Mapping Process of Digital Forensic Investigation Framework

Digital forensics is essential for the successful prosecution of digital criminals which involve diverse digital devices such as computer system devices, network devices, mobile devices and storage devices. The digital forensic investigation must be retrieved to obtain the evidence that will be accepted in the court of law. Therefore, for digital forensic investigation to be performed successfully, there are a number of important steps that have to be taken into consideration. The aim of this paper is to produce the mapping process between the processes/activities and output for each phase in Digital Forensic Investigation Framework (DFIF). Existing digital forensic frameworks will be reviewed and then the mapping is constructed. The result from the mapping process will provide a new framework to optimize the whole investigation process

Intrusion Alert Correlation Technique Analysis for Heterogeneous Log

Intrusion alert correlation is multi-step processes that receives alerts from heterogeneous log resources as input and produce a high-level description of the malicious activity on the network. The objective of this study is to analyse the current alert correlation technique and identify the significant criteria in each technique that can improve the Intrusion Detection System(IDS) problem such as prone to alert flooding, contextual problem, false alert and scalability. The existing alert correlation techniques had been reviewed and analysed. From the analysis, six capability criteria have been identified to improve the current alert correlation technique. They are capability to do alert reduction, alert clustering,identify multistep attack, reduce false alert, detect known attack and detect unknown attack

Implementation of Identity Based Encryption in e-Voting System

This paper explains about the design and implementation of Identity Based Encryption (IBE) in web-based Voting application. IBE is a completely new approach to the problem of encryption which was found on the traditional Public Key Infrastructure. It can be used on any arbitrary string as a public key, enabling data to be protected without the need for certificates and reduction of infrastructure cost due to certificates database maintenance. Protection implemented in this application is a key server that controls the mapping of identities to decryption keys where the key is only one-time pad implementation. By using the IBE technique, authentication and security can be preserved in the web-based Voting application where it provides integrity, authenticity, anonymity and confidentiality in this application

A modified scout bee for artificial bee colony algorithm and its performance on optimization problems

The artificial bee colony (ABC) is one of the swarm intelligence algorithms used to solve optimization problems which is inspired by the foraging behaviour of the honey bees. In this paper, artificial bee colony with the rate of change technique which models the behaviour of scout bee to improve the performance of the standard ABC in terms of exploration is introduced. The technique is called artificial bee colony rate of change (ABC-ROC) because the scout bee process depends on the rate of change on the performance graph, replace the parameter limit. The performance of ABC-ROC is analysed on a set of benchmark problems and also on the effect of the parameter colony size. Furthermore, the performance of ABC-ROC is compared with the state of the art algorithms

Alert Correlation Technique Analysis For Diverse Log

Alert correlation is a process that analyses the alerts produced by one or more diverse devices and provides a more succinct and high-level view of occurring or attempted intrusions. The objective of this study is to analyse the current alert correlation technique and identify the significant criteria in each technique that can improve the Intrusion Detection System IDS) problem such as prone to alert flooding, contextual problem, false alert and scalability. The existing alert correlation techniques had been reviewed and analysed. From the analysis, six capability criteria have been identified to improve the current alert correlation techniques which are capability to do alert reduction, alert clustering, identify multi-step attack,reduce false alert, detect known attack and detect unknown attack and technique’s combination is proposed

Hasil Belajar Sejarah dengan Model Examples Non Examples dan Picture And Picture

This study was conducted to determine: differences in the history of student learning outcomes through the learning model examples and non-examples picture and picture, the difference between the initial capability of high, medium, and low on the history of student learning outcomes, differences in learning outcomes antarmodel students learning history and inter initial capabilities, the interaction between the model of learning with students\u27 prior knowledge, and a more effective learning model between the model of learning examples and non-examples picture and picture. The results showed: there are differences in the history of student learning outcomes through the learning model examples and non-examples picture and picture, there is a difference between the initial capabilities of high, medium, and low on the history of student learning outcomes, no difference in outcome learn the history of student learning and inter antar model initial capabilities, there is no interaction between the model of learning with students\u27 prior knowledge, and learning model examples non examples is more effective than learning model picture and picture.Penelitian ini dilakukan untuk mengetahui: perbedaan hasil belajar sejarah siswa melalui model pembelajaran examples non examples dan picture and picture, perbedaan antara kemampuan awal tinggi, sedang, dan rendah terhadap hasil belajar sejarah siswa, perbedaan hasil belajar sejarah siswa antarmodel pembelajaran dan antartingkat kemampuan awal, interaksi antara model pembelajaran dengan kemampuan awal siswa, dan model pembelajaran yang lebih efektif antara model pembelajaran examples non examples dan picture and picture. Hasil penelitian menunjukan: ada perbedaan hasil belajar sejarah siswa melalui model pembelajaran examples non examples dan picture and picture; ada perbedaan antara kemampuan awal tinggi, sedang, dan rendah terhadap hasil belajar sejarah siswa; ada perbedaan hasil belajar sejarah siswa antarmodel pembelajaran dan antartingkat kemampuan awal, tidak ada interaksi antara model pembelajaran dengan kemampuan awal siswa, dan model pembelajaran examples non examples lebih efektif dibandingkan dengan model pembelajaran picture and picture

