Manajemen jpeg/exif file fingerprint dengan algoritma Brute Force string matching dan Hash Function SHA256

Authors

  • Rachmad Fitriyanto Universitas Ahmad Dahlan, Yogyakarta
  • Anton Yudhana Universitas Ahmad Dahlan, Yogyakarta
  • Sunardi Sunardi Universitas Ahmad Dahlan, Yogyakarta

DOI:

https://doi.org/10.26594/register.v5i2.1707

Keywords:

Brute Force string matching, file fingerprint, jpeg, exif, SHA256

Abstract

Management of jpeg/exif file fingerprint with Brute Force string matching algorithm and Hash Function SHA256


Metode pengamanan berkas gambar jpeg/exif saat ini hanya mencakup aspek pencegahan, belum pada aspek deteksi integritas data. Digital Signature Algorithm (DSA) adalah metode kriptografi yang digunakan untuk memverifikasi integritas data menggunakan hash value. SHA256 merupakan hash function yang menghasilkan 256-bit hash value yang berfungsi sebagai file fingerprint. Penelitian ini bertujuan untuk menyusun file fingerprint dari berkas jpeg/exif menggunakan SHA256 dan algoritma Brute Force string matching untuk verifikasi integritas berkas jpeg/exif. Penelitian dilakukan dalam lima tahap. Tahap pertama adalah identifikasi struktur berkas jpeg/exif. Tahap kedua adalah akuisisi konten segmen. Tahap ketiga penghitungan hash value. Tahap keempat adalah eksperimen modifikasi berkas jpeg/exif. Tahap kelima adalah pemilihan elemen dan penyusunan file fingerprint. Hasil penelitian menunjukkan sebuah jpeg/exif file fingerprint tersusun atas tiga hash value. SOI (Start of Image) segment hash value digunakan untuk mendeteksi terjadinya modifikasi berkas dalam bentuk perubahan tipe berkas dan penambahan objek pada konten gambar. Hash value segmen APP1 digunakan untuk mendeteksi modifikasi pada metadata berkas. Hash value segmen SOF0 digunakan untuk mendeteksi gambar yang dimodifikasi dengan teknik recoloring, resizing, dan cropping.

 

The method of securing jpeg/exif image files currently has covered only the prevention aspect instead of the data integrity detection aspect. Digital Signature Algorithm is a cryptographic method used to verify the data integrity using hash value. SHA256 is a hash function that produces a 256-bit hash value functioning as a fingerprint file. This study aimed at compiling fingerprint files from jpeg/exif files using SHA256 and Brute Force string matching algorithm to verify the integrity of jpeg/exif files. The research was conducted in five steps. The first step was identifying the jpeg/exif file structure. The second step was the acquisition of the segment content. The third step was calculating the hash value. The fourth step was the jpeg/exif file modification experiment. The fifth step was the selection of elements and compilation of fingerprint files. The obtained results showed a jpeg/exif fingerprint file which was compiled in three hash values. The hash value of SOI segment was used to detect the occurrence of file modification in the form of file type changing and object addition on the image content. The hash value of APP1 segment was used to detect the metadata file modification. The hash value of SOF0 segment was used to detect the images modified by recoloring, resizing, and cropping techniques.

Author Biographies

Rachmad Fitriyanto, Universitas Ahmad Dahlan, Yogyakarta

Teknik Informatika

Anton Yudhana, Universitas Ahmad Dahlan, Yogyakarta

Teknik Elektro

Sunardi Sunardi, Universitas Ahmad Dahlan, Yogyakarta

Teknik Elektro

References

Bansal, D., Sharma, M., & Mishra, A. (2017). Analysis of Digital Signature based Algorithm for Authentication and Privacy in Digital Data. International Journal of Computer Applications, 161(5), 43-45.

Gangwar, D. P., & Pathania, A. (2018). Authentication of Digital Image using Exif Metadata and Decoding Properties. International Journal of Scientific Research in Computer Science, Engineering and Information Technology (IJSR CSEIT), 3(8), 335-341.

Jain, A. K., Jones, R., & Joshi, P. (2017). Survey of Cryptographic Hashing Algorithms for Message Signing. IJCST, 8(2), 18-22.

Jiji, N., & Mahalakshmi, T. (2018). An Efficient String Matching Algorithm for Detecting Patterns using Forward and Backward Searching Approach. IPASJ International Journal of Computer Science (IIJCS), 6(2), 16-26.

Madhu, B., Holi, G., & Murthy, K. S. (2016). An Overview of Image Security Techiques. International Journal of Computer Applications, 154(6), 37-46.

NIST, N. (2015). FIPS 180-4 Secure Hash Standard (SHS). Gaithersburg, Montgomery County, Maryland: National Institute of Standards and Technology. doi:http://dx.doi.org/10.6028/NIST.FIPS.180-4

Orozco, A. L., González, D. M., Villalba, L. J., & Hernández-Castro, J. (2015). Analysis of errors in exif metadata on mobile devices. Multimedia Tools and Applications, 74(13), 4735–4763.

