Implementasi Digital Forensik pada VMware ESXi Server Berbasis OS Windows 10 Menggunakan GCFIM
Keywords:
Forensik Digital, GCFIM, VMware ESXI Server, Windows 10Abstract
Dalam menghadapi perkembangan teknologi informasi, implementasi forensik digital pada lingkungan virtualisasi seperti Server VMware ESXi dan sistem operasi Windows 10 menjadi semakin penting. Virtualisasi server memungkinkan penggunaan bersama perangkat keras oleh sistem operasi yang berbeda, menghasilkan efisiensi sumber daya dan penghematan biaya. Dalam konteks ini, forensik digital pada VMware ESXi Server menjadi krusial untuk menyelidiki bukti digital dalam lingkungan virtual yang semakin bergantung pada infrastruktur TI modern. Penelitian ini memfokuskan forensik digital pada VMware ESXi Server dengan menggunakan Framework Generic Computer Forensic Investigation Model (GCFIM) berbasis OS Windows 10 serta dengan menggunakan tools Sleuth Kit (+Autopsy) dan FTK Imager dalam pelaksanaan forensic digitalnya. Pilihan Windows 10 sebagai dasar implementasi karena sistem operasi tersebut memiliki banyak pengguna. GCFIM memberikan pendekatan terstruktur untuk investigasi forensik digital, meningkatkan koordinasi dan efisiensi analisis bukti digital. Penelitian ini bertujuan untuk mengeksplorasi server VMware ESXi dengan metode GCFIM, terutama dalam konteks Windows 10, dengan harapan memperoleh akuisisi seluruh media virtualisasi penyimpanan. Temuan dari penelitian ini diharapkan dapat memberikan wawasan baru dalam pengembangan metode forensik digital untuk lingkungan virtual yang semakin kompleks.
In the face of the development of information technology, the implementation of digital forensics on virtualization environments such as VMware ESXi Servers and Windows 10 operating systems is becoming increasingly important. Server virtualization allows the shared use of hardware by different operating systems, resulting in resource efficiency and cost savings. In this context, digital forensics on VMware ESXi Server becomes crucial for investigating digital evidence in virtualized environments that increasingly rely on modern IT infrastructure. This research focuses on digital forensics on VMware ESXi Server by using the Generic Computer Forensic Investigation Model (GCFIM) Framework based on Windows 10 OS and by using Sleuth Kit (+Autopsy) and FTK Imager tools in its digital forensic implementation. The choice of Windows 10 as the basis for implementation is because the operating system has many users. GCFIM provides a structured approach to digital forensic investigations, improving the coordination and efficiency of digital evidence analysis. This research aims to explore VMware ESXi servers with the GCFIM method, especially in the context of Windows 10, in the hope of obtaining acquisition of the entire storage virtualization medium. The findings from this research are expected to provide new insights in the development of digital forensics methods for increasingly complex virtual environments.
References
Ali, & Sudyana, D. 2014. Virtualization Technology for Optimizing Server Resource Usage. https://www.researchgate.net/publication/309920996
Adam, M., Alwi, E. I., & As’ad, I. 2022. Analisis Forensik Terhadap Serangan Ddos Ping of Death pada Server (Vol. 5, Issue 1).
Adams, R., Hobbs, V., & Mann, G. 2013. The Advanced Data Acquisition Model (Adam): A Process Model for Digital Forensic Practice. Journal of Digital Forensics, Security and Law. https://doi.org/10.15394/jdfsl.2013.1154
Domingues, P., Andrade, L., & Frade, M. 2022. A Digital Forensic View of Windows 10 Notifications. Forensic Sciences, 2(1), 88–106. https://doi.org/10.3390/forensicsci2010007
Kumar, R., & Charu, S. 2015. An Importance of Using Virtualization Technology in Cloud Computing. In Global Journal of Computers & Technology (Vol. 1, Issue 2). www.gpcpublishing.com
Lim, S., Yoo, B., Park, J., Byun, K. D., & Lee, S. 2012. A research on the investigation method of digital forensics for a VMware Workstation’s virtual machine. Mathematical and Computer Modelling, 55(1–2), 151–160. https://doi.org/10.1016/j.mcm.2011.02.011
Riadi, I., Yudhana, A., & Saputra, R. V. A. 2023. Forensik Video Pada CCTV Menggunakan Framework Generic Computer Forensics Investigation Model (GCFIM). JURIKOM (Jurnal Riset Komputer), 10(2), 540. https://doi.org/10.30865/jurikom.v10i2.5888
Sudyana, D., Prayudi, Y., Mukhtar, H., & Sugiantoro, B. 2019. Server Virtualization Acquisition Using Live Forensics Method.
Sudyana, D., Putra, R. T., & Soni, S. 2019. Digital Forensics Investigation on Proxmox Server Virtualization Using SNI 27037:2014. Sinkron, 3(2), 67–72. https://doi.org/10.33395/sinkron.v3i2.10029
