Garuda - Garba Rujukan Digital

p-Index From 2021 - 2026

4.749

P-Index

This Author published in this journals

All Journal International Journal of Electrical and Computer Engineering IAES International Journal of Artificial Intelligence (IJ-AI) Seminar Nasional Aplikasi Teknologi Informasi (SNATI) TELKOMNIKA (Telecommunication Computing Electronics and Control) Jurnal Teknologi Informasi dan Ilmu Komputer Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) Syntax Literate: Jurnal Ilmiah Indonesia JURIKOM (Jurnal Riset Komputer) Majalah Ilmiah Pengkajian Industri Gema Wiralodra Journal of Applied Engineering and Technological Science (JAETS) Indonesian Journal of Electrical Engineering and Computer Science Jurnal Darma Agung Cakrawala Repositori Imwi Budapest International Research and Critics Institute-Journal (BIRCI-Journal): Humanities and Social Sciences Jurnal Teknik Informatika (JUTIF) Jurnal Nasional Teknik Elektro dan Teknologi Informasi Jurnal Locus Penelitian dan Pengabdian Makara Journal of Technology Malcom: Indonesian Journal of Machine Learning and Computer Science Jurnal Sistem Informasi SmartComp Jurnal Informatika: Jurnal Pengembangan IT International Journal of Electrical, Computer, and Biomedical Engineering (IJECBE)

Kalamullah Ramli

Department Of Electrical Engineering, Faculty Of Engineering, Universitas Indonesia

Author-ID : 2379885

Religion Aerospace Engineering Arts Humanities Automotive Engineering Chemical Engineering, Chemistry & Bioengineering Civil Engineering, Building, Construction & Architecture Computer Science & IT Control & Systems Engineering Decision Sciences, Operations Research & Management Economics, Econometrics & Finance Education Electrical & Electronics Engineering Energy Engineering Environmental Science Industrial & Manufacturing Engineering Languange, Linguistic, Communication & Media Law, Crime, Criminology & Criminal Justice Library & Information Science Materials Science & Nanotechnology Mathematics Mechanical Engineering Medicine & Pharmacology Social Sciences Transportation Other

Published : 39 Documents Claim Missing Document

Claim Missing Document

Articles

1 2 3 4

DATA AVAILABILITY IN DECENTRALIZED DATA STORAGE USING FOUR-NODE INTERPLANETARY FILE SYSTEM Tony Haryanto; Kalamullah Ramli; Arga Dhahana Pramudianto
Jurnal Teknik Informatika (Jutif) Vol. 4 No. 3 (2023): JUTIF Volume 4, Number 3, June 2023
Publisher : Informatika, Universitas Jenderal Soedirman

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.52436/1.jutif.2023.4.3.1030

Centralized storage is a data storage model in which data is stored and managed in a single physical location or centralized system. In this model, all data and information are stored on servers or data centers managed by one entity or organization. This model also has disadvantages such as risk of system failure against distributed denial of service (DDoS) attacks, natural disasters, and hardware failures causing a single point of failure. This threat results in loss of data and a lack of user confidence in the availability of data in centralized storage. This study proposes to evaluate the availability of data in decentralized data storage using a four-node interplanetary file system (IPFS) that is interconnected with a swarm key as the authentication key. Unlike centralized storage which has only one data center, four-node IPFS allows users to upload and download data from four interconnected data centers. This can avoid dependence on the central server and reduce server load. The evaluation results show that decentralized data storage using a four-node IPFS system is three times more resilient than centralized storage against a single point of failure. This system can increase data availability so that organizations can minimize data loss from the threat of system failure.

Desain Kerangka Kerja Keamanan Infrastruktur Dompet Digital Menggunakan PCI DSS 4.0 dan COBIT 2019 Berbasis Analisis Manajemen Risiko Mangampu Silaban; Kalamullah Ramli
Syntax Literate Jurnal Ilmiah Indonesia
Publisher : Syntax Corporation

