Analysis of online gambling trojan backdoor attacks to aid web server strengthening, a case study insights on Southeast Minahasa Regency

Solang, Marthen (2024) Analysis of online gambling trojan backdoor attacks to aid web server strengthening, a case study insights on Southeast Minahasa Regency. Masters thesis, Universitas Pelita Harapan.

[thumbnail of Title]
Preview
Text (Title)
Title.pdf
Available under License Creative Commons Attribution Non-commercial Share Alike.

Download (66kB) | Preview
[thumbnail of Abstract]
Preview
Text (Abstract)
Abstract.pdf
Available under License Creative Commons Attribution Non-commercial Share Alike.

Download (60kB) | Preview
[thumbnail of ToC]
Preview
Text (ToC)
ToC.pdf
Available under License Creative Commons Attribution Non-commercial Share Alike.

Download (253kB) | Preview
[thumbnail of Chapter1]
Preview
Text (Chapter1)
Chapter1.pdf
Available under License Creative Commons Attribution Non-commercial Share Alike.

Download (442kB) | Preview
[thumbnail of Chapter2] Text (Chapter2)
Chapter2.pdf
Restricted to Registered users only
Available under License Creative Commons Attribution Non-commercial Share Alike.

Download (326kB)
[thumbnail of Chapter3] Text (Chapter3)
Chapter3.pdf
Restricted to Registered users only
Available under License Creative Commons Attribution Non-commercial Share Alike.

Download (840kB)
[thumbnail of Chapter4] Text (Chapter4)
Chapter4.pdf
Restricted to Registered users only
Available under License Creative Commons Attribution Non-commercial Share Alike.

Download (4MB)
[thumbnail of Chapter5] Text (Chapter5)
Chapter5.pdf
Restricted to Registered users only
Available under License Creative Commons Attribution Non-commercial Share Alike.

Download (36kB)
[thumbnail of Bibliography]
Preview
Text (Bibliography)
Bibliography.pdf
Available under License Creative Commons Attribution Non-commercial Share Alike.

Download (142kB) | Preview
[thumbnail of Appendices] Text (Appendices)
Appendices.pdf
Restricted to Repository staff only
Available under License Creative Commons Attribution Non-commercial Share Alike.

Download (707kB)

Abstract

From 2017 to 2022, Indonesia recorded 157 million online gambling transactions valued at Rp190 trillion. In response, the Indonesian Ministry of Communication and Information Technology blocked nearly 800,000 gambling sites by the end of 2023. However, this countermeasure led to an escalation of cybersecurity threats, with hackers increasingly targeting government and academic domains. They exploited government (.go.id) and academic (ac.id) domains, which were not blocked by the ministry's policies, to disseminate online gambling content. Consequently, over 3 million government websites and 1.2 million academic sites were compromised with gambling content. The government website of Southeast Minahasa Regency was also affected, with gambling content spreading through trojan backdoor web shell malware attacks. Hackers exploited website vulnerabilities using methods such as cross-site scripting (XSS), SQL Injection, Directory Traversal, and malicious URLs to attack the target applications. Once successful, they inserted a trojan into the server, taking control as if they were the server administrators. This research focuses on handling online gambling defacement incidents using the National Institute of Standards and Technology (NIST) SP 800-61 Rev 2 standard. Particular emphasis is given to the detection and analysis phase, involving server log retrieval, malware scanning with Thor Lite Scanner, and malware sample analysis using static, dynamic, hybrid, code, and function analysis, as well as entropy analysis methods. The eradication step includes lessons learned from the incident to prevent similar occurrences in the future, implementing the Apache Web Application Firewall. This research provides evidence that the Apache Web Application Firewall (WAF) is highly effective in blocking penetration attempts, demonstrating its significant capability in reducing anomalies and filtering dangerous traffic. Furthermore, Apache WAF proves to be effective in preventing the majority of infiltration attacks, solidifying its position as a reliable web security solution. Overall, these findings affirm the effectiveness of Apache WAF as a robust and efficient tool for web security.
Item Type: Thesis (Masters)
Creators:
Creators
NIM
Email
ORCID
Solang, Marthen
NIM01671220002
01671220002@student.uph.edu
UNSPECIFIED
Contributors:
Contribution
Contributors
NIDN/NIDK
Email
Thesis advisor
Hardjono, Benny
NIDN0404086401
benny.hardjono@uph.edu
Uncontrolled Keywords: Trojan Backdoor Attack ; Cybersecurity ; Apache Web Application Firewall ; Online Gambling Defacement ; Malware Analysis ; Southeast Minahasa Regency Website
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions: University Subject > Current > Faculty/School - UPH Karawaci > School of Information Science and Technology > Master of Informatics
Current > Faculty/School - UPH Karawaci > School of Information Science and Technology > Master of Informatics
Depositing User: Users 27797 not found.
Date Deposited: 23 Feb 2024 04:51
Last Modified: 23 Feb 2024 04:51
URI: http://repository.uph.edu/id/eprint/62492

Actions (login required)

View Item
View Item