Hasil Pencarian  ::  Simpan CSV :: Kembali

Abstrak :
Pembahasan mengenai serangan distributed denial of service menjadi salah satu topik utama dalam wacana keamanan internet. Walaupun penggunaannya sudah lebih dari satu dekade dan mekanisme atau cara kerjanya sudah dipahami secara luas, namun hingga saat ini masih sangat sulit untuk mendeteksi secara dini suatu serangan distributed denial of service. Lambatnya pendeteksian serangan distributed denial of service karena sulitnya membedakan antara paket normal dan paket yang berasal dari agen distributed denial of service. Kesulitan lainnya adalah besarnya jumlah paket yang dikirim, hal ini mengakibatkan lamanya waktu yang dibutuhkan untuk menganalisa, dan dapat menyebabkan akurasi pendeteksian serangan distributed denial of service menurun. Melalui penelitian ini peneliti mencoba memberikan solusi yaitu berupa metode untuk mendeteksi serangan distributed denial of service. Adapun metode yang diajukan disini yaitu dengan melakukan pendeteksian secara dini ketika terjadi serangan distributed denial of service terhadap server jaringan. Dalam melakukan pendeteksian dibutuhkan metode yang efektif untuk segera memberikan peringatan atau informasi bahwa telah terjadi serangan distributed denial of service. Metode yang peneliti ajukan adalah metode deteksi menggunakan algoritma self organizing map dengan memanfaatkan lalu-lintas flow pada jaringan dan menggunakan fitur perhitungan dari metode yang sudah ada sebelumnya, yaitu metode IP FLow. Berdasarkan hasil pengujian, metode yang diajukan berhasil meningkatkan akurasi dan mempercepat waktu deteksi serangan distributed denial of service dibandingkan metode IP Flow. ...... Discussion about distributed denial of service attack to be one of the main topics on the Internet security discourse. Although it appearance was more than a decade and it works has been widely understood, but it is still very difficult to detect at early stage of distributed denial of service attack. The delay of distributed denial of service attack detection due to difficulties in distinguishing between normal packets and packets originating from distributed denial of service agents. Another difficulty is the huge number of packets sent, it causes the length of time required to analyze, and could lead to decrease accuracy of detection. Through this study, researcher tried to provide a solution in the form of methods for detecting distributed denial of service attacks. The method proposed here is to perform early detection of a distributed denial of service attacks on a network server. Doing detection certainly needed an effective method for giving immediate warning or information that distributed denial of service attacks have occurred. The proposed method research is the detection method using self organizing map algorithm based on flow traffic on the network and by using statistical calculation taken from existing method, IP Flow method. Based on test results, the proposed method successfully improves the accuracy and speed time detection of distributed denial of service attacks than using the IP Flow method.

Abstrak :
Skripsi ini membahas tentang pengujian kapabilitas mesin deteksi dari IDS yang dikembangkan oleh ID-SIRTII, yaitu Mata Garuda dengan menggunakan framework Pytbull dan hasilnya akan dibandingkan dengan IDS lain yang sudah banyak didistribusikan di masyarakat dan bersifat open source, yaitu Snort dan Suricata. Pada skripsi ini akan dijelaskan mengenai konsep dasar dari IDS, berbagai macam bentuk serangan yang dapat menyerang jaringan, pengujian serangan pada Mata Garuda, Snort, dan Suricata, serta analisis hasil pengujian pada ketiga IDS tersebut. Hasil pengujian menggunakan Pytbull yang dilakukan memberikan hasil bahwa akurasi deteksi Mata Garuda dan Snort secara keseluruhan (86.95%) lebih baik dibandingkan dengan Suricata (78.26%), namun dalam perbandingan ketepatan pendeteksian Suricata masih lebih unggul (73.91%) dibandingkan dengan Mata Garuda dan Snort (63.04%). Sedangkan dalam penggunaan resource CPU dan memori, Suricata lebih unggul dalam lingkungan multi core (40.67% pada core1 dan 5.39% pada core2, memori 919,917 bytes) daripada Mata Garuda (52.81% pada core1 dan 0.68% pada core2, memori 1,192,627 bytes) dan Snort (52.84% pada core1 dan 0.62% pada core2, memori 1,166,965 bytes). ...... This research is concerned about the capability of detection engine from the IDS that developed by ID-SIRTII, called Mata Garuda using Pytbull framework and compared the result with the other well-known open source IDS, Snort and Suricata. This research will explain about the basic concept of IDS, some example of network attacks, penetration test to Mata Garuda, Snort, and Suricata, as well as the analysis about the result of the test from the three IDS. The result of the test using Pytbull shows that the detection accuracy of Mata Garuda and Snort overall (86.95%) is better than Suricata (78.26%), but in the comparison of full detection ratio, Suricata (73.91%) is better than Mata Garuda and Snort (63.04%). In the comparison of CPU and memory usage, Suricata is better in multi core environment (40.67% on core1 and 5.39% on core2, memory 919,917 bytes) than Mata Garuda (52.81% on core1 and 0.68% on core2, memory 1,192,627 bytes) and Snort (52.84% on core1 and 0.62% on core2, memory 1,166,965 bytes).

