Article Per Year (5 Year)
p-Index From 2021 - 2026
7.417
P-Index
This Author published in this journals
All Journal Teknika Bulletin of Electrical Engineering and Informatics JOIV : International Journal on Informatics Visualization JRSI (Jurnal Rekayasa Sistem dan Industri) JURNAL TEKNIK INFORMATIKA DAN SISTEM INFORMASI SEIKO : Journal of Management & Business J-SAKTI (Jurnal Sains Komputer dan Informatika) JIPI (Jurnal Ilmiah Penelitian dan Pembelajaran Informatika) Jurnal Informatika dan Rekayasa Elektronik Indonesian Journal of Electrical Engineering and Computer Science JOURNAL OF INFORMATION SYSTEM RESEARCH (JOSH) Jurnal Sistem Komputer dan Informatika (JSON) J-SAKTI (Jurnal Sains Komputer dan Informatika) eProceedings of Engineering eProceedings of Management Kesatria : Jurnal Penerapan Sistem Informasi (Komputer dan Manajemen) Dedikasi Nusantara Journal of Production, Enterprise, and Industrial Applications NJCOM: Community Service Journal
Adityas Widjajarto
Universitas Telkom
Religion Agriculture, Biological Sciences & Forestry Automotive Engineering Chemical Engineering, Chemistry & Bioengineering Computer Science & IT Control & Systems Engineering Decision Sciences, Operations Research & Management Economics, Econometrics & Finance Education Electrical & Electronics Engineering Energy Engineering Environmental Science Industrial & Manufacturing Engineering Social Sciences Other

Published : 84 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 84 Documents
Search

 3   4   5   6   7 
Implementasi Dan Analisa Security Auditing Menggunakan Open Source Software Dengan Framework Mitre Att&ck Muhammad Athallariq Rabbani; Avon Budiyono; Adityas Widjajarto
eProceedings of Engineering Vol 7, No 2 (2020): Agustus 2020
Publisher : eProceedings of Engineering

Show Abstract | Download Original | Original Source | Check in Google Scholar

Abstract

Abstrak Security auditing merupakan proses pengumpulan dan evaluasi bukti-bukti untuk menentukan apakah sistem komputer yang digunakan telah dapat melindungi aset milik organisasi. Pada penelitian ini security auditing dilakukan berdasarkan analisa vulnerability dan threat agar dapat melihat hubungan yang terjadi antara vulnerability dan threat yang telah dilakukan pada aset IT tersebut. Pada penelitian ini objek yang digunakan yaitu vulnerable operating system (VulnOSv2) dengan tujuan untuk mengetahui vulnerability dan threat. Pada penilitian ini digunakan 10 walkthrough dengan tujuan dapat dilakukan analisis perbandingan pada masing masing walkthrough serta melihat efisiensi dari masing-masing tools yang digunakan. Eksperimen dilakukan dengan menggunakan framework MITRE ATT&CK dimana digunakan sebagai dasar untuk pengembangan model dan metodologi ancaman. Open source software OpenVAS dapat diterapkan guna melihat hasil kuantitatif yang berdasarkan scanning eskploitasi berupa vulnerability. Sedangkan secara kualitatif dengan menyusun model attack trees. Framework MITRE ATT&CK yang dibuat dapat mengakomodasi model attack trees yaitu sebesar 80%. Kata kunci : Security Auditing, Vulnerability, Threat, Risk, Framework MITRE ATT&CK Abstract Security auditing is the process of gathering and evaluating evidence to determine whether the computer system used has been able to protect the assets belonging to the organization. In this research, security auditing is conducted based on the analysis of vulnerability and threat in order to see the relationship that occurs between vulnerability and threats that have been carried out on these IT assets. In this study the object used is vulnerable operating system (VulnOSv2) with the aim to determine vulnerability and threat. In this research 10 walkthroughs are used with the aim that comparative analysis can be performed on each walkthrough and see the efficiency of each tool used. Experiments were carried out using the MITRE ATT&CK framework which is used as a basis for developing threat models and methodologies. Open source software OpenVAS can be applied to see quantitative results based on exploitation scanning in the form of vulnerability. Whereas arranging attack tree models the MITRE ATT&CK Framework created can accommodate attack tree models, which is 80%. Keywords : Security Auditing, Vulnerability, Threat, Risk, Framework MITRE ATT&CK
Implementasi Serangan Distributed Denial of Service (DDoS) Menggunakan HPING3 Pada Software Defined Network (SDN) Dengan Metode PPDIOO Wisal Altafvian Deanis Ananta; Teguh Kurniawan; Adityas Widjajarto
SEIKO : Journal of Management & Business Vol 6, No 1 (2023): January - Juny
Publisher : Program Pascasarjana STIE Amkop Makassar

