| Autor: |
Nugroho, Setyo Adi, Hakim, Arif Rahman |
| Předmět: |
|
| Zdroj: |
AIP Conference Proceedings; 2023, Vol. 2680 Issue 1, p1-6, 6p |
| Abstrakt: |
The application of Information and Communication Technology (ICT) has had an enormous impact on our various aspects of life. On the other hand, the rising problem is the increase of complex cyber incidents, i.e., trojan malware incidents. Trojan malware incidents that do not carry out immediate response can significantly impact the system services. Besides, it requires an appropriate tool to analyze the incidents. In this paper, we observe the capability of the GRR tool collaborated with Plaso and Timesketch as our advanced analytical tool to help locate the incident's Indicator of Compromise (IoC) on the system affected by the trojan. We used 30 Hawkeye trojans as the sample in the assessment to perform an in-depth analysis. We aim to measure the performance of the tool in terms of accuracy and time consumed. The result shows that the GPT tool has high accuracy in finding the IoC parameter in a comparable time. Furthermore, our tool can parse the output data and display the result in a timeline visualization. [ABSTRACT FROM AUTHOR] |
| Databáze: |
Complementary Index |
| Externí odkaz: |
|
