Analisis Forensik Database Menggunakan  Metode Forensik Statis

Imam Riadi; Rusdy Umar; Dora Bernadisman

doi:10.21456/vol9iss1pp9-17

DOI: https://doi.org/10.21456/vol9iss1pp9-17

Analisis Forensik Database Menggunakan Metode Forensik Statis

*Imam Riadi - Universitas Ahmad Dahlan, Indonesia

Rusdy Umar - Universitas Ahmad Dahlan, Indonesia

Dora Bernadisman - Universitas Ahmad Dahlan, Indonesia

BibTex Citation Data :

@article{JSINBIS21010,
    author = {Imam Riadi and Rusdy Umar and Dora Bernadisman},
    title = {Analisis Forensik Database Menggunakan  Metode Forensik Statis},
    journal = {JSINBIS (Jurnal Sistem Informasi Bisnis)},
  volume = {9},
    number = {1},
    year = {2019},
    keywords = {Forensik; Database; SIMDA; Manipulasi, SQL Injection},
    abstract = { SIMDA (Regional Management Information System) is a system created by the BPKP (Financial and Development Supervisory Agency) to assist local governments in implementing regional financial management so that it complies with applicable, efficient, effective, transparent, accountable and auditable regulations. Management data is stored in the SIMDA database on a server connected to a computer network, it is possible that the database is always infiltrated and indicated by data manipulation by hackers. The purpose of this study is to monitor database activity and detect data manipulation done by hackers, then forensic processes are carried out using static forensic methods with stages, namely data collection, data checking, data analysis, and reporting so as to provide evidence and instructions to do analysis on the SIMDA Planning database. The results obtained using static forensic methods show that there has been manipulation or change in the budget ceiling of the activity that exceeds the program budget ceiling (mark-up in budget planning) carried out by hackers who enter through the SIMDA database. Output from forensic processes can prove manipulation data that is carried out by hackers can be detected using SQL Profiler and SQL Log Analyzer tools so that output can be used as digital evidence to assist law enforcement in revealing cybercrime crime cases and can be accounted for in court proceedings. },
   issn = {2502-2377},   pages = {9--17}  doi = {10.21456/vol9iss1pp9-17},
    url = {https://ejournal.undip.ac.id/index.php/jsinbis/article/view/21010}
}

Citation Format:

Abstract

SIMDA (Regional Management Information System) is a system created by the BPKP (Financial and Development Supervisory Agency) to assist local governments in implementing regional financial management so that it complies with applicable, efficient, effective, transparent, accountable and auditable regulations. Management data is stored in the SIMDA database on a server connected to a computer network, it is possible that the database is always infiltrated and indicated by data manipulation by hackers. The purpose of this study is to monitor database activity and detect data manipulation done by hackers, then forensic processes are carried out using static forensic methods with stages, namely data collection, data checking, data analysis, and reporting so as to provide evidence and instructions to do analysis on the SIMDA Planning database. The results obtained using static forensic methods show that there has been manipulation or change in the budget ceiling of the activity that exceeds the program budget ceiling (mark-up in budget planning) carried out by hackers who enter through the SIMDA database. Output from forensic processes can prove manipulation data that is carried out by hackers can be detected using SQL Profiler and SQL Log Analyzer tools so that output can be used as digital evidence to assist law enforcement in revealing cybercrime crime cases and can be accounted for in court proceedings.

Fulltext View|Download

Keywords: Forensik; Database; SIMDA; Manipulasi, SQL Injection

Article Metrics:

Article Info

Section: Research Articles

Language : EN

In Vol 9, No 1 (2019): Volume 9 Nomor 1 Tahun 2019

Statistics:

Most cited articles

Penerapan Metode AHP dan Fuzzy Topsis Untuk Sistem Pendukung Keputusan Promosi Jabatan Penggunaan Jaringan Syaraf Tiruan Backpropagation Untuk Seleksi Penerimaan Mahasiswa Baru Pada Jurusan Teknik Komputer Di Politeknik Negeri Sriwijaya Sistem Informasi Pengukuran Kinerja Pada Perkebunan Kelapa Sawit Dengan Menggunakan Metode Balanced Scorecard Sistem Informasi Geografis Berbasis Web untuk Pemetaan Sebaran Alumni Menggunakan Metode K-Means Support Vector Machine Untuk Klasifikasi Citra Jenis Daging Berdasarkan Tekstur Menggunakan Ekstraksi Ciri Gray Level Co-Occurrence Matrices (GLCM) More cited articles