Dompet digital adalah salah satu bentuk transaksi elektronik yang semakin diminati oleh setiap orang. Selain penggunaan yang praktis karena tidak perlu memegang duit sebagai alat pembayaran secara langsung, proses untuk pendaftarannya juga dinilai tidak cukup sulit untuk dilakukan. Akan tetapi dibalik semua kemudahan yang terdapat dalam dompet digital, sebagai suatu aplikasi yang di dalamnya terdapat dana yang berasal dari pengguna, aplikasi dompet digital ini menjadi salah satu aplikasi yang sedang gencar diincar oleh para pelaku serangan siber. Pada makalah ini akan dibahas terkait proses desain suatu kerangka kerja keamanan pada lingkup infrastruktur dompet digital yang menggunakan standarisasi kombinasi PCI DSS 4.0 dan COBIT 2019 menggunakan pendekatan analisis berbasis manajemen risiko. Kerangka kerja ini berisikan point-point terkait manajemen risiko yang berupa identifikasi ruang lingkup, aset dan celah keamanan, asesmen risiko, evaluasi risiko, pengendalian risiko dalam bentuk validitas dan penerapan kendali terhadap risiko dan monitoring serta umpan balik dari penerapan kontrol terhadap risiko yang timbul. Dengan adanya kerangka kerja keamanan infrastruktur ini diharapkan dapat menjadi acuan bagi setiap perusahaan dompet digital khususnya perusahaan yang beroperasional dalam wilayah negara Kesatuan Republik Indonesia untuk dapat mengendalikan risiko di lingkungan transaksi elektronik sehingga operasional dapat berjalan sesuai dengan tujuan yang diharapkan dengan meminimalisir setiap serangan-serangan siber yang timbul pada setiap aset infrastruktur dompet digital.

Impact of Implementation of Information Security Risk Management and Security Controls on Cyber Security Maturity (A Case Study at Data Management Applications of XYZ Institute) Endro Joko Wibowo; Kalamullah Ramli
Jurnal Sistem Informasi Vol. 18 No. 2 (2022): Jurnal Sistem Informasi (Journal of Information System)
Publisher : Faculty of Computer Science Universitas Indonesia

Information security is an important concern for governments and industry due to the increase in cyber attacks during Covid-19. The government is obliged to maintain information security in implementing an Electronic-Based Government System following Presidential Regulation of the Republic of Indonesia Number 95 of 2018. To overcome this problem, the XYZ Institute needs an approach to implementing information security risk management and information security controls. This study aims to risk identification, risk analysis, risk evaluation, risk treatment, risk acceptance, risk control, and analysis of cyber security maturity gaps in the domain of governance, identification, protection, detection, and response. ISO/IEC 27005:2018 as guidance for conducting risk assessments. The code of practice for information security control uses the ISO/IEC 27002:2013 standard and assessing maturity using the cyber security maturity model version 1.10 developed by the National Cyber and Crypto Agency of the Republic of Indonesia. The results show that the cyber maturity value increased from 3.19 to 4.06 after implementing 12 new security controls.

Designing An Information Security Framework For The Indonesia Water Industry Sector Hidayatul Muttaqin; Kalamullah Ramli
Cakrawala Repositori IMWI Vol. 6 No. 3 (2023): Cakrawala Repositori IMWI
Publisher : Institut Manajemen Wiyata Indonesia & Asosiasi Peneliti Manajemen Indonesia

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.52851/cakrawala.v6i3.352

The majority of Indonesia's water industry sectors have implemented smart water management systems as part of their business development, which has an indirect impact on enterprise information security. However, in general, water sector enterprises continue to place a low priority on information security, and the development of information system frameworks is based on generic norms employed by financial firms. There has been no research on information security frameworks especially built for water firms in Indonesia that use information security standards in the utilities sector. This article proposes a solution in the form of a new framework for Indonesian water firms that combines international information security requirements in the utilities sector with Indonesian government rules. This approach of development combines worldwide standards with national rules. The Cybersecurity Capability Maturity Model (C2M2) and ISO 27019 are two international standards commonly used by utility businesses globally. Government Regulation or Peraturan Pemerintah (PP) Number 71 of 2019 on the Implementation of Electronic Systems and Transactions is the relevant national regulation. The framework addresses information technology, telecommunications, and operational technology, with four approach categories: governance and ecosystem, protection, defense, and resilience. According to the research findings, the newly integrated framework can be applied and is worthy of recommendation. This framework also meets the standards for information security and can be used by Indonesian water corporations.

