Puspa Ira Dewi Candra Wulan
National Taiwan University Science and Technology

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

FORENSIC ANALYSIS OF TROJAN BACKDOOR (GACOR) ATTACKS ON PRIVATE CLOUD ENVIRONMENTS USING KUAD METHOD Hero Wintolo; Mohammad Faiq Badruz Zaman; Haruno Sajati; Imam Riadi; Anton Yudhana; Tri Rochmadi; Puspa Ira Dewi Candra Wulan
Jurnal Informatika Medis (J-INFORMED) Vol. 4 No. 1 (2026): Jurnal Informatika Medis (J-INFORMED)
Publisher : LPPM Universitas Muhammadiyah Muara Bungo

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.52060/im.v4i1.4196

Abstract

This research examines the impact of a Trojan Backdoor Attack, referred to as a Gacor attack, on the security and service integrity of a private cloud environment based on OwnCloud. The experimental environment was deployed ubuntu server 22.04 using OwnCloud version 10.15.2 and supported by a Mikrotik CCR1016-12G network device. Application level and network level activities were monitored through Apache web server logs and Snort Intrusion Detection System (IDS) version 2.9.15.1, respectively. The investigation adopts the knowledge Understanding assessment defence (KUAD) framework, which structures the analysis into initiation, acquisition, execution, mitigation, and digital evidence disposition stages. The attack scenario focuses on exploiting a file upload vulnerability in the OwnCloud service to deploy and execute a malicious PHP-based Trojan Backdoor. The results show that the Gacor attack demonstrates highly repetitive and centralized behaviour, originate from a limited number of highly active IP addresses. This behaviour exploits weaknesses in application security configuration and results in system takeover and service defacement. Correlation between log analysis and IDS alerts confirms 10 distinct attack events and reveals a structured intrusion pattern rather than random probing activity. The data visualization reveals a structured and centralized attack pattern, resulting in 100% defacement of the OwnCloud index page, which highlights the severe security risk faced by private cloud environments that lack a adequate file upload protection mechanisms. The findings demonstrate that the application of the KUAD method, when combined with log analysis and intrusion detection systems (IDS) is effective in identifying, analyzing, and systematically documenting Trojan Backdoor attacks in private cloud computing environments.