Article Per Year (5 Year)
p-Index From 2021 - 2026
1.978
P-Index
This Author published in this journals
All Journal Jurnal Informatika Proceeding International Conference on Information Technology and Business International Journal of Artificial Intelligence Research Jurnal Ilmiah Matrik MATRIK : Jurnal Manajemen, Teknik Informatika, dan Rekayasa Komputer G-Tech : Jurnal Teknologi Terapan SIENNA Pengabdian Kepada Masyarakat Cendekia
Hartono Hartono
Universitas Muhammadiyah Kotabumi
Arts Humanities Computer Science & IT Decision Sciences, Operations Research & Management Economics, Econometrics & Finance Education Electrical & Electronics Engineering Energy Engineering Languange, Linguistic, Communication & Media Other

Published : 11 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 11 Documents
Search

 1   2 
Method for Detection and Mitigation Cross Site Scripting Attack on Multi-Websites Hartono Hartono; Joko Triloka
Prosiding International conference on Information Technology and Business (ICITB) 2021: INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY AND BUSINESS (ICITB) 7
Publisher : Proceeding International Conference on Information Technology and Business

Show Abstract | Download Original | Original Source | Check in Google Scholar

Abstract

Cross-Site Scripting (XSS) attack exploits scripting security bugs and issues on the website. XSS attack focuses and occurred on client browser application or frontend. It consists of three types of attacks: stored, reflected, and document object manipulation. The XSS attacks can cause fatal and dangerous problems, such as theft of user data, account takeovers, and illegal access to banking transactions or important data. Studies on XSS detection and mitigation have been carried out by some researchers, but it still leaves some problems, such as there is no connected mitigation to respond to the attack, using only a single-layer security mechanism and fewer payload data to test, weak measurement of the defense effectiveness from XSS attack, and the use of insufficient experiment and data testing. In addition, the method used in previous research still fails to solve all types of XSS attack. Most of the previous research also separates the method of attack detection and its mitigation. Therefore, this study proposes not only for detection but also for mitigation to overcome XSS attacks. The proposed method in this study is divided into two parts: detection and mitigation method. The proposed detection method is by using machine learning, based on lexical analysis. Then, the proposed mitigation method is the multi-layer security method which consists of five layers of the security. The proposed method has been structured systemati-cally and procedurally. In previous research, the partial methods proposed in this paper has been effectively implemented. There-fore, the proposed method is regarded as appropriate method to detect and mitigate XSS attack. Keywords—XSS, cross site scripting, mitigation system, machine learning, cyber-attack, lexical analysis
XSS Attack Detection and Mitigation Using Multi-Layer Security Mechanism (MLSM) Hartono; Sriyanto
Sienna Vol 3 No 2 (2022): Sienna Volume 3 Nomor 2 Desember 2022
Publisher : LPPM Universitas Muhammadiyah Kotabumi

Show Abstract | Download Original | Original Source | Check in Google Scholar

Abstract

BSSN stated that there were 12.9 million cyber threats in Indonesia during 2018. In January - April 2020, the number of cyber-attacks increased. In those four months, the number of cyberattacks reached 88 million. The methods, applications, and attack techniques used cannot be identified easily. However, according to data from the OWASP Top Ten in 2017 and 2021 (statistics-based proposal), there are 10 website security vulnerabilities that are most often exploited. XSS is one of the security holes included in the list. In addition to being a loophole that is often found, the impact of XSS is very fatal, because it allows attackers to do account takeovers, theft of personal data, and so on. There are several studies that have implemented mechanisms to detect and mitigate XSS attacks. However, the implementation has not yet obtained effective and holistic results. The mechanism tested by previous research still leaves a security problem that allows attackers to execute XSS attacks. One of the things that cause this problem is the use of a single-layer security mechanism. Therefore, the purpose of this study is to test the effectiveness of the multi-layer security (MLSM) mechanism in detecting and mitigating XSS attacks. MLSM consists of five layers, namely OWASP ModSecurity, Framework/CMS Security Feature, HTTP Middleware, Templating Engine, and Data Sanitizer. To test the security level of MLSM, the researchers conducted a simulation of attacks using the Arachni and ZAP applications on a sample website that had 170 XSS security vulnerabilities. Based on test attacks on non-MLSM websites, Arachni successfully executed 168 of 170 (98.82%), and ZAP executed 103 of 170 (60.58%) XSS attacks. However, after implementing the MLSM feature on the website, Arachni and ZAP attacks failed to perform XSS attacks, both stored, reflected, and DOM-based XSS. There is no single type of XSS attack that can be carried out on MLSM websites
Deteksi dan Mitigasi Serangan Backdoor Menggunakan Python Watchdog Susilo Hartono; Hartono Hartono; Khusnul Khotimah
Sienna Vol 3 No 1 (2022): Sienna Volume 3 Nomor 1 Juli 2022
Publisher : LPPM Universitas Muhammadiyah Kotabumi