Analysis of Measuring Information Security Awareness for Employees at Institution XYZ Permadi, Rachmat Bayu; Ramli, Kalamullah
MALCOM: Indonesian Journal of Machine Learning and Computer Science Vol. 4 No. 4 (2024): MALCOM October 2024
Publisher : Institut Riset dan Publikasi Indonesia

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.57152/malcom.v4i4.1453

As a government institution in the field of civil servant management, XYZ Institution has data on 4.4 million Employees spread throughout Indonesia which needs to be maintained. Based on the BSSN report, there has been a significant increase in potential threats in recent years and is expected to continue in 2024, one of which is the threat of Phishing. This research was conducted to measure the level of information security awareness (ISA) for employees at xyz institution. Phishing simulations and questionnaires are used to measure the level of ISA and how to provide ISA education so that it can increase the level of ISA employees. Simulation results will be compared before and after the provision of ISA education. The results of providing education have a positive impact for employees. Simulation before providing education there were 65% of employees clicking on phishing urls and after education there was a decrease to 17%. While employees who were exposed to phishing before education were 33% and after education there was a decrease to 16%. In addition, the questionnaire filled out by 150 employees showed results with a value of 86.54% for the level of ISA employee, which is in the good category

Design and Analysis of Cybersecurity Information Sharing Mechanism Between Computer Security Incident Response Teams (CSIRT) in Indonesia on Blockchain Technology Through Hyperledger Composer and Interplanetary File System (IPFS) Hariyanto, Fajar; Ramli, Kalamullah
MALCOM: Indonesian Journal of Machine Learning and Computer Science Vol. 4 No. 4 (2024): MALCOM October 2024
Publisher : Institut Riset dan Publikasi Indonesia

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.57152/malcom.v4i4.1466

Sharing cybersecurity information among the Computer Security Incident Response Team (CSIRT) is a crucial step in enhancing organizational cybersecurity. However, a primary challenge faced is the lack of trust among users regarding the confidentiality, integrity, and availability of shared information. This study proposes a new approach by designing a mechanism for sharing cybersecurity information among CSIRTs in Indonesia on blockchain technology using Hyperledger Composer. This approach offers an innovative solution by leveraging the advantages of blockchain technology. Through this approach, cybersecurity information can be shared in a decentralized manner, overcoming the weaknesses of centralized systems, and enhancing overall information security. Another advantage of blockchain technology is its high performance and scalability, enabling increased speed, and user capacity in the process of sharing information. By implementing a blockchain-based mechanism for sharing cybersecurity information, this research aims to ensure crucial aspects of information security, namely confidentiality, integrity, and availability. The contribution of this study is not only in enhancing organizational cybersecurity but also in providing an innovative solution to practical challenges in sharing cybersecurity information among CSIRTs.

Analisis Kinerja Intrusion Detection System Berbasis Algoritma Random Forest Menggunakan Dataset Unbalanced Honeynet BSSN Inayah, Kuni; Ramli, Kalamullah
Jurnal Teknologi Informasi dan Ilmu Komputer Vol 11 No 4: Agustus 2024
Publisher : Fakultas Ilmu Komputer, Universitas Brawijaya

