ayofoto.info Personal Growth S IMAMU 8080 PDF ACKNOWLEDGMENT

S imamu 8080 pdf acknowledgment

Wednesday, April 17, 2019 admin Comments(0)

Imam Riadi. Information Digital forensics is the science dealing with the process of recovery and .. 80, , , 20, 21, 22, 23, 53, and somewhat dangerous level consisting of .. ACKNOWLEDGMENT 86/SPpdf. [5] Hunt R. Prasetyo Aji, Singgih Pratama, Hafiz Probo, Imam Rochim, Nuke Yus. Irdanti and Acknowledgements . vii. Table of . Keywords: Analysis, Flouting Maxim, Grice's Cooperative Principle, Mona Lisa. Smile Friendly Manual for Mastering Research Technique and Projects 3 rd. My beloved mother and father; Hj. Amaniyah and H. Imam Muchtarom. I would like Mrs. Endang Sukmaningtyas ayofoto.info (the English Teacher) and the students on the first Reading is an active process which consists of recognition and recognition . (ayofoto.info). 4. Text.


Author: LINH DAGNAN
Language: English, Spanish, Hindi
Country: Finland
Genre: Business & Career
Pages: 611
Published (Last): 16.11.2015
ISBN: 206-4-24740-385-7
ePub File Size: 22.47 MB
PDF File Size: 14.75 MB
Distribution: Free* [*Regsitration Required]
Downloads: 27119
Uploaded by: GARFIELD

The PDF Acknowledgement feature allows the standard file resource to be To ensure that conditional access is enabled within the course. 12, Internet Forensics Framework Based-on Clustering Imam Riadi Jazi Eko Once the log information is obtained and dangerous) based on port numbers and .. data / TCP HTTP alternate traffic on a particular interface that is specified. .. 3 80 89,01 ACKNOWLEDGMENT 4. 10, No.7, July Log Analysis Techniques using Clustering in Network Forensics Imam Riadi1 Clustering technique is one of methods that sophisticated. .. List of criteria attack Protocol Criteria Port TCPFlag dangerous 80,, 16,32 attack ACKNOWLEDGMENT The authors would like to thank Ahmad Dahlan.

While [13] describes a variety of techniques and Honeyd www. Figure 3. Analysis Tool is developed using open source software that e Determine new centroid position by calculating the can run on any operating system platform, among others average value of the data that choose the same centroid. Guiding principles in Islam Islam, in general, has provided broad guiding principles that could be utilised to overcome any dilemma that may arise in life. Attackers have been using anti forensic NetWitness www. Some form of used to help facilitate the identification process. The first guideline asks one to consider whether a particular action fulfils the basic objectives of jurisprudence.

This detection technique involves a collection of complicated to be studied. Role of network forensics is to data related to a legitimate user behavior during a certain time. In addition, Currently there are several methods for detecting DoS attacks.

Several methods of detection and incident. These attacks include probing, DoS, user to root prevention also have many obstacles, among others: Network forensics is the process of analysis of the detection and prevention based on the capturing, annotating and analyzing network activity in order to characteristics of the protocol can only be applied to the type of find digital evidence of an attack or crime committed using a attack that the characteristics of the protocol abnormally occurs computer network so that offenders can be prosecuted under [21].

Many types of attacks that do not fit the protocol as well applicable laws as illustrated in Fig. Digital evidence can as the accumulation of network traffic statistical models cannot be identified from the recognized attack patterns, deviations distinguish between normal traffic and large scale [22]. Network forensics has a variety of mechanisms to detect Denial of Service DoS has variety of activities and techniques of analysis, such as: However, techniques to detect analysis of existing processes in the IDS , the analysis of DoS attacks are still complex.

Clustering techniques using k-means clustering algorithms Fundamental issue on software development that supports forensic network is how to determine the appropriate method to facilitate the processing of log data into easily processed data to uncover digital crimes especially those using the Internet as a medium to conduct attacks. Cluster analysis is the process of analyzing and interpreting a set of data based on similarity. It means that the data is grouped into one cluster due to the same pattern [23].

Clustering includes the type of learning that is unsupervised. Supervised learning and unsupervised learning have a different way of working which is very significant. To have some kinds of unsupervised learning algorithms, [10] has studied the comparison against some types of clustering algorithms.

In doing this comparison [10] used several parameters such as the popularity, versatility and easily applied to the data in bulk. There are four kinds of clustering algorithms compared to performance, such as: Based on the test results can be concluded Fig. Overview of network forensics process that the performance of the k-means algorithm and the EM is better than the hiearchical clustering algorithm.

In general, Digital evidence can be gathered from various sources partitioning algorithms such as k-means and EM are highly depending on the needs and changes in the investigation.

