Mencegah Serangan Rekayasa Sosial dengan Human Firewall
DOI:
https://doi.org/10.26418/justin.v10i1.44280Keywords:
Rekayasa Sosial, Human Firewall, Pohon Keputusan, Keamanan Informasi, Keamanan SiberAbstract
Manusia adalah elemen paling rentan yang ada pada sistem keamanan informasi. Seringkali orang menganggap bahwa apa yang dibagikan di dunia maya atau dunia siber adalah hal yang tidak penting, tetapi bagi sebagian orang, data dan informasi yang sangat banyak di internet bisa digunakan untuk tindak kejahatan yang membuat kerugian yang besar. Salah satu teknik yang digunakan pelaku tindak kejahatan dunia siber disebut dengan teknik rekayasa sosial. Hal ini menuntut orang-orang agar selalu waspada dan berhati-hati karena pada dasarnya serangan ini memanfaatkan dan maminupalisi manusia agar memberikan data dan informasi tanpa disadari. Pemdekatan fisik dan teknik yang berarti serangan rekayasa sosial bisa terjadi di dunia siber maupun di dunia nyata. Maka dari itu dibutuhkan sebuah model atau panduan yang dapat meningkatkan kesadaran kemanan manusia itu sendiri. Human Firewall, bentuk pertahanan diri yang didapatkan dari memingkatkan kesadaran kemanan data dan informasi melalui pemilihan keputusan yang tepat saat serangan rekayasa sosial terjadi.
References
L. Gerhold, G. Bartl, and N. Haake, “Security culture 2030. How security experts assess the future state of privatization, surveillance, security technologies and risk awareness in Germany,†Futures, vol. 87, pp. 50–64, 2017.
S. Destya, “Model Pengukuran Tingkat Kesadaran Keamanan,†pp. 19–24, 2018.
“Kementerian Komunikasi dan Informatika.†[Online]. Available: https://kominfo.go.id/index.php/content/detail/3415/Kominfo+%3A+Pengguna+Intern et+di+Indonesia+63+Juta+Orang/0/berita_satker.
J. Scheeres, “Establishing the Human Firewall: Reducing an Individual’s Vulnerability to Social Engineering Attacks,†p. 49, Mar. 2008.
G. Orgill, G. Romney, M. Bailey, and P. Orgill, The urgency for effective user privacy-education to counter social engineering attacks on secure computer systems. 2004.
F. Mouton, L. Leenen, and H. S. Venter, “Social Engineering Attack Detection Model: SEADMv2,†Proc. - 2015 Int. Conf. Cyberworlds, CW 2015, pp. 216–223, 2016.
K. Krombholz, H. Hobel, M. Huber, and E. Weippl, “Advanced social engineering attacks,†J. Inf. Secur. Appl., vol. 22, pp. 113–122, 2015.
M. Jensen, R. Wright, A. Durcikova, and S. Karumbaiah, “Building the Human Firewall: Combating Phishing through Collective Action of Individuals Using Leaderboards,†SSRN Electron. J., Jan. 2020.
A. V. Robins, L. E. Margulieux, and B. B. Morrison, Cognitive Sciences for Computing Education. 2019.
S. Granger, “SecurityFocus HOME Infocus : Social Engineering Fundamentals , Part II : Combat SecurityFocus HOME Infocus : Social Engineering Fundamentals , Part II : Combat Page 2 of 4,†pp. 1–5, 2003.
D. Airehrour, N. V. Nair, and S. Madanian, “Social engineering attacks and countermeasures in the New Zealand Banking System: Advancing a user-reflective mitigation model,†Information (Switzerland), vol. 9, no. 5. 2018.
F. L. Greitzer, J. R. Strozer, S. Cohen, A. P. Moore, D. Mundie, and J. Cowley, “Analysis of unintentional insider threats deriving from social engineering exploits,†Proc. - IEEE Symp. Secur. Priv., vol. 2014-Janua, pp. 236–250, 2014.
D. I. Junaedi, “Antisipasi Dampak Social Engineering Pada Bisnis Perbankan,†Infoman’s, vol. 11, no. 1, pp. 1–10, 2