Article Per Year (5 Year)
p-Index From 2021 - 2026
1.745
P-Index
This Author published in this journals
All Journal Jurnal Informatika Proceeding International Conference on Information Technology and Business International Journal of Artificial Intelligence Research Jurnal Ilmiah Matrik SIENNA Pengabdian Kepada Masyarakat Cendekia
Hartono Hartono
Universitas Muhammadiyah Kotabumi
Arts Humanities Computer Science & IT Economics, Econometrics & Finance Education Electrical & Electronics Engineering Engineering Languange, Linguistic, Communication & Media Other

Published : 9 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 9 Documents
Search

 1 
Method for Detection and Mitigation Cross Site Scripting Attack on Multi-Websites Hartono Hartono; Joko Triloka
Prosiding International conference on Information Technology and Business (ICITB) 2021: INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY AND BUSINESS (ICITB) 7
Publisher : Proceeding International Conference on Information Technology and Business

Show Abstract | Download Original | Original Source | Check in Google Scholar

Abstract

Cross-Site Scripting (XSS) attack exploits scripting security bugs and issues on the website. XSS attack focuses and occurred on client browser application or frontend. It consists of three types of attacks: stored, reflected, and document object manipulation. The XSS attacks can cause fatal and dangerous problems, such as theft of user data, account takeovers, and illegal access to banking transactions or important data. Studies on XSS detection and mitigation have been carried out by some researchers, but it still leaves some problems, such as there is no connected mitigation to respond to the attack, using only a single-layer security mechanism and fewer payload data to test, weak measurement of the defense effectiveness from XSS attack, and the use of insufficient experiment and data testing. In addition, the method used in previous research still fails to solve all types of XSS attack. Most of the previous research also separates the method of attack detection and its mitigation. Therefore, this study proposes not only for detection but also for mitigation to overcome XSS attacks. The proposed method in this study is divided into two parts: detection and mitigation method. The proposed detection method is by using machine learning, based on lexical analysis. Then, the proposed mitigation method is the multi-layer security method which consists of five layers of the security. The proposed method has been structured systemati-cally and procedurally. In previous research, the partial methods proposed in this paper has been effectively implemented. There-fore, the proposed method is regarded as appropriate method to detect and mitigate XSS attack. Keywords—XSS, cross site scripting, mitigation system, machine learning, cyber-attack, lexical analysis
XSS Attack Detection and Mitigation Using Multi-Layer Security Mechanism (MLSM) Hartono; Sriyanto
Sienna Vol 3 No 2 (2022): Sienna Volume 3 Nomor 2 Desember 2022
Publisher : LPPM Universitas Muhammadiyah Kotabumi

Show Abstract | Download Original | Original Source | Check in Google Scholar

Abstract

BSSN stated that there were 12.9 million cyber threats in Indonesia during 2018. In January - April 2020, the number of cyber-attacks increased. In those four months, the number of cyberattacks reached 88 million. The methods, applications, and attack techniques used cannot be identified easily. However, according to data from the OWASP Top Ten in 2017 and 2021 (statistics-based proposal), there are 10 website security vulnerabilities that are most often exploited. XSS is one of the security holes included in the list. In addition to being a loophole that is often found, the impact of XSS is very fatal, because it allows attackers to do account takeovers, theft of personal data, and so on. There are several studies that have implemented mechanisms to detect and mitigate XSS attacks. However, the implementation has not yet obtained effective and holistic results. The mechanism tested by previous research still leaves a security problem that allows attackers to execute XSS attacks. One of the things that cause this problem is the use of a single-layer security mechanism. Therefore, the purpose of this study is to test the effectiveness of the multi-layer security (MLSM) mechanism in detecting and mitigating XSS attacks. MLSM consists of five layers, namely OWASP ModSecurity, Framework/CMS Security Feature, HTTP Middleware, Templating Engine, and Data Sanitizer. To test the security level of MLSM, the researchers conducted a simulation of attacks using the Arachni and ZAP applications on a sample website that had 170 XSS security vulnerabilities. Based on test attacks on non-MLSM websites, Arachni successfully executed 168 of 170 (98.82%), and ZAP executed 103 of 170 (60.58%) XSS attacks. However, after implementing the MLSM feature on the website, Arachni and ZAP attacks failed to perform XSS attacks, both stored, reflected, and DOM-based XSS. There is no single type of XSS attack that can be carried out on MLSM websites
Deteksi dan Mitigasi Serangan Backdoor Menggunakan Python Watchdog Susilo Hartono; Hartono Hartono; Khusnul Khotimah
Sienna Vol 3 No 1 (2022): Sienna Volume 3 Nomor 1 Juli 2022
Publisher : LPPM Universitas Muhammadiyah Kotabumi

