| Jurnal RESTI: Rekayasa Sistem dan Teknologi Informasi | |
| TAARA Method for Processing on the Network Forensics in the Event of an ARP Spoofing Attack | |
| article | |
| Agus Wijayanto1 Imam Riadi2 Yudi Prayudi1 | |
| [1] Universitas Islam Indonesia;Universitas Ahmad Dahlan | |
| 关键词: arp spoofing; tazmen sniffer protocol; taara; network forensics; digital evidence; | |
| DOI : 10.29207/resti.v7i2.4589 | |
| 来源: Ikatan Ahli Indormatika Indonesia | |
 PDF
|
|
【 摘 要 】
According to reports in 2021 by Kaspersky, requests for investigations into suspicious network activity, such as ARP Spoofing, which can result in sophisticated attacks, reached up to 22%. Several difficulties with examining network systems have been overcome thanks to network forensic investigations. This study aims to perform a network forensic analysis of ARP spoofing attacks using Wireshark forensic tools and Network Miner with a sniffer design process to capture traffic on the router side. In order to gather reliable evidence, this study employs the TAARA method as a network forensic investigation process. Based on the research conducted, it can be demonstrated that an attack took place from eight PCAP files. The information that was gathered, such as the IP address and MAC address of the attacker, the IP address and MAC address of the target, and the date and time of the attack are examples of evidence information that was gathered. This study also shows that network forensic operations can use the Wireshark forensic tool to obtain more detailed data.
【 授权许可】
Unknown
【 预 览 】
| Files | Size | Format | View |
|---|---|---|---|
| RO202307110004292ZK.pdf | 1346KB |  download |
878987797
028-85220240
