Article Per Year (5 Year)
p-Index From 2019 - 2024
3.207
P-Index
This Author published in this journals
All Journal International Journal of Electrical and Computer Engineering IAES International Journal of Artificial Intelligence (IJ-AI) Seminar Nasional Aplikasi Teknologi Informasi (SNATI) Perfecting a Video Game with Game Metrics Jurnal Teknologi Informasi dan Ilmu Komputer Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) Syntax Literate : Jurnal Ilmiah Indonesia JURIKOM (Jurnal Riset Komputer) Majalah Ilmiah Pengkajian Industri Gema Wiralodra Journal of Applied Engineering and Technological Science (JAETS) Indonesian Journal of Electrical Engineering and Computer Science Jurnal Darma Agung Cakrawala Repositori Imwi Budapest International Research and Critics Institute-Journal (BIRCI-Journal): Humanities and Social Sciences Jurnal Teknik Informatika (JUTIF) Makara Journal of Technology Jurnal Sistem Informasi Jurnal Informatika: Jurnal Pengembangan IT
Kalamullah Ramli
Department Of Electrical Engineering, Faculty Of Engineering, Universitas Indonesia
Religion Aerospace Engineering Arts Humanities Chemical Engineering, Chemistry & Bioengineering Civil Engineering, Building, Construction & Architecture Computer Science & IT Control & Systems Engineering Decision Sciences, Operations Research & Management Economics, Econometrics & Finance Education Electrical & Electronics Engineering Engineering Environmental Science Industrial & Manufacturing Engineering Languange, Linguistic, Communication & Media Law, Crime, Criminology & Criminal Justice Library & Information Science Materials Science & Nanotechnology Mechanical Engineering Social Sciences Transportation Other

Published : 28 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 28 Documents
Search

 1   2   3 
DATA AVAILABILITY IN DECENTRALIZED DATA STORAGE USING FOUR-NODE INTERPLANETARY FILE SYSTEM Tony Haryanto; Kalamullah Ramli; Arga Dhahana Pramudianto
Jurnal Teknik Informatika (Jutif) Vol. 4 No. 3 (2023): JUTIF Volume 4, Number 3, June 2023
Publisher : Informatika, Universitas Jenderal Soedirman

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.52436/1.jutif.2023.4.3.1030

Abstract

Centralized storage is a data storage model in which data is stored and managed in a single physical location or centralized system. In this model, all data and information are stored on servers or data centers managed by one entity or organization. This model also has disadvantages such as risk of system failure against distributed denial of service (DDoS) attacks, natural disasters, and hardware failures causing a single point of failure. This threat results in loss of data and a lack of user confidence in the availability of data in centralized storage. This study proposes to evaluate the availability of data in decentralized data storage using a four-node interplanetary file system (IPFS) that is interconnected with a swarm key as the authentication key. Unlike centralized storage which has only one data center, four-node IPFS allows users to upload and download data from four interconnected data centers. This can avoid dependence on the central server and reduce server load. The evaluation results show that decentralized data storage using a four-node IPFS system is three times more resilient than centralized storage against a single point of failure. This system can increase data availability so that organizations can minimize data loss from the threat of system failure.
Desain Kerangka Kerja Keamanan Infrastruktur Dompet Digital Menggunakan PCI DSS 4.0 dan COBIT 2019 Berbasis Analisis Manajemen Risiko Mangampu Silaban; Kalamullah Ramli
Syntax Literate Jurnal Ilmiah Indonesia
Publisher : CV. Ridwan Publisher

Show Abstract | Download Original | Original Source | Check in Google Scholar | Full PDF (242.219 KB) | DOI: 10.36418/syntax-literate.v7i12.11645

