EVIDENCE OF THE CASE OF CRIME DDOS USING FORENSIC DIGITAL FILE ANALYSIS SYSTEM METHOD

Abstract

Security is very important in the world of information technology. DDos is one of the most common attacks in the networking world. DDos aims to turn off services from the attacked computer or network. The effects of DDos attacks are very disruptive to internet users who wish to visit the sites that have been attacked. The existence of this crime gap must be faced with knowledge skills about the characteristics of electronic / digital evidence and data analysis techniques that support the investigation and handling of relevant digital evidence. In this research, the DDos crime case has been proven by using the digital forensic file system analysis method. The analysis stage begins with collecting digital evidence, identifying data from the findings, analyzing data and proving digital evidence. The software used to analyze the data is a DEFT Linux forensic tool and a single kit. The object of the research is taken from the windXP.dd file, which is a computer hard drive imaging file that is suspected of having a connection with a DDos attack crime against a web blog account with the URL http://fathimubarak.blogspot.com. From the results of the research on the analysis of evidence of crime data, it was found that a number of history files were considered suspicious and were suspected of having links with DDos crime cases. From the research results, it was found that several files were deleted, including the DDos.bat file used by the perpetrator to carry out DDos attacks.Keywords: digital forensics, computer forensics, file system analysis, computer crime, digital windows forensics