Show Abstract | Download Original | Original Source | Check in Google Scholar

Abstract

The number of cyber attacks is increasing. This happens thoroughly, both at the international and national levels. Technology, techniques, and methods of carrying out cyber attacks are also increasingly sophisticated and up-to-date. Responding to this phenomenon, this research was conducted to implement an application for detecting and mitigating backdoor-based attacks using Python Watchdog. The method used in this study is the experimental method. This research is a case study of backdoor attacks that have been experienced by Universitas Muhammadiyah Kotabumi. In August – December 2021, one of the servers owned by Universitas Muhammadiyah Kotabumi received a significant backdoor-based attack. This research implements Python Watchdog to detect foreign files that are indicated as a backdoor, then sends notifications. Referring to the notification, the administrator can take further action. Based on the research that has been done, Python Watchdog is proven to overcome backdoor attacks. Once Python Watchdog is enabled, backdoor attacks are no longer possible.
PROTOTYPE SISTEM OTOMATISASI RUMAH BERBASIS IoT ( Internet of Things) Adi Wibowo; Sigit Gunanto; Hartono Hartono
Jurnal Ilmiah Matrik Vol 25 No 1 (2023): Jurnal Ilmiah Matrik
Publisher : Direktorat Riset dan Pengabdian Pada Masyarakat (DRPM) Universitas Bina Darma

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.33557/jurnalmatrik.v25i1.2286

Abstract

Abstract : The progress in electronics is very significant. The concept of home automation systems has the potential to improve the living conditions of traditional homes. The aim is to provide convenience to the elderly and people with special needs. Our home automation system works effectively by providing clients with more personal happiness and comfort by using the automation system. Among the four popular wireless connections that will be implemented in this research is WIFI because the WIFI capabilities are more than enough to be implemented in the design. Also, most of the laptops/notebooks or Smartphones nowadays come with a built-in WIFI adapter. Indirectly will reduce the cost of this system. The research carried out has succeeded in making light and fan switching command displays using smartphones, tablet laptops can also use voice commands via Google Assistant. The results obtained are very responsive in receiving and responding to orders quickly and precisely.
Sistem Inferensi Fuzzy Tsukamoto Untuk Menentukan Tingkat Kualitas Air Pada Kolam Budidaya Ikan Lele Muhammad Yudi Abdul Syawari; Hartono
Sienna Vol 5 No 1 (2024): Sienna Volume 5 Nomor 1 Juli 2024
Publisher : LPPM Universitas Muhammadiyah Kotabumi

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.47637/sienna.v5i1.1358

Abstract

This study explores the position of catfish as a major aquaculture commodity in Indonesia. In 2013, Indonesia dominated global catfish production with a market share of 75.6%. Despite the higher growth rate of catfish farming compared to other commodities, production did not meet the set targets. The government is working to strengthen national catfish production and enhance its role as a leading commodity in Indonesia. The advantages of catfish lie in its content of leucine and lysine, which are important for children's growth and nitrogen balance. Environmental factors such as freshwater pH (6.5-8.6), optimal temperature (23-30°C), oxygen levels (2-5 mg/L), and ammonia levels (5-7 mg/L) affect the water quality in catfish farming ponds. Natural and human factors such as extreme weather and overfeeding can impact the living conditions and growth of catfish. This study aims to investigate the relationship between pond water quality and catfish growth. The methods used include confusion matrix and Tsukamoto fuzzy logic to determine the accuracy of the water quality assessment system. The main objective of this research is to provide solutions and benefits for the community or the field of study.
Peningkatan Budaya Literasi Membaca Pada Siswa Kelas 1 di SD Negeri 03 Kembang Tanjung Melalui Media Pop Up Book Hartono; Ridha Nurjanah; Indah Ilya Mustofa; Desi Romadhon; Tia Safitri; Zikri Zulkarnain
Pengabdian Kepada Masyarakat Cendekia Vol. 2 No. 1 (2023): Pengabdian Kepada Masyarakat Cendekia
Publisher : Sentra Kekayaan Intelektual dan Publikasi Ilmiah

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.47637/pkmcendekia.v2i1.939

Abstract

This community service activity is part of the KKN UMKO Transfer Knowledge activities for Muhammadiyah University Kotabumi Students which was carried out on January 31 2023 – March 2 2023 in Kembang Tanjung Village, South Abung District, North Lampung Regency, Lampung. This KKN activity is carried out by lecturers and students to the community, especially in the field of education in order to improve a culture of reading literacy in elementary school students. So the solution is to make interesting reading media, namely pop up book media. The method of implementing this activity starts with making reading media, namely pop up books. Furthermore, students introduced pop up book reading media to elementary school students and asked students to read stories that had been made through pop up book reading media. After this interesting pop up book reading media, it is hoped that elementary school students will be more diligent in reading so that there are no more elementary school students who cannot read.
Detection of SQL Injection Attack Using Machine Learning Based On Natural Language Processing Triloka, Joko; Hartono, Hartono; Sutedi, Sutedi
International Journal of Artificial Intelligence Research Vol 6, No 2 (2022): Desember 2022
Publisher : Universitas Dharma Wacana

Show Abstract | Download Original | Original Source | Check in Google Scholar | Full PDF (673.401 KB) | DOI: 10.29099/ijair.v6i2.355