Abstract

Dompet digital adalah salah satu bentuk transaksi elektronik yang semakin diminati oleh setiap orang. Selain penggunaan yang praktis karena tidak perlu memegang duit sebagai alat pembayaran secara langsung, proses untuk pendaftarannya juga dinilai tidak cukup sulit untuk dilakukan. Akan tetapi dibalik semua kemudahan yang terdapat dalam dompet digital, sebagai suatu aplikasi yang di dalamnya terdapat dana yang berasal dari pengguna, aplikasi dompet digital ini menjadi salah satu aplikasi yang sedang gencar diincar oleh para pelaku serangan siber. Pada makalah ini akan dibahas terkait proses desain suatu kerangka kerja keamanan pada lingkup infrastruktur dompet digital yang menggunakan standarisasi kombinasi PCI DSS 4.0 dan COBIT 2019 menggunakan pendekatan analisis berbasis manajemen risiko. Kerangka kerja ini berisikan point-point terkait manajemen risiko yang berupa identifikasi ruang lingkup, aset dan celah keamanan, asesmen risiko, evaluasi risiko, pengendalian risiko dalam bentuk validitas dan penerapan kendali terhadap risiko dan monitoring serta umpan balik dari penerapan kontrol terhadap risiko yang timbul. Dengan adanya kerangka kerja keamanan infrastruktur ini diharapkan dapat menjadi acuan bagi setiap perusahaan dompet digital khususnya perusahaan yang beroperasional dalam wilayah negara Kesatuan Republik Indonesia untuk dapat mengendalikan risiko di lingkungan transaksi elektronik sehingga operasional dapat berjalan sesuai dengan tujuan yang diharapkan dengan meminimalisir setiap serangan-serangan siber yang timbul pada setiap aset infrastruktur dompet digital.
Impact of Implementation of Information Security Risk Management and Security Controls on Cyber Security Maturity (A Case Study at Data Management Applications of XYZ Institute) Endro Joko Wibowo; Kalamullah Ramli
Jurnal Sistem Informasi Vol. 18 No. 2 (2022): Jurnal Sistem Informasi (Journal of Information System)
Publisher : Faculty of Computer Science Universitas Indonesia

Show Abstract | Download Original | Original Source | Check in Google Scholar | Full PDF (635.894 KB) | DOI: 10.21609/jsi.v18i2.1146

Abstract

Information security is an important concern for governments and industry due to the increase in cyber attacks during Covid-19. The government is obliged to maintain information security in implementing an Electronic-Based Government System following Presidential Regulation of the Republic of Indonesia Number 95 of 2018. To overcome this problem, the XYZ Institute needs an approach to implementing information security risk management and information security controls. This study aims to risk identification, risk analysis, risk evaluation, risk treatment, risk acceptance, risk control, and analysis of cyber security maturity gaps in the domain of governance, identification, protection, detection, and response. ISO/IEC 27005:2018 as guidance for conducting risk assessments. The code of practice for information security control uses the ISO/IEC 27002:2013 standard and assessing maturity using the cyber security maturity model version 1.10 developed by the National Cyber and Crypto Agency of the Republic of Indonesia. The results show that the cyber maturity value increased from 3.19 to 4.06 after implementing 12 new security controls.
Designing An Information Security Framework For The Indonesia Water Industry Sector Hidayatul Muttaqin; Kalamullah Ramli
Cakrawala Repositori IMWI Vol. 6 No. 3 (2023): Cakrawala Repositori IMWI
Publisher : Institut Manajemen Wiyata Indonesia & Asosiasi Peneliti Manajemen Indonesia

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.52851/cakrawala.v6i3.352

Abstract

The majority of Indonesia's water industry sectors have implemented smart water management systems as part of their business development, which has an indirect impact on enterprise information security. However, in general, water sector enterprises continue to place a low priority on information security, and the development of information system frameworks is based on generic norms employed by financial firms. There has been no research on information security frameworks especially built for water firms in Indonesia that use information security standards in the utilities sector. This article proposes a solution in the form of a new framework for Indonesian water firms that combines international information security requirements in the utilities sector with Indonesian government rules. This approach of development combines worldwide standards with national rules. The Cybersecurity Capability Maturity Model (C2M2) and ISO 27019 are two international standards commonly used by utility businesses globally. Government Regulation or Peraturan Pemerintah (PP) Number 71 of 2019 on the Implementation of Electronic Systems and Transactions is the relevant national regulation. The framework addresses information technology, telecommunications, and operational technology, with four approach categories: governance and ecosystem, protection, defense, and resilience. According to the research findings, the newly integrated framework can be applied and is worthy of recommendation. This framework also meets the standards for information security and can be used by Indonesian water corporations.
IT Maturity Level Analysis Using Framework COBIT 5 Work for Management Cyber Incident: Case Study of Company Z in ICT Field Inna Madiyaningsih; Kalamullah Ramli
Gema Wiralodra Vol. 14 No. 2 (2023): gema wiralodra
Publisher : Universitas Wiralodra