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.37531/sejaman.v6i1.5443

Abstract

Perkembangan teknologi masa kini telah mengalami perkembangan pesat, memudahkan dan mendukung aktivitas sehari-hari. Namun, pertumbuhan ini juga berimbas pada peningkatan lalu lintas jaringan dan penggunaan perangkat keras. Jaringan konvensional tidak mampu dengan cepat beradaptasi terhadap perubahan ini. Keterbatasan dalam pemrograman ulang dan kontrol perangkat menghambat jaringan tradisional. Oleh karena itu, solusi muncul dalam bentuk Software Defined Network (SDN). SDN memisahkan kontrol jaringan dari lapisan data, memberi ruang untuk pemrograman yang lebih sederhana dan fleksibilitas yang lebih tinggi. Namun, SDN juga memiliki kerentanan, terutama dalam serangan. Kelemahan ini dieksploitasi dalam serangan Distributed Denial of Service (DDoS), serangan yang membuat kontroler tidak responsif. Penelitian ini pada tahap pengujian dengan mencari jumlah attacker minimal yang menghambat komunikasi host, mengukur waktu dan jumlah paket hilang. Kinerja dinilai menggunakan Quality of Service dengan menghitung packet loss melalui perintah ping, dan dianalisis berdasarkan ETSI TIPHON. Tujuan utama mendapatkan waktu secepat mungkin hingga destination host unreachable. Hasil pengujian serangan di satu jaringan yang sama menunjukkan jumlah attacker 1 waktu tidak terbatas, attacker 3 durasi waktu 8 menit 53 detik, attacker 5 durasi waktu 6 menit 56 detik, attacker 7 durasi waktu 4 menit 34 detik, attacker 9 durasi waktu 2 menit 29 detik, attacker 11 durasi waktu 58 detik. Serangan berbeda jaringan menunjukkan jumlah attacker 1 waktu tidak terbatas, attacker 3 durasi waktu 12 menit 53 detik, attacker 5 durasi waktu 10 menit 35 detik, attacker 7 durasi waktu 9 menit 25 detik, attacker 9 durasi waktu 3 menit, attacker 11 durasi waktu, 1 menit 16 detik. Kata Kunci: DDoS; HPING3; SDN
Implementasi dan Analisis Attack Tree pada Aplikasi DVWA Berdasar Metrik Time dan Cost Alifurfan Wiradwipa Pranowo; Adityas Widjajarto; Muhammad Fathinuddin
Kesatria : Jurnal Penerapan Sistem Informasi (Komputer dan Manajemen) Vol 4, No 4 (2023): Edisi Oktober
Publisher : LPPM STIKOM Tunas Bangsa

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.30645/kesatria.v4i4.234

Abstract

Exploitation against web applications can be formulated into an attack tree. This research aims to explore the relationship between the attack tree and the exploitation characteristics based on time and cost metrics. The study involves conducting exploitation experiments on the DVWA platform. The exploitation stages are utilized to construct the attack tree, which is then organized based on two conditions: with Web Application Firewall (WAF) and without WAF. The attack tree is composed of five types of exploitation, namely SQL Injection, XSS (Reflected), Command Injection, CSRF, and Brute Force. The analysis results without WAF indicate that the XSS (Reflected) attack tree occupies the top position with a score of 53.69, while the SQL Injection attack tree ranks last with a score of 682.49. On the other hand, with WAF, the XSS (Reflected) attack tree remains at the top with a score of 61.11, and the SQL Injection attack tree still occupies the last position, but with a lower score of 207.22. Consequently, this relationship can be utilized to categorize attack trees based on time and cost metrics. Future research opportunities may involve measuring subsystem processes of the system.
Evaluasi Layanan Infrastruktur: MTBF, MTTR, ITIL Pada PT. XYZP Utami, Resti Pradita; Widjajarto, Adityas; Budiyono, Avon
TEKNIKA Vol. 19 No. 1 (2025): Teknika Januari 2025
Publisher : Politeknik Negeri Sriwijaya