Abstract

There has been a significant increase in the number of cyberattacks. This is not only happening in Indonesia, but also in many countries.  Thus, the issue of cyber attacks should receive attention and be interesting to study.  Regarding the explored security vulnerabilities, the Open Web Application Security Project has published the Top-10 website vulnerabilities. SQL Injection is still become one of the website vulnerabiliteis which is often exploited by attacker. This research has implemented and tested five algorithms. They are Naïve Bayes, Logistic Regression, Gradient Boosting, K-Nearest Neighbor, and Support Vector Machine. In addition, this study also uses natural language processing to increase the level of detection accuracy, as a part of text processing. Therefore, the main dataset was converted to corpus to make it easier to be analyzed. This process was carried out on feature enginering stage. This study used two datasets of SQL Injection. The first dataset was used to train the classifier, and the second dataset was used to test the performance of classifier. Based on the tests that have been carried out, the Support Vector Machine get the highest level of accuracy detection. The accuracy of detection is 0.9977 with 0,00100 micro seconds per query time of process. In performance testing, Support Vector Machine classifier can detect 99,37% of second dataset. Not only Support Vector Machine, the study have also revealed the detection accuracy level of further tested algorithms: K-Nearest Neighbor (0,9970), Logistic Refression (0,9960), Gradient Boosting (0,99477), and Naïve Bayes (0,9754).
Pengembangan Sistem Keamanan Kendaraan Bermotor Berbasis Fingerprint Dengan Mikrokontroler Yudi Abdul Syawari, Muhammad; Aji Wijaya, Ryan; Hartono, Hartono; Apriando , Rama
Jurnal Informatika Vol 25 No 2 (2025): Jurnal Informatika
Publisher : Institut Informatika Dan Bisnis Darmajaya

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.30873/jurnalinformatika.v25i112

Abstract

 Motorcycle theft is one of the eight most frequent types of crime in Indonesia in 2024, with a total of 19,057 reported cases. Based on data from Pusiknas Bareskrim Polri, 38,438 cases of motorcycle theft were recorded from January to November 2023. This condition indicates that the existing vehicle security systems are still unable to provide optimal protection, as conventional systems such as ignition keys and alarms are easily bypassed by criminals. Therefore, a more advanced, personalized, and highly protective security solution is needed. This study aims to develop a fingerprint-based motorcycle security system that can only be accessed by registered users and to design a prototype that integrates a fingerprint sensor with a microcontroller as the main control unit. The research method used is the prototyping method, which includes identifying system requirements, designing the initial hardware and software, developing the prototype, conducting functional testing, and evaluating the system. The main components used include a fingerprint sensor, a microcontroller, and actuators as the mechanism for the vehicle locking system. The test results show that all components and features of the system function as designed. The registration and deletion of the master fingerprint operate accurately as the main authentication mechanism. User management features—such as adding and deleting user fingerprints—also function properly, demonstrating the system’s capability to recognize and verify biometric data accurately. In addition, the mechanism for opening the motorcycle seat or storage compartment through fingerprint authentication operates smoothly and consistently. Overall, the developed system performs stably and accurately, providing a higher level of security compared to conventional systems. This proves that biometric technology based on fingerprint authentication is effective for implementation as a modern and efficient motorcycle security solution.
Detection of SQL Injection Attacks on MariaDB Using Hybrid Long Short-Term Memory Khotimah, Khusnul; Hartono, Hartono; Apriando, Rama
International Journal of Artificial Intelligence Research Vol 9, No 1.1 (2025)
Publisher : Universitas Dharma Wacana

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.29099/ijair.v9i1.1.1547

Abstract

This study discusses the development of a SQL Injection attack detection system using the Long Short-Term Memory (LSTM) deep learning model. SQL Injection is a serious security threat to web applications that exploits vulnerabilities in user input to manipulate databases. The LSTM model was chosen due to its ability to process sequential data, which is relevant for analyzing the patterns and structure of SQL queries that are susceptible to attacks. The process begins by collecting and combining datasets from various sources, performing preprocessing to handle duplicate data, missing values, and gibberish queries, as well as analyzing the distribution of query lengths. The textual query data is then converted into a numerical representation through tokenization and padding. The processed dataset is divided into training and testing data. The Bi-directional LSTM model architecture is built with embedding, LSTM, dropout, and dense layers. The model is trained using the training data and its performance is evaluated using the test data, producing metrics such as accuracy, precision, recall, and F1-score. Evaluation results on the test data show a model accuracy of 99.99%, with precision of 99.99%, recall of 99.99%, and F1-score of 99.99% in distinguishing between normal queries and SQL Injection queries. The trained model and the tokenizer used are then saved for further testing purposes. This research demonstrates that the LSTM-based approach is highly effective in detecting SQL Injection attacks with high accuracy. Thus, the model can be deployed at the production level or production server.
Co-Authors Adi Wibowo Aji Wijaya, Ryan Apriando , Rama Apriando, Rama Desi Romadhon Indah Ilya Mustofa Joko Triloka khusnul khotimah Khusnul Khotimah Muhammad Yudi Abdul Syawari Ridha Nurjanah Sigit Gunanto Sriyanto, Sriyanto Susilo Hartono Sutedi Sutedi Tia Safitri Triloka, Joko Yudi Abdul Syawari, Muhammad Zikri Zulkarnain