About
80
Publications
34,436
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
485
Citations
Introduction
Skills and Expertise
Publications
Publications (80)
One of the most common security attack for web application is SQL injection. It is an attack to acquire access to application?s database through injection of script or malicious query attributes. This attack can be executed in any page of web application which interacts with database. SQL injection could be more dangerous if the victim was an enter...
Attackers are most likely to exploit invalidated and unsanitized user input with several attacks such as cross-site scripting (XSS) or SQL injection. Many methods were proposed to prevent those attacks. Some of them were created to learn about pattern and behavior of the attacker. That is honeypot. Honeypot is classified into two types based on the...
Attacks on operating system access control have become a significant and increasingly common problem. This type of security threat is recorded in a forensic artifact such as an authentication log. Forensic investigators will generally examine the log to analyze such incidents. An anomaly is highly correlated to an attacker's attempts to compromise...
Event log parsing is a process to split and label each field in a log entry. Existing approaches commonly use regular expressions or parsing rules to extract the fields. However, such techniques are time-consuming as a forensic investigator needs to define a new rule for each log file type. In this paper, we present a tool, namely nerlogparser, to...
Event logs are one of the most important sources of digital evidence for forensic investigation because they record essential activities on the system. In this paper, we present a comprehensive literature survey of the forensic analysis on operating system logs. We present a taxonomy of various techniques used in this area. Additionally, we discuss...
Permintaan akan tenaga kerja terampil di bidang pengembangan perangkat lunak dan website terus meningkat seiring dengan pertumbuhan industri teknologi informasi. Di tengah situasi ini, banyak sekolah yang berupaya memenuhi kebutuhan tersebut dengan membuka program-program pendidikan khusus dalam pengembangan perangkat lunak dan website . Salah satu...
In this chapter, a detailed digital forensic investigation into CapraRAT Android malware, a specialized Remote Access Trojan (RAT), is presented, focusing on its structures, functions, behaviors, propagation methods, and impacts. Employing static analysis, the study uncovers that CapraRAT is designed to stealthily infiltrate Android devices, exploi...
The availability of log data recorded by computer-based systems such as operating system and network logs, makes it possible for the stakeholder to look after the system for monitoring, evaluation, and improvement purposes. If an incident happens to the system, the log is the first and most important artefact to recover so that investigations may b...
Drones are one of devices that are used in many different activities. There is a time when drones have accidents, and authorities need to find the cause. Drone forensics is used to determine the cause of an accident. The analysis phase of drone forensics is one of the most important steps in determining accident causes. In this paper, we applied de...
The dataset is constructed from the drone flight log messages extracted from publicly available drone image datasets provided by VTO Labs under the Drone Forensic Program. The entire process of building this dataset includes extraction, decryption, parsing, cleansing, unique filtering, annotation, splitting, and analysis. The resulting dataset is i...
Internet telah menjadi kebutuhan masyarakat untuk mendapatkan dan menyebarkan informasi sehingga dapat mempercepat proses bisnis yang telah ada sebelumnya. Musyawarah Guru Mata Pelajaran (MGMP) Bahasa Inggris SMA Provinsi Jawa Timur adalah lembaga non-profit yang menaungi guru-guru bahasa inggris tingkat SMA yang membutuhkan sarana untuk berinterak...
The increase in drone usage by the public brings the number of drone incident and attack up. Sophisticated preventive mechanisms, as well as post-incident procedures and frameworks, are needed. Forensic investigation is performed upon a drone incident, aiming to uncover the incident scenario, mitigate the risk and report the examination results. Ge...
Timeline analysis is an important step when conducting forensic investigations. However, research on timeline analysis usually pertains to digital devices, such as computers or smartphones, but not drones. In addition, existing forensic tools only consider timelines extracted from file metadata in drones. In this paper, we propose to construct a fo...
DFLER is an open-source CLI-based tool developed using Python and supported by a fine-tuned BERT model to perform named entity recognition on drone flight log data, specifically the log messages. This model is hosted on the HuggingFace platform to make it publicly available and accessible. The tool expects decrypted DJI flight log files as input an...
An investigator needs to analyze a forensic timeline after a cybersecurity incident has occurred. Log entries from various sources are used to generate a forensic timeline. Finding the anomalous activities recorded in these log records is a difficult task if manual inspection or keyword searches are used. In this work, we propose a method for ident...