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.5281/zenodo.13883489

Abstract

Industri pariwisata Indonesia terus berkembang dengan inovasi seperti penginapan berbasis Internet of Things (IoT). PT XYZP dengan visi meningkatkan kenyamanan melalui IoT, memperkenalkan produk inovasi yang memadukan alam dan teknologi. Penelitian ini bertujuan menganalisis dan merancang Event Management dalam pengelolaan layanan infrastruktur di PT XYZP menggunakan kerangka ITIL versi 4. Metode penelitian meliputi pengumpulan data dari Unifi Controller, observasi, dan wawancara. Analisis dilakukan terhadap parameter user experience, availability, MTBF, dan MTTR dari Januari hingga Maret 2024. Hasil menunjukkan rata-rata user experience "good" dengan nilai sekitar 92%, availability 98,85%, peningkatan MTBF dari 608 jam menjadi 744 jam menunjukkan berkurangnya frekuensi kegagalan. Selain itu, peralihan dari adanya waktu perbaikan (MTTR) menjadi tidak adanya kegagalan yang memerlukan perbaikan mengindikasikan peningkatan efisiensi dalam pengelolaan jaringan. Rekomendasi mencakup implementasi sistem ticketing, optimasi fitur notifikasi, dan penggunaan AI untuk pemantauan proaktif. Peningkatan ini diharapkan dapat meningkatkan efisiensi dan pengalaman pengguna PT XYZP.
Desain Kontrol Keamanan Pada Content Management System Wordpress Berdasar Aspek Aplikasi Dengan Panduan OWASP Setiawan, Ivan; Widjajarto, Adityas; Budiyono, Avon
TEKNIKA Vol. 19 No. 1 (2025): Teknika Januari 2025
Publisher : Politeknik Negeri Sriwijaya

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.5281/zenodo.13756114

Abstract

Layanan CMS WordPress sangat populer di seluruh dunia, sehingga keamanan platform ini menjadi sangat penting. Penelitian ini bertujuan merancang desain kontrol keamanan aplikasi pada CMS WordPress berdasarkan eksploitasi kerentanan pada plugin dan non-plugin. Kerentanan yang dieksploitasi mencakup plugin MStore-API, Modern Event Calendar Lite, WPS-Hide-Login, Elementor, Catch Themes Demo Import, serta kerentanan XXE dan serangan Brute Force. Hasil analisis menghasilkan desain kontrol keamanan aplikasi WordPress berdasarkan ancaman dan kerentanan, mencakup ancaman terhadap data dan standar OWASP Top 10. Dari tujuh kerentanan yang diidentifikasi, lima masuk kategori disclosure dan dua dalam kategori alteration, dengan empat kategori OWASP Top 10. Setiap kerentanan diberikan CVE ID dan dinilai menggunakan sistem CVSS. Misalnya, CVE-2023-2732 pada Plugin MStore-API memiliki skor tertinggi (9.8, Critical), sedangkan CVE-2021-29447 (XXE) memiliki skor terendah (6.5, Medium). Desain kontrol keamanan berdasarkan OWASP Top 10 membantu menentukan prioritas. Contohnya pada Identification and Authentication Failures (A07:2021), MStore-API diklasifikasikan sebagai Critical dengan risiko disclosure, menekankan pentingnya penerapan mekanisme keamanan segera. Meskipun Brute Force termasuk dalam kategori OWASP yang sama dan diklasifikasikan sebagai Medium, fokus utama tetap pada kerentanan Critical terlebih dahulu.
Implementasi dan Analisis Attack Tree pada Aplikasi DVWA Berdasar Metrik Time dan Skill Level Nugraha, Yadi; Widjajarto, Adityas; Fathinuddin, Muhammad
J-SAKTI (Jurnal Sains Komputer dan Informatika) Vol 7, No 2 (2023): EDISI SEPTEMBER
Publisher : STIKOM Tunas Bangsa Pematangsiantar

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.30645/j-sakti.v7i2.690

Abstract

Attack trees can be formulated based on the steps of exploitation that occur in web applications. The aim of this research is to understand the relationship between attack trees and exploitation characteristics based on time and skill level metrics. The platform for exploitation testing uses DVWA and is organized into an attack tree. The attack tree is structured with both protected and unprotected WAF conditions. The attack tree is organized based on five vulnerabilities: SQL Injection, XSS (Reflected), Command injection, CSRF, and Brute force. The analysis results with the unprotected WAF condition conclude that the XSS (Reflected) attack tree ranks first with a score of 131.92. The SQL Injection attack tree ranks last with a score of 1727.56. Meanwhile, with the WAF, the SQL Injection attack tree ranks first with a score of 54. The Brute force attack tree ranks last with a score of 319.51. Thus, this relationship can be used for ranking attack trees based on time and skill level metrics. Further research can involve detailing the steps of exploitation using CVSS scores as a skill level calculation and measuring parameters using IDS as one of the firewall features.
Implementasi dan Analisis Attack Tree pada Aplikasi DVWA Berdasar Metrik Time dan Probability Irawan, Alfian Rifki; Widjajarto, Adityas; Fathinuddin, Muhammad
J-SAKTI (Jurnal Sains Komputer dan Informatika) Vol 7, No 2 (2023): EDISI SEPTEMBER
Publisher : STIKOM Tunas Bangsa Pematangsiantar

