Authors :
Edy Supriyadi; Iriandi Ilyas; Andi Suprianto; Tatang Suromenggolo Ronggo
Volume/Issue :
Volume 8 - 2023, Issue 1 - January
Google Scholar :
https://bit.ly/3IIfn9N
Scribd :
https://bit.ly/3YcPAyZ
DOI :
https://doi.org/10.5281/zenodo.7628623
Abstract :
Computer forensics is one of the sciences
used to track digital evidence on hardware or software.
Flashdisk is widely used because it is easy to carry and
can store various kinds of files with large storage
capacity. To be able to analyze, recover, and view
hidden files, software such as AccessData FTK Imager
3.4, Autopsy 4.0, and additional software, 7-Zip 17.0, is
required to compress and extract files. In this study,
scenario testing and experiments were carried out on a
flash disk in which there was an excel file that had been
compressed using 7-Zip and disguised in a foto.jpg file
using file merging steganography techniques. By using
Access Data FTK Imager, an image file is created on
electronic evidence. The image file was analyzed using
Autopsy. The result of this research is that there is a
difference in the capacity of the foto.jpg file because it is
a merger of 2 (two) files. In addition, in the excel file
there is evidence of crime, namely the sale of illegal
motorbikes, the place of the transaction, the coordinates
of the location and the phone number of the suspect.
Keywords :
Computer forensics, flashdisk, digital evidence, steganography
Computer forensics is one of the sciences
used to track digital evidence on hardware or software.
Flashdisk is widely used because it is easy to carry and
can store various kinds of files with large storage
capacity. To be able to analyze, recover, and view
hidden files, software such as AccessData FTK Imager
3.4, Autopsy 4.0, and additional software, 7-Zip 17.0, is
required to compress and extract files. In this study,
scenario testing and experiments were carried out on a
flash disk in which there was an excel file that had been
compressed using 7-Zip and disguised in a foto.jpg file
using file merging steganography techniques. By using
Access Data FTK Imager, an image file is created on
electronic evidence. The image file was analyzed using
Autopsy. The result of this research is that there is a
difference in the capacity of the foto.jpg file because it is
a merger of 2 (two) files. In addition, in the excel file
there is evidence of crime, namely the sale of illegal
motorbikes, the place of the transaction, the coordinates
of the location and the phone number of the suspect.
Keywords :
Computer forensics, flashdisk, digital evidence, steganography