Issue

Vol. 10, No. 4, November 2025

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Post Attack Mitigation on Open Journal System Services using Knowledge Understanding Assessment Defense (KUAD) Method

https://doi.org/10.22219/kinetik.v10i4.2279
Hero Wintolo
Universitas Ahmad Dahlan, Institut Teknologi Dirgantara Adisutjipto
Imam Riadi
Universitas Ahmad Dahlan
Anton Yudhana
Universitas Ahmad Dahlan

Corresponding Author(s) : Hero Wintolo

2437083004@webmail.uad.ac.id

Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control, Vol. 10, No. 4, November 2025

Abstract


This study was conducted to find evidence of attacks and restore data after an attack on the Open Journal System (OJS) service hosted on a computer server. The method used in this research is a new approach developed from the previous Network Forensic Digital Life Cycle (NFDLC) method. This new method, KUAD, consists of several stages for collecting evidence of cyber attacks and restoring data post-attacks. The stages in the KUAD method include initiation, acquisition, execution, mitigation, and disposition. Compared to the previous one, the novelty of this method lies in the mitigation phase, which aims to restore data or documents after an attack. The tool used to detect attacks and gather evidence is Tripwire, while the tool used to recover lost data is Crontab, which executes backup commands using rsync in four steps. Tripwire detects attacks by displaying the number of files added, deleted, or modified. This backup technique successfully recovered a hundred deleted files in .docx, .pdf, and .jpg formats. The success rate of this technique in performing post-cyber attack mitigation reaches 100%.


