian Journal of Computing and Cybernetics Systems), 6(2).
  4. Aji, S., Fadlil, A., & Riadi, I. (2017). Development of Computer Network Security System Based on Network Forensic Analysis. Scientific Journal of Computer Electrical Engineering and Informatics, 3(1), 11–19.
  5. Cahyanto, T. A., & Prayudi, Y. (2014). Forensic Investigation of Web Server Logs to Find Digital Evidence Related to Attacks Using Hidden Markov Models Method. Snati, 15–19.
  6. Nasution, A. M. (2021). Analysis and implementation of honeyd as a low interaction honeypot in improving network security systems.
  7. Dahlan M., Latubessy A., N. M. (2015). Web Server Security Analysis Against Possibility Sql Injection Attacks. SNATIF Proceedings, 0(0), 251–258.
  8. Triandini, R. (2016). Implementation of Intrusion Detection System Using Snort, Barnyard2 And Base On Linux Operating System. Essay.
  9. Putra, R. S., Mayasari, R., Bogi, N., Karna, A., Electrical, F. T., & Telkom, U. (2018). Hips Snort Virtual Network Security Implementation And Analysis On Web Server Services With Dos And Ddos Attacks Implementation and Analysis of Virtual Network Security With. 5(3), 4958–4965.
  10. Mualfah, D. (2016). Network Forensics To Detect Flooding Attacks On Web Servers.
  11. Usama, U. (2019). Performance Analysis of Network Intrusion Prevention System Using Snort Ids And Honeyd On Windows.
  12. Dewi, E. K., & Love, P. (2017). Snort log analysis using network forensics. 02, 72–79.
  13. Gaddafi, S., Pratiwi, Y. D., & Alfianto, E. (2021). Ids And Ips Based Ftp Server Security Using Ubuntu Linux Operating System. Network Engineering Research Operations, 6(1), 11.
  14. Hidayat, M. R., & Riadi, I. (2021). Investigation of Botnet Attacks using Network Forensic Development Life Cycle Method. International Journal of Computer Applications, 183(25), 30–36.
  15. Tiara Dewi, Muhammad Amir Masruhim, R. S. (2016). Security System Implementation Using Snort IDPS (Intrusion Detection Prevention System) With SMS Gateway Notification. In the Research and Development Laboratory of Tropical Pharmaceuticals, Faculty of Pharmacy, Mualawarman University, Samarinda, East Kalimantan.
  16. Efrando, A., Herwin, & Haryono, D. (2019). SATIN – Science and Information Technology Monitoring on the STMIK Amik Riau Server by Using Suricata via Telegram Bot Notifications. 5(1).
  17. Dewi, E. K., Harini, D., & Miftachurohmah, N. (2017). Snort Ids As Forensic Tools Network Universitas Nusantara Pgri Kediri. (January), 411–418.
  18. Gunawan, G. B., Sukarno, P., & Putrada, A. G. (2018). Denial of Service (DoS) Attack Detection on Wifi-Based Smartlock Devices Using SNORT IDS. E-Proceeding of Engineering, 5(3), 7875–7884
  19. Inscrição, C. D. E. (2018). Detection and prevention of attacks on the network using snort on linux ubuntu. 2018.
  20. Sudradjat, B. (2017). Intruder Detection and Prevention System On Computer Networks Using Snort and Firewalls. JISAMAR (Journal of Information Systems, Applied, Management, Accounting and Research), 1(1), 10–24.
  21. Syaimi, A., Utami, P., Lidyawati, L., & Ramadhan, Z. (2013). Design and Analysis of Network Intrusion Prevention System Performance Using Snort IDS and Honeyd. Journal of Electrical Engineering ©Electrical
  22. Rahmatulloh, A., & MSN, F. (2017). Implementation of Load Balancing Web Server using Haproxy and File Synchronization on the Academic Information System of Siliwangi University. National Journal of Information Technology and Systems, 3(2), 241–248.
  23. Ridho, F., Yudhana, A., & Riadi, I. (2016). Router Forensic Analysis To Detect Distributed Danial of Service (DDoS) Attacks In Real Time. 2(1), 111–116.
  24. Purba, W. W., & Efendi, R. (2021). Design and analysis of computer network security systems using SNORT. Aiti, 17(2), 143–158.
  25. Riadi, I., Istiyanto, J. E., Ashari, A., & Subanar. (2013). Log Analysis Techniques using Clustering in Network Forensics. 10(7).
  26. Pratama, I. P. A. E. (2014). Computer Networking (1st ed.). Bandung: Bandung Informatics Engineering | Itenas Online Journal of the National Institute of Technology Jurnal Reka Elkomika, 1(4), 2337–2439.
Index Terms

Computer Science
Information Sciences

Keywords

Network Forensics DDOS attack IDS Snort Web Server NFDLC