8080 s acknowledgment imamu pdf

It is different Digital evidence can be collected at the server level, the level from a hierarchical clustering algorithms that have good of proxy or some other sources. For example, at the server level performance when they are used on small data size.

The log describes the Furthermore [24] describes an intruder detection system user that accesses the website and what it does. Several sources that has been developed to achieve high efficiency and improve includes the contents of the device and the network traffic the accuracy of detection and classification.

The proposed through both wired and wireless networks. For example, digital system consists of two stages.

8080 acknowledgment pdf imamu s

The first stage is to detect the evidence can be gathered from the data extracted by the packet attack and the second stage is for classification of attacks.

Data sniffer such as tcpdump [28] to monitor incoming traffic in the mining techniques can be used to improve the detection rate network. Currently, the number of criminal evidence in the and reduce the false alarm rate.

In addition [25] states that the computer continues to increase, even most of the evidence is k-means algorithm is needed to determine the final number of still used to represent the traditional or conventional crime.

Based on the results obtained by k-means algorithm turns out better than the FCM algorithm. FCM A. Level Attacks in Computer Networks produces result which is close to the k-means clustering, but it Computer security often focuses on preventing attacks still takes longer than computing k-means.

K-means algorithm using authentication, filtering and encryption techniques. The disruption is caused by attackers who launched an action by sending and attack or not. Deviations will be divided into several attack types.

8080 pdf imamu acknowledgment s

Table 2 shows the grouping of several types of attacks flooding data packets in the Internet network. All data traffic on the network can be saved into the log. This log is very based on the level of attacks [29]. NFAT engine development Network In addition Forensic Analysis Tools proposed in this study requires a Not In addition to the 3 to the above Dangerous above mentioned supporting infrastructure consisting of multiple hardware mentioned UDP - requirements hardware and some software software supports.

The attack happens in the computer refers to the protocols and ports used. Based on the protocol and the port level, attacks A. Proposed Framework for Internet Forensics will be grouped into three levels consisting of malicious port This section discusses a framework proposed in the study.

Stages identified harmless level consisting of a port in addition to those at the in Internet forensics are shown in Fig.

Ankit tiwari galliyan mp3 song download

Monitoring and analysis of packet data traffic in the network is done by examining all packet headers and threats to each package. Normal pack behavior was analyzed according to each protocol and header.

Proposed framework for Internet forensics Fig. Field packets that have been observed and analyzed Complete systematic of Internet forensics framework Fig.

There are 8 equal or above 20 bytes and equal to or below 60 bytes. If the stages of the process that must be performed sequentially. IP header length is less than 20 bytes or 60 bytes above, it can Details of each stage are shown in Table 3. Evidence in question here is the original log, the Evidence output of the tcpdump application that is stored in 2 data files a text file.

NFAT module developed in this research is the application modules that can classify the level of Clustering these types of attacks into 3 groups dangerous, 3 rather dangerous and not dangerous. The concept Module is applied in this module uses clustering techniques using k-means algorithm. At this stage the log is already saved in the database to extract the data in accordance with the Extracted purpose of investigation.

NFAT machine network architecture design.

Acknowledgment s imamu 8080 pdf

At this stage, the investigator will conduct Confirmation relevant confirmation log that contains the IP C. Implementation of Data Traffic Arrest 5 Extract address is generated by the clustering module.

(PDF) Internet Forensics Framework Based-on Clustering | Imam Riadi - ayofoto.info

Information The purpose of this Internet forensics is to help finding At this stage, detailed information will be information about attacker for digital crime commited in the obtained IP addresses that have been identified Internet network. It requires careful analysis process so that the through clustering module.

With the help of goal of the forensic process can be achieved. The process of application services that can be accessed via the 6 Result URL: The function of this application is capturing will be clearer information relevant ASN data traffic in real time and saving it as a log. That tcpdump autonomous System Number is used. Log in the form of a text file a text file.

In addition, log tcpdump output Final the attacker can be molded according to the needs result is also stored into the database. Logs derived from the 8 Reporting of the investigator.

Architectural Design Network address, mac destination address, source address, source port, destination address, destination port, and protocol length. This section discusses the design of network architecture used to implement the NFAT machine. The approach used in D. Implementation of Data Grouping the implementation of network topology uses hierarchy The process after storing log file in the databases is concept.

In a hierarchical network concept the network is developing NFAT machine and grouping the data to find divided into several parts according to the functions and information about the attacker using Internet network. This services provided at each proficiency level layer. Design of study uses clustering techniques to group logs that have been network architecture used in this study is shown in Fig.

