Jurnal Informatika Medis (J-INFORMED)
Vol. 4 No. 1 (2026): Jurnal Informatika Medis (J-INFORMED)

FORENSIC ANALYSIS OF TROJAN BACKDOOR (GACOR) ATTACKS ON PRIVATE CLOUD ENVIRONMENTS USING KUAD METHOD

Hero Wintolo (Institut Teknologi Dirgantara Adisutjipto)
Mohammad Faiq Badruz Zaman (Institut Teknologi Dirgantara Adisutjipto)
Haruno Sajati (Institut Teknologi Dirgantara Adisutjipto)
Imam Riadi (Universitas Ahmad Dahlan)
Anton Yudhana (Universitas Ahmad Dahlan)
Tri Rochmadi (Universitas Alma Ata)
Puspa Ira Dewi Candra Wulan (National Taiwan University Science and Technology)



Article Info

Publish Date
30 Jun 2026

Abstract

This research examines the impact of a Trojan Backdoor Attack, referred to as a Gacor attack, on the security and service integrity of a private cloud environment based on OwnCloud. The experimental environment was deployed ubuntu server 22.04 using OwnCloud version 10.15.2 and supported by a Mikrotik CCR1016-12G network device. Application level and network level activities were monitored through Apache web server logs and Snort Intrusion Detection System (IDS) version 2.9.15.1, respectively. The investigation adopts the knowledge Understanding assessment defence (KUAD) framework, which structures the analysis into initiation, acquisition, execution, mitigation, and digital evidence disposition stages. The attack scenario focuses on exploiting a file upload vulnerability in the OwnCloud service to deploy and execute a malicious PHP-based Trojan Backdoor. The results show that the Gacor attack demonstrates highly repetitive and centralized behaviour, originate from a limited number of highly active IP addresses. This behaviour exploits weaknesses in application security configuration and results in system takeover and service defacement. Correlation between log analysis and IDS alerts confirms 10 distinct attack events and reveals a structured intrusion pattern rather than random probing activity. The data visualization reveals a structured and centralized attack pattern, resulting in 100% defacement of the OwnCloud index page, which highlights the severe security risk faced by private cloud environments that lack a adequate file upload protection mechanisms. The findings demonstrate that the application of the KUAD method, when combined with log analysis and intrusion detection systems (IDS) is effective in identifying, analyzing, and systematically documenting Trojan Backdoor attacks in private cloud computing environments.

Copyrights © 2026






Journal Info

Abbrev

J-INFORMED

Publisher

Subject

Computer Science & IT Health Professions Library & Information Science Nursing Public Health Veterinary

Description

Jurnal Informatika Medis sebagai menerima artikel ilmiah hasil penelitian, pemikiran dan kajian analisis-kritis mengenai penelitian di bidang penerapan TIK dalam layanan kedokteran dan kesehatan serta Pengembangan teknologi medis. Jurnal Informatika Medis memuat artikel yang relevan dengan area ...