TAKSONOMI PERTAHANAN CYBER SECURITY MENGGUNAKAN MODEL CYBER KILL CHAIN

Slamet Slamet

Abstract


Cyber Kill Chain (CKC) telah digunakan secara meluas oleh praktisi keamanan untuk menggambarkan berbagai tahap serangan dan pertahanan cyber. Model ini berfokus pada proses penyusupan pada sistem komputer. CKC sering digunakan untuk melindungi jaringan komputer organisasi dengan tahapan-tahapannya adalah: Reconnaissance, Weaponization, Delivery, Exploitation, Installation, Command & Control, dan Act on Objectives. Permasalahannya adalah, evolusi pola serangan dari intruder telah berubah, dari cara-cara tradisional menuju cara-cara canggih. Akibatnya pola dari oleh intruder makin mudah dilakukan dan makin mudah menerobos pertahanan korban. Untuk itu harus diimbangi dengan pertahanan yang lebih baik, dengan mengkombinasikan antara perangkat analis yang canggih, pemodelan prediktif, dan cyber kill chain sebagai model pertahanan cyber security organisasi. Pada penelitian ini, CKC digunakan untuk mengungkap status dari pelanggaran data. Analisis data menghasilkan informasi perilaku pengguna jaringan berupa notifikasi ancaman pada setiap tahap kill chain, sehingga serangan yang sedang berlangsung dapat dihentikan dan kerusakan dapat dicegah. Hasil dari penelitian ini adalah (a). Persiapan organisasi atau jaringan komputer untuk menghadapi serangan cyber dengan menerapkan pendekatan cyber security modern di jaringan sendiri. (b). Penerapan kebijakan keamanan di dalam dan di border jaringan untuk meningkatkan cyber security, dengan solusi mencegah terjadinya kerusakan dan pendeteksian pada serangan yang sedang berlangsung. Dengan demikian, sistem yang diciptakan secara otomatis mendeteksi dan menganalisis perubahan perilaku pengguna dan komputer yang mengindikasikan adanya pelanggaran.

Keywords


Cyber Security, Cyber Kill Chain, Modern Security

Full Text:

PDF hlm 232 - 245

References


P. Yadav, R.S., Likhar, Firewall: A Vital Constituent of Network Security. Springer Singapore, 2024.

S. Deshpande and H. Wang, “Design of Quantum Computer Antivirus.â€

J. Zhang and D. Tenney, “The Evolution of Integrated Advance Persistent Threat and Its Defense Solutions: A Literature Review,†Open Journal of Business and Management, vol. 12, no. 01, pp. 293–338, 2024, doi: 10.4236/ojbm.2024.121021.

K. O. Chee and C. Science, “Security Modelling and Analysis of Internet of Things against Evolving Attacks,†2024.

O. Gulyas and G. Kiss, “Impact of cyber-Attacks on the financial institutions,†Procedia Computer Science, vol. 219, pp. 84–90, 2023, doi: 10.1016/j.procs.2023.01.267.

A. Wijoyo, A. Saputra, M. R. A. Pratama, and R. Rahman, “Analisis Serangan Phising dan Strategi Deteksinya,†JRIIN: Jurnal Riset Informatika dan Inovasi, vol. 1, no. 4, pp. 1–6, 2023.

J. Beerman, D. Berent, Z. Falter, and S. Bhunia, “A Review of Colonial Pipeline Ransomware Attack,†Proceedings - 23rd IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing Workshops, CCGridW 2023, pp. 8–15, 2023, doi: 10.1109/CCGridW59191.2023.00017.

A. Shehu, M. Umar, and A. Aliyu, “Cyber Kill Chain Analysis Using Artificial Intelligence,†Asian Journal of Research in Computer Science, vol. 16, no. 3, pp. 210–219, 2023, doi: 10.9734/ajrcos/2023/v16i3357.

G. Matto, “The Cyber Kill Chain Model and Its Applicability on The Protection of Students Academic Information Systems ( SAIS ) in Tanzanian HEIs,†vol. 6, no. 1, pp. 548–560, 2024, doi: 10.51519/journalisi.v6i1.676.

S. R. B. Mohd Kassim, S. Li, and B. Arief, “Understanding How National CSIRTs Evaluate Cyber Incident Response Tools and Data: Findings from Focus Group Discussions,†Digital Threats: Research and Practice, vol. 4, no. 3, 2023, doi: 10.1145/3609230.

Y. Ahmed, A. T. Asyhari, and M. A. Rahman, “A Cyber Kill Chain Approach for Detecting Advanced Persistent Threats,†Computers, Materials and Continua, vol. 67, no. 2, pp. 2497–2513, 2021, doi: 10.32604/cmc.2021.014223.