Al-Azhar, M., 2012. Digital Forensik Panduan Praktis Investigasi Komputer. anwar, nuril, & Riadi, I., 2017. Analisis Investigasi Forensik WhatsApp Messanger Smartphone Terhadap WhatsApp Berbasis Web. Jurnal Ilmiah Teknik Elektro Komputer Dan Informatika, 3(1), 1–10. Retrieved from
Cohen, F., & Ph, D., 2013. Digital Forensic EvidenceExamination(Copyright,p.517).Retrived, from http://all.net/books/2013-DFE-Examination.pdf
Bernadisman, D., 2017. Analisis Forensik Basis Data Menggunakan Framework Open Web Application Security Project (OWASP), Prosiding Seminar Nasional Informatika, Vol.1, Jakarta, November 18, 45-58
Casey, E., 2010. Handbook of Digital Forensics and Investigation, Unites states of America, academi Press
Faiz, M.N., Umar, R. dan Yudhana, A., 2017. Implementasi Live Forensics untuk perbandingan Browser pada Keamanan Email.(JISKa), Vol. 1, No. 3, 108-114
Fowler, K., 2007, Forensic Analysis of a SQL Server 2005 Database Server.USA: emergis
Kalbande, D. & Jain, N., 2013. Comparative Digital Forensic Model. International Journal of Innovative Research in Science, Engineering and Technology (IJIRSET), Vol. 2 No. 8, 3414-3419
Murniati, Munandi, R., Arif, T.Y., 2018. Analysis of Web Server Security Against Structure Query Language Injection Attacks in ASEAN Senior High Schools. 3 (1), 1-7
Subli, M., Sugiantoro, B., Prayudi, Y., 2017. Metadata Forensik Untuk Mendukung Proses Investigasi Digital. Jurnal Ilmiah Data Manajemen dan Teknologi Informasi 18 (1), 44-50
Riadi, I, Umar, R , Wasito., 2014. Analisis Forensik Serangan SQL Injection Menggunakan Metode Statis Forensik. Volume 1 No.1, 1-2
Sistem Informasi Manajemen Daerah, 2018. Website: http://www.bpkp.go.id/sakd/konten/333/Versi-2.1.bpkp diakses tanggal 20 Februari 2019
Sulianta, F. 2014. Teknik Forensik. Jakarta : PT Elex Media Komputindo

Last update:

No citation recorded.

Last update:

No citation recorded.

Penulis yang mengirimkan naskah harus memahami dan menyetujui bahwa jika diterima untuk dipublikasikan, hak cipta dari artikel adalah milik JSINBIS dan Universitas Diponegoro sebagai penerbit jurnal.

Hak cipta (copyright) meliputi hak eksklusif untuk mereproduksi dan memberikan artikel dalam semua bentuk dan media, termasuk cetak ulang, foto, mikrofilm dan setiap reproduksi lain yang sejenis, serta terjemahan. Penulis mempunyai hak untuk hal-hal berikut:

menggandakan seluruh atau sebagian materi yang dipublikasikan untuk digunakan oleh penulis sendiri sebagai bahan pengajaran di kelas atau bahan presentasi lisan dalam berbagai forum;
menggunakan kembali sebagian atau keseluruhan materi sebagai bahan kompilasi bagi karya tulis penulis;
membuat salinan dari bahan yang dipublikasikan untuk didistribusikan di lingkungan institusi tempat penulis bekerja.

JSINBIS dan Universitas Diponegoro serta Editor melakukan segala upaya untuk memastikan bahwa tidak ada data, pendapat atau pernyataan yang salah atau menyesatkan yang dipublikasikan di jurnal ini. Isi artikel yang diterbitkan di JSINBIS adalah tanggung jawab tunggal dan eksklusif dari masing-masing penulis.