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.30645/j-sakti.v7i2.688

Abstract

The formulation of attack trees can be based on the exploitation stages in web-based applications. According to this formulation, this research aims to understand the relationship between attack trees and exploitation characteristics using time and probability metrics. The construction of attack trees is based on experimental platforms using the DVWA web-based application, both in protected and unprotected conditions by a Web Application Firewall (WAF). Exploitation is carried out on five vulnerabilities, namely SQL Injection, XSS (Reflected), Command Injection, CSRF, and Brute Force. The analysis results without a WAF show that the Cross-Site Request Forgery attack tree occupies the top position with a score of 18.19. On the other hand, the Brute Force attack tree ranks last with a score of 230.09. With the presence of a WAF, the Command Injection attack tree takes the first position with a score of 4.80, while the Brute Force attack tree remains in the last position with a score of 43.08. Further research in this study may involve a detailed examination of probability metrics and the calculation of vulnerability factors.
Implementasi dan Analisis Attack Tree pada Aplikasi DVWA Berdasar Metrik Time dan Skill Level Nugraha, Yadi; Widjajarto, Adityas; Fathinuddin, Muhammad
J-SAKTI (Jurnal Sains Komputer dan Informatika) Vol 7, No 2 (2023): EDISI SEPTEMBER
Publisher : STIKOM Tunas Bangsa Pematangsiantar

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.30645/j-sakti.v7i2.690

Abstract

Attack trees can be formulated based on the steps of exploitation that occur in web applications. The aim of this research is to understand the relationship between attack trees and exploitation characteristics based on time and skill level metrics. The platform for exploitation testing uses DVWA and is organized into an attack tree. The attack tree is structured with both protected and unprotected WAF conditions. The attack tree is organized based on five vulnerabilities: SQL Injection, XSS (Reflected), Command injection, CSRF, and Brute force. The analysis results with the unprotected WAF condition conclude that the XSS (Reflected) attack tree ranks first with a score of 131.92. The SQL Injection attack tree ranks last with a score of 1727.56. Meanwhile, with the WAF, the SQL Injection attack tree ranks first with a score of 54. The Brute force attack tree ranks last with a score of 319.51. Thus, this relationship can be used for ranking attack trees based on time and skill level metrics. Further research can involve detailing the steps of exploitation using CVSS scores as a skill level calculation and measuring parameters using IDS as one of the firewall features.
Implementasi dan Analisis Attack Tree pada Aplikasi DVWA Berdasar Metrik Time dan Probability Irawan, Alfian Rifki; Widjajarto, Adityas; Fathinuddin, Muhammad
J-SAKTI (Jurnal Sains Komputer dan Informatika) Vol 7, No 2 (2023): EDISI SEPTEMBER
Publisher : STIKOM Tunas Bangsa Pematangsiantar

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.30645/j-sakti.v7i2.688

Abstract

The formulation of attack trees can be based on the exploitation stages in web-based applications. According to this formulation, this research aims to understand the relationship between attack trees and exploitation characteristics using time and probability metrics. The construction of attack trees is based on experimental platforms using the DVWA web-based application, both in protected and unprotected conditions by a Web Application Firewall (WAF). Exploitation is carried out on five vulnerabilities, namely SQL Injection, XSS (Reflected), Command Injection, CSRF, and Brute Force. The analysis results without a WAF show that the Cross-Site Request Forgery attack tree occupies the top position with a score of 18.19. On the other hand, the Brute Force attack tree ranks last with a score of 230.09. With the presence of a WAF, the Command Injection attack tree takes the first position with a score of 4.80, while the Brute Force attack tree remains in the last position with a score of 43.08. Further research in this study may involve a detailed examination of probability metrics and the calculation of vulnerability factors.
From Ballots to Bytes A Digital Revolution in Village Head Elections - A Case Study from Sukadana, Indonesia Fathinuddin, Muhammad; Hediyanto, Umar Yunan Kurnia Septo; Widjajarto, Adityas; Safitra, Muhammad Fakhrul
SEIKO : Journal of Management & Business Vol 6, No 2.1 (2023)
Publisher : Program Pascasarjana STIE Amkop Makassar

