Article Per Year (5 Year)
p-Index From 2021 - 2026
4.749
P-Index
This Author published in this journals
All Journal International Journal of Electrical and Computer Engineering IAES International Journal of Artificial Intelligence (IJ-AI) Seminar Nasional Aplikasi Teknologi Informasi (SNATI) TELKOMNIKA (Telecommunication Computing Electronics and Control) Jurnal Teknologi Informasi dan Ilmu Komputer Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) Syntax Literate: Jurnal Ilmiah Indonesia JURIKOM (Jurnal Riset Komputer) Majalah Ilmiah Pengkajian Industri Gema Wiralodra Journal of Applied Engineering and Technological Science (JAETS) Indonesian Journal of Electrical Engineering and Computer Science Jurnal Darma Agung Cakrawala Repositori Imwi Budapest International Research and Critics Institute-Journal (BIRCI-Journal): Humanities and Social Sciences Jurnal Teknik Informatika (JUTIF) Jurnal Nasional Teknik Elektro dan Teknologi Informasi Jurnal Locus Penelitian dan Pengabdian Makara Journal of Technology Malcom: Indonesian Journal of Machine Learning and Computer Science Jurnal Sistem Informasi SmartComp Jurnal Informatika: Jurnal Pengembangan IT International Journal of Electrical, Computer, and Biomedical Engineering (IJECBE)
Kalamullah Ramli
Department Of Electrical Engineering, Faculty Of Engineering, Universitas Indonesia
Religion Aerospace Engineering Arts Humanities Automotive Engineering Chemical Engineering, Chemistry & Bioengineering Civil Engineering, Building, Construction & Architecture Computer Science & IT Control & Systems Engineering Decision Sciences, Operations Research & Management Economics, Econometrics & Finance Education Electrical & Electronics Engineering Energy Engineering Environmental Science Industrial & Manufacturing Engineering Languange, Linguistic, Communication & Media Law, Crime, Criminology & Criminal Justice Library & Information Science Materials Science & Nanotechnology Mathematics Mechanical Engineering Medicine & Pharmacology Social Sciences Transportation Other

Published : 39 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 39 Documents
Search

 1   2   3   4 
Evaluasi Manajemen Insiden Keamanan Informasi Menggunakan Framework Iso / Iec 27035 Dan Crest Pada Instansi Xyz Yusry, Ismail; Ramli, Kalamullah
Smart Comp :Jurnalnya Orang Pintar Komputer Vol 13, No 4 (2024): Smart Comp: Jurnalnya Orang Pintar Komputer
Publisher : Politeknik Harapan Bersama

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.30591/smartcomp.v13i4.6865

Abstract

Saat ini insiden terhadap keamanan informasi sangat sering terjadi pada instansi pemerintah. Insiden tersebut dapat berupa serangan denial of service (dos), malware, kebocoran data dan web defacement. Jika tidak ditangani secara benar maka serangan tersebut tentu dapat mempengaruhi layanan informasi, sehingga diperlukan kesiapan dari instasi pemerintah untuk dapat mengantisipasinya. Untuk menjaga kepercayaan masyarakat terhadap pemerintah tetap tinggi, pemerintah wajib untuk dapat memberikan layanan publik berupa sistem informasi yang mudah dan cepat untuk diakses. Salah satu langkah yang dilakukan oleh instansi XYZ untuk mengantispasi adanya insiden keamanan informasi yaitu dengan membentuk CSIRT (Computer Security Incident Response Team). Tim tersebut diharapkan untuk dapat melakukan manajemen insiden keamanan informasi. Agar dapat bekerja secara optimal perlu dilakukan evaluasi terhadap tim. Penelitian ini akan melakukan evaluasi terhadap organisasi ditinjau dari aspek organisasi, teknologi, orang dan proses dengan berdasarkan ISO / IEC 27035 selain itu dilakukan pengukuran tingkat kematangan menggunakan dengan model CREST. Hasil asesmen menggunakan ISO/IEC 27035 menunjukkan bahwa instansi XYZ telah menerapkan klausul sebesar 54% sedangkan pengukuran tingkat kematangan penanganan insiden dengan menggunakan model CREST instansi adalah 3,1 dari skala 5. 
Transforming Humanitarian Response with IoT in Conflict Zones: Field Insights, Ethical Frameworks, and Deployment Challenges Parmadi, Budi Dhaju; Ramli, Kalamullah
International Journal of Electrical, Computer, and Biomedical Engineering Vol. 3 No. 1 (2025)
Publisher : Universitas Indonesia

