ANALISIS DETEKSI PENYUSUP PADA LAYANAN OPEN JOURNAL SYSTEM MENGGUNAKAN METODE NETWORK FORENSIC DEVELOPMENT LIFE CYCLE

Authors

  • Hero Wintolo Universitas Ahmad Dahlan
  • Imam Riadi Universitas Ahmad Dahlan
  • Anton Yudhana Universitas Ahmad Dahlan

DOI:

https://doi.org/10.36080/skanika.v8i1.3284

Keywords:

deteksi, penyusup, OJS, tripwire, NFDLC

Abstract

This study aims to detect intruders on a server computer used for Open Journal System (OJS) services. The server is connected to the internet via a router, making it vulnerable to external attacks. In this research, the tool used is Tripwire, installed on the server computer as the main object. Tripwire functions as a change detection tool for the file system, identifying suspicious activities and recording valid file hashes, verifying file integrity against this record periodically. The system is operated by journal managers from computers connected to the server within the same network address providing OJS services. The method used in this research is the Network Forensic Development Life Cycle (NFDLC), which consists of several stages: initiation, acquisition, implementation, operation, and disposition. Each stage is applied systematically to facilitate the forensic analysis of attacks. The research results show that the NFDLC method is effective in analyzing and detecting intruders in the network. Based on forensic analysis using Tripwire, 12 data losses were found in 7 attack incidents identified on the OJS service. This study successfully demonstrates that the NFDLC method and Tripwire tool are effective in detecting and analyzing intruders attempting to access the OJS service server computer.

Downloads

Download data is not yet available.

References

[1] S. M. Haider, and M. Kashif, “Open Journal System,” ANNALS: Abbasi Shaheed Hospital and Karachi Medical & Dental Collage, vol. 24, no. 2, pp. 59-61, 2019.
[2] I. Riadi, A. Yudhana, and Yunanri, “Analisis Keamanan Website Open Journal System Menggunakan Metode Vulnerability Assessment,” Jurnal Teknologi Informasi dan Ilmu Komputer (JTIIK), vol. 7, no. 4, pp. 853-860, 2020.
[3] L. Verma, “Ojs security analysis: Issues, reasons, and possible solutions,” DESIDOC Journal of Library and Information Technology, vol. 41, no. 5, pp. 391–396, 2021.
[4] Y. Arta, et al., “Analisa Web Server Untuk Kebutuhan Open Journal System Menggunakan Secure Tunnel Web Server Analysis for Open Journal System Needs Using Secure Tunnel,” Cogito Smart Journal, vol. 8, no. 2, pp. 537-548, 2022.
[5] A. Purnomo, “Impementasi Web Scraping Pada OJS Dengan Metode CSS Selector,” RESOLUSI: Rekayasa Teknik Informatika dan Informasi, vol. 3, no. 2, 63-68, 2022.
[6] Y. Indrianingsih, H. Wintolo, and E. Y. Saputri, “Spanning Tree Protocol (STP) Based Computer Network Performance Analysis on BPDU Config Attacks and Take Over Root Bridge Using the Linear Regression Method,” Jurnal Online Informatika, vol. 6, no. 2, pp. 155-262, 2021.
[7] P. S. S. K. Gandikota, et al., “Web Application Security through Comprehensive Vulnerability Assessment,” Procedia Computer Science, Elsevier B.V., vol. 230, 2023, pp. 168–182.
[8] H. Alamsyah, “Penerapan Sistem Keamanan WEB Menggunakan Metode WEB Aplication Firewall,” Jurnal Amplifier: Jurnal Ilmiah Bidang Teknik Elektro dan Komputer, vol. 11, no. 1, pp. 37-42, 2021.
[9] S. Suharti, A. Yudhana, and I. Riadi, “Forensik Jaringan DDoS menggunakan Metode ADDIE dan HIDS pada Sistem Operasi Proprietary,” MATRIK: Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer, vol. 21, no. 3, pp. 567–582, 2022.
[10] H. Zhu and C. Gehrmann, “Lic-Sec: An enhanced AppArmor Docker security profile generator,” Journal of Information Security and Applications, vol. 61, 2021.
[11] J. N. Hilgert, R. Schell, C. Jakobs, and M. Lambertz, “About the applicability of Apache2 web server memory forensics,” Forensic Science International: Digital Investigation, vol. 46, pp. 1-11, 2023.
[12] D. Downs, “Spanning Student Networks: Designing Undergraduate Research Journal Websites to Foster Student–Student Mentoring,” Computer Composition, vol. 60, pp. 2021.
[13] Z. Alamsyah, G. Purnama Insany, F. Jihad Taqwana, and K. dan Desain, “Perancangan dan Implementasi Aplikasi Keamanan Ujian Online Menggunakan Algoritma Rijndael dan Remote Desktop Protocol,” SKANIKA: Sistem Komputer dan Teknik Informatika, vol. 7, no. 2, pp. 119–132, 2024.
[14] A. Fikriyan and S. Mulyati, “Sistem Pengamanan Data Gambar Menggunakan RC4 dan EOF Pada Media Video Mp4 Berbasis Java Desktop Pada Kementerian Pendidikan dan Kebudayaan,” SKANIKA: Sistem Komputer dan Teknik Informatika, vol. 4, no. 2, pp. 91–98, 2021.
[15] U. Inayat, et al., “Insider threat mitigation: Systematic literature review,” Ain Shams Engineering Journal, vol. 15, no. 12, pp. 1-18, 2024.
[16] A. Shah, “Evaluating Network Forensics Applying Advanced Tools,” International Journal of Advanced Engineering, Management and Science, vol. 9, no. 4, pp. 01–09, 2023.
[17] R. H. W. Murti, I. Riadi, N. Anwar, and T. Ismail, “Forensik Jaringan Terhadap Serangan DDOS Menggunakan Metode Network Forensic Development Life Cycle,” JSTIE (Jurnal Sarjana Teknik Informatika) (E-Journal), vol. 11, no. 3, pp. 107-112, 2023.
[18] R. Surya Kusuma, R. Umar, and I. Riadi, “Network Forensics Against Ryuk Ransomware Using Trigger, Acquire, Analysis, Report, and Action (TAARA) Method,” Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control, vol. 6, no. 2, pp. 133-140, 2021.
[19] A. Yudhana, I. Riadi, and S. Suharti, “Network Forensics Against Volumetric-Based Distributed Denial of Service Attacks on Cloud and the Edge Computing,” International Journal of Safety and Security Engineering, vol. 12, no. 5, pp. 577–588, 2022.
[20] S. Ali, et al., “Advancing cloud security: Unveiling the protective potential of homomorphic secret sharing in secure cloud computing,” Egyptian Informatics Journal, vol. 27, pp. 1-15, 2024.

Downloads

Published

2025-01-30

How to Cite

[1]
H. Wintolo, I. Riadi, and A. Yudhana, “ANALISIS DETEKSI PENYUSUP PADA LAYANAN OPEN JOURNAL SYSTEM MENGGUNAKAN METODE NETWORK FORENSIC DEVELOPMENT LIFE CYCLE”, SKANIKA, vol. 8, no. 1, pp. 133–144, Jan. 2025.