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.31943/gw.v14i2.476

Abstract

Based on the report security year 2022 from company Z in the ICT sector, it was found that on the report firewall security, 96% of level threat is level critical, and 4% is level high. Report email security is session domain 27.3%; Session limits 15.35 %; Forti Guard AntiSpam-IP 3.11%, and the rest is receipt verification; directory filter and access control relay denied. With the challenge of current cyber-attacks, precious data assets need analysis to measure the the level of IT maturity that can ensure stakeholders' interest and maximize benefits and opportunities through technology information. We overcome limitations by analyzing IT maturity using COBIT 5. Research focused only on the APO13 and DSS05 process domains. A study was done to identify the problems based on results observation, checking, and use of a questionnaire in a direct manner. Measurement is done through method evaluation self and interviews deep with the IT team and all power expert who has COBIT certification 5. Analysis results show that the measurement level for the APO13 domain is 3, and for DSS05 is level 2. These results still need to be below the set level 4 target management; therefore, building a framework to monitor, track, and record security data in real time is necessary. With the build framework, Work can help lower the threat level from a critical level to a high level and increase the COBIT Maturity Level to APO13 and DSS05 according to organizational targets.
INFORMATION SECURITY RISK ASSESSMENT USING FACTOR OF ANALYSIS INFORMATION RISK (FAIR) IN THE HEALTHCARE SECTOR: SCOPING REVIEW Iman Pribadi Sudarsana; Kalamullah Ramli
JURNAL DARMA AGUNG Vol 31 No 4 (2023): AGUSTUS
Publisher : Lembaga Penelitian dan Pengabdian kepada Masyarakat Universitas Darma Agung (LPPM_UDA)

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.46930/ojsuda.v31i4.3236

Abstract

Risk assessment is an effective way to reduce information technology risks in healthcare facilities by determining the severity of potential dangers and weaknesses affecting each vital data element. This enables appropriate actions to be taken by prioritizing data with the highest risk. However, there is still a lack of research on information security risk assessment using Factor Analysis of Information Risk (FAIR) in healthcare information systems, necessitating further studies to understand its implementation in Indonesia. A 21,939 articles were found in four databases, but only three met the inclusion criteria from Indonesia, Japan, and the United States. These studies focus on risk assessment and management in the healthcare sector, including ISO 27005, cloud ecosystem risk analysis, cybersecurity standards, and IoT risk management for COVID-19. The review stresses the significance of risk assessment and management in the health sector to sustain health facilities amidst policy changes, technological advancements, and globalization. FAIR is vital in determining the likelihood and potential consequences of events that can affect organizations, particularly in the competitive healthcare industry where a secure health information system is necessary for business continuity. Hence, studies must develop methods to reduce information security risks in Healthcare services information systems.
Desain dan Analisis Sistem CyberShare Menggunakan Four Node Interplanetary File System (IPFS) Tony Haryanto; Kalamullah Ramli
Jurnal Informatika: Jurnal Pengembangan IT Vol 8, No 2 (2023): JPIT, Mei 2023
Publisher : Politeknik Harapan Bersama

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.30591/jpit.v8i2.5141

Abstract

Cybersecurity information sharing is a proactive and collaborative measure in enhancing organizational security by exchanging cybersecurity information using a centralized repository service. However, in practice, the use of centralized services poses a threat to distributed denial-of-service (DDoS) attacks which can result in system failure and cause single point of failure as well as man-in-the-middle (MITM) attacks which can result in modification of information and theft of exchanged information. This threat results in a lack of user confidence in the confidentiality, integrity, and availability of information. This study proposes the design of a secure cybersecurity information sharing (CyberShare) system using a private interplanetary file system (IPFS) network as a decentralized information storage. Unlike centralized storage which only has a single-node, CyberShare systems use four-node IPFS interconnected with swarm keys as authentication keys. This system allows users to store and share information from the sender to the recipient of information, avoiding dependence on a central server and reducing server load. The results of the analysis show that the proposed CyberShare system can guarantee the confidentiality, integrity, and availability of cyber security information. CyberShare systems can enhance the security of the information exchanged so that organizations can safely share and utilize cybersecurity information.
Desain Penilaian Risiko Privasi pada Aplikasi Seluler Melalui Model Machine Learning Berbasis Ensemble Learning dan Multiple Application Attributes R. Ahmad Imanullah Zakariya; Kalamullah Ramli
Jurnal Teknologi Informasi dan Ilmu Komputer Vol 10 No 4: Agustus 2023
Publisher : Fakultas Ilmu Komputer, Universitas Brawijaya