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.62146/ijecbe.v3i1.112

Abstract

The integration of Internet of Things (IoT) solutions into the delivery of humanitarian aid can be potentially transformative in improving the effectiveness of operations, time management, and the coordination of logistics in conflict-affiliated areas. However, there are some critical challenges, which include poor infrastructure, limited and irregular network coverage, increased cyber security risk, and cultural issues. Despite the fact that most of the existing literature focuses on these issues separately, this thematic review is the first to offer an integrated review of the infrastructural, security, and ethical aspects of IoT implementation simultaneously. In particular, the review reveals new approaches; decentralized IoT architectures, blockchain-secured networks, AI-assisted data analysis, and alternative network architectures. Specifically, it focuses on ethical governance, of addressing technocolonial issues, fair data management, and design for communities. This paper provides original, practical contributions and recommendations for strategic implications that guide researchers, policymakers, and humanitarian practitioners to develop resilient, scalable, and ethically informed IoT deployments. The directions for future research are outlined to develop sustainable IoT practices, comprehensive governance frameworks, and multi-stakeholder collaborations to improve the resilience and ethical appropriateness of humanitarian aid operations.
Illicit Cryotocurrency Investigation Digital Forensic Framework: Integrating Off-chain and On-Chain Analysis for Two Types of Crime Regina, Oliva; Ramli, Kalamullah; Amarullah, Abdul Hanief
International Journal of Electrical, Computer, and Biomedical Engineering Vol. 3 No. 2 (2025)
Publisher : Universitas Indonesia

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.62146/ijecbe.v3i2.135

Abstract

Cryptocurrencies have emerged as integral components of modern financial ecosystems, yet their pseudonymous nature poses significant challenges for digital crime investigations. This study proposes the Illicit Cryptocurrency Investigation Digital Forensic Framework, a novel model that integrates both on-chain and off-chain forensic techniques into a cohesive investigative process. Unlike prior research that treats blockchain analysis and conventional digital forensics separately, this framework combines blockchain transparency with contextual digital artifacts to form a unified approach. Validated by expert judgement from digital forensic practitioners, the framework is designed to address two primary crime scenarios: Type A, where investigations begin with suspect-owned devices; and Type B, where blockchain transactions provide the first investigative lead. The framework’s structured process—from identification to reporting—ensures evidentiary integrity, traceability, and legal admissibility. Beyond its practical application, the study lays groundwork for future developments, including the integration of artificial intelligence and cross-border legal interoperability in cryptocurrency-related crime investigations
Deteksi Serangan pada Jaringan IoT Menggunakan Seleksi Fitur Gabungan dan Optimasi Bayesian Samsudiat; Kalamullah Ramli
Jurnal Nasional Teknik Elektro dan Teknologi Informasi Vol 14 No 3: Agustus 2025
Publisher : This journal is published by the Department of Electrical and Information Engineering, Faculty of Engineering, Universitas Gadjah Mada.

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.22146/jnteti.v14i3.19764

Abstract

Machine learning (ML)-based attack detection is a promising alternative for addressing cybersecurity threats in Internet of things (IoT) networks. This approach can handle various emerging attack types. However, the growing volume of data and the reliance on default parameter values in ML algorithms have led to performance degradation. This study proposed a hybrid feature selection method combined with Bayesian optimization to improve the effectiveness and efficiency of attack detection models. The hybrid feature selection method integrated correlation-based filtering, which aimed to rapidly remove highly correlated features, and feature importance, which aimed to select the most influential features for the model. In addition, Bayesian optimization was employed to efficiently identify the optimal parameter values for lightweight and robust ML algorithms suitable for IoT networks, namely decision tree and random forest. The constructed model was then evaluated using the latest attack dataset, CICIoT2023, which consists of seven types of attacks: DDoS, DoS, Mirai, spoofing, reconnaissance, web-based attacks, and brute force. The evaluation results showed that the hybrid feature selection technique produced a more efficient model compared to several single feature selection methods by selecting 5 out of 46 features. Furthermore, Bayesian optimization successfully identified the optimal parameter values, improving model performance in terms of accuracy, precision, recall, and F1 score up to 99.74%, while reducing computational time by as much as 97.41%. Based on these findings, the proposed attack detection model using hybrid feature selection and Bayesian optimization can serve as a reference for implementing cybersecurity solutions in IoT networks.
IT Maturity Level Analysis Using Framework COBIT 5 Work for Management Cyber Incident: Case Study of Company Z in ICT Field Madiyaningsih, Inna; Ramli, Kalamullah
Gema Wiralodra Vol. 14 No. 2 (2023): gema wiralodra
Publisher : Universitas Wiralodra

