Web Forensic on Container Services Using Grr Rapid Response Framework

Imam Riadi; Rusydi Umar; Andi Sugandi

doi:10.15294/sji.v7i1.18299

Scientific Journal of Informatics (Jun 2020)

Web Forensic on Container Services Using Grr Rapid Response Framework

Imam Riadi,
Rusydi Umar,
Andi Sugandi

Affiliations

Imam Riadi: Universitas Ahmad Dahlan
Rusydi Umar: Universitas Ahmad Dahlan
Andi Sugandi: Universitas Ahmad Dahlan

DOI: https://doi.org/10.15294/sji.v7i1.18299
Journal volume & issue: Vol. 7, no. 1
pp. 33 – 42

Abstract

Read online

Cybercrime on Internet that keeps increasing does not only take place in the environment that running web applications traditionally under operating system, but also web applications that are running in more advance environment like container service. Docker is a currently popular container service in Linux operating system needs to be secured and implements incident response mechanisme that will investigate web server that was attacked by DDoS in fast, valid, and comprehesive way. This paper discusses the investigation using Grr Rapid Response framework on web server that was attacked by DDoS running in container service on Linux operating system, and the attacker using Windows oprating system that runs DDos script. This research has succesfully investigated digital evidence in the form of log file from web server running on container service and digital evidence through netstat on Windows computer.

forensics, network, docker container, grr rapid response, web

Published in Scientific Journal of Informatics

ISSN: 2407-7658 (Print)
Publisher: Jurusan Ilmu Komputer Universitas Negeri Semarang
Country of publisher: Indonesia
LCC subjects: Technology: Technology (General): Industrial engineering. Management engineering: Information technology
Website: http://journal.unnes.ac.id/nju/index.php/sji

About the journal

Abstract

Keywords