Show Abstract | Download Original | Original Source | Check in Google Scholar

Abstract

The number of cyber attacks is increasing. This happens thoroughly, both at the international and national levels. Technology, techniques, and methods of carrying out cyber attacks are also increasingly sophisticated and up-to-date. Responding to this phenomenon, this research was conducted to implement an application for detecting and mitigating backdoor-based attacks using Python Watchdog. The method used in this study is the experimental method. This research is a case study of backdoor attacks that have been experienced by Universitas Muhammadiyah Kotabumi. In August – December 2021, one of the servers owned by Universitas Muhammadiyah Kotabumi received a significant backdoor-based attack. This research implements Python Watchdog to detect foreign files that are indicated as a backdoor, then sends notifications. Referring to the notification, the administrator can take further action. Based on the research that has been done, Python Watchdog is proven to overcome backdoor attacks. Once Python Watchdog is enabled, backdoor attacks are no longer possible.
PROTOTYPE SISTEM OTOMATISASI RUMAH BERBASIS IoT ( Internet of Things) Adi Wibowo; Sigit Gunanto; Hartono Hartono
Jurnal Ilmiah Matrik Vol 25 No 1 (2023): Jurnal Ilmiah Matrik
Publisher : Direktorat Riset dan Pengabdian Pada Masyarakat (DRPM) Universitas Bina Darma

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.33557/jurnalmatrik.v25i1.2286

Abstract

Abstract : The progress in electronics is very significant. The concept of home automation systems has the potential to improve the living conditions of traditional homes. The aim is to provide convenience to the elderly and people with special needs. Our home automation system works effectively by providing clients with more personal happiness and comfort by using the automation system. Among the four popular wireless connections that will be implemented in this research is WIFI because the WIFI capabilities are more than enough to be implemented in the design. Also, most of the laptops/notebooks or Smartphones nowadays come with a built-in WIFI adapter. Indirectly will reduce the cost of this system. The research carried out has succeeded in making light and fan switching command displays using smartphones, tablet laptops can also use voice commands via Google Assistant. The results obtained are very responsive in receiving and responding to orders quickly and precisely.
Sistem Inferensi Fuzzy Tsukamoto Untuk Menentukan Tingkat Kualitas Air Pada Kolam Budidaya Ikan Lele Muhammad Yudi Abdul Syawari; Hartono
Sienna Vol 5 No 1 (2024): Sienna Volume 5 Nomor 1 Juli 2024
Publisher : LPPM Universitas Muhammadiyah Kotabumi

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.47637/sienna.v5i1.1358

Abstract

This study explores the position of catfish as a major aquaculture commodity in Indonesia. In 2013, Indonesia dominated global catfish production with a market share of 75.6%. Despite the higher growth rate of catfish farming compared to other commodities, production did not meet the set targets. The government is working to strengthen national catfish production and enhance its role as a leading commodity in Indonesia. The advantages of catfish lie in its content of leucine and lysine, which are important for children's growth and nitrogen balance. Environmental factors such as freshwater pH (6.5-8.6), optimal temperature (23-30°C), oxygen levels (2-5 mg/L), and ammonia levels (5-7 mg/L) affect the water quality in catfish farming ponds. Natural and human factors such as extreme weather and overfeeding can impact the living conditions and growth of catfish. This study aims to investigate the relationship between pond water quality and catfish growth. The methods used include confusion matrix and Tsukamoto fuzzy logic to determine the accuracy of the water quality assessment system. The main objective of this research is to provide solutions and benefits for the community or the field of study.
Peningkatan Budaya Literasi Membaca Pada Siswa Kelas 1 di SD Negeri 03 Kembang Tanjung Melalui Media Pop Up Book Hartono; Ridha Nurjanah; Indah Ilya Mustofa; Desi Romadhon; Tia Safitri; Zikri Zulkarnain
Pengabdian Kepada Masyarakat Cendekia Vol. 2 No. 1 (2023): Pengabdian Kepada Masyarakat Cendekia
Publisher : Sentra Kekayaan Intelektual dan Publikasi Ilmiah