Park, S., Ruighaver, A. B., Maynard, S. B., & Ahmad, A. (2011). Towards Understanding Deterrence: Information Security Managers’ Perspective. Proceedings of the International Conference on IT Convergence and Security (pp. 21-37). Suwon: Springer.

Refialy, L., Sediyono, E., & Setiawan, A. (2015). Pengamanan Sertifikat Tanah Digital menggunakan Digital Signature SHA-512 dan RSA. Jurnal Teknik Informatika dan Sistem Informasi (JuTISI), 1(3), 229-234.

Roussev, V. (2009). Hashing and Data Fingerprinting in Digital Forensics. IEEE Security & Privacy, 7(2), 49-55.

Roussev, V. (2011). An evaluation of forensic similarity hashes. Digital Investigation, 8, S34-S41.

Shaker, S. H., & Jumaa, G. G. (2017). Digital Signature Based on Hash Functions. International Journal Of Advancement In Engineering Technology, Management and Applied Science (IJAETMAS), 4(1), 88-99.

Sukarno, A. S. (2013). Pengembangan Aplikasi Pengamanan Dokumen Digital Memanfaatkan Algoritma Advance Encryption Standard, RSA Digital Signature dan Invisible Watermarking. Seminar Nasional Aplikasi Teknologi Informasi (SNATI) 2013 (pp. M-1 ~ M-8). Yogyakarta: Universitas Islam Indonesia.

Sumagita, M., & Riadi, I. (2018). Analysis of Secure Hash Algorithm (SHA) 512 for Encryption Process on Web Based Application. International Journal of Cyber-Security and Digital Forensics (IJCSDF), 7(4), 373-381.

Wijayanto, H., Prabowo, I. A., & Harsadi, P. (2018). Optimalisasi Penyusutan Exif Metadata dengan Teknik Substitusi Null Value pada Kasus Keamanan Citra Digital. Jurnal Ilmiah SINUS, 16(1), 1-10.

Wijayanto, H., Riadi, I., & Prayudi, Y. (2016). Encryption EXIF Metadata for Protection Photographic Image of Copyright Piracy. International Journal of Research in Computer and Communication Technology (IJRCCT), 5(5), 237-243.

Downloads

Published

2019-07-01

How to Cite

[1]
R. Fitriyanto, A. Yudhana, and S. Sunardi, “Manajemen jpeg/exif file fingerprint dengan algoritma Brute Force string matching dan Hash Function SHA256”, Register: Jurnal Ilmiah Teknologi Sistem Informasi, vol. 5, no. 2, pp. 128–139, Jul. 2019.

Issue

Vol. 5 No. 2 (2019): July

Section

Article

License


Please find the rights and licenses in Register: Jurnal Ilmiah Teknologi Sistem Informasi. By submitting the article/manuscript of the article, the author(s) agree with this policy. No specific document sign-off is required.

1. License

The non-commercial use of the article will be governed by the Creative Commons Attribution license as currently displayed on Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

2. Author(s)' Warranties

The author warrants that the article is original, written by stated author(s), has not been published before, contains no unlawful statements, does not infringe the rights of others, is subject to copyright that is vested exclusively in the author and free of any third party rights, and that any necessary written permissions to quote from other sources have been obtained by the author(s).

3. User/Public Rights

Register's spirit is to disseminate articles published are as free as possible. Under the Creative Commons license, Register permits users to copy, distribute, display, and perform the work for non-commercial purposes only. Users will also need to attribute authors and Register on distributing works in the journal and other media of publications. Unless otherwise stated, the authors are public entities as soon as their articles got published.

4. Rights of Authors

Authors retain all their rights to the published works, such as (but not limited to) the following rights;

Copyright and other proprietary rights relating to the article, such as patent rights,
The right to use the substance of the article in own future works, including lectures and books,
The right to reproduce the article for own purposes,
The right to self-archive the article (please read out deposit policy),
The right to enter into separate, additional contractual arrangements for the non-exclusive distribution of the article's published version (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal (Register: Jurnal Ilmiah Teknologi Sistem Informasi).
5. Co-Authorship

If the article was jointly prepared by more than one author, any authors submitting the manuscript warrants that he/she has been authorized by all co-authors to be agreed on this copyright and license notice (agreement) on their behalf, and agrees to inform his/her co-authors of the terms of this policy. Register will not be held liable for anything that may arise due to the author(s) internal dispute. Register will only communicate with the corresponding author.

6. Royalties

Being an open accessed journal and disseminating articles for free under the Creative Commons license term mentioned, author(s) aware that Register entitles the author(s) to no royalties or other fees.

7. Miscellaneous

Register will publish the article (or have it published) in the journal if the article’s editorial process is successfully completed. Register's editors may modify the article to a style of punctuation, spelling, capitalization, referencing and usage that deems appropriate. The author acknowledges that the article may be published so that it will be publicly accessible and such access will be free of charge for the readers as mentioned in point 3.