Implementasi Metode National Institute of Justice (NIJ) Pada Fitur TRIM SOLID STATE DRIVE (SSD) Dengan Objek Eksperimental Sistem Operasi Windows, Linux dan Macintosh
DOI:
https://doi.org/10.25299/itjrd.2021.vol5(2).5750Keywords:
Solid State Drive, Digital Forensik, Investigation, Recovery Files, Operating SystemAbstract
Solid State Drive (SSD) is the latest solution to speed up data processing from various multiplatform desktop computers. The TRIM features on SSDs has contribute for eliminating garbage data which is permanently deleted by users, where this method has the benefit of extending the service life of SSD devices. Contradiction of implement this method is obstacle potential for forensic investigators to recover deleted data in term of cyber crime in the case of evidence in the form of computers with SSD storage. The experimental object in this study is based on the perspective of mainstream operating systems, namely Windows, Linux and Macintosh installed on the SSD where each operating system simulates the deletion of stored data with a comparison of TRIM enable and TRIM disabled configurations. National Institute of Justice (NIJ) Digital Forensic method implemented in this case, because this method serves as a reference in the practice of Digital Forensics in this study. The SLEUTH KIT Autopsy software is a Digital Forensic tool being used in the perspective of investigators in the acquisition and analysis of SSD evidence in the case simulation of this study. Novelti obtained from the research content is that the operating system which is the object of experimentation is the latest release of Windows, Linux and Macintosh operating systems which certainly has great potential in terms of exploration, especially Digital Forensics. Windows has the greatest chance of recovery results among the other 2 operating systems in this study.
Downloads
References
Y. Prayudi and A. SN, “Digital Chain of Custody: State of The Art,” Int. J. Comput. Appl., vol. 114, no. 5, pp. 1–9, 2015.
R. A. Ramadhan, Y. Prayudi, and B. Sugiantoro, “Implementasi dan Analisis Forensika Digital Pada Fitur Trim Solid State Drive (SSD),” Teknomatika, vol. 9, no. 2, pp. 1–13, 2017.
A. Aljaedi, D. Lindskog, P. Zavarsky, R. Ruhl, and F. Almari, “Comparative Analysis of Volatile Memory Forensics,” IEEE Int. Conf. Privacy, Secur. Risk Trust IEEE Int. Conf. Soc. Comput., pp. 1253–1258, 2011.
R. Hubbard, “Forensics Analysis of Solid State Drive ( SSD ),” pp. 1–11, 2016.
J. Wiebe, “Forensic Insight into Solid State Drives.”
F. F. N. Dezfoli, A. Dehghantanha, R. Mahmoud, N. F. B. M. Sani, and F. Daryabar, “Digital Forensic Trends and Future,” Int. J. Cyber-Security Digit. Forensics, vol. 2, no. 2, pp. 48–76, 2013.
N. Memon, “Challenges of SSD forensic analysis.”
P. M. Bednar and V. Katos, “SSD: New Challenges for Digital Forensics.”
M. Alazab and P. Watters, “Digital forensic techniques for static analysis of NTFS images,” 4th Int. Conf. Inf. Technol. ICIT, 2009.
M. N. Faiz, R. Umar, and A. Yudhana, “Live Forensics Implementation for Browser Comparison on Email Security,” JISKa, vol. 1, no. 3, pp. 108–114, 2017.
S. Garfinkel, D. Malan, K. Dubec, C. Stevens, and C. Pham, “Disk Imaging with the Advanced Forensics Format, Library and Tools,” Proc. IFIP WG 11.9 Int. Conf. Digit. Forensics, pp. 1–19, 2006.
M. Rafique and M. N. A. Khan, “Exploring Static and Live Digital Forensics: Methods, Practices and Tools,” Int. J. Sci. Eng. Res., vol. 4, no. 10, pp. 1048–1056, 2013.
Z. Shah, A. N. Mahmood, and J. Slay, “Forensic Potentials of Solid State Drives.”
S. Mrdovic, A. Huseinovic, and E. Zajko, “Combining static and live digital forensic analysis in virtual environment,” 2009 XXII Int. Symp. Information, Commun. Autom. Technol., no. August 2016, pp. 1–6, 2009.
I. Riadi, R. Umar, and I. M. Nasrulloh, “Analisis Forensik Digital Pada Frozen Solid State Drive Dengan Metode National Institute of Justice (Nij),” Elinvo (Electronics, Informatics, Vocat. Educ., vol. 3, no. 1, pp. 70–82, 2018.
N. Rahim, W. Wahab, Y. Idris, and L. Kiah, “Digital Forensics: An Overview of the Current Trends,” Researchgate.Net, no. August 2016, 2014.
N. Dwi and W. Cahyani, “FORENSICS ARISING CHALLENGES WHEN SSD IS HEADING FORWARDS REPLACING HDD,” pp. 227–232.
Belkasoft, “Recovering Evidence from SSD Drives in 2014: Understanding TRIM, Garbage Collection and Exclusions | Forensic Focus - Articles,” Forensic Focus, pp. 1–8, 2014.
![](https://journal.uir.ac.id/public/journals/11/article_5750_cover_en_US.png)
Downloads
Published
How to Cite
Issue
Section
License
This is an open access journal which means that all content is freely available without charge to the user or his/her institution. The copyright in the text of individual articles (including research articles, opinion articles, and abstracts) is the property of their respective authors, subject to a Creative Commons CC-BY-SA licence granted to all others. ITJRD allows the author(s) to hold the copyright without restrictions and allows the author to retain publishing rights without restrictions.