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.37531/sejaman.v6i2.5691

Abstract

Paper ini mengeksplorasi transformasi digital dalam pemilihan kepala desa di Sukadana, Indonesia, dengan fokus pada implementasi teknologi berbasis database. Kami mengkaji peralihan dari metode pemungutan suara berbasis kertas tradisional ke sistem pemungutan suara elektronik dan dampaknya terhadap partisipasi pemilih, transparansi, dan keseluruhan proses pemilihan. Kami juga menganalisis hasil dari transformasi ini, mengidentifikasi kendala yang dihadapi selama proses tersebut, serta pembelajaran yang diambil dari studi kasus ini. Selain itu, kami memberikan rekomendasi bagi daerah pedesaan lain yang sedang mempertimbangkan pergeseran digital serupa. Temuan kami menyoroti peningkatan signifikan dalam partisipasi pemilih, peningkatan transparansi proses, dan potensi untuk meningkatkan demokrasi di tingkat desa. Keberhasilan revolusi digital ini dalam konteks pedesaan menegaskan pentingnya pendekatan yang disesuaikan dengan adopsi teknologi di lingkungan semacam ini, memperhatikan kebutuhan lokal dan mengatasi masalah keamanan. Kata Kunci: Transformasi digital; Pemilihan kepala desa; Teknologi berbasis database; Adopsi teknologi di pedesaan; Partisipasi pemilih dan transparansi.
Co-Authors Achmad Muhaimin Aziz Aditya Eka Saputra Aditya Shofwan Zulma Afrizal Hamzah Ahmad Almaarif Al Faridz, Muhammad Hanafi Mu’amar Alifurfan Wiradwipa Pranowo Amalia Intan Safura Ardhyan Zulfikar Malik Ari Apridana Avon Budiono Avon Budiono Avon Budiyono Aziz Widya Isnanta Basori, Malik Alrasyid Batunanggar, Yana J S Br Surbakti, Maya Angelia Cindy Muhdiantini Decky Raditama Megantara Deden Witarsyah Dewantara, Rheza Dicky Naofal Rizaldi Dzulfahmi, Irfan Eliza Adira Handrini Evangelista S., Jacqueline Fachrul Hijriah Usman Fadhilah, Samia Faezal, Erlangga Fanny Fathya Nurul Fatimah Fanny Fathya Nurul Fatimah, Fanny Fathya Nurul Farmadika, Pramudya Fathia, Dhiya Fathinuddi, Muhammad Febriyani, Widia Ferdinan Ginting Manik Hadist, Putri Alviona Harahap, Adnan Nauli Hawari, Azizan Helmi Khairullah Setiana I Made Dwiki Kusuma Pradipta Ilham Akbar Siswanto Ilham Amarullah Irawan, Alfian Rifki Irmalistia Alfiani Isnaini Hayati Ivan Setiawan Jafar Haritsah Kamaly, Akhmad Dzihan Karimah, Myra Tresno Kirana Dhiatam Dhiatama Ayunda Krisfian Adji Brata Kurniawan, M Tegoeh Kurniawan, M Teguh Kurniawan, M. Teguh Leonardo Taufan Sontani Limutu, Wahyu M Teguh Kurniawan M. K. Rizal Syahputra M. Rafi M. Teguh Kurniawan Ma'arij Haritsah Manik, Yusuf H. Mega Fitri Yani Miftah Fajar Asy’ari Milenia Oktaviana Mochamad Teguh Kurniawan Mochammad Teguh Kurniawan Muhammad Athallariq Rabbani Muhammad Fathinuddin Muhammad Ilham Maulana Muhammad Teguh Kurniawan MUHAMMAD TEGUH KURNIAWAN, MUHAMMAD TEGUH Muharman Lubis Murahartawaty Murahartawaty Nabil Egan Valentino Naufal Abrian Ismiyushar Ni Made Meliana Listyawati Nolanda Indria Nugraha, Yadi Pamudji, Tania Almira Penggalih, Arya Bimo Bagas Pulungan, Fauzan Khairy Qudamah, Ramiz Rafsyandjani, Muhammad Rizki Ramadani, Ramadani Ryan Supriadi Ramadhan Ryandi, Yuaraina Dirgantarizki Safitra, Muhammad Fakhrul Salim, Irgi Fahrezi Sanum, Fachri Fadhilah Shita Widya Ningsih Sidiq, M. Zaelani Tania Almira Pamudji Taufiqurrahman, Dzulfikar Fathi Teguh Kurniawan Tiara Sabrina Trinanda Aditya Arya Wibisono Umar Yunan Kurnia Septo Umar Yunan Kurnia Septo Hediyanto Utami, Resti Pradita Valentino, Nabil Egan Vreseliana Ayuningtyas Wardana, Wasis Wisal Altafvian Deanis Ananta Yuli Adam Prasetyo