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.25126/jtiik.20241047029

Abstract

Aplikasi berbasis Android banyak dikembangkan dan tersedia secara bebas di berbagai sumber aplikasi karena sistem operasi Android yang bersifat open-source.  Namun, tidak semua penyedia aplikasi memberikan informasi detail mengenai aspek keamanan aplikasi, sehingga pengguna mengalami kesulitan untuk menilai dan memahami risiko keamanan privasi yang mereka hadapi. Pada penelitian ini kami mengusulkan desain penilaian risiko privasi melalui pendekatan analisis permission dan informasi atribut aplikasi. Kami menggunakan ensemble learning untuk mengatasi kelemahan dari penggunaan model klasifikasi tunggal. Penilaian likelihood dilakukan dengan mengombinasikan prediksi ensemble learning dan informasi multiple application attributes, sementara penilaian severity dilakukan dengan memanfaatkan jumlah dan karakteristik permission. Sebuah matriks risiko dibentuk untuk menghitung nilai risiko privasi aplikasi dan dataset CIC-AndMal2017 digunakan untuk mengevaluasi model ensemble learning dan desain penilaian risiko privasi. Hasil percobaan menunjukkan bahwa penerapan ensemble learning dengan algoritma klasifikasi Decision Tree (DT), K-Nearest Neighbor (KNN), dan Random Forest (RF) memiliki performa model yang lebih baik dibandingkan dengan menggunakan algoritma klasifikasi tunggal, dengan accuracy sebesar 95.2%, nilai precision 93.2%, nilai F1-score 92.4%, dan True Negative Rate (TNR) sebesar 97.6%. Serta, desain penilaian risiko mampu menilai aplikasi secara efektif dan objektif.  AbstractSince the Android operating system is open-source, many Android-based applications are developed and freely available in app stores. However, not all developers of applications supply detailed information about the app's security aspects, making it difficult for users to assess and understand the risk of privacy breaches they confront. We propose a privacy risk assessment design in this study using an analytical approach to app permissions and attribute information. We use ensemble learning to overcome the drawbacks of using a single classification model. The likelihood assessment is performed by combining ensemble learning predictions and information on multiple application attributes, while the severity assessment is performed by utilizing the number and characteristics of permissions. A risk matrix was created to calculate the value of application privacy risk, and the CIC-AndMal2017 dataset was used to evaluate the ensemble learning model and privacy risk assessment designs. The experimental results show that the application of ensemble learning with the Decision Tree (DT), K-Nearest Neighbor (KNN), and Random Forest (RF) classification algorithms provides better model performance compared to using a single classification algorithm, with an accuracy of 95.2%, a precision value of 93.2%, a F1-score of 92.4%, and a True Negative Rate (TNR) of 97.6%. In addition, the risk assessment design can to assess the application effectively and objectively. 
Co-Authors Abd Halim Shamsuddin Abd Halim Shamsuddin, Abd Halim Abdul Halim Abdul Halim Abdurrahman Alayderous Arga Dhahana Pramudianto Arini Muhafidzah Aspar, Wimpie A.N Asril Jarin Asril Jarin Axel Hunger Axel Hunger, Axel Bagio Budiardjo Bagio Budihardjo Besral . Budi Utomo Endro Joko Wibowo Erlangga Putro Subagyo Farouq Aferudin Frank Schwarz Frank Schwarz, Frank Harjono, Mulyadi Sinung Hartina Hiromi Satyanegara Hidayatul Muttaqin Iman Pribadi Sudarsana Inna Madiyaningsih Iswanjono Iswanjono Kemal N. Siregar Mangampu Silaban Muhammad Salman Muhammad Salmon Hardani Mulyadi Sinung Harjono Okky Assetya Pratiwi R. Ahmad Imanullah Zakariya R. Deiny Mardian Rahutomo Mahardiko Rantelobo, Kalvein Ricko Dwi Pambudi Ruddy J Suhatril Shamsuddin, A Halim Stefan Werner Stefan Werner, Stefan Suryadi Suryadi Suryadi Suryadi Taufik Hidayat Tjahjadi, Hendrana Togu Sianturi Tony Haryanto Tony Haryanto Tony Haryanto Tri Daryanto Wimpie A.N Aspar Wirawan Wirawan Yuri Prihantono