Copy-move is one type of attack to forge a digital image where the attacker duplicates several areas of the image and paste them in different places to conceal a particular object on the original image. After the forgery, advanced methods such as noise addition and blurring, are often performed in the forged image to make it more challenging to rec...
The purpose of sentiment analysis is to detect an opinion or polarity in text data. We can apply such an analysis to detect negative sentiment, which represents the anomalous activities in operating system (OS) logs. Existing methods involve manual searching, predefined rules, or traditional machine learning techniques to detect such suspicious eve...
A forensic investigator creates a timeline from a forensic disk image after an occurrence of a security incident. This procedure aims to acquire the time for all events identified from the investigated artifacts. An investigator usually looks for events of interest by manually searching the timeline. One of the sources from which to build a timelin...
Computer security events are recorded in several log files. It is necessary to cluster these logs to discover security threats, detect anomalies, or identify a particular error. A problem arises when large quantities of security log data need to be checked as existing tools do not provide sufficiently sophisticated grouping results. In addition, ex...
The paper-based e-voting system still utilises ballot and then followed by computer-based voting tabulation. The previous research does not consider the integrity of the ballot paper and the vote on top of it. In this paper, we propose to scan and store the ballot into an image file. We run a series of image processing techniques to identify the vo...
Sistem pemungutan suara di Indonesia yang lebih dikenal dengan nama pemilihan umum (pemilu) sampai saat ini masih dilaksanakan secara manual. Dalam sistem tersebut, dibutuhkan waktu yang lama serta tenaga yang besar untuk menghitung hasil dari pemlihan umum tersebut. Sistem manual juga memiliki banyak kelemahan yang bisa dimanfaatkan oleh pihak ter...
Pemalsuan citra dengan maksud menutupi sebagian objek pada citra dengan blok lain pada citra yang sama disebut dengan copy-move. Deteksi copy-move pada citra dapat dilakukan pada domain spasial melalui pengolahan pada tiap pikselnya maupun pada domain frekeunsi melalui beberapa fungsi transformasi. Penelitian ini mengusulkan deteksi copy-move pada...
Tantangan terbesar yang muncul pada data center cloud computing adalah meningkatnya biaya konsumsi daya. Pengembangan data center akan bertolak belakang dengan penghematan daya, semakin tinggi performa sebuah data center, maka semakin tinggi pula konsumsi energi yang dibutuhkan, hal ini disebabkan oleh kebutuhan jumlah server ataupun hardware pada...
Honeypot still plays an important role in network security, especially in analyzing attack type and defining attacker patterns. Previous research has mainly focused on detecting attack pattern while categorization of type has not yet been-comprehensively discussed. Nowadays, the web application is the most common and popular way for users to gather...
Several countries has moved to e-voting because of many reasons. By using e-voting, we have to pay more attention to protect voter's choice confidentiality and secure voting data. This paper proposed a combination of SHA256, digital signature, and RSA asymmetric encryption applied to database as a storage system and protocol to secure our message e...
Incident of oil leakage and theft in oil tank often happens. To prevent it, the liquid volume insides the tank needs to be monitored continuously. Aim of the study is to calculate the liquid volume inside oil tank on any road condition and send the volume data and location data to the user. This research use some ultrasonic sensors (to monitor the...
The brute-force attacks to SSH service still persist in the server environments. The existing methods have not applied graph theory to analyze authentication log that records this attack. Therefore, we model the log as a graph and propose k-clique percolation to cluster auth.log file to assist the system administrators to inspect this incident. The...
In this digital era, the need of storing data has increased rapidly. This circumstance is proportional to the size of files and their storage. In order to decrease the required big size of storage, the file size should be reduced by still considering the quality of the respective data. This can be done by implementing a compression algorithm, such...
Distributions of drinking water in gallons often do not pay attention to the problem of finding the most optimal route, thus causing inefficiency in the cost of shipping. To minimize incurred costs, it is necessary to minimize vehicle fleet and amount of travel distance, with the restriction that the vehicle must have sufficient capacity to transpo...
Attacks on computer network are increasing everyday and most institution use Intrusion Detection System (IDS) to cope with that and most used IDS is the signature-based IDS, which need a database of rules when looking for an malicious packet. Yet there are two problems with this kind of IDS, first, not all people are able to create a signature or r...
Recently, there are many train accidents occurred in Indonesia where train collision contributes most of the causes. PT Kereta Api Indonesia (KAI) as state-owned enterprise that is responsible in monitoring train movement has not implemented a real time monitoring system. Thus, the current monitoring system relies on radio communication between tra...