Enhanced Alert Correlation Framework for Heterogeneous Log

Management of intrusion alarms particularly in identifying malware attack is becoming more demanding due to large amount of alert produced by low-level detectors. Alert correlation can provide high-level view of intrusion alerts but incapable of handling large amount of alarm. This paper proposes an enhanced Alert Correlation Framework for sensors and heterogeneous log. It can reduce the large amount of false alarm and identify the perspective of the attack. This framework is mainly focusing on the alert correlation module which consists of Alarm Thread Reconstruction, Log Thread Reconstruction, Attack Session Reconstruction, Alarm Merging and Attack Pattern Identification module. It is evaluated using metric for effectiveness that shows high correlation rate, reduction rate, identification rate and low misclassification rate. Meanwhile in statistical validation it has highly significance result with p < 0.05. This enhanced Alert Correlation Framework can be extended into research areas in alert correlation and computer forensic investigation

Threshold Verification Technique for Network Intrusion Detection System

Internet has played a vital role in this modern world, the possibilities and opportunities offered are limitless. Despite all the hype, Internet services are liable to intrusion attack that could tamper the confidentiality and integrity of important information. An attack started with gathering the information of the attack target, this gathering of information activity can be done as either fast or slow attack. The defensive measure network administrator can take to overcome this liability is by introducing Intrusion Detection Systems (IDSs) in their network. IDS have the capabilities to analyze the network traffic and recognize incoming and on-going intrusion. Unfortunately the combination of both modules in real time network traffic slowed down the detection process. In real time network, early detection of fast attack can prevent any further attack and reduce the unauthorized access on the targeted machine. The suitable set of feature selection and the correct threshold value, add an extra advantage for IDS to detect anomalies in the network. Therefore this paper discusses a new technique for selecting static threshold value from a minimum standard features in detecting fast attack from the victim perspective. In order to increase the confidence of the threshold value the result is verified using Statistical Process Control (SPC). The implementation of this approach shows that the threshold selected is suitable for identifying the fast attack in real tim

Forensic Traceability Index in Digital Forensic Investigation

Digital crime inflicts immense damage to users and systems and now it has reached a level of sophistication that makes it difficult to track its sources or origins especially with the advancements in modern computers, networks and the availability of diverse digital devices. Forensic has an important role to facilitate investigations of illegal activities and inappropriate behaviors using scientific methodologies, techniques and investigation frameworks. Digital forensic is developed to investigate any digital devices in the detection of crime. This paper emphasized on the research of traceability aspects in digital forensic investigation process. This includes discovering of complex and huge volume of evidence and connecting meaningful relationships between them. The aim of this paper is to derive a traceability index as a useful indicator in measuring the accuracy and completeness of discovering the evidence. This index is demonstrated through a model (TraceMap) to facilitate the investigator in tracing and mapping the evidence in order to identify the origin of the crime or incident. In this paper, tracing rate, mapping rate and offender identification rate are used to present the level of tracing ability, mapping ability and identifying the offender ability respectively. This research has a high potential of being expanded into other research areas such as in digital evidence presentation

Analisis Prilaku Agresivitas Siswa Kelas V SD Negeri 001 Simpang Kanan yang Suka Nonton Film Laga Tahun Ajaran 2013/2014

This study, entitled "Analysis of Behavior Aggressiveness Elementary School Grade V 001 Simpang Kanan The Love Watch Movies LagaTahun Doctrine 2014/2015". Based on observations conducted by researchers frequent commotion in class at the time of learning for students taunted each other among themselves. And most students who taunted each other are students who like to watch action movies.The aim of this study were: 1). To determine the general picture aggressiveness Elementary School fifth grade students 001 Simpang Kanan who like to watch action movies. 2). To describe the emotional verbal aggressiveness Elementary School fifth grade students 001 Simpang Kanan who like to watch action movies. 3). To describe the physical aggressiveness social Elementary School fifth grade students 001 Simpang Kanan who like to watch action movies. 4). To describe the physical aggressiveness asocial Elementary School fifth grade students 001 Simpang Kanan who like to watch action movies. 5). To find a picture of the destructive aggressiveness of public school students of class V 001 Simpang Kanan who like to watch action movies.The method used in this research is descriptive method. The population in this study were students of class V Elementary School 001 Simpang Kanan. Sample using sampling techniques that all members of the population is sampled.The results of the study are as follows: 1) In general picture of aggressiveness Elementary School fifth grade students 001 Simpang Kanan is low. 2) Judging from Emotional Verbal Aggressiveness level of aggressiveness Elementary School fifth grade students 001 Simpang Kanan who love to watch action movies were moderate. Form of emotional verbal aggressiveness among others: Anger, hate, fight, insulting and ridiculous. 3) In terms of social physical aggressiveness aggressiveness level Elementary School fifth grade students 001 Simpang Kanan is low. Social forms of physical aggression among others: fight, attack, and be harsh. 4) In terms of physical aggressiveness aggressiveness level asocial Elementary School fifth grade students 001 Simpang Kanan who like action films is low. Asocial form of physical aggression among others: demand the money, lying, and stealing. 5) In terms of destructive aggressiveness aggressiveness level Elementary School fifth grade students classified rendah.bentuk 001 Simpang Kanan destructive aggressiveness among others: kill animals, torture and self-destructive