Keywords

Mitigation Attacking OJS KUAD
Wintolo, H., Riadi, I., & Yudhana, A. (2025). Post Attack Mitigation on Open Journal System Services using Knowledge Understanding Assessment Defense (KUAD) Method. Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control, 10(4). https://doi.org/10.22219/kinetik.v10i4.2279
Download Citation
Endnote/Zotero/Mendeley (RIS)
BibTeX
References
  1. U. Inayat, M. Farzan, S. Mahmood, M. F. Zia, S. Hussain, and F. Pallonetto, “Insider threat mitigation: Systematic literature review,” Ain Shams Engineering Journal, 2024, doi: 10.1016/j.asej.2024.103068.
  2. S. Bilgili, A. K. Demir, and S. Alam, “IfNot: An approach towards mitigating interest flooding attacks in Named Data Networking of Things,” Internet of Things (Netherlands), vol. 25, Apr. 2024, doi: 10.1016/j.iot.2024.101076.
  3. S. Yadav, H. Hashmi, D. Vekariya, Z. A. K. N, and V. F. J, “Mitigation of attacks via improved network security in IOT network environment using RNN,” Measurement: Sensors, vol. 32, p. 101046, Apr. 2024, doi: 10.1016/j.measen.2024.101046.
  4. V. Hnamte and J. Hussain, “Enhancing security in Software-Defined Networks: An approach to efficient ARP spoofing attacks detection and mitigation,” Telematics and Informatics Reports, vol. 14, Jun. 2024, doi: 10.1016/j.teler.2024.100129.
  5. B. Naqvi, K. Perova, A. Farooq, I. Makhdoom, S. Oyedeji, and J. Porras, “Mitigation strategies against the phishing attacks: A systematic literature review,” Sep. 01, 2023, Elsevier Ltd. doi: 10.1016/j.cose.2023.103387.
  6. I. F. Kilwalaga, F. D. S. Sumadi, and S. Syaifuddin, “SDN-Honeypot Integration for DDoS Detection Scheme Using Entropy,” Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control, pp. 187–194, Jul. 2020, doi: 10.22219/kinetik.v5i3.1058.
  7. N. N. Tuan, P. H. Hung, N. D. Nghia, N. Van Tho, T. Van Phan, and N. H. Thanh, “A DDoS attack mitigation scheme in ISP networks using machine learning based on SDN,” Electronics (Switzerland), vol. 9, no. 3, Mar. 2020, doi: 10.3390/electronics9030413.
  8. F. S. Dantas Silva, E. Silva, E. P. Neto, M. Lemos, A. J. Venancio Neto, and F. Esposito, “A taxonomy of DDoS attack mitigation approaches featured by SDN technologies in IoT scenarios,” Jun. 01, 2020, MDPI AG. doi: 10.3390/s20113078.
  9. A. A. Abdullah and S. A. Hussein, “Detection and Mitigation Distribution Denial of Service Attack Based on Blockchain Concept,” Ingenierie des Systemes d’Information, vol. 29, no. 3, pp. 1043–1049, Jun. 2024, doi: 10.18280/isi.290322.
  10. M. A. Mohsin and A. H. Hamad, “Performance Evaluation of SDN DDoS Attack Detection and Mitigation Based Random Forest and K-Nearest Neighbors Machine Learning Algorithms,” Revue d’Intelligence Artificielle, vol. 36, no. 2, pp. 233–240, Apr. 2022, doi: 10.18280/ria.360207.
  11. H. Setiawan, M. Agus Munandar, and L. W. Astuti, “Penggunaan Metode Signatured Based dalam Pengenalan Pola Serangan di Jaringan Komputer,” JTIIK, vol. 8, no. 3, pp. 517–524, 2021, doi: 10.25126/jtiik.202184200.
  12. M. R. Hidayat, R. Saragih, S. Basuki, A. Charisma, and A. D. Setiawan, “Implementasi Threat Mitigation dan Traffic Policy Menggunakan UTM pada Jaringan TCP/IP,” Jurnal Teknologi Informasi dan Ilmu Komputer, vol. 11, no. 2, pp. 437–446, Aug. 2024, doi: 10.25126/jtiik.20241127528.
  13. A. Fadlil, I. Riadi, and A. Nugrahantoro, “Data Security for School Service Top-Up Transactions Based on AES Combination Blockchain Technology,” Lontar Komputer : Jurnal Ilmiah Teknologi Informasi, vol. 11, no. 3, p. 155, Dec. 2020, doi: 10.24843/lkjiti.2020.v11.i03.p04.
  14. V. Jeremias Lewi Engel, E. Joshua, and M. Maoeretz Engel, “Detection of Cyber Malware Attack Based on Network Traffic Features Using Neural Network,” Khazanah Informatika, vol. 6, no. 1, 2020.
  15. S. M. Toapanta, O. A. Escalante Quimis, L. E. Mafla Gallegos, and M. R. Maciel Arellano, “Analysis for the evaluation and security management of a database in a public organization to mitigate cyber attacks,” IEEE Access, vol. 8, pp. 169367–169384, 2020, doi: 10.1109/ACCESS.2020.3022746.
