FORENSIC ANALYSIS OF TROJAN BACKDOOR (GACOR) ATTACKS ON PRIVATE CLOUD ENVIRONMENTS USING KUAD METHOD
DOI:
https://doi.org/10.52060/im.v4i1.4196Abstrak
This research examines the impact of a Trojan Backdoor Attack, referred to as a Gacor attack, on the security and service integrity of a private cloud environment based on OwnCloud. The experimental environment was deployed ubuntu server 22.04 using OwnCloud version 10.15.2 and supported by a Mikrotik CCR1016-12G network device. Application level and network level activities were monitored through Apache web server logs and Snort Intrusion Detection System (IDS) version 2.9.15.1, respectively. The investigation adopts the knowledge Understanding assessment defence (KUAD) framework, which structures the analysis into initiation, acquisition, execution, mitigation, and digital evidence disposition stages. The attack scenario focuses on exploiting a file upload vulnerability in the OwnCloud service to deploy and execute a malicious PHP-based Trojan Backdoor. The results show that the Gacor attack demonstrates highly repetitive and centralized behaviour, originate from a limited number of highly active IP addresses. This behaviour exploits weaknesses in application security configuration and results in system takeover and service defacement. Correlation between log analysis and IDS alerts confirms 10 distinct attack events and reveals a structured intrusion pattern rather than random probing activity. The data visualization reveals a structured and centralized attack pattern, resulting in 100% defacement of the OwnCloud index page, which highlights the severe security risk faced by private cloud environments that lack a adequate file upload protection mechanisms. The findings demonstrate that the application of the KUAD method, when combined with log analysis and intrusion detection systems (IDS) is effective in identifying, analyzing, and systematically documenting Trojan Backdoor attacks in private cloud computing environments.
Referensi
Abdullayeva, F. and Suleymanzade, S., 2024. Cyber security attack recognition on cloud computing networks based on graph convolutional neural network and graphsage models. Results in Control and Optimization, [online] 15. https://doi.org/10.1016/j.rico.2024.100423.
Ali, M., Tang Jung, L., Hassan Sodhro, A., Ali Laghari, A., Birahim Belhaouari, S. and Gillani, Z., 2023. A Confidentiality-based data Classification-as-a-Service (C2aaS) for cloud security. Alexandria Engineering Journal, [online] 64, pp.749–760. https://doi.org/10.1016/j.aej.2022.10.056.
Ali, S., Wadho, S.A., Yichiet, A., Gan, M.L. and Lee, C.K., 2024. Advancing cloud security: Unveiling the protective potential of homomorphic secret sharing in secure cloud computing. Egyptian Informatics Journal, [online] 27. https://doi.org/10.1016/j.eij.2024.100519.
Alim, E.S., Nuroji, N., Rizkiawan, M.A., Anhari, T. and Sobari, B., 2024. Monitoring and Prevention of Online Gambling Attacks (Gacor Slots) on Websites. Edumatic: Jurnal Pendidikan Informatika, 8(1), pp.75–83. https://doi.org/10.29408/edumatic.v8i1.25267.
Ayuningtyas, A., Riadi, I. and Yudhana, A., 2025. A Comparative Evaluation of Drone Detection Models on Aerial Imagery across Varying Training Epochs. JUITA: Jurnal Informatika, 13(3), pp.277–286.
Darmawan, W. and Aprilia, T., 2024. Analysis of the Metasploit Framework ‘msfvenom’ Backdoor Trojan and Fully Undetected (FUD) Trojan. Techno.COM, 23(1), pp.112–124. https://doi.org/https://doi.org/10.62411/tc.v23i1.9741.
El-Sofany, H., Bouallegue, B. and Abd El-Latif, Y.M., 2024. A proposed biometric authentication hybrid approach using iris recognition for improving cloud security. Heliyon, [online] 10(16). https://doi.org/10.1016/j.heliyon.2024.e36390.
