Publication Date: 2023/02/10
Abstract: Computer forensics is one of the sciences used to track digital evidence on hardware or software. Flashdisk is widely used because it is easy to carry and can store various kinds of files with large storage capacity. To be able to analyze, recover, and view hidden files, software such as AccessData FTK Imager 3.4, Autopsy 4.0, and additional software, 7-Zip 17.0, is required to compress and extract files. In this study, scenario testing and experiments were carried out on a flash disk in which there was an excel file that had been compressed using 7-Zip and disguised in a foto.jpg file using file merging steganography techniques. By using Access Data FTK Imager, an image file is created on electronic evidence. The image file was analyzed using Autopsy. The result of this research is that there is a difference in the capacity of the foto.jpg file because it is a merger of 2 (two) files. In addition, in the excel file there is evidence of crime, namely the sale of illegal motorbikes, the place of the transaction, the coordinates of the location and the phone number of the suspect.
Keywords: Computer forensics, flashdisk, digital evidence, steganography
DOI: https://doi.org/10.5281/zenodo.7628623
PDF: https://ijirst.demo4.arinfotech.co/assets/upload/files/IJISRT23JAN751_(1).pdf
REFERENCES