Issue

Vol. 10, No. 4, November 2025

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Post Attack Mitigation on Open Journal System Services Using Knowledge Understanding Assessment Defense (KUAD) Method

https://doi.org/10.22219/kinetik.v10i4.2279
Hero Wintolo
Universitas Ahmad Dahlan, Institut Teknologi Dirgantara Adisutjipto
Imam Riadi
Universitas Ahmad Dahlan
Anton Yudhana
Universitas Ahmad Dahlan

Corresponding Author(s) : Hero Wintolo

2437083004@webmail.uad.ac.id

Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control, Vol. 10, No. 4, November 2025

Abstract

This research was conducted to investigate evidence of an attack and to restore data after an attacker compromised an Open Journal System (OJS) service on a computer server. The method used in this research is a new approach developed from the Network Forensic Digital Life Cycle (NFDLC) method. This new method, known as KUAD, has several stages for collecting cyber-attack evidence and restoring it after the Gacor attack has occurred. The stages in the KUAD method include initiation, acquisition, execution, mitigation, and disposition. The novelty of this method, compared to the previous one, lies in the inclusion of the mitigation stage, which aims to restore data or documents after an attack. The tool used to detect the attack and find evidence of the attack is Tripwire, whereas the tools used to restore lost data include crontab, which runs backup commands with rsync in four steps. Tripwire can optimally detect attacks by displaying the number of data entries that were added, deleted, or modified. A total of 15,135 files in .docx, .pdf, and .jpg formats, deleted by the attacker, were successfully restored using this backup technique. The success rate of using this technique for post-cyber attack mitigation reached 100%.

