Virtual Privat Network: Koneksi Keamanan Pada Aplikasi Berbasis Android
Main Article Content
Abstract
Kasus pencurian data informasi, seperti data pribadi, PIN, dan OTP, semakin meningkat akibat serangan dari penyerang. Serangan ini dilakukan dengan mengirimkan payload berupa skrip berbahaya yang di-inject ke dalam aplikasi Android melalui berbagai perantara, seperti email dan media sosial. Untuk mengatasi permasalahan ini, diperlukan analisis mendalam untuk memahami kemampuan malware dan memberikan langkah mitigasi yang tepat sehingga data informasi tidak dicuri oleh penyerang. Penelitian ini bertujuan menganalisis pengaruh penggunaan Virtual Private Network (VPN) terhadap aplikasi Android yang terinfeksi malware dengan teknik serangan Command and Control (C&C) attack. Skenario pengujian dilakukan dengan membandingkan dua kondisi: perangkat Android tanpa VPN dan perangkat Android dengan VPN. Pengujian mencakup pengukuran kemampuan serangan C&C dalam mengakses data sensitif serta evaluasi kinerja sistem, seperti kecepatan koneksi internet. Hasil penelitian menunjukkan bahwa penggunaan VPN dapat membatasi akses penyerang dengan memblokir komunikasi C&C, sehingga meningkatkan perlindungan keamanan data. Namun, hasil pengujian juga menunjukkan adanya penurunan performa koneksi internet sebesar 10,7% saat menggunakan VPN.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
References
[2] I. G. Adnyana, P. G. S. C. Nugraha and B. R. A. Nugroho, "Reverse Engineering for Static Analysis of Android Malware in Instant Messaging Apps," Journal of Computer Networks, Architecture and High Performance Computing, vol. 6, no. 3, p. 1460, 2024.
[3] B. A. Saputro, L. I. Alfitra and R. B. Oktaviaji, "Analisis Malware Android Menggunakan Metode Reverse Engineering," REPOSITOR, vol. 2, no. 10, pp. 1331-337, 2020.
[4] A. Fathurohman and R. W. Witjaksono, "Analysis and Design of Information Security Management," Bulletin of Computer Science and Electrical Engineering, vol. 1, no. 1, pp. 1-11, 2020.
[5] K. N. Isnaini and D. Suhartono, "Security Analysis of Simpel Desa using Mobile Security Framework and ISO 27002:2013," INTENSIF: Jurnal Ilmiah Penelitian dan Penerapan Teknologi Sistem Informasi, vol. 7, no. 1, pp. 84-105, 2023.
[6] A. R. Tambunan, T. Yuniati and Y. A. Setyoko, "Implementasi Static Analysis Dan Background Process Untuk Mendeteksi Malware Pada Aplikasi Android Dengan Mobile Security Framework," LEDGER, vol. 1, no. 2, 2022.
[7] I. Himawan, K. Septianzah and I. Setiadi, "Analisis Keamanan Informasi Malware Terhadap Aplikasi Apk Dengan Metode Static Analysis Menggunakan Mobsf," JRKT (Jurnal Rekayasa Komputasi Terapan) , vol. 2, no. 2, 2022.
[8] A. D. Pratama and A. Amiruddin, "Uji Keamanan Aplikasi ABC Milik Instansi XYZ Menggunakan OWASP Mobile Security Testing Guide," Jurnal Info Kripto, vol. 15, no. 3, pp. 113-122, 2021.
[9] F. A. Alviansyah and E. Ramadhani, "Implementasi Dynamic Application Security testing pada Aplikasi Berbasis Android," Automata , vol. 2, no. 1, 2021.
[10] CISCO, Introduction to Cybersecurity, CISCO, 2020.
[11] S. J, B. R and P. M, "Impact of Distributed Denial of Service Attacks on E-Commerce Platforms," Journal of Cybersecurity Research, vol. 12, no. 3, pp. 145-160, 2021.
[12] C. H and L. S, "Ransomware Attacks: Threats and Mitigation Strategies in Organizational Networks," International Journal of Information Security, vol. 8, no. 4, pp. 210-225, 2020.
[13] N. T, W. Y and Z. L, "Payload Injection Attacks in Android Applications: Detection and Prevention," Mobile Security Journal, vol. 5, no. 1, pp. 34-50, 2020.
[14] M. D, "Docker: Lightweight Linux Containers for Consistent Development and Deployment," Linux Journal, vol. 2, 2014.
[15] B. K and K. P, "Enhancing CLI Learning with Docker Environments," Journal of Computer Education Research, vol. 18, no. 3, pp. 56-70, 2021.
[16] V. A and S. R, "A Study on Malware Propagation Methods and Detection Techniques," International Journal of Computer Applications, vol. 112, no. 4, pp. 23-30, 2018.
[17] E. S. Alomari, R. R. Nuiaa, Z. A. A. Alyasseri, H. JasimMohammed, N. S. Sani, M. I. Esa and B. A. Musawi, "Malware Detection Using Deep Learning and Correlation-Based Feature Selection," Symmetry, vol. 15, pp. 1-21, 2023.
[18] B. Arifwidodo, "Mekanisme Keamanan Jaringan Menggunakan Protokol Wireguard Pada Jaringan Privat," Journal of ICT, vol. 5, no. 2, pp. 1-9, 2023.
[19] I. Suryani, L. Lindawati and I. Salamah, "Analisa QOS (Quality Of Service) Jaringan Internet Di Teknik Elektro Politeknik Negeri Sriwijaya," IT Journal Research and Development (ITJRD), vol. 3, no. 1, pp. 32-42, 2018.
[20] ETSI, "Telecommunications and Internet Protocol Harmonization Over Networks (TIPHON); General aspects of Quality of Service (QoS," 1999. [Online]. Available: http://www.etsi.org.. [Accessed 2024].
[21] C. D. Xuan, L. V. Duong and T. V. Nikolaevich, "Detecting C&C Server in the APT Attack based on Network Traffic using Machine Learning," (IJACSA) International Journal of Advanced Computer Science and Applications, vol. 11, no. 5, pp. 22-27, 202.
[22] L. Lu, Y. Feng and K. Sakurai, "C&C Session Detection Using Random Forest," in IMCOM, Beppu, Japan, 2017.