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.31943/gw.v14i2.476

Abstract

Based on the report security year 2022 from company Z in the ICT sector, it was found that on the report firewall security, 96% of level threat is level critical, and 4% is level high. Report email security is session domain 27.3%; Session limits 15.35 %; Forti Guard AntiSpam-IP 3.11%, and the rest is receipt verification; directory filter and access control relay denied. With the challenge of current cyber-attacks, precious data assets need analysis to measure the the level of IT maturity that can ensure stakeholders' interest and maximize benefits and opportunities through technology information. We overcome limitations by analyzing IT maturity using COBIT 5. Research focused only on the APO13 and DSS05 process domains. A study was done to identify the problems based on results observation, checking, and use of a questionnaire in a direct manner. Measurement is done through method evaluation self and interviews deep with the IT team and all power expert who has COBIT certification 5. Analysis results show that the measurement level for the APO13 domain is 3, and for DSS05 is level 2. These results still need to be below the set level 4 target management; therefore, building a framework to monitor, track, and record security data in real time is necessary. With the build framework, Work can help lower the threat level from a critical level to a high level and increase the COBIT Maturity Level to APO13 and DSS05 according to organizational targets.
Desain Penilaian Risiko Privasi pada Aplikasi Seluler Melalui Model Machine Learning Berbasis Ensemble Learning dan Multiple Application Attributes Zakariya, R. Ahmad Imanullah; Ramli, Kalamullah
Jurnal Teknologi Informasi dan Ilmu Komputer Vol 10 No 4: Agustus 2023
Publisher : Fakultas Ilmu Komputer, Universitas Brawijaya

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.25126/jtiik.2024107029

Abstract

Aplikasi berbasis Android banyak dikembangkan dan tersedia secara bebas di berbagai sumber aplikasi karena sistem operasi Android yang bersifat open-source.  Namun, tidak semua penyedia aplikasi memberikan informasi detail mengenai aspek keamanan aplikasi, sehingga pengguna mengalami kesulitan untuk menilai dan memahami risiko keamanan privasi yang mereka hadapi. Pada penelitian ini kami mengusulkan desain penilaian risiko privasi melalui pendekatan analisis permission dan informasi atribut aplikasi. Kami menggunakan ensemble learning untuk mengatasi kelemahan dari penggunaan model klasifikasi tunggal. Penilaian likelihood dilakukan dengan mengombinasikan prediksi ensemble learning dan informasi multiple application attributes, sementara penilaian severity dilakukan dengan memanfaatkan jumlah dan karakteristik permission. Sebuah matriks risiko dibentuk untuk menghitung nilai risiko privasi aplikasi dan dataset CIC-AndMal2017 digunakan untuk mengevaluasi model ensemble learning dan desain penilaian risiko privasi. Hasil percobaan menunjukkan bahwa penerapan ensemble learning dengan algoritma klasifikasi Decision Tree (DT), K-Nearest Neighbor (KNN), dan Random Forest (RF) memiliki performa model yang lebih baik dibandingkan dengan menggunakan algoritma klasifikasi tunggal, dengan accuracy sebesar 95.2%, nilai precision 93.2%, nilai F1-score 92.4%, dan True Negative Rate (TNR) sebesar 97.6%. Serta, desain penilaian risiko mampu menilai aplikasi secara efektif dan objektif.  AbstractSince the Android operating system is open-source, many Android-based applications are developed and freely available in app stores. However, not all developers of applications supply detailed information about the app's security aspects, making it difficult for users to assess and understand the risk of privacy breaches they confront. We propose a privacy risk assessment design in this study using an analytical approach to app permissions and attribute information. We use ensemble learning to overcome the drawbacks of using a single classification model. The likelihood assessment is performed by combining ensemble learning predictions and information on multiple application attributes, while the severity assessment is performed by utilizing the number and characteristics of permissions. A risk matrix was created to calculate the value of application privacy risk, and the CIC-AndMal2017 dataset was used to evaluate the ensemble learning model and privacy risk assessment designs. The experimental results show that the application of ensemble learning with the Decision Tree (DT), K-Nearest Neighbor (KNN), and Random Forest (RF) classification algorithms provides better model performance compared to using a single classification algorithm, with an accuracy of 95.2%, a precision value of 93.2%, a F1-score of 92.4%, and a True Negative Rate (TNR) of 97.6%. In addition, the risk assessment design can to assess the application effectively and objectively. 
Analysis of the Implementation of DevSecOps Policies and Technology towards Reducing the Number of Vulnerabilities in the Telecommunications Industry: Case Study of MyApps Application at PT XYZ Prayogo, Dimas; Ramli, Kalamullah
Jurnal Locus Penelitian dan Pengabdian Vol. 4 No. 11 (2025): JURNAL LOCUS: Penelitian dan Pengabdian
Publisher : Riviera Publishing

