Web Forensic on Container Services Using Grr Rapid Response Framework

Cybercrime on Internet that keeps increasing does not only take place in the environment that running web applications traditionally under operating system, but also web applications that are running in more advance environment like container service. Docker is a currently popular container service in Linux operating system needs to be secured and implements incident response mechanisme that will investigate web server that was attacked by DDoS in fast, valid, and comprehesive way. This paper discusses the investigation using Grr Rapid Response framework on web server that was attacked by DDoS running in container service on Linux operating system, and the attacker using Windows oprating system that runs DDos script. This research has succesfully investigated digital evidence in the form of log file from web server running on container service and digital evidence through netstat on Windows computer.