Erawan, E., Satria, R.P., Nastiti, A.D., Juniardi, W., Anbiya, D.R. and Go Reinnamah, D.A., 2024. A Lightweight Design Approach to Detect Malicious Injections in Government Websites: Combating Hidden Online Gambling Pages. In: 2024 Beyond Technology Summit on Informatics International Conference (BTS-I2C). pp.365–369. https://doi.org/10.1109/BTS-I2C63534.2024.10942063.
Haga, R., Kaji, S., Fujimoto, D. and Hayashi, Y., 2025. Detection of Hardware Trojans Using a Capacitance Sensor Focused on Parasitic Coupling Between Wires. In: 2025 23rd IEEE Interregional NEWCAS Conference (NEWCAS). pp.104–107. https://doi.org/10.1109/NewCAS64648.2025.11107121.
Indrianingsih, Y., Pamungkas, A.G., Wintolo, H., Sajati, H., Gunawan and Nugraheny, D., 2023. Descriptive Analysis of Web Security Vulnerabilities at Airport Servers Using The Open Web Application Security Project Security Standard. In: Proceedings - IEIT 2023: 2023 International Conference on Electrical and Information Technology. Institute of Electrical and Electronics Engineers Inc. pp.6–11. https://doi.org/10.1109/IEIT59852.2023.10335586.
Kanaker, H., Karim, N.A., Awwad, S.A.B., Ismail, N.H.A., Zraqou, J. and Al ali, A.M.F., 2022. Trojan Horse Infection Detection in Cloud Based Environment Using Machine Learning. International Journal of Interactive Mobile Technologies, 16(24), pp.81–106. https://doi.org/10.3991/ijim.v16i24.35763.
Lasaharu, S., Dahlan, U.A. and Riadi, I., 2022. Network Forensic on Web-based Applications using Network Forensic Development Life Cycle Method. [online] International Journal of Computer Applications, https://doi.org/10.5120/ijca2022921869.
Min, X., Mei, G. and Weiping, Z., 2022. Research and Implementation of Network Security Deployment Based on Private Cloud Security Platform. In: Procedia Computer Science. [online] Elsevier B.V. pp.565–569. https://doi.org/10.1016/j.procs.2022.10.078.
Mohammed, S., Nanthini, S., Bala Krishna, N., Srinivas, I. V., Rajagopal, M. and Ashok Kumar, M., 2023. A new lightweight data security system for data security in the cloud computing. Measurement: Sensors, [online] 29. https://doi.org/10.1016/j.measen.2023.100856.
Ouhssini, M., Afdel, K., Agherrabi, E., Akouhar, M. and Abarda, A., 2024. DeepDefend: A comprehensive framework for DDoS attack detection and prevention in cloud computing. Journal of King Saud University - Computer and Information Sciences, [online] 36(2). https://doi.org/10.1016/j.jksuci.2024.101938.
Owaid, M.A. and Hammood, A.S., 2024. Evaluating Machine Learning and Deep Learning Models for Enhanced DDoS Attack Detection. Mathematical Modelling of Engineering Problems, 11(2), pp.493–499. https://doi.org/10.18280/mmep.110221.
Rafiee, M. and Shirmarz, A., 2022. Self-Organization Map (SOM) Algorithm for DDoS Attack Detection in Distributed Software Defined Network (D-SDN). Journal of Information Systems and Telecommunication (JIST), 10(2). https://doi.org/10.52547/jist.15644.10.38.120.
Ranganatha Rao, B. and Sujatha, B., 2023. A hybrid elliptic curve cryptography (HECC) technique for fast encryption of data for public cloud security. Measurement: Sensors, [online] 29. https://doi.org/10.1016/j.measen.2023.100870.
Retno, R., Sembiring, R. and Riadi, I., 2023. Wireless Implementation on Fake Wifi using Network Forensic Development Life Cycle Method. [online] International Journal of Computer Applications, Available at: <https://doi.org/10.5120/ijca2023922042> [Accessed 15 April 2025].
