In computer network, communication from one computer to another computer can be intercepted, the way to intercept communication between network devices is with Address Resolution Protocol Poisoning attack. This attack can steal data such as usernames and passwords, modify traffic, and stop the traffic itself. This research implements the Network Forensic Generic Process model as a reference in Network Forensics practice. Apart from that, this research also measures quality of service to compare parameters before the attack and when the attack occurred. The tools used in this research are Wireshark, XArp, and Snort. This research succeeded in obtaining authentic information from the evidence obtained. The results of quality of service measurements showed that the quality of service parameters changed when the attack occurred. This research can be a reference in improving network security by better understanding the threats that may be encountered and providing valuable insight for future security prevention and response efforts.

M. N. Hafizh, I. Riadi, and A. Fadlil, “Forensik Jaringan Terhadap Serangan ARP Spoofing menggunakan Metode Live Forensic,” J. Telekomun. dan Komput., vol. 10, no. 2, p. 111, 2020, doi: 10.22441/incomtech.v10i2.8757.

A. Mallik, A. Ahsan, M. Shahadat, and J.-C. Tsou, “Man-in-the-middle-attack: Understanding in simple words,” Int. J. Data Netw. Sci., vol. 3, pp. 77–92, Jan. 2019, doi: 10.5267/j.ijdns.2019.1.001.

Syaifuddin, D. Regata Akbi, and A. Gholib Tammami, “Analisis Address Resolution Protocol Poisoning Attack Pada Router WLAN Menggunakan Metode Live Forensics,” J. Komput. Terap., vol. 7, no. 1, pp. 62–73, 2021, [Online]. Available: https://jurnal.pcr.ac.id/index.php/jkt/.

A. Majumdar, S. Raj, and T. Subbulakshmi, “ARP Poisoning Detection and Prevention using Scapy,” J. Phys. Conf. Ser., vol. 1911, no. 1, 2021, doi: 10.1088/1742-6596/1911/1/012022.

D. Mualfah and I. Riadi, “Network Forensics For Detecting Flooding Attack On Web Server,” Int. J. Comput. Sci. Inf. Secur., vol. 15, pp. 326–331, Mar. 2017.

D. T. Yuwono, A. Fadlil, and S. Sunardi, “Perbandingan Kinerja Perangkat Lunak Forensik untuk File Carving dengan Metode NIST,” J. Teknol. dan Sist. Komput., vol. 7, no. 3, pp. 89–92, 2019, doi: 10.14710/jtsiskom.7.3.2019.89-92.

S. Sunardi, I. Riadi, and M. Akbar, “Steganalisis Bukti Digital pada Media Penyimpanan Menggunakan Metode Static Forensics,” J. Nas. Teknol. dan Sist. Inf., vol. 6, pp. 1–8, Jun. 2020, doi: 10.25077/TEKNOSI.v6i1.2020.1-8.

N. Hildayanti and I. Riadi, “Forensics Analysis of Router On Computer Networks Using Live Forensics Method,” Int. J. Cyber-Security Digit. Forensics, vol. 8, pp. 74–81, May 2019, doi: 10.17781/P002559.

G. Kamajaya, I. Riadi, and Y. Prayudi, “Analisa Investigasi Static Forensics Serangan Man in the Middle Berbasis Arp Poisoning,” JIKO (Jurnal Inform. dan Komputer), vol. 3, no. 1, pp. 6–12, 2020, doi: 10.33387/jiko.v3i1.1692.

D. Saputra and I. Riadi, “Network Forensics Analysis of Man in the Middle Attack Using Live Forensics Method,” Int. J. Cyber-Security Digit. Forensics, vol. 8, no. 1, pp. 66–73, 2019, doi: 10.17781/p002558.

I. Riadi, A. Fadlil, and M. N. Hafizh, “Analisis Bukti Serangan Address Resolution Protocol Spoofing menggunakan Metode National Institute of Standard Technology,” Edumatic J. Pendidik. Inform., vol. 4, no. 1, pp. 21–29, 2020, doi: 10.29408/edumatic.v4i1.2046.

M. R. Choiruman, J. G. A. Ginting, and N. Iryani, “Analisis Pendeteksian Serangan ARP Poisoning Dengan Menggunakan Metode Live Forensic,” InfoTekJar J. Nas. Inform., vol. 2, pp. 0–4, 2022.

R. Rizal, I. Riadi, and Y. Prayudi, “Network Forensics for Detecting Flooding Attack on Internet of Things (IoT) Device,” vol. 7, pp. 382–390, Sep. 2018.

A. Almaarif and S. Yazid, “ARP Cache Poisoning sebagai Teknik Alternatif untuk Membatasi Penggunaan Bandwidth berbasis Waktu,” J. Rekayasa Sist. Dan Ind., vol. 05, pp. 2–7, 2018.

O. Prayogo and I. Riadi, “Router Forensic Analysis against Distributed Denial of Service (DDoS) Attacks,” Int. J. Comput. Appl., vol. 175, pp. 19–25, Dec. 2020, doi: 10.5120/ijca2020920944.