In the era of rapid digital transformation, organizations across various sectors face significant challenges in ensuring cybersecurity. One of the most critical threats is data breach incidents. The 2024 Data Breach Investigation Report (DBIR) recorded more than 10,000 data breach cases worldwide, causing substantial financial, operational, and reputational losses. However, the lack of an effective and efficient forensic framework often hinders investigations into data breaches.
In his dissertation, Arif Rahman Hakim developed a new digital forensic framework called KARAFFE (Kalamullah Ramli-Arif Rahman Hakim Forensic Framework for Exfiltration) and a machine learning-based method called ARKAIV (Arif Rahman Hakim-Kalamullah Ramli-Advanced Investigation). These innovations were designed to address the challenges of investigating data breaches by offering specific and accurate solutions tailored to each incident’s unique characteristics. His dissertation is titled “Development of a Digital Forensic Framework and a Machine Learning-Based Method for Investigating Data Breach Incidents.”
“KARAFFE maps the data breach investigation process into four main phases: Infiltration, Propagation, Aggregation, and Exfiltration. Meanwhile, ARKAIV is a machine learning-based predictive method that uses algorithms like Random Forest to detect data exfiltration attacks. The dataset used in ARKAIV was modified to address data imbalance using the SMOTEENN resampling technique, which increased prediction accuracy to 99.7%,” explained Arif during his presentation.
The development of KARAFFE and ARKAIV provides a comprehensive solution for investigating data breach incidents. KARAFFE maps digital evidence into the complete 5W+1H elements, while ARKAIV improves the accuracy of detecting exfiltration attacks using machine learning. These innovations are expected to help organizations accelerate the investigation process, minimize the impact of data breaches, and improve their readiness to handle future cyber incidents. With a systematic approach and the latest technological advancements, KARAFFE and ARKAIV represent a significant breakthrough in digital forensics and cybersecurity.
“With the increasing cyber threats, the demand for fast, accurate, and comprehensive investigation methods continues to grow. I hope cybersecurity practitioners can widely adopt the KARAFFE framework and ARKAIV method to help mitigate the impact of increasingly complex data breach incidents,” said Arif.
The Acting Dean of the Faculty of Engineering, Universitas Indonesia, Prof. Ir. Mahmud Sudibandriyo, M.Sc., Ph.D., praised Arif Rahman Hakim’s dissertation, stating, “This research demonstrates that the academic world can provide concrete solutions to increasingly complex cybersecurity issues. The KARAFFE and ARKAIV innovations developed by Arif Rahman Hakim are a tangible form of utilizing machine learning technology to strengthen cyber incident investigations. I hope this research can be widely applied in academia and the industrial sector, particularly in improving data breach detection and investigation capabilities.”
The research findings were presented during an open doctoral promotion session led by Prof. Ir. Mahmud Sudibandriyo, M.Sc., Ph.D., as the session chair, with Prof. Dr.-Ing. Ir. Kalamullah Ramli, M.Eng., as the supervisor; Dr. Ir. Muhammad Salman, S.T., M.IT., as the co-supervisor. The examination committee included Prof. Dr. Ir. Riri Fitri Sari, M.M., M.Sc.; Prof. Dr. Ir. Anak Agung Putri Ratna, M.Eng.; Dr. Ruki Harwahyu, S.T., M.T., M.Sc.; I Gde Dharma Nugraha, S.T., M.T., Ph.D.; Ir. Setiadi Yazid, M.Sc., Ph.D.; and Dr. Bernardi Pranggono, B.Eng., M.DigComms., Ph.D.
***
Public Communication Office
Faculty of Engineering, Universitas Indonesia