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.25126/jtiik.1148911

Teknologi dan sistem informasi yang semakin berkembang menjadikan ancaman siber juga semakin meningkat. Pada tahun 2023, Indonesia menduduki peringkat pertama sebagai negara dengan sumber serangan tertinggi. Untuk mengatasi permasalahan tersebut, Intrusion Detection System (IDS) dijadikan solusi di berbagai sistem pemerintahan, bekerja sama dengan Honeynet BSSN. Namun, IDS ini tidak bekerja maksimal untuk mendeteksi jenis serangan baru yang belum pernah terjadi sebelumnya (zero-day). Untuk meningkatkan performa IDS salah satunya dengan menggunakan machine learning. Pada penelitian ini, diusulkan desain IDS berbasis algoritma random forest menggunakan dataset CIC-ToN-IoT sebagai dataset whitelist dan dataset Honeynet BSSN sebagai dataset blacklist. Model mengklasifikasikan 10 (sepuluh) klasifikasi yaitu Benign, Information Leak, Malware, Trojan Activity, Information Gathering, APT, Exploit, Web Application Attack, Denial of Service (DoS), dan jenis serangan lainnya (other). Hasil analisis menunjukkan bahwa pemodelan IDS based on machine learning memiliki rata-rata nilai akurasi lebih dari 90%, nilai presisi 91%, nilai recall 90%, dan F1-score 90%. Untuk kelas klasifikasi dengan jumlah data support besar memiliki nilai presisi yang jauh lebih baik dibandingkan kelas klasifikasi dengan jumlah data support lebih sedikit. Dengan demikian, pemodelan machine learning yang dibuat dapat secara efektif dalam menganalisis berbagai serangan yang terjadi pada sistem informasi di Lingkungan Pemerintah terutama pada klasifikasi data dengan jumlah yang besar. Abstract As technology and information systems continue to develop, cyber threats also increase. In 2023, Indonesia will be ranked first as the country with the highest source of attacks. To overcome this problem, the Intrusion Detection System (IDS) is used as a solution in various government systems, in collaboration with Honeynet BSSN. However, this IDS doesn’t work optimally to detect new types of attacks that have never happened before (zero-day). One way to improve IDS performance is by using machine learning. In this research, we propose an IDS design based on a random forest algorithm with the CIC-ToN-IoT dataset as a whitelist dataset and the Honeynet BSSN dataset as a blacklist dataset. The model classifies 10 (ten) classifications, namely Benign, Information Leak, Malware, Trojan Activity, Information Gathering, APT, Exploit, Web Application Attack, Denial of Service (DoS), and other types of attacks. The analysis results show that IDS modeling based on machine learning has an average accuracy value of more than 90%, a precision value of 91%, a recall value of 90%, and an F1 score of 90%. For the classification of large amounts of data, the precision value is much better than for the classification of data with smaller amounts. Thus, the machine learning modeling created can effectively analyze various attacks that occur on information systems in the government environment, especially in the classification of large amounts of data.

Perancangan Disaster Recovery Plan Pada Pusat Data Dan Teknologi Informasi Komunikasi Instansi XYZ Weni Sari, Sefiulki; Ramli, Kalamullah
Jurnal Teknologi Informasi dan Ilmu Komputer Vol 11 No 4: Agustus 2024
Publisher : Fakultas Ilmu Komputer, Universitas Brawijaya

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.25126/jtiik.1148959

Pusat Data dan Teknologi Informasi Komunikasi (Pusdatik) adalah bagian penting dari Instansi XYZ yang bertanggung jawab atas manajemen teknologi informasi dan pengoperasian pusat data. Dalam menghadapi tantangan dari era digital dan konektivitas yang cepat, Pusdatik harus memiliki kesiapan untuk mengatasi gangguan layanan dan operasional yang disebabkan oleh bencana dan ancaman. Salah satu langkah untuk meminimalkan dampak dari gangguan tersebut dengan melalui penyusunan Disaster Recovery Plan (DRP). Dalam penelitian ini, berdasarkan hasil wawancara dengan pimpinan, ketua tim, dan staf Pusdatik, terungkap bahwa layanan yang dikelola oleh Pusdatik memiliki peran yang krusial dalam mendukung proses bisnis organisasi. Namun, saat ini Pusdatik belum memiliki DRP yang dapat dijalankan dalam situasi bencana. Oleh karena itu, diperlukan perancangan DRP yang akan menjadi panduan dalam menghadapi gangguan dan bencana yang tidak terduga. Metode kualitatif dengan pendekatan studi kasus yang digunakan dalam penelitian ini. Data dikumpulkan dengan proses wawancara, studi pustaka, dan observasi langsung ke pusat data. Perancangan DRP dilakukan dengan merujuk pada NIST SP 800-34 Rev 1. Tahapan penelitian meliputi analisis proses bisnis, identifikasi aset, penilaian risiko, analisis dampak bisnis, evaluasi kontrol pencegahan sesuai dengan standar SNI 8799-1:2023, dan penyusunan dokumen DRP. Hasil penelitian ini merupakan dokumen DRP yang sesuai dengan kondisi Pusdatik saat ini. Abstract The Data Center and Communication Technology Information (Pusdatik) is an essential part of Institution XYZ responsible for managing information technology and operating data centers. In facing the challenges of the digital era and rapid connectivity, Pusdatik must be prepared to address disruptions in services and operations caused by disasters and threats. One step to minimize the impact of such disruptions is through the development of a Disaster Recovery Plan (DRP). In this study, based on interviews with leaders, team leaders, and staff of Pusdatik, it was revealed that the services managed by Pusdatik play a crucial role in supporting the organizational business processes. However, currently, Pusdatik does not have a DRP that can be implemented in disaster situations. Therefore, the development of a DRP is needed to serve as a guide in facing unforeseen disruptions and disasters. The research method used is qualitative with a case study approach. Data was collected through interviews, literature review, and direct observation of the data center. DRP development was carried out with reference to NIST SP 800-34 Rev 1. The research stages include business process analysis, asset identification, risk assessment, business impact analysis, preventive control evaluation in accordance with the SNI 8799-1:2023 standard, and DRP document preparation. The result of this study is a DRP document that aligns with the current condition of Pusdatik.