  16. I. Melih Tas, B. G. Unsalver, and S. Baktir, “A Novel SIP Based Distributed Reflection Denial-of-Service Attack and an Effective Defense Mechanism,” IEEE Access, vol. 8, pp. 112574–112584, 2020, doi: 10.1109/ACCESS.2020.3001688.
  17. T. Ernawati, Idham Kholid, Dahlan, and D. Rohmayani, “Case Study in Network Security System Using Random Port Knocking Method on The Principles of Availability, Confidentiality and Integrity,” Jurnal Online Informatika, vol. 9, no. 1, pp. 41–51, Apr. 2024, doi: 10.15575/join.v9i1.1254.
  18. A. Yudhana, I. Riadi, and S. Suharti, “Network Forensics Against Volumetric-Based Distributed Denial of Service Attacks on Cloud and the Edge Computing,” International Journal of Safety and Security Engineering, vol. 12, no. 5, pp. 577–588, Nov. 2022, doi: 10.18280/ijsse.120505.
  19. L. Fernandez de Loaysa Babiano, R. Macfarlane, and S. R. Davies, “Evaluation of live forensic techniques, towards Salsa20-Based cryptographic ransomware mitigation,” Forensic Science International: Digital Investigation, vol. 46, Sep. 2023, doi: 10.1016/j.fsidi.2023.301572.
  20. M. Humayun, N. Z. Jhanjhi, A. Alsayat, and V. Ponnusamy, “Internet of things and ransomware: Evolution, mitigation, and prevention,” Mar. 01, 2021, Elsevier B.V. doi: 10.1016/j.eij.2020.05.003.
  21. A. C. Rus, M. El-Hajj, and D. K. Sarmah, “NAISS: A reverse proxy approach to mitigate MageCart’s e-skimmers in e-commerce,” Comput Secur, vol. 140, May 2024, doi: 10.1016/j.cose.2024.103797.
  22. N. Samia, S. Saha, and A. Haque, “Predicting and mitigating cyber threats through data mining and machine learning,” Comput Commun, vol. 228, Dec. 2024, doi: 10.1016/j.comcom.2024.107949.
  23. H. Hanafi, A. Pranolo, Y. Mao, T. Hariguna, L. Hernandez, and N. F. Kurniawan, “IDSX-Attention: Intrusion detection system (IDS) based hybrid MADE-SDAE and LSTM-Attention mechanism,” International Journal of Advances in Intelligent Informatics, vol. 9, no. 1, pp. 121–135, Mar. 2023, doi: 10.26555/ijain.v9i1.942.
  24. M. C. Pontoan, J. I. SIhotang, and E. Lompoliu, “Information Security Analysis of Online Education Management System using Information Technology Infrastructure Library Version 3,” MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer, vol. 22, no. 2, pp. 207–216, Mar. 2023, doi: 10.30812/matrik.v22i2.2474.
  25. Amelia Citra Dewi, Erik Iman Heri Ujianto, and R. Rianto, “Electronic Payment Threats and Security: A Systematic Literature Review,” Jurnal Nasional Pendidikan Teknik Informatika (JANAPATI), vol. 13, no. 2, pp. 301–315, Jul. 2024, doi: 10.23887/janapati.v13i2.76635.
  26. F. Raditya and J. Sidabutar, “Analisis Rules Intrusion Detection Prevention System (IDPS) Suricata untuk Mendeteksi dan Menangkal Aktivitas Crypto Mining pada Jaringan,” JEPIN, vol. 8, no. 2, 2022.
  27. Y. Indrianingsih, A. G. Pamungkas, H. Wintolo, H. Sajati, Gunawan, and D. Nugraheny, “Descriptive Analysis of Web Security Vulnerabilities at Airport Servers Using The Open Web Application Security Project Security Standard,” in 2023 International Conference on Electrical and Information Technology (IEIT), 2023, pp. 6–11. doi: 10.1109/IEIT59852.2023.10335586.
  28. M. I. A. Elfatiha, I. R. Riadi, and R. U. Umar, “Security Analysis of Web-Based Academic Information System using OWASP Framework,” Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control, Aug. 2024, doi: 10.22219/kinetik.v9i4.2015.
  29. H. Wintolo, I. Riadi, and A. Yudhana, “Analisis Deteksi Penyusup pada Layanan Open Journal System Menggunakan Metode Network Forensic Development Life Cycle,” SKANIKA: Sistem Komputer dan Teknik Informatika, vol. 8, no. 1, pp. 133–144, 2025.
  30. C. Liu, “Design and Implementation of Graduate Student Enrollment Management Information System Based on Rsync Algorithm,” in Cyber Security Intelligence and Analytics, S. and L.-G. O. and Z. X. and C. N. D. W. and A. R. N. H. Xu Zheng and Alrabaee, Ed., Cham: Springer International Publishing, 2022, pp. 617–625.
Read More
Author biographies is not available.
Download this PDF file
Statistic
Read Counter : 0

Downloads

Download data is not yet available.