Follows are details of the stages done by NFAT machine. The first stage of the forensic process starts from collecting Generate K Centroid information related to the user reports to the investigators then followed by managing the information sought by the data and time attack events. In the analysis phase, the results of the data traffic on the network will be saved in the original logs in the Calculate the distance the form of a text file and also stored in the database.

Information needed by investigators will be extracted from the clustering module, where the profile creation process and the analysis time are Group the data into clusters used as part of the incident investigation process.

The resulting based on the minimum distance interim results clustering module will be verified by the investigator. If there is a verification process need to be clarified about the IP address information that has been generated by the clustering module, investigators can then re- check NFAT into the engine to make sure that the IP address is Is Centroid Value Y an IP Address of the suspected assailants who had attacked the Changed system through the Internet network.

It can be assisted and N linked to the previous stage to repair information, whether the N information was sufficient or not. In the final stages of reporting, information related to the attacker who has been Finish found can be used to help uncover digital crimes committed using the Internet network. Flowchart k-means clustering algorithm for grouping log. Clustering module works using k-means algorithm, where the module can perform an attack level grouping into three NFAT engine that was developed in this study uses the groups: Clustering process is used in order to help finding information by classifying the attacker 1 dangerous attack, logs into three groups attack levels, namely: Detail 3 not dangerous attack.

Database Implementation formed. Result of the data traffic capture process on the network 2 Generate initial k centroids randomly. Database server used 3 Calculate the distance of each data to each centroid.

NFAT 4 Data will flock around the nearest centroid. Results for data clustering, because of its random nature, is highly dependent on centroid generation, this is cause the result of attack detection on the data is always changing.

After the attack data clustering process is done, then every cluster results do cluster labeling are included in the dangerous, rather Fig. NFAT engine database schema diagram dangerous or not dangerous level of attacks. After cluster labeling, the data entered are checked for the next process of V. Besides, network forensics has a goal to collect, identify framework for Internet forensic proposed. Some tools and techniques analysis used in forensic analysis of network can be seen in table 1 [5].

In general, the purpose of digital forensic analysis is Tool Web Site Attributes to identify digital evidence to assist in the investigation. In the TCPDump www. The main Driftnet www. In addition, [11] also NetworkMiner www.

Aireplay-ng, Aircrack-ng Furthermore [12] presents a technique used in digital Kismet www. In contrast to digital forensics, few studies done on Xplico http: While [13] describes a variety of techniques and Honeyd www. In addition, Intrusion Detection snorta [14] states the network architecture can have implications on cid.

Infinistream www. Attackers have been using anti forensic NetWitness www. Internet forensics equipment should increase the resilience in warding off an Information: In addition, [16] states that the network L: The processing of this data is A: The Forensic process is an activity that combines several investigation of digital crime is indispensable to help the disciplines.

In contrast to the opinion [17] states that the investigation process. Forensic refers to the use of evidence out using the existing anomaly detection techniques in network after the attack to determine how the attack was carried out and traffic using statistical techniques statistical anomaly what the attacker did.

Data traffic on the network is very detection. This detection technique involves a collection of complicated to be studied. Role of network forensics is to data related to a legitimate user behavior during a certain time. In addition, Currently there are several methods for detecting DoS attacks. Several methods of detection and incident. These attacks include probing, DoS, user to root prevention also have many obstacles, among others: Network forensics is the process of analysis of the detection and prevention based on the capturing, annotating and analyzing network activity in order to characteristics of the protocol can only be applied to the type of find digital evidence of an attack or crime committed using a attack that the characteristics of the protocol abnormally occurs computer network so that offenders can be prosecuted under [21].

Many types of attacks that do not fit the protocol as well applicable laws as illustrated in Fig. Digital evidence can as the accumulation of network traffic statistical models cannot be identified from the recognized attack patterns, deviations distinguish between normal traffic and large scale [22].

Network forensics has a variety of mechanisms to detect Denial of Service DoS has variety of activities and techniques of analysis, such as: However, techniques to detect analysis of existing processes in the IDS , the analysis of DoS attacks are still complex.

You might also like: IAS EXAM PAPER PDF

Clustering techniques using k-means clustering algorithms Fundamental issue on software development that supports forensic network is how to determine the appropriate method to facilitate the processing of log data into easily processed data to uncover digital crimes especially those using the Internet as a medium to conduct attacks. Cluster analysis is the process of analyzing and interpreting a set of data based on similarity. It means that the data is grouped into one cluster due to the same pattern [23].

Clustering includes the type of learning that is unsupervised. Supervised learning and unsupervised learning have a different way of working which is very significant. To have some kinds of unsupervised learning algorithms, [10] has studied the comparison against some types of clustering algorithms. In doing this comparison [10] used several parameters such as the popularity, versatility and easily applied to the data in bulk.

