Solang, Marthen (2024) Analysis of online gambling trojan backdoor attacks to aid web server strengthening, a case study insights on Southeast Minahasa Regency. Masters thesis, Universitas Pelita Harapan.
Preview
Title.pdf
Available under License Creative Commons Attribution Non-commercial Share Alike.
Download (66kB) | Preview
Preview
Abstract.pdf
Available under License Creative Commons Attribution Non-commercial Share Alike.
Download (60kB) | Preview
Preview
ToC.pdf
Available under License Creative Commons Attribution Non-commercial Share Alike.
Download (253kB) | Preview
Preview
Chapter1.pdf
Available under License Creative Commons Attribution Non-commercial Share Alike.
Download (442kB) | Preview
![Chapter2 [thumbnail of Chapter2]](http://repository.uph.edu/style/images/fileicons/text.png)
Chapter2.pdf
Restricted to Registered users only
Available under License Creative Commons Attribution Non-commercial Share Alike.
Download (326kB)
![Chapter3 [thumbnail of Chapter3]](http://repository.uph.edu/style/images/fileicons/text.png)
Chapter3.pdf
Restricted to Registered users only
Available under License Creative Commons Attribution Non-commercial Share Alike.
Download (840kB)
![Chapter4 [thumbnail of Chapter4]](http://repository.uph.edu/style/images/fileicons/text.png)
Chapter4.pdf
Restricted to Registered users only
Available under License Creative Commons Attribution Non-commercial Share Alike.
Download (4MB)
![Chapter5 [thumbnail of Chapter5]](http://repository.uph.edu/style/images/fileicons/text.png)
Chapter5.pdf
Restricted to Registered users only
Available under License Creative Commons Attribution Non-commercial Share Alike.
Download (36kB)
Preview
Bibliography.pdf
Available under License Creative Commons Attribution Non-commercial Share Alike.
Download (142kB) | Preview
![Appendices [thumbnail of Appendices]](http://repository.uph.edu/style/images/fileicons/text.png)
Appendices.pdf
Restricted to Repository staff only
Available under License Creative Commons Attribution Non-commercial Share Alike.
Download (707kB)
Abstract
From 2017 to 2022, Indonesia recorded 157 million online gambling transactions valued at Rp190 trillion. In response, the Indonesian Ministry of Communication and Information Technology blocked nearly 800,000 gambling sites by the end of 2023. However, this countermeasure led to an escalation of cybersecurity threats, with hackers increasingly targeting government and academic domains. They exploited government (.go.id) and academic (ac.id) domains, which were not blocked by the ministry's policies, to disseminate online gambling content. Consequently, over 3 million government websites and 1.2 million academic sites were compromised with gambling content. The government website of Southeast Minahasa Regency was also affected, with gambling content spreading through trojan backdoor web shell malware attacks. Hackers exploited website vulnerabilities using methods such as cross-site scripting (XSS), SQL Injection, Directory Traversal, and malicious URLs to attack the target applications. Once successful, they inserted a trojan into the server, taking control as if they were the server administrators.
This research focuses on handling online gambling defacement incidents using the National Institute of Standards and Technology (NIST) SP 800-61 Rev 2 standard. Particular emphasis is given to the detection and analysis phase, involving server log retrieval, malware scanning with Thor Lite Scanner, and malware sample analysis using static, dynamic, hybrid, code, and function analysis, as well as entropy analysis methods. The eradication step includes lessons learned from the incident to prevent similar occurrences in the future, implementing the Apache Web Application Firewall.
This research provides evidence that the Apache Web Application Firewall (WAF) is highly effective in blocking penetration attempts, demonstrating its significant capability in reducing anomalies and filtering dangerous traffic. Furthermore, Apache WAF proves to be effective in preventing the majority of infiltration attacks, solidifying its position as a reliable web security solution. Overall, these findings affirm the effectiveness of Apache WAF as a robust and efficient tool for web security.
Item Type: | Thesis (Masters) |
---|---|
Creators: | Creators NIM Email ORCID Solang, Marthen NIM01671220002 01671220002@student.uph.edu UNSPECIFIED |
Contributors: | Contribution Contributors NIDN/NIDK Email Thesis advisor Hardjono, Benny NIDN0404086401 benny.hardjono@uph.edu |
Uncontrolled Keywords: | Trojan Backdoor Attack ; Cybersecurity ; Apache Web Application Firewall ; Online Gambling Defacement ; Malware Analysis ; Southeast Minahasa Regency Website |
Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science |
Divisions: | University Subject > Current > Faculty/School - UPH Karawaci > School of Information Science and Technology > Master of Informatics Current > Faculty/School - UPH Karawaci > School of Information Science and Technology > Master of Informatics |
Depositing User: | Users 27797 not found. |
Date Deposited: | 23 Feb 2024 04:51 |
Last Modified: | 23 Feb 2024 04:51 |
URI: | http://repository.uph.edu/id/eprint/62492 |