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.58344/locus.v4i11.4487

Abstract

The acceleration of digitalization is highly needed by the telecommunications industry to compete in both national and international markets. To meet this challenge, the telecommunications industry has begun to implement a new approach in application development and deployment, namely by utilizing cloud computing and agile methods. In this case, PT XYZ applies the DevSecOps approach so that each development cycle includes aspects of development speed, security, and operations in an integrated manner. However, in the early stages of implementing the DevSecOps policy, various vulnerabilities were found in the application being developed, in this case the MyApps application. This problem shows that a technology or early detection mechanism is needed to identify vulnerabilities before the application enters the production stage. Therefore, this study was conducted with the aim of reducing the number of vulnerabilities in the MyApps application, thereby enabling safer and more efficient application development. The results of the study showed a reduction in the number of vulnerabilities from SAST by 78.1%, from container scans by 86.7%, and total vulnerabilities by 83.6% in the MyApps application, thus minimizing the risk of cyber attacks in the future.
Desain dan Analisis Sistem CyberShare Menggunakan Four Node Interplanetary File System (IPFS) Haryanto, Tony; Ramli, Kalamullah
Jurnal Informatika: Jurnal Pengembangan IT Vol 8, No 2 (2023)
Publisher : Politeknik Harapan Bersama

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.30591/jpit.v8i2.5141

Abstract

Cybersecurity information sharing is a proactive and collaborative measure in enhancing organizational security by exchanging cybersecurity information using a centralized repository service. However, in practice, the use of centralized services poses a threat to distributed denial-of-service (DDoS) attacks which can result in system failure and cause single point of failure as well as man-in-the-middle (MITM) attacks which can result in modification of information and theft of exchanged information. This threat results in a lack of user confidence in the confidentiality, integrity, and availability of information. This study proposes the design of a secure cybersecurity information sharing (CyberShare) system using a private interplanetary file system (IPFS) network as a decentralized information storage. Unlike centralized storage which only has a single-node, CyberShare systems use four-node IPFS interconnected with swarm keys as authentication keys. This system allows users to store and share information from the sender to the recipient of information, avoiding dependence on a central server and reducing server load. The results of the analysis show that the proposed CyberShare system can guarantee the confidentiality, integrity, and availability of cyber security information. CyberShare systems can enhance the security of the information exchanged so that organizations can safely share and utilize cybersecurity information.
Evaluasi Efektivitas Honeypot Cowrie Dalam Melakukan Pengumpulan Password Dengan Menggunakan Pedoman Keamanan Kata Sandi NIST SP 800-63B Juniardi, Wahyu; Ramli, Kalamullah
Syntax Literate Jurnal Ilmiah Indonesia
Publisher : Syntax Corporation