Samani, Z.N. and Khayyambashi, M.R., 2020. Reliable resource allocation and fault tolerance in mobile cloud computing. Journal of Information Systems and Telecommunication (JIST), 7(2). https://doi.org/10.7508/jist.2019.02.002.
Subrmanian, K., Thangarasu, G., Zhao, Y. and Kannan, K.N., 2024. Enhancing Detection and Prediction of DDoS Attacks Through Regression Modeling. 2024 IEEE 6th Symposium on Computers & Informatics (ISCI), [online] null, pp.253–257. https://doi.org/10.1109/ISCI62787.2024.10668039.
Umar, R., Riadi, I. and Surya Kusuma, R., 2021. Network Forensics Against Ryuk Ransomware Using Trigger, Acquire, Analysis, Report, and Action (TAARA) Method. Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control. https://doi.org/10.22219/kinetik.v6i2.1225.
Wang, R., Lin, H., Luo, Z., Cheung, K.C., See, S., Ma, J. and Wan, R., 2025. Meme Trojan: Backdoor Attacks Against Hateful Meme Detection via Cross-Modal Triggers. Proceedings of the AAAI Conference on Artificial Intelligence, [online] 39. https://doi.org/https://doi.org/10.1609/aaai.v39i8.32845.
Wijayanto, A., Riadi, I. and Prayudi, Y., 2023. TAARA Method for Processing on the Network Forensics in the Event of an ARP Spoofing Attack. Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi), 7(2), pp.208–217. https://doi.org/10.29207/resti.v7i2.4589.
Wijayanto, A., Riadi, I., Prayudi, Y. and Sudinugraha, T., 2022. Network Forensics Against Address Resolution Protocol Spoofing Attacks Using Trigger, Acquire, Analysis, Report, Action Method. Register: Jurnal Ilmiah Teknologi Sistem Informasi, 8(2), pp.156–169. https://doi.org/10.26594/register.v8i2.2953.
Wintolo, H., Riadi, I. and Yudhana, A., 2025a. Enhancing Private Cloud Security Using Knowledge Understanding Assessment Defense Method for Distributed Denial of Service Attack Mitigation. International Journal of Safety and Security Engineering, [online] 15(11), pp.2323–2331. https://doi.org/10.18280/ijsse.151112.
Wintolo, H., Riadi, I. and Yudhana, A., 2025b. Intrusion Detection Analysis on Open Journal System Services Using Network Forensic Development Life Cycle Method. SKANIKA: Sistem Komputer dan Teknik Informatika, [online] 8(1), pp.133–144. Available at: <https://doi.org/10.36080/skanika.v8i1.3284> [Accessed 15 April 2025].
Wintolo, H., Riadi, I. and Yudhana, A., 2025c. Post Attack Mitigation on Open Journal System Services using Knowledge Understanding Assessment Defense (KUAD) Method. Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control. [online] https://doi.org/10.22219/kinetik.v10i4.2279.
Zakiyaturrahma and Riadi, I., 2022. Email Forensic from Phishing Attack using Network Forensics Development Life Cycle Method. International Journal of Computer Applications, [online] 183(46), pp.975–8887.https://doi.org/10.5120/ijca2022921865
Zhong, L., 2023. A convolutional neural network based online teaching method using edge-cloud computing platform. Journal of Cloud Computing, 12(1). https://doi.org/10.1186/s13677-023-00426-6.
| Keywords | : |
Kata Kunci:
Netowork Forensic, Trojan Backdoor, Gacor, Private Cloud, KUAD Method
|
| Galleys | : | |
| Diterbitkan | : |
2026-06-30
|
| Terbitan | : |
Bagian
Articles
|
Hak Cipta (c) 2026 Hero Wintolo, Mohammad Faiq Badruz Zaman, Haruno Sajati, Imam Riadi, Anton Yudhana, Tri Rochmadi, Puspa Ira Dewi Candra Wulan

Artikel ini berlisensi Creative Commons Attribution 4.0 International License.




