Pendeteksian Malware pada Lingkungan Aplikasi Web dengan Kategorisasi Dokumen

Fransiskus Gusti Ngurah Dwika Setiawan, Royyana Muslim Ijtihadie, Hudan Studiawan
Submission Date: 2017-01-24 23:00:42
Accepted Date: 2017-03-17 10:12:41

Abstract


Jumlah aplikasi berbasis web semakin bertambah seiring dengan perkembangan teknologi informasi. Dengan bertambahnya jumlah aplikasi web, serangan-serangan yang dilakukan terhadap aplikasi-aplikasi web tersebut juga meningkat. Salah satu jenis serangan yang marak dilakukan terhadap aplikasi web adalah penyisipan malware seperti web shell yang dapat memberikan akses bebas terhadap komputer server kepada penyerang.
Dalam makalah ini, dijelaskan implementasi aplikasi yang menerapkan teknik kategorisasi dokumen untuk mendeteksi malware atau kode malicious khususnya jenis web shell dengan teknik kategorisasi dokumen. Proses kategorisasi dokumen meliputi praproses dan tokenisasi kode sumber, pembuatan model classifier Multinomial Naive Bayes dan Decision Tree, dan klasifikasi dokumen menggunakan classifier yang telah dibuat. Uji coba yang dilakukan terhadap 718 file kode sumber PHP menghasilkan tingkat precision dari 72% hingga 83% dan recall 83% hingga 97%.

Keywords


aplikasi web; deteksi malware; kategorisasi dokumen

References


Clint Feher Asaf Shabtai, Robert Moskovitch and Shlomi Dolev. Detecting unknown malicious code by applying classification techniques on opcode patterns. Security Informatics. doi: 10.1186/2190-8532-1-1.

Fabrizio Sebastiani. Machine learning in automated text categorization. ACM Comput. Surv., 34(1):1–47, March 2002. ISSN 0360-0300. doi: 10.1145/505282.505283.

G. Salton, A. Wong, and C. S. Yang. A vector space model for automatic indexing. Commun. ACM, 18(11):613–620, November 1975.

ISSN 0001-0782. doi: 10.1145/361219.361220.

Harry Zhang. The optimality of Naive Bayes. In Valerie Barr and Zdravko Markov, editors, Proceedings of the Seventeenth International Florida Artificial Intelligence Research Society

Christopher D. Manning, Prabhakar Raghavan, and Hinrich Schütze. Introduction to Information Retrieval. Cambridge University Press, New York, NY, USA, 2008. ISBN 0521865719, 9780521865715.

Decision trees. http://scikit-learn.org/stable/modules/tree.html. Diakses: 2016-12-24.

L. Breiman, J. Friedman, R. Olshen, and C. Stone. Classification and Regression Trees. Wadsworth, Belmont, CA, 1984.


Full Text: PDF

CC Licencing


Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).

Refbacks

  • There are currently no refbacks.


Creative Commons License
Jurnal Teknik ITS by Lembaga Penelitian dan Pengabdian Kepada Masyarakat, LPPM-ITS is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Based on a work at http://ejurnal.its.ac.id/index.php/teknik.