There are four kinds of clustering algorithms compared to performance, such as: Based on the test results can be concluded Fig.

Overview of network forensics process that the performance of the k-means algorithm and the EM is better than the hiearchical clustering algorithm. In general, Digital evidence can be gathered from various sources partitioning algorithms such as k-means and EM are highly depending on the needs and changes in the investigation. It is different Digital evidence can be collected at the server level, the level from a hierarchical clustering algorithms that have good of proxy or some other sources.

For example, at the server level performance when they are used on small data size. The log describes the Furthermore [24] describes an intruder detection system user that accesses the website and what it does. Several sources that has been developed to achieve high efficiency and improve includes the contents of the device and the network traffic the accuracy of detection and classification.

The proposed through both wired and wireless networks. For example, digital system consists of two stages. The first stage is to detect the evidence can be gathered from the data extracted by the packet attack and the second stage is for classification of attacks. Data sniffer such as tcpdump [28] to monitor incoming traffic in the mining techniques can be used to improve the detection rate network.

Currently, the number of criminal evidence in the and reduce the false alarm rate. In addition [25] states that the computer continues to increase, even most of the evidence is k-means algorithm is needed to determine the final number of still used to represent the traditional or conventional crime. Based on the results obtained by k-means algorithm turns out better than the FCM algorithm.

FCM A. Level Attacks in Computer Networks produces result which is close to the k-means clustering, but it Computer security often focuses on preventing attacks still takes longer than computing k-means.

K-means algorithm using authentication, filtering and encryption techniques. The disruption is caused by attackers who launched an action by sending and attack or not. Deviations will be divided into several attack types. Table 2 shows the grouping of several types of attacks flooding data packets in the Internet network. All data traffic on the network can be saved into the log. This log is very based on the level of attacks [29].

NFAT engine development Network In addition Forensic Analysis Tools proposed in this study requires a Not In addition to the 3 to the above Dangerous above mentioned supporting infrastructure consisting of multiple hardware mentioned UDP - requirements hardware and some software software supports.

The attack happens in the computer refers to the protocols and ports used. Based on the protocol and the port level, attacks A.

Proposed Framework for Internet Forensics will be grouped into three levels consisting of malicious port This section discusses a framework proposed in the study. Stages identified harmless level consisting of a port in addition to those at the in Internet forensics are shown in Fig. Monitoring and analysis of packet data traffic in the network is done by examining all packet headers and threats to each package.

Normal pack behavior was analyzed according to each protocol and header. Proposed framework for Internet forensics Fig. Field packets that have been observed and analyzed Complete systematic of Internet forensics framework Fig. There are 8 equal or above 20 bytes and equal to or below 60 bytes. If the stages of the process that must be performed sequentially. IP header length is less than 20 bytes or 60 bytes above, it can Details of each stage are shown in Table 3.

Evidence in question here is the original log, the Evidence output of the tcpdump application that is stored in 2 data files a text file. NFAT module developed in this research is the application modules that can classify the level of Clustering these types of attacks into 3 groups dangerous, 3 rather dangerous and not dangerous.

The concept Module is applied in this module uses clustering techniques using k-means algorithm. At this stage the log is already saved in the database to extract the data in accordance with the Extracted purpose of investigation. NFAT machine network architecture design. At this stage, the investigator will conduct Confirmation relevant confirmation log that contains the IP C.

Implementation of Data Traffic Arrest 5 Extract address is generated by the clustering module. Information The purpose of this Internet forensics is to help finding At this stage, detailed information will be information about attacker for digital crime commited in the obtained IP addresses that have been identified Internet network.

It requires careful analysis process so that the through clustering module. With the help of goal of the forensic process can be achieved.

The process of application services that can be accessed via the 6 Result URL: The function of this application is capturing will be clearer information relevant ASN data traffic in real time and saving it as a log. That tcpdump autonomous System Number is used. Log in the form of a text file a text file. In addition, log tcpdump output Final the attacker can be molded according to the needs result is also stored into the database.

Logs derived from the 8 Reporting of the investigator. Architectural Design Network address, mac destination address, source address, source port, destination address, destination port, and protocol length. This section discusses the design of network architecture used to implement the NFAT machine.

The approach used in D. Implementation of Data Grouping the implementation of network topology uses hierarchy The process after storing log file in the databases is concept. In a hierarchical network concept the network is developing NFAT machine and grouping the data to find divided into several parts according to the functions and information about the attacker using Internet network.

This services provided at each proficiency level layer. Design of study uses clustering techniques to group logs that have been network architecture used in this study is shown in Fig. Follows are details of the stages done by NFAT machine.