Keywords

Mitigation Attacking OJS KUAD
Wintolo, H., Riadi, I., & Yudhana, A. (2025). Post Attack Mitigation on Open Journal System Services Using Knowledge Understanding Assessment Defense (KUAD) Method. Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control, 10(4). https://doi.org/10.22219/kinetik.v10i4.2279
Download Citation
Endnote/Zotero/Mendeley (RIS)
BibTeX
References
  1. U. Inayat, M. Farzan, S. Mahmood, M. F. Zia, S. Hussain, and F. Pallonetto, "Insider threat mitigation: Systematic literature review," Ain Shams Engineering Journal, 2024. https://doi.org/10.1016/j.asej.2024.103068
  2. S. Bilgili, A. K. Demir, and S. Alam, "IfNot: An approach towards mitigating interest flooding attacks in Named Data Networking of Things," Internet of Things (Netherlands), vol. 25, Apr. 2024. https://doi.org/10.1016/j.iot.2024.101076
  3. S. Yadav, H. Hashmi, D. Vekariya, Z. A. K. N, and V. F. J, "Mitigation of attacks via improved network security in IOT network environment using RNN," Measurement: Sensors, vol. 32, p. 101046, Apr. 2024. https://doi.org/10.1016/j.measen.2024.101046
  4. V. Hnamte and J. Hussain, "Enhancing security in Software-Defined Networks: An approach to efficient ARP spoofing attacks detection and mitigation," Telematics and Informatics Reports, vol. 14, Jun. 2024. https://doi.org/10.1016/j.teler.2024.100129
  5. B. Naqvi, K. Perova, A. Farooq, I. Makhdoom, S. Oyedeji, and J. Porras, "Mitigation strategies against the phishing attacks: A systematic literature review," Sep. 01, 2023, Elsevier Ltd. https://doi.org/10.1016/j.cose.2023.103387
  6. I. F. Kilwalaga, F. D. S. Sumadi, and S. Syaifuddin, “SDN-Honeypot Integration for DDoS Detection Scheme Using Entropy,” Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control, pp. 187–194, Jul. 2020. https://doi.org/10.22219/kinetik.v5i3.1058
  7. N. N. Tuan, P. H. Hung, N. D. Nghia, N. Van Tho, T. Van Phan, and N. H. Thanh, "A DDoS attack mitigation scheme in ISP networks using machine learning based on SDN," Electronics (Switzerland), vol. 9, no. 3, Mar. 2020. https://doi.org/10.3390/electronics9030413
  8. F. S. Dantas Silva, E. Silva, E. P. Neto, M. Lemos, A. J. Venancio Neto, and F. Esposito, "A taxonomy of DDoS attack mitigation approaches featured by SDN technologies in IoT scenarios," Jun. 01, 2020, MDPI AG. https://doi.org/10.3390/s20113078
  9. A. A. Abdullah and S. A. Hussein, "Detection and Mitigation of Distribution Denial of Service Attack Based on Blockchain Concept," Ingenierie des Systemes d'Information, vol. 29, no. 3, pp. 1043–1049, Jun. 2024. https://doi.org/10.18280/isi.290322
  10. M. A. Mohsin and A. H. Hamad, "Performance Evaluation of SDN DDoS Attack Detection and Mitigation Based Random Forest and K-Nearest Neighbors Machine Learning Algorithms," Revue d'Intelligence Artificielle, vol. 36, no. 2, pp. 233–240, Apr. 2022. https://doi.org/10.18280/ria.360207
  11. H. Setiawan, M. Agus Munandar, and L. W. Astuti, “Penggunaan Metode Signatured Based dalam Pengenalan Pola Serangan di Jaringan Komputer,” JTIIK, vol. 8, no. 3, pp. 517–524, 2021. https://doi.org/10.25126/jtiik.2021834200
  12. A. Fadlil, I. Riadi, and A. Nugrahantoro, “Data Security for School Service Top-Up Transactions Based on AES Combination Blockchain Technology,” Lontar Komputer : Jurnal Ilmiah Teknologi Informasi, vol. 11, no. 3, p. 155, Dec. 2020. https://doi.org/10.24843/lkjiti.2020.v11.i03.p04
  13. V. Jeremias Lewi Engel, E. Joshua, and M. Maoeretz Engel, "Detection of Cyber Malware Attack Based on Network Traffic Features Using Neural Network," Khazanah Informatika, vol. 6, no. 1, 2020. https://doi.org/10.23917/khif.v6i1.8869
  14. S. M. Toapanta, O. A. Escalante Quimis, L. E. Mafla Gallegos, and M. R. Maciel Arellano, "Analysis for the evaluation and security management of a database in a public organization to mitigate cyber attacks," IEEE Access, vol. 8, pp. 169367–169384, 2020. https://doi.org/10.1109/ACCESS.2020.3022746
  15. I. Melih Tas, B. G. Unsalver, and S. Baktir, "A Novel SIP-Based Distributed Reflection Denial-of-Service Attack and an Effective Defense Mechanism," IEEE Access, vol. 8, pp. 112574–112584, 2020. https://doi.org/10.1109/ACCESS.2020.3001688