Abstrak :
Berbagai produk simpanan dan pinjaman yang diberikan oleh perbankan sering kita gunakan dalam keseharian. Bank XYZ merupakan salah satu bank terbesar yang ada di Indonesia dengan berbagai produk perbankan untuk melayani masyarakat. Berbagai produk yang dimiliki oleh Bank XYZ mengharuskan adanya jaminan keamanan dan kerahasiaan data nasabah, salah satunya adalah kartu kredit. Namun, berbagai upaya yang dilakukan perbankan untuk melindungi privasi data tersebut harus disertai kesadaran nasabah terhadap data yang dimiliki agar tidak disalahgunakan, terutama data kartu kredit yang dapat menimbulkan risiko finansial. Tujuan dari penelitian ini adalah untuk menganalisis dan mengukur tingkat kesadaran keamanan informasi nasabah kartu kredit Bank XYZ serta memberikan rekomendasi langkah yang perlu dilakukan untuk dapat mengurangi kasus fraud kartu kredit yang terjadi di Bank XYZ. Penilaian tingkat kesadaran keamanan informasi dihitung dengan melakukan penyebaran kuesioner yang hasilnya diolah menggunakan teknik Analytical Hierarchy Process (AHP) yang merupakan salah satu metode Multiple Criteria Decision Analysis (MCDA). Metode ini menghitung nilai total dari suatu alternatif berdasarkan nilai dan bobot beberapa kriteria yang ada. Hasil dari penelitian ini mendapatkan bahwa secara keseluruhan tingkat kesadaran keamanan informasi pemegang kartu kredit Bank XYZ telah berada di tingkat baik, namun masih terdapat beberapa sub-fokus area yang berada di tingkat sedang pada fokus area Use of Internet, Information Handling, PIN Management dan buruk pada fokus area Mobile Devices Use. Rekomendasi bagi Bank XYZ telah diberikan dimulai dari tingkat prioritas fokus area tertinggi yang telah diukur menggunakan teknik AHP untuk meningkatkan tingkat kesadaran informasi pada fokus area yang belum berada di ketegori baik. ......Many various savings and loan products provided by banks we often use in our daily life. Bank XYZ is one of the largest banks in Indonesia with a variety of banking products to serve the public. Various products owned by Bank XYZ require security and confidentiality of customer data, one of them is credit card. However, various efforts that have been done by bank to protect the privacy of data must be followed by customer awareness of the sensitive data, especially credit card data that can pose financial risks. The purpose of this study is to analyze and measure the level of information security awareness of Bank XYZ credit card customers and provide recommendations that need to be taken to reduce credit card fraud cases that occur at Bank XYZ. Information security awareness level assessment is calculated by distributing questionnaires that are processed using the Analytical Hierarchy Process (AHP) technique, one of the Multiple Criteria Decision Analysis (MCDA) methods. This method calculates the total value of an alternative based on the value and weight of several criteria. The results of this study found that overall the level of information security awareness of Bank XYZ credit cardholders has been at a good level, but there are still several sub-focus areas that are at an average level in the focus areas of Use of Internet, Information Handling, PIN Management and poor on Mobile Devices Use focus area. Recommendations for Bank XYZ have been given from the highest priority focus area which has been measured using AHP techniques to increase the level of information awareness in focus areas which is in the good category yet.

Abstrak :

