Basic Static Code Analysis Untuk Mendeteksi Backdoor Shell Pada Web Server

Article Sidebar

View PDF
Published May 13, 2017
DOI https://doi.org/10.20895/infotel.v9i2.209

Main Article Content

Nelly Indriani Widiastuti
Universitas Komputer Indonesia
Muhammad Iqbal

Abstract

Mengakses  sistem komputer tanpa ijin merupakan kejahatan yang dilakukan dengan memasuki atau menyusup kedalam suatu sistem jaringan komputer tanpa sepengetahuan dari pemilik sistem tersebut. Kejahatan  tersebut bertujuan untuk mengintai atau mencuri informasi penting dan rahasia. Dalam praktiknya peretas menyisipkan berkas backdoor shell pada lokasi yang sulit ditemukan oleh pemilik sistem. Beberapa perangkat yang sudah ada masih dalam bentuk terminal. Perangkat tersebut melakukan pencarian berkas berdasarkan nama-nama yang telah terdaftar sebelumnya. Akibatnya, pada saat berkas backdoor shell  jenis baru menginfeksi, tools tersebut tidak dapat mendeteksi keberadaannya. Berdasarkan hal tersebut, maka dalam penelitian ini pencarian backdoor shell pada web server menggunakan metode basic static code analysis. File sistem diproses melalui dua tahap utama yaitu string matching dan taint analysis. Dalam proses taint analysis, sistem menghitung peluang kemungkinan setiap signature sebagai backdoor untuk mengatasi kamus backdoor yang tidak lengkap. Berdasarkan  hasil yang didapat dari pengujian yang dilakukan terhadap 3964 berkas diperoleh tingkat akurasi  yang lebih besar dibandingkan dengan aplikasi php shell detector sebesar 75%.

Downloads

Download data is not yet available.

Article Details

How to Cite
[1]
N. Widiastuti and M. Iqbal, “Basic Static Code Analysis Untuk Mendeteksi Backdoor Shell Pada Web Server”, INFOTEL, vol. 9, no. 2, pp. 177-184, May 2017.
Issue
Vol 9 No 2 (2017): May 2017
Section
Articles
Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Authors who publish with this journal agree to the following terms:

  • Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
  • Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
  • Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work 

References

[1] D. Watson, "Web Application Attacks," Netw. Secur., vol. 2007, no. 10, pp. 10–14.
[2] M. Chawki, A. Darwish, M. A. Khan, and S. Tyagi, "Cybercrime, Digital Forensics and Jurisdiction," in Studies in Computational Intelligence, vol. 593, 2015, pp. 97–111.
[3] E. Zam, Buku Sakti Hacker. Jakarta: Mediakita, 2011.
[4] S. Agisilaos, "Detecting malicious code in a web server "," University of Piraeus, 2016.
[5] E. Setiyawan, J. Atmaji, and B. M. Susanto, "Monitoring Keamanan Jaringan Komputer Menggunakan Network Intrussion Detection System (NIDS)," pp. 118–122, 2016.
[6] Popstojanova, Katerina Goseva and A. Perhinschi, "On the capability of static code analysis to detect security vulnerabilities," Inf. Softw. Technol., vol. 68, pp. 18–33, 2015.
[7] J. Lee, E. Kim, J. Yoo, and J. Lee, A Preliminary Report on Static Analysis of C Code for Nuclear Reactor Protection System, vol. 61131, no. 9. IFAC, 2013.
[8] A. Ouadjaout, A. Miné, N. Lasla, and N. Badache, "Static analysis by abstract interpretation of functional properties of device drivers in TinyOS," J. Syst. Softw., vol. 120, pp. 114–132, 2016.
[9] J. P. Jyotiyana and A. Mishra, "Secure Authentication: Eliminating Possible Backdoors in Client-Server Endorsement," Procedia Comput. Sci., vol. 85, no. Cms, pp. 606–615, 2016.
[10] P. Seshagiri, A. Vazhayil, and P. Sriram, "AMA: Static Code Analysis of Web Page for the Detection of Malicious Scripts," Procedia Comput. Sci., vol. 93, no. September, pp. 768–773, 2016.
[11] O. Udrea, C. Lumezanu, and J. S. Foster, "Rule-based static analysis of network protocol implementations," Inf. Comput., vol. 206, no. 2–4, pp. 130–157, 2008.
[12] A. Miné, "Static Analysis of Embedded Real-Time Concurrent Software with Dynamic Priorities," Electron. Notes Theor. Comput. Sci., vol. 331, pp. 3–39, 2017.
[13] D. Oktavianto, Ethical Hacking and Computer Security. Bandung: Training Nixtrain, 2015.
[14] T. Dinh, C. Guang, G. Xiaojun, and W. Pan, "‘Webshell detection Technique in web application,’" in Computing, Communication and Networking Technologies (ICCCNT), 2014.
[15] P. Luczko, "PHP Shell Detector." [Online] . Available: https://github.com/emposa/PHP-Shell-Detector. [Accessed: 28-Aug-2015] .
[16] D. M. W. Powers, "Evaluation: From Precision, Recall and F-Factor to ROC, Informedness, Markedness & Correlation," Adelaide, 2007.