Wildan, Jawahirul (2025) Integrasi Artefak Discord Dan Instagram Pada Linimasa Forensik. Other thesis, Institut Teknologi Sepuluh Nopember.
![[thumbnail of 5025211150-Undergraduate_Thesis.pdf]](http://repository.its.ac.id/style/images/fileicons/text.png) |
Text
5025211150-Undergraduate_Thesis.pdf - Accepted Version Restricted to Repository staff only Download (7MB) | Request a copy |
Abstract
Dalam beberapa tahun terakhir, kejahatan di internet yang melibatkan media sosial seperti Discord dan Instagram terus meningkat. Aplikasi media sosial pada perangkat iOS menyimpan artefak digital penting yang dapat digunakan sebagai bukti untuk merekonstruksi sebuah tindak kejahatan. Teknik forensik digital berbasis lini masa menyajikan data dalam urutan peristiwa secara kronologis. Log2timeline Plaso adalah alat untuk membangun lini masa secara otomatis dan menghasilkan file yang mudah dianalisis. Namun, alat ini belum memiliki parser bawaan untuk Discord dan Instagram. Penelitian ini bertujuan memperoleh artefak dan membangun parser serta plugin parser untuk kedua aplikasi tersebut pada sistem operasi iOS. Identifikasi artefak dilakukan dengan Autopsy, sementara pengembangan parser dilakukan menggunakan Python yang diintegrasikan langsung ke dalam struktur Plaso. Masing-masing parser diuji melalui unit test dan eksperimen pada lima versi forensic image iOS yaitu 13.3.1, 13.4.1, 15.3.1, 16.2.1, dan 17.1. Hasil pengujian menunjukkan bahwa parser yang dikembangkan berhasil mengekstraksi data secara akurat, menghasilkan lini masa lengkap, dan memiliki kesesuaian tinggi dibandingkan dengan alat iLEAPP dan lebih unggul jika dibandingkan ArtEx. Secara khusus, plugin parser Instagram pada Plaso mampu mengekstraksi lebih banyak artefak dari file WAL, yang tidak didukung oleh iLEAPP. Temuan ini menunjukkan bahwa penambahan parser Discord dan plugin parser Instagram pada Plaso memberikan kontribusi nyata dalam investigasi digital pada perangkat iOS.
=====================================================================================================================================
In the last few years, internet crimes involving social media such as Discord and Instagram have been on the rise. Social media apps on iOS devices store important digital artifacts that can be used as evidence to reconstruct criminal events. Timeline-based digital forensic techniques present data in chronological order of events. Plaso's Log2timeline is a tool for automatically building timelines and generating files that are easy to analyze. However, it does not yet have built-in parsers for Discord and Instagram. This research aims to obtain artifacts and build parsers and parser plugins for both applications on the iOS operating system. Artifact identification was done with Autopsy, while parser development was done using Python integrated directly into the Plaso structure. Each parser was tested through unit tests and experiments on five iOS forensic image versions namely 13.3.1, 13.4.1, 15.3.1, 16.2.1, and 17.1. The test results show that the developed parser successfully extracts data accurately, generates complete timelines, and has high conformance compared to the iLEAPP tool and is superior to ArtEx. In particular, the Instagram parser plugin on Plaso was able to extract more artifacts from WAL files, which is not supported by iLEAPP. The findings show that the addition of the Discord parser and Instagram parser plugins to Plaso makes a real contribution to digital investigations on iOS devices.
| Item Type: | Thesis (Other) |
|---|---|
| Uncontrolled Keywords: | Forensik Discord, Forensik Instagram, Forensik iOS, Lini masa forensik, Log2timeline plaso, Discord forensic, Forensic timeline, Instagram forensic, iOS forensic, Log2timeline plaso |
| Subjects: | Q Science > QA Mathematics > QA76.9.A25 Computer security. Digital forensic. Data encryption (Computer science) |
| Divisions: | Faculty of Intelligent Electrical and Informatics Technology (ELECTICS) > Informatics Engineering > 55201-(S1) Undergraduate Thesis |
| Depositing User: | Jawahirul Wildan |
| Date Deposited: | 29 Jul 2025 02:39 |
| Last Modified: | 29 Jul 2025 02:39 |
| URI: | http://repository.its.ac.id/id/eprint/122407 |
Actions (login required)
 |
View Item |