Article Per Year (5 Year)
p-Index From 2021 - 2026
0.444
P-Index
This Author published in this journals
All Journal Jurnal Nasional Komputasi dan Teknologi Informasi
Mulkan Fadhli
Universitas Islam Negeri Ar-Raniry
Aerospace Engineering Automotive Engineering Computer Science & IT Control & Systems Engineering Decision Sciences, Operations Research & Management Electrical & Electronics Engineering Engineering Neuroscience Transportation

Published : 2 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 2 Documents
Search

 1 
Analisis Serangan DDOS pada Website Prodi Pendidikan Teknologi Informasi Tiara Aula Madina; Mulkan Fadhli
Jurnal Nasional Komputasi dan Teknologi Informasi (JNKTI) Vol 7, No 6 (2024): Desember 2024
Publisher : Program Studi Teknik Komputer, Fakultas Teknik. Universitas Serambi Mekkah

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.32672/jnkti.v7i6.8273

Abstract

Abstrak- Aktivitas belajar dan mengajar di Program Studi Pendidikan Teknologi Informasi, seperti pengajuan judul, uji plagiarisme, serta pendaftaran sidang dan seminar proposal, semuanya dilakukan melalui website. Tingginya tingkat akses harian dikhawatirkan dapat menyebabkan website mengalami down, yang tentunya akan menghambat proses belajar mengajar.Metode yang digunakan dalam penelitian ini adalah penetration testing untuk mengetahui celah yang ada pada website, dengan memanfaatkan tools Slowloris dan C2 sebagai alternatif untuk pengujian. Hasil dari pengujian menunjukanserangan DDoS dapat menyebabkan website mengalami down akibat kehabisan sumber daya. Dari percobaan yang telah dilakukan, terlihat bahwa website Program Studi Pendidikan Teknologi Informasi masih memiliki banyak celah keamanan. Oleh karena itu, penetrasi testing menjadi solusi yang sangat diperlukan. Disarankan juga agar website server PTI menambah kuota socket, memori, dan secara rutin melakukan uji penetrasi setiap bulan. Tindakan ini diharapkan dapat mencegah berbagai indikasi serangan keamanan jaringan, terutama serangan DDoS.Kata kunci: Pendidikan Teknologi Informasi,DDoS,C2,Slowloris Abstract- Learning and teaching activities in the Information Technology Education Study Program, such as title submission, plagiarism testing, and registration for proposal trials and seminars, are all done through the website. The high level of daily access is feared to cause the website to go down, which of course will hinder the teaching and learning process. The method used in this study is penetration testing to find gaps in the website, by utilizing the Slowloris and C2 tools as alternatives for testing. The results of the test show that DDoS attacks can cause the website to go down due to running out of resources. From the experiments that have been carried out, it can be seen that the Information Technology Education Study Program website still has many security gaps. Therefore, penetration testing is a very necessary solution. It is also recommended that the PTI server website increase the socket quota, memory, and routinely conduct penetration tests every month. This action is expected to prevent various indications of network security attacks, especially DDoS attacks.Keywords: Information Technology Education, DDoS, C2, Slowloris
Inside the Mind of an Attacker: Review Sistematika Tujuan Pencurian Machine Learning Model Mulkan Fadhli
Jurnal Nasional Komputasi dan Teknologi Informasi (JNKTI) Vol 8, No 3 (2025): Juni 2025
Publisher : Program Studi Teknik Komputer, Fakultas Teknik. Universitas Serambi Mekkah

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.32672/jnkti.v8i3.9506

Abstract

Abstrak - Pencurian model (model stealing) menjadi salah satu ancaman serius dalam penerapan machine learning modern, terutama pada layanan berbasis API dan cloud. Artikel ini mengulas secara sistematik berbagai tujuan di balik serangan pencurian model untuk memahami motif penyerang dan implikasinya bagi pengembang sistem. Metode penulisan berupa kajian literatur terkini yang mengklasifikasikan tujuan pencurian ke dalam delapan kategori utama: (1) pencurian properti internal seperti arsitektur, bobot, dan hyperparameter; (2) peniruan perilaku model untuk menghasilkan efektivitas setara dan konsistensi prediksi pada data normal maupun adversarial; (3) transfer pengetahuan untuk distillation dan deployment ringan; (4) serangan privasi berupa membership inference dan model inversion; (5) monetisasi dengan menjual model bajakan atau menyediakan layanan API ilegal; (6) pencurian kemampuan pertahanan adversarial untuk meningkatkan efektivitas serangan; (7) spionase industri untuk reverse engineering model pesaing; serta (8) penghindaran regulasi dengan mencuri model yang sudah tersertifikasi. Review ini menegaskan bahwa ancaman pencurian model tidak hanya merugikan secara teknis, tetapi juga membuka peluang eksploitasi ekonomi ilegal, kebocoran data sensitif, dan persaingan usaha tidak sehat. Pemahaman yang detail atas ragam tujuan ini diharapkan mendorong perancang sistem untuk mengembangkan strategi pertahanan yang lebih cermat dan menyeluruh.Kata kunci: Machine Learning; Model Stealing; API; Adversarial; Transfer Pengetahuan; Abstract - Model stealing has become one of the most serious threats in modern machine learning applications, especially in API- and cloud-based services. This article systematically reviews the various objectives behind model stealing attacks to understand the attackers’ motivations and their implications for system developers. The writing method is a current literature review that classifies model stealing objectives into eight main categories: (1) theft of internal properties such as architecture, weights, and hyperparameters; (2) imitation of model behavior to achieve comparable effectiveness and prediction consistency on both normal and adversarial data; (3) knowledge transfer for distillation and lightweight deployment; (4) privacy attacks through membership inference and model inversion; (5) monetization by selling stolen models or offering illegal API services; (6) stealing adversarial robustness to improve attack effectiveness; (7) industrial espionage for reverse engineering competitor models; and (8) regulatory evasion by stealing pre-certified models. This review emphasizes that model stealing threats are not merely technical issues but also open opportunities for illegal economic exploitation, leakage of sensitive data, and unfair business competition. A detailed understanding of these diverse objectives is expected to encourage system designers to develop more careful and comprehensive defense strategies.Keywords: Machine Learning; Model Stealing; API; Adversarial; Knowledge Transfer;
Co-Authors Tiara Aula Madina