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.36418/syntax-literate.v9i12.55736

Abstract

Cowrie adalah sistem honeypot yang umumnya digunakan untuk meniru server SSH yang rentan guna menarik penyerang dan mengumpulkan tindakan yang mereka lakukan. Salah satu penggunaan umum dari Cowrie adalah untuk mengumpulkan kata sandi yang digunakan oleh penyerang dalam mendapatkan akses tidak sah ke sistem menggunakan serangan brute-force. Penelitian ini bertujuan untuk mengevaluasi efektivitas honeypot Cowrie dalam mengumpulkan kata sandi dengan menganalisis data yang dikumpulkan dengan memvariasikan beberapa kombinasi nama pengguna dan kata sandi yang digunakan oleh penyerang dengan menggunakan pedoman kata sandi yang dikeluarkan oleh NIST untuk mengevaluasi kualitas dan keragaman kata sandi yang dikumpulkan. Penelitian ini dibagi ke dalam dua fase, pada fase pertama dilakukan dengan pengaturan bawaan honeypot Cowrie dengan menggunakan nama pengguna dan kata sandi bawaan, dan pada fase kedua menggunakan kombinasi kata sandi 8 karakter, yang merupakan persyaratan minimal kata sandi berdasarkan pedoman kata sandi NIST, yang terdiri dari kombinasi huruf besar, huruf kecil, angka, serta karakter khusus. Hasil penelitian menunjukkan bahwa pemanfaatan honeypot Cowrie dengan menggunakan variasi konfigurasi kata sandi 8 karakter memiliki efektivitas yang lebih tinggi dalam melakukan pengumpulan kata sandi, terlihat dari peningkatan total percobaan login sebesar 118,2%, peningkatan jumlah nama pengguna unik sebesar 16,49%, peningkatan jumlah kata sandi unik sebesar 56,70%, serta peningkatan penggunaan kata sandi dengan kompleksitas lebih dari 8 karakter sebesar 40,29%. Temuan ini menunjukkan bahwa honeypot Cowrie dapat digunakan secara efektif sebagai alat yang berguna untuk mengumpulkan data kata sandi yang akan membantu meningkatkan keamanan sistem, dan dapat memiliki efektivitas yang lebih tinggi dalam melakukan pengumpulan kata sandi ketika dilakukan variasi konfigurasi kata sandi yang digunakan oleh penyerang.
Co-Authors A Halim Abd Halim Shamsuddin Abd Halim Shamsuddin, Abd Halim Abdul Halim Abdurrahman Alayderous Amarullah, Abdul Hanief Arga Dhahana Pramudianto Arini Muhafidzah Aspar, Wimpie A.N Asril Jarin Asril Jarin Axel Hunger Axel Hunger, Axel Bagio Budiardjo Bagio Budihardjo Besral . Budi Utomo Endro Joko Wibowo Erlangga Putro Subagyo Farouq Aferudin Frank Schwarz Frank Schwarz, Frank Hariyanto, Fajar Harjono, Mulyadi Sinung Hartina Hiromi Satyanegara Haryanto, Tony Hidayatul Muttaqin Inayah, Kuni Iswanjono Iswanjono Kalvein Rantelobo Kemal N. Siregar Madiyaningsih, Inna Mangampu Silaban Muhammad Salman Muhammad Salmon Hardani Mulyadi Sinung Harjono Okky Assetya Pratiwi Parmadi, Budi Dhaju Permadi, Rachmat Bayu Prayogo, Dimas R. Deiny Mardian Rahutomo Mahardiko Regina, Oliva Ricko Dwi Pambudi Ruddy J Suhatril Samsudiat Shamsuddin, A Halim Stefan Werner Stefan Werner, Stefan Sudarsana, Iman Pribadi Suryadi Suryadi Suryadi Suryadi Taufik Hidayat Tjahjadi, Hendrana Togu Sianturi Tony Haryanto Tony Haryanto Tony Haryanto Tri Daryanto Wahyu Juniardi Weni Sari, Sefiulki Wimpie A.N Aspar Wirawan Wirawan Yuri Prihantono Yusry, Ismail Zakariya, R. Ahmad Imanullah