M. Aamir, S. S. H. Rizvi, M. A. Hashmani, M. Zubair, and J. A. . Usman, “Machine Learning Classification of Port Scanning and DDoS Attacks: A Comparative Analysis,†Mehran University Research Journal of Engineering and Technology, vol. 40, no. 1, pp. 215–229, 2021, doi: 10.22581/muet1982.2101.19.

Y. Li, J. Hua, H. Wang, C. Chen, and Y. Liu, “DeepPayload: Black-box backdoor attack on deep learning models through neural payload injection,†Proceedings - International Conference on Software Engineering, pp. 263–274, 2021, doi: 10.1109/ICSE43902.2021.00035.

C. Guo, Z. Song, Y. Ping, G. Shen, Y. Cui, and C. Jiang, “Pratd: A phased remote access trojan detection method with double-sided features,†Electronics (Switzerland), vol. 9, no. 11, pp. 1–19, 2020, doi: 10.3390/electronics9111894.

V. Valeros and S. Garcia, “Growth and Commoditization of Remote Access Trojans,†Proceedings - 5th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2020, pp. 454–462, 2020, doi: 10.1109/EuroSPW51379.2020.00067.

M. Nasereddin, A. ALKhamaiseh, M. Qasaimeh, and R. Al-Qassas, “A systematic review of detection and prevention techniques of SQL injection attacks,†Information Security Journal, vol. 32, no. 4, pp. 252–265, 2023, doi: 10.1080/19393555.2021.1995537.

R. Alabdan, “Phishing attacks survey: Types, vectors, and technical approaches,†Future Internet, vol. 12, no. 10, pp. 1–39, 2020, doi: 10.3390/fi12100168.

R. Casolare, C. De Dominicis, G. Iadarola, F. Martinelli, F. Mercaldo, and A. Santone, “Dynamic mobile malware detection through system call-based image representation,†Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications, vol. 12, no. 1, pp. 44–63, 2021, doi: 10.22667/JOWUA.2021.03.31.044.

M. A. Hakim and N. A. Abdullah, “A Dropper Remover Tool,†vol. 4, no. 1, pp. 79–91, 2023.

T. Neubert and C. Vielhauer, “Kill chain attack modelling for hidden channel attack scenarios in industrial control systems,†IFAC-PapersOnLine, vol. 53, no. 2, pp. 11074–11080, 2020, doi: 10.1016/j.ifacol.2020.12.246.

L. F. Eliyan and R. Di Pietro, “DoS and DDoS attacks in Software Defined Networks: A survey of existing solutions and research challenges,†Future Generation Computer Systems, vol. 122, pp. 149–171, 2021, doi: 10.1016/j.future.2021.03.011.

S. Slamet, “Pertahanan Pencegahan Serangan Social Engineering Menggunakan Two Factor Authentication (2Fa) Berbasis Sms (Short Message System),†Spirit, vol. 14, no. 2, pp. 23–29, 2023, doi: 10.53567/spirit.v14i2.260.

S. Slamet, “Desain Arsitektur Aplikasi Qr Code Sebagai Anti Phishing Serangan Qr Code,†Spirit, vol. 15, no. 1, pp. 42–48, 2023, doi: 10.53567/spirit.v15i1.280.

M. A. Al-shareeda, M. Anbar, S. Manickam, and I. H. Hasbullah, “Review of Prevention Schemes for Man-In-The-Middle (MITM) Attack in Vehicular Ad hoc Networks,†International Journal of Engineering and Management Research, vol. 10, no. 3, pp. 153–158, 2020, doi: 10.31033/ijemr.10.3.23.

S. G. Selvaganapathy, S. Sadasivam, and V. Ravi, “A Review on Android Malware: Attacks, Countermeasures and Challenges Ahead,†Journal of Cyber Security and Mobility, vol. 10, no. 1, pp. 177–230, 2021, doi: 10.13052/jcsm2245-1439.1017.

A. Mosteiro-Sanchez, M. Barcelo, J. Astorga, and A. Urbieta, “Securing IIoT using Defence-in-Depth: Towards an End-to-End secure Industry 4.0,†Journal of Manufacturing Systems, vol. 57, pp. 367–378, 2020, doi: 10.1016/j.jmsy.2020.10.011.




DOI: http://dx.doi.org/10.53567/spirit.v16i1.332

Refbacks

  • There are currently no refbacks.


Copyright (c) 2024 Slamet Slamet

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.


 

Diindeks Oleh:



SPIRIT : Sarana Penunjang Informasi Terkini

Diterbitkan oleh Teknologi Informasi Institut Teknologi dan Bisnis Yadika Pasuruan
Alamat Redaksi: Jl. Bader No.9, Kwangsan, Kalirejo, Kec. Bangil, Pasuruan, Jawa Timur 67153
Telp/Fax: (0343) 742070 , Email : lppm@stmik-yadika.ac.id
Google Maps :  Klik Disini


 Creative Commons License
Karya ini dilisensikan di bawah  Lisensi Internasional Creative Commons Atribusi 4.0 .