Computer Forensic Using Photorec for Secure Data Recovery Between Storage Media: a Proof of Concept

  • I Putu Agus Eka Pratama Udayana University
Keywords: Computer forensics, data, I ndustry 4.0, Photorec, secure data recovery.


Data plays the important role, so that data recovery and data security be prioritized. Computer users often lose their data due to personal errors or by attacks. Digital forensics has one sub-field called computer forensic, which has an important role in the process of secure data recovery. USB Flashdisk as the most widely used storage media has a probability of data loss. It is necessary to do computer forensic actions, especially secure data recovery, on it so that it can restore data securely to other media while protecting it by giving privilege root. In this research, computer forensic testing the 2781 files of various data formats that were erased on a 32 GB USB flash drive using Photorec. The media for collecting data recovery results using an Intel computer, 2 GB RAM, 1.8 GHz processor, the Linux operating system Xubuntu 20.04. Testing is carried out following the test scenarios that have been designed, then observed, recorded, and analyzed. Photorec places recovery data in 6 recup_dir subdirectories. Test results and analysis of the test results show that Photorec is a reliable tool for computer forensic, especially secure data recovery because it can restore 100% of data, accompanied by privilege root for all data recovery results, so they cannot be changed and deleted by an end-user without granted access.


Download data is not yet available.


[1] Raptis, et al., Data Management in Industry 4.0: State of the Art and Open Challenges, IEEE Access, 7, 2019, pp. 1-43.
[2] I. D. P. G. W. Putra, M. D. W. Aristana, Perancangan Desain Ruangan Data Center Menggunakan Standar TIA-942, Jurnal RESISTOR (Rekayasa Sistem Komputer), 2:1, 2019, pp.1-5.
[3] B. Raharjo, Sekilas Mengenai Forensic Digital, Jurnal Sosioteknologi, 2013, pp.384-387.
[4] K.P. Chow, S. Shenoi, Advances in Digital Forensics VI, IFIP AICT 337 International Federation for Information Processing, 2010, pp. 297–311.
[5] I. Riadi, Sunardi, M.E. Rauli, Identifikasi Bukti Digital WhatsApp pada Sistem Operasi Proprietary Menggunakan Live Forensics, Jurnal Teknik Elektro, 10, 2018.
[6] A. Fauzan, I. Riadi, A. Fadlil, Analisis Forensik Digital Pada Line Messenger Untuk Penanganan Cybercrime, Prosiding Annual Research Seminar, 2, 2016.
[7] G.B. Santoso, D. Dirgantara, Disaster Recovery Plan dalam Kantor Samisami, Proseding Seminar Nasional Cendekiawan ke 3, 2017.
[8] B. Yuliadi, A. Nugroho, Rancangan Disaster Recovery Pada Instansi Pendidikan Studi Kasus Universitas Mercu Buana, Jurnal Teknik Informatika, 9, 2016.
[9] A. Supriyanto, I. Aknuranda, W.H.N. Putra, Penyusunan Disaster Recovery Plan (DRP) berdasarkan Framework NIST SP 800-34 (Studi Kasus: Departemen Teknologi Informasi PT Pupuk Kalimantan Timur), Jurnal Pengembangan Teknologi Informasi dan Ilmu Komputer, 3:8, 2019, hlm.8212-8219
[10] A. Yudhana, R. Umar, A. Ahmadi, Digital Evidence Identification on Google Drive in Android Device Using NIST Mobile Forensic Method, Scientific Journal of Informatics, 6, 2019.
[11] J.B. Wollaston, T. Storer, W. Glisson, Comparison of the Data Recovery Function of Forensic Tools, IFIP International Federation for Information Processing, 22, 2013.
[12] O.S. Sitompul, A. Handoko, R.F. Rahmat, File Reconstruction in Digital Forensic, TELKOMNIKA, 16, 2018, pp.776~794
[13] A. Bansal, A. Agrawal, M.S. Sankhla, R. Kumar, Computer Forensic Investigation on Hard Drive Data Recovery: A Review Study, IOSR Journal of Computer Engineering (IOSR-JCE), 18, 2016, pp.39-42.
[14] I. Lazaridis, T. Arampatzis, S. Pouros, Evaluation of Digital Forensics Tools on Data Recovery and Analysis, Proceedings of the Third International Conference on Computer Science, Computer Engineering, and Social Media (CSCESM2016), Thessaloniki, Greece, 2016.
[15] M. Riskiyadi, Investigasi Forensic Terhadap Bukti Digital Dalam Mengungkap Cybercrime, Jurnal Saintek, 3, 2020.
[16] H. Handrizal, Analisis Perbandingan Toolkit Puran File Recovery, Glary Undelete Dan Recuva Data Recovery Untuk Digital Forensik, Jurnal Komputer dan Sain Informatika (J-SAKTI), 1, 2017.
[17] I. Riadi, S. Sunardi, S. Sahiruddin, Perbandingan Tool Forensik Data Recovery Berbasis Android menggunakan Metode NIST, Jurnal Teknologi Informasi dan Ilmu Komputer (JTIIK), 7, 2020.
How to Cite
Pratama, I. P. A. E. (2021). Computer Forensic Using Photorec for Secure Data Recovery Between Storage Media: a Proof of Concept. International Journal of Science, Technology & Management, 2(4), 1189-1196.