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.52851/cakrawala.v6i3.352

INFORMATION SECURITY RISK ASSESSMENT USING FACTOR OF ANALYSIS INFORMATION RISK (FAIR) IN THE HEALTHCARE SECTOR: SCOPING REVIEW Sudarsana, Iman Pribadi; Ramli, Kalamullah
JURNAL DARMA AGUNG Vol 31 No 4 (2023): AGUSTUS
Publisher : Lembaga Penelitian dan Pengabdian kepada Masyarakat Universitas Darma Agung (LPPM_UDA)

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.46930/ojsuda.v31i4.3236

Risk assessment is an effective way to reduce information technology risks in healthcare facilities by determining the severity of potential dangers and weaknesses affecting each vital data element. This enables appropriate actions to be taken by prioritizing data with the highest risk. However, there is still a lack of research on information security risk assessment using Factor Analysis of Information Risk (FAIR) in healthcare information systems, necessitating further studies to understand its implementation in Indonesia. A 21,939 articles were found in four databases, but only three met the inclusion criteria from Indonesia, Japan, and the United States. These studies focus on risk assessment and management in the healthcare sector, including ISO 27005, cloud ecosystem risk analysis, cybersecurity standards, and IoT risk management for COVID-19. The review stresses the significance of risk assessment and management in the health sector to sustain health facilities amidst policy changes, technological advancements, and globalization. FAIR is vital in determining the likelihood and potential consequences of events that can affect organizations, particularly in the competitive healthcare industry where a secure health information system is necessary for business continuity. Hence, studies must develop methods to reduce information security risks in Healthcare services information systems.

Co-Authors A Halim Abd Halim Shamsuddin Abd Halim Shamsuddin, Abd Halim Abdul Halim Abdurrahman Alayderous Amarullah, Abdul Hanief Arga Dhahana Pramudianto Arini Muhafidzah Aspar, Wimpie A.N Asril Jarin Asril Jarin Axel Hunger Axel Hunger, Axel Bagio Budiardjo Bagio Budihardjo Besral . Budi Utomo Endro Joko Wibowo Erlangga Putro Subagyo Farouq Aferudin Frank Schwarz Frank Schwarz, Frank Hariyanto, Fajar Harjono, Mulyadi Sinung Hartina Hiromi Satyanegara Haryanto, Tony Hidayatul Muttaqin Inayah, Kuni Iswanjono Iswanjono Kalvein Rantelobo Kemal N. Siregar Madiyaningsih, Inna Mangampu Silaban Muhammad Salman Muhammad Salmon Hardani Mulyadi Sinung Harjono Okky Assetya Pratiwi Parmadi, Budi Dhaju Permadi, Rachmat Bayu Prayogo, Dimas R. Deiny Mardian Rahutomo Mahardiko Regina, Oliva Ricko Dwi Pambudi Ruddy J Suhatril Samsudiat Shamsuddin, A Halim Stefan Werner Stefan Werner, Stefan Sudarsana, Iman Pribadi Suryadi Suryadi Suryadi Suryadi Taufik Hidayat Tjahjadi, Hendrana Togu Sianturi Tony Haryanto Tony Haryanto Tony Haryanto Tri Daryanto Wahyu Juniardi Weni Sari, Sefiulki Wimpie A.N Aspar Wirawan Wirawan Yuri Prihantono Yusry, Ismail Zakariya, R. Ahmad Imanullah

Title

Found 39 Documents
Search

Abstract

Abstract

Abstract

Abstract

Abstract

Abstract

Abstract

Abstract

Abstract

Abstract

Title Search

Found 39 Documents Search

Abstract

Abstract

Abstract

Abstract

Abstract

Abstract

Abstract

Abstract

Abstract

Abstract

Title

Found 39 Documents
Search