KERANGKA FORENSIK JARINGAN BERBASIS NEURAL NETWORK UNTUK DETEKSI DAN ANALISIS SERANGAN SIBER
Authors
-
Hafidz Budiman
Universitas Labuhanbatu
-
Ferdy Ardiansyah
Universitas Labuhanbatu
-
Sahat Parulian Sitorus
Universitas Labuhanbatu
-
Eriski Aulia Rahmi
Universitas Labuhanbatu
-
Siti Sarah
Universitas Labuhanbatu
-
Wulan Inda Sari
Universitas Labuhanbatu
https://doi.org/10.47561/jtik.v19i1.350
This Abstract has been read 59 times
Abstract
The increasing complexity of cyberattacks requires network forensic methods capable of reconstructing, detecting, and interpreting malicious activity with high accuracy. Existing forensic approaches still face limitations when analyzing large scale network traffic, particularly when attack patterns resemble normal user behavior, which complicates the identification of incidents and the reconstruction of attack timelines. This study proposes a neural network based network forensic framework that integrates attack identification, network traffic classification, and activity reconstruction to support digital investigations. The research employs an experimental design with a mixed traffic dataset comprising normal and malicious activities, including network scanning, SSH brute-force attempts, denial-of-service attacks, and malware distribution. The neural network model performs the detection phase by classifying network traffic, while a structured forensic pipeline guides the extraction of digital artifacts and the correlation of network metadata. The results indicate that the proposed model achieves 97.82 percent accuracy, a low false-positive rate, and faster processing time compared with conventional network forensic approaches. Forensic analysis of network logs reveals attack patterns characterized by intensive scanning on common service ports, repeated authentication attempts on SSH services, anomalous packet inter arrival intervals during denial of service attacks, and increased payload entropy associated with malware communication. These findings demonstrate the effectiveness of integrating neural network techniques into network forensic investigations, supporting improved detection capabilities and the reconstruction of digital evidence during cyber incident analysis.
Keywords: cyber attacks, digital investigation, neural network, , network forensics
CITATIONS
PDF Downloads
References
B. Y. Pratama and others, “Network forensic analysis using NIST 800-86 approach for detecting malicious activities,” J. Ilmu Komput. dan Inf., vol. 16, no. 2, pp. 123–134, 2023.
A. Meshram and C. Haas, “Malware forensics analysis using memory reconstruction and deep learning,” Digit. Investig., vol. 40, p. 301400, 2022.
A. K. B. Arnob and A. Roy, “A comprehensive systematic review of intrusion detection systems using deep learning and feature engineering,” J. Emerg. Cybersecurity, 2025.
D. Spiekermann and others, “Deep learning for network intrusion detection in virtual networks,” Electronics, vol. 13, no. 18, p. 3617, 2024.
I. H. Sarker, “Deep learning-based cybersecurity: A survey of threats, datasets, and methods,” Artif. Intell. Rev., vol. 55, no. 6, pp. 4491–4558, 2022.
N. Moustafa and others, “Federated deep learning-based intrusion detection in IoT networks,” IEEE Trans. Netw. Sci. Eng., vol. 9, no. 3, pp. 1653–1667, 2022.
M. Farhan and others, “Network-based intrusion detection using sequential deep neural networks and feature selection in realistic network traffic,” Sci. Rep., vol. 15, p. 22719, 2025.
H. Kim and J. Park, “Machine learning-based malicious traffic detection using flow statistical features,” Sensors, vol. 22, no. 6, p. 2388, 2022.
Y. Yu and others, “A hybrid CNN-GRU model for encrypted traffic classification in network security,” Inf. Sci. (Ny)., vol. 624, pp. 433–447, 2023.
L. Silva and others, “A deep learning-based incident classification model for SOC-level response,” J. Netw. Comput. Appl., vol. 229, p. 103676, 2024.
R. A. Ramadhan, A. T. Tira, and M. R. Fadhilah, “Network Forensic: Analysis of client attack and QoS measurement by ARP poisoning using NFGP model,” Sistemasi, vol. 13, no. 2, pp. 713–727, 2024.
M. A. Ferrag and L. Maglaras, “Deep learning for cyber security intrusion detection: Approaches and datasets,” Appl. Sci., vol. 11, no. 10, p. 4385, 2021.
S. Bhardwaj and M. Dave, “Enhanced neural network--based attack investigation framework for network forensics: Identification, detection, and analysis of the attack,” Comput. & Secur., vol. 135, p. 103521, 2023.
A. P. AbdelHalim and M. Hassan, “Deep learning techniques for network intrusion detection systems: Recent advances and challenges,” Int. J. Comput. Inf. Sci., 2025.
X. Zhang and others, “Malicious traffic detection based on multi-feature fusion and deep neural networks,” Futur. Gener. Comput. Syst., vol. 143, pp. 312–327, 2023.
S. Rahman and others, “AI-driven digital evidence examination and incident response automation,” IEEE Trans. Inf. Forensics Secur., vol. 19, pp. 2222–2236, 2024.
A. Mansour and others, “Automated cyber-attack investigation using sequence-aware neural models,” Expert Syst. Appl., vol. 228, p. 120352, 2023.
V. Sharma and others, “Digital forensics for cybercrime investigation using machine learning: A comprehensive analysis,” Forensic Sci. Int. Digit. Investig., vol. 48, p. 301551, 2024.
M. Latah, “Deep learning approaches for intrusion detection systems: A survey,” Adv. Eng. Informatics, vol. 48, p. 101299, 2021.
A. Alqahtani and others, “A collaborative deep learning model for DDoS attack detection in cloud environments,” IEEE Access, vol. 11, pp. 45731–45749, 2023.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2026 Hafidz Budiman, Ferdy Ardiansyah, Sahat Parulian Sitorus, Eriski Aulia Rahmi, Siti Sarah, Wulan Inda Sari
This work is licensed under a Creative Commons Attribution 4.0 International License.