Tugas akhir ini akan membahas tindakan Google untuk memblokir cookies pihak ketiga dari browser Chrome melalui kebijakan yang dinamakan Privacy Sandbox. Pokok pembahasan pada penulisan adalah menganalisis apabila terdapat laporan atas implementasi Privacy Sandbox di Indonesia apakah akan melanggar Pasal 25 Undang-Undang Nomor 5 Tahun 1999 tentang Larangan Praktek Monopoli dan Persaingan Usaha Tidak Sehat dan bagaimana Komisi Pengawas Persaingan Usaha dapat mengantisipasi penanganan permohonan perubahan perilaku jika diajukan oleh Google Indonesia atas penerapan Privacy Sandbox yang dilaporkan. Bentuk penelitian yang gunakan dalam penelitian ini adalah yuridis normatif. Berdasarkan penelitian yang dilakukan, kebijakan Privacy Sandbox oleh Google sangat mungkin untuk melanggar Pasal 25 Undang-Undang Nomor 5 Tahun 1999 karena memiliki dampak membatasi pasar dan pengembangan tekonologi, serta menghambat pelaku usaha lain yang berpotensi menjadi pesaing pada pasar bersangkutan yaitu jasa penyedia teknologi periklanan digital di Indonesia. Berangkat dari pengalaman Competition and Markets Authority dalam menangani perubahan perilaku yang diajukan oleh Google di Inggris mengenai program Privacy Sandbox, bahwa Komisi Pengawas Persaingan Usaha dalam kewenangannya untuk menerima suatu permohonan pernyataan perubahan perilaku yang berkaitan dengan privasi individu dapat bekerja sama dengan Lembaga Pengawas Pelindungan Data Pribadi yang sudah diamanatkan dalam UU Perlindungan Data Pribadi agar dapat memastikan bahwa perubahan perilaku yang dimohonkan tidak mengurangi privasi individu dan mampu mengatasi dugaan pelanggaran Undang-Undang Nomor 5 Tahun 1999. ......This final assignment will discuss Google's actions to block third party cookies from the Chrome browser through a policy called Privacy Sandbox. The main discussion in the writing is to analyze if whether a report against the implementation of the Privacy Sandbox in Indonesia it will result in a violation Article 25 of Law Number 5 of 1999 concerning Prohibition of Monopolistic Practices and Unfair Business Competition and how the Business Competition Supervisory Commission can anticipate handling request for changes in behavior if submitted by Google Indonesia regarding the reported implementation of the Privacy Sandbox. This research is conducted through a normative juridical study. Based on the research conducted, Google's Privacy Sandbox policy is very likely to violate Article 25 of Law Number 5 of 1999 because it has the impact of limiting market and technological development, as well as inhibiting potential business actors to become competitors in the relevant market namely providing digital advertising technology in Indonesia. Based on the experience of the Competition and Markets Authority in handling commitments of changes in behavior proposed by Google in the UK regarding the Privacy Sandbox, the KPPU in its authority to accept a request for change in behavior related to individual privacy, can cooperate with the Personal Data Protection Supervisory Agency which has been mandated in the Personal Data Protection Law in order to ensure that the changes in behavior will not reduce an individual privacy and are able to address the alleged violations concerns of Law Number 5 of 1999.

Abstrak :
This book constitutes the thoroughly refereed post-conference proceedings of the 7th IFIP WG 9.2, 9.6/11.7, 11.4, 11.6 International Summer School, held in Trento, Italy, in September 2011. The 20 revised papers were carefully selected from numerous submissions during two rounds of reviewing. The book also contains two invited talks. The papers are organized in topical sections on privacy metrics and comparison, policies, privacy transparency in the age of cloud computing, privacy for mobile applications, consumer privacy, privacy for online communities, privacy for eHealth and eID applications, privacy attacks and problems, and ethics.

Abstrak :
This book constitutes the refereed proceedings of the 26th IFIP WG 11.3 International Conference on Data and Applications Security and Privacy, DBSec 2012, held in Paris, France in July 2012. The 17 revised full and 15 short papers presented together with 1 invited paper were carefully reviewed and selected from 49 submissions. The papers are organized in topical sections on access control, confidentiality and privacy, smart cards security, privacy-preserving technologies, data management, intrusion and malware, probabilistic attacks and protection, and cloud computing.

Abstrak :
The emerging field of network science represents a new style of research that can unify such traditionally-diverse fields as sociology, economics, physics, biology, and computer science. It is a powerful tool in analyzing both natural and man-made systems, using the relationships between players within these networks and between the networks themselves to gain insight into the nature of each field. Until now, studies in network science have been focused on particular relationships that require varied and sometimes-incompatible datasets, which has kept it from being a truly universal discipline. Computational network science seeks to unify the methods used to analyze these diverse fields. This book provides an introduction to the field of Network Science and provides the groundwork for a computational, algorithm-based approach to network and system analysis in a new and important way. This new approach would remove the need for tedious human-based analysis of different datasets and help researchers spend more time on the qualitative aspects of network science research.

Abstrak :
Security measures can be used by management, IT staff, and users in participatory/collaborative service provision within the public sector. Security Risks in Social Media Technologies explores this use. Topics are targeted, and issues raised and lessons learnt are analyzed. The book helps the reader understand the risks posed by relevant Web 2.0 applications and gives clear guidance on how to mitigate those risks. The body of the book is concerned with social media, the dominant Web 2.0 technology associated with security in the public sector, and is structured into eight chapters. The first chapter introduces the background for the work; the second covers uses of social media; the third covers relevant security threats; the fourth chapter concerns the security controls applied to the participation-collaboration pattern; the fifth chapter then considers acceptable use practices; the sixth chapter covers participation-collaboration in the context of schools; the seventh chapter shows an alternative way of classifying controls to that given in the fourth chapter; and the final chapter offers a conclusion.