Digital Forensic Readiness Information System For EJBCA Digital Signature Web Server
Author
Abstract

As the nature of the website, the EJBCA digital signatures may have vulnerabilities. The list of web-based vulnerabilities can be found in OWASP's Top 10 2021. Anticipating the attack with an effective and efficient forensics application is necessary. The concept of digital forensic readiness can be applied as a pre-incident plan with a digital forensic lifecycle pipeline to establish an efficient forensic process. Managing digital evidence in the pre-incident plan includes data collection, examination, analysis, and findings report. Based on this concept, we implemented it in designing an information system that carries out the entire flow, provides attack evidence collection, visualization of attack statistics in executive summary, mitigation recommendation, and forensic report generation in a physical form when needed. This research offers an information system that can help the digital forensic process and maintain the integrity of the EJBCA digital signature server web.

Year of Publication
2022
Conference Name
2022 International Conference on Information Technology Systems and Innovation (ICITSI)
Google Scholar | BibTeX