  16. T. Ernawati, Idham Kholid, Dahlan, and D. Rohmayani, "Case Study in Network Security System Using Random Port Knocking Method on The Principles of Availability, Confidentiality and Integrity," Jurnal Online Informatika, vol. 9, no. 1, pp. 41–51, Apr. 2024. https://doi.org/10.15575/join.v9i1.1254
  17. A. Yudhana, I. Riadi, and S. Suharti, "Network Forensics Against Volumetric-Based Distributed Denial of Service Attacks on Cloud and the Edge Computing," International Journal of Safety and Security Engineering, vol. 12, no. 5, pp. 577–588, Nov. 2022. https://doi.org/10.18280/ijsse.120505
  18. L. Fernandez de Loaysa Babiano, R. Macfarlane, and S. R. Davies, "Evaluation of live forensic techniques, towards Salsa20-Based cryptographic ransomware mitigation," Forensic Science International: Digital Investigation, vol. 46, Sep. 2023. https://doi.org/10.1016/j.fsidi.2023.301572
  19. M. Humayun, N. Z. Jhanjhi, A. Alsayat, and V. Ponnusamy, "Internet of things and ransomware: Evolution, mitigation and prevention," Mar. 01, 2021, Elsevier B.V. https://doi.org/10.1016/j.eij.2020.05.003
  20. A. C. Rus, M. El-Hajj, and D. K. Sarmah, "NAISS: A reverse proxy approach to mitigate MageCart's e-skimmers in e-commerce," Comput Secur, vol. 140, May 2024. https://doi.org/10.1016/j.cose.2024.103797
  21. N. Samia, S. Saha, and A. Haque, "Predicting and mitigating cyber threats through data mining and machine learning," Comput Commun, vol. 228, Dec. 2024. https://doi.org/10.1016/j.comcom.2024.107949
  22. H. Hanafi, A. Pranolo, Y. Mao, T. Hariguna, L. Hernandez, and N. F. Kurniawan, "IDSX-Attention: Intrusion detection system (IDS) based hybrid MADE-SDAE and LSTM-Attention mechanism," International Journal of Advances in Intelligent Informatics, vol. 9, no. 1, pp. 121–135, Mar. 2023. https://doi.org/10.26555/ijain.v9i1.942
  23. M. C. Pontoan, J. I. SIhotang, and E. Lompoliu, "Information Security Analysis of Online Education Management System using Information Technology Infrastructure Library Version 3," MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer, vol. 22, no. 2, pp. 207–216, Mar. 2023. https://doi.org/10.30812/matrik.v22i2.2474
  24. Amelia Citra Dewi, Erik Iman Heri Ujianto, and R. Rianto, “Electronic Payment Threats and Security: A Systematic Literature Review,” Jurnal Nasional Pendidikan Teknik Informatika (JANAPATI), vol. 13, no. 2, pp. 301–315, Jul. 2024. https://doi.org/10.23887/janapati.v13i2.76635
  25. F. Raditya and J. Sidabutar, “Analisis Rules Intrusion Detection Prevention System (IDPS) Suricata untuk Mendeteksi dan Menangkal Aktivitas Crypto Mining pada Jaringan,” JEPIN, vol. 8, no. 2, 2022. https://doi.org/10.26418/jp.v8i2.56194
  26. Y. Indrianingsih, A. G. Pamungkas, H. Wintolo, H. Sajati, Gunawan, and D. Nugraheny, "Descriptive Analysis of Web Security Vulnerabilities at Airport Servers Using The Open Web Application Security Project Security Standard," in 2023 International Conference on Electrical and Information Technology (IEIT), 2023, pp. 6–11. https://doi.org/10.1109/IEIT59852.2023.10335586
  27. M. I. A. Elfatiha, I. R. Riadi, and R. U. Umar, "Security Analysis of Web-Based Academic Information System using OWASP Framework," Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control, Aug. 2024. https://doi.org/10.22219/kinetik.v9i4.2015
  28. H. Wintolo, I. Riadi, and A. Yudhana, “Analisis Deteksi Penyusup pada Layanan Open Journal System Menggunakan Metode Network Forensic Development Life Cycle,” SKANIKA: Sistem Komputer dan Teknik Informatika, vol. 8, no. 1, pp. 133–144, 2025, Accessed: Apr. 15, 2025. https://doi.org/10.36080/skanika.v8i1.3284
  29. C. Liu, "Design and Implementation of Graduate Student Enrollment Management Information System Based on Rsync Algorithm," in Cyber Security Intelligence and Analytics, S. and L.-G. O. and Z. X. and C. N. D. W. and A. R. N. H. Xu Zheng and Alrabaee, Ed., Cham: Springer International Publishing, 2022, pp. 617–625. https://doi.org/10.1007/978-3-030-96908-0_77
  30. I. F. Kilwalaga, F. D. S. Sumadi, and S. Syaifuddin, “SDN-Honeypot Integration for DDoS Detection Scheme Using Entropy,” Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control, pp. 187–194, Jul. 2020. https://doi.org/10.22219/kinetik.v5i3.1058
Read More
Author biographies is not available.
Download this PDF file
PDF
Statistic
Read Counter : 0 Download : 0

Downloads

Download data is not yet available.