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.47637/pkmcendekia.v2i1.939

Abstract

This community service activity is part of the KKN UMKO Transfer Knowledge activities for Muhammadiyah University Kotabumi Students which was carried out on January 31 2023 – March 2 2023 in Kembang Tanjung Village, South Abung District, North Lampung Regency, Lampung. This KKN activity is carried out by lecturers and students to the community, especially in the field of education in order to improve a culture of reading literacy in elementary school students. So the solution is to make interesting reading media, namely pop up book media. The method of implementing this activity starts with making reading media, namely pop up books. Furthermore, students introduced pop up book reading media to elementary school students and asked students to read stories that had been made through pop up book reading media. After this interesting pop up book reading media, it is hoped that elementary school students will be more diligent in reading so that there are no more elementary school students who cannot read.
Design and Implementation of a Loan Information System at the North Lampung BKKBN Office Rahmawati, Anggun; Hartono, Hartono
G-Tech: Jurnal Teknologi Terapan Vol 9 No 4 (2025): G-Tech, Vol. 9 No. 4 October 2025
Publisher : Universitas Islam Raden Rahmat, Malang

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.70609/g-tech.v9i4.8304

Abstract

This study addresses the lack of automation in government loan management systems, which has led to inefficiencies such as delayed service, data entry errors, and difficulties in tracking borrowed items. To overcome these challenges, this research aims to design and implement a web-based goods borrowing information system for the BKKBN Office of North Lampung. The system was developed using the Waterfall methodology and adopts the Model-View-Controller (MVC) architectural pattern. It includes key features such as inventory management, user authentication, borrowing request submission, administrative verification, transaction reporting, and real-time status notifications. System evaluation through Black Box and User Acceptance Testing demonstrated that all features operated effectively and reliably, handling 234 inventory records across eight active users. The results indicate that the proposed system enhances administrative efficiency, transparency, and data accuracy, making it suitable for practical implementation and future development with features such as email notifications or QR-code integration.
Detection of SQL Injection Attack Using Machine Learning Based On Natural Language Processing Triloka, Joko; Hartono, Hartono; Sutedi, Sutedi
International Journal of Artificial Intelligence Research Vol 6, No 2 (2022): Desember 2022
Publisher : Universitas Dharma Wacana

Show Abstract | Download Original | Original Source | Check in Google Scholar | Full PDF (673.401 KB) | DOI: 10.29099/ijair.v6i2.355

Abstract

There has been a significant increase in the number of cyberattacks. This is not only happening in Indonesia, but also in many countries.  Thus, the issue of cyber attacks should receive attention and be interesting to study.  Regarding the explored security vulnerabilities, the Open Web Application Security Project has published the Top-10 website vulnerabilities. SQL Injection is still become one of the website vulnerabiliteis which is often exploited by attacker. This research has implemented and tested five algorithms. They are Naïve Bayes, Logistic Regression, Gradient Boosting, K-Nearest Neighbor, and Support Vector Machine. In addition, this study also uses natural language processing to increase the level of detection accuracy, as a part of text processing. Therefore, the main dataset was converted to corpus to make it easier to be analyzed. This process was carried out on feature enginering stage. This study used two datasets of SQL Injection. The first dataset was used to train the classifier, and the second dataset was used to test the performance of classifier. Based on the tests that have been carried out, the Support Vector Machine get the highest level of accuracy detection. The accuracy of detection is 0.9977 with 0,00100 micro seconds per query time of process. In performance testing, Support Vector Machine classifier can detect 99,37% of second dataset. Not only Support Vector Machine, the study have also revealed the detection accuracy level of further tested algorithms: K-Nearest Neighbor (0,9970), Logistic Refression (0,9960), Gradient Boosting (0,99477), and Naïve Bayes (0,9754).
Improving Detection Accuracy of Brute-Force Attacks on MariaDB Using Standard Isolation Forest: A Comparative Analysis with RotatedVariant Hartono; Khotimah, Khusnul; Maharjan, Rokin
MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer Vol. 25 No. 1 (2025)
Publisher : Universitas Bumigora

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.30812/matrik.v25i1.5817

Abstract

Brute-force attacks remain among the most prevalent and persistent cybersecurity threats to database systems, causing unauthorized access, data leakage, and service disruptions. Conventional thresholdbased detection methods often struggle to adapt to evolving and dynamic attack patterns, necessitating more robust anomaly detection approaches. This study aims to develop, evaluate, and compare two unsupervised machine learning algorithms—Standard Isolation Forest (IF) and Rotated Isolation Forest (RIF)—for detecting brute-force attacks targeting databases such as MariaDB. A large-scale raw access log dataset containing millions of entries was pre-processed through data cleaning, normalization, and feature extraction. Behavioural features were engineered for IP-path pairs, including login-attempt frequency, request intervals, and rapid-attempt ratios. The dataset consisted of 1,831,989 benign and 5,126,052 brute-force entries. The Standard IF model was trained using benign data (n estimators = 175, contamination = 0.1, max samples = ’auto’) and evaluated on mixed data, achieving Recall 99.94%, Precision 99.29%, F1-Score 99.61%, AUC 0.9495, and Accuracy 99.28%, with TP = 5,123,224 and FN = 2,828. The RIF model, using Gaussian Random Projection (n components = 5), yielded slightly lower metrics: Recall 99.44%, F1-Score 99.36%, and Accuracy 98.81%. The findings indicate that Standard Isolation Forest provides higher detection accuracy and reliability in identifying brute-force anomalies within large-scale log data. Despite the theoretical advantage of feature rotation in handling complex anomalies, the Standard IF demonstrates superior practical performance and efficiency. Overall, the study confirms the method’s strong potential for integration into automated and real-time cybersecurity monitoring systems.
Pengembangan Sistem Keamanan Kendaraan Bermotor Berbasis Fingerprint Dengan Mikrokontroler Yudi Abdul Syawari, Muhammad; Aji Wijaya, Ryan; Hartono, Hartono; Apriando , Rama
Jurnal Informatika Vol 25 No 2 (2025): Jurnal Informatika
Publisher : Institut Informatika Dan Bisnis Darmajaya

Show Abstract | Download Original | Original Source | Check in Google Scholar

Abstract

 Motorcycle theft is one of the eight most frequent types of crime in Indonesia in 2024, with a total of 19,057 reported cases. Based on data from Pusiknas Bareskrim Polri, 38,438 cases of motorcycle theft were recorded from January to November 2023. This condition indicates that the existing vehicle security systems are still unable to provide optimal protection, as conventional systems such as ignition keys and alarms are easily bypassed by criminals. Therefore, a more advanced, personalized, and highly protective security solution is needed. This study aims to develop a fingerprint-based motorcycle security system that can only be accessed by registered users and to design a prototype that integrates a fingerprint sensor with a microcontroller as the main control unit. The research method used is the prototyping method, which includes identifying system requirements, designing the initial hardware and software, developing the prototype, conducting functional testing, and evaluating the system. The main components used include a fingerprint sensor, a microcontroller, and actuators as the mechanism for the vehicle locking system. The test results show that all components and features of the system function as designed. The registration and deletion of the master fingerprint operate accurately as the main authentication mechanism. User management features—such as adding and deleting user fingerprints—also function properly, demonstrating the system’s capability to recognize and verify biometric data accurately. In addition, the mechanism for opening the motorcycle seat or storage compartment through fingerprint authentication operates smoothly and consistently. Overall, the developed system performs stably and accurately, providing a higher level of security compared to conventional systems. This proves that biometric technology based on fingerprint authentication is effective for implementation as a modern and efficient motorcycle security solution.
Co-Authors Adi Wibowo Aji Wijaya, Ryan Apriando , Rama Apriando, Rama Desi Romadhon Indah Ilya Mustofa Joko Triloka Khusnul Khotimah khusnul khotimah Maharjan, Rokin Muhammad Yudi Abdul Syawari Rahmawati, Anggun Ridha Nurjanah Sigit Gunanto Sriyanto Sriyanto Susilo Hartono Sutedi Sutedi Tia Safitri Triloka, Joko Yudi Abdul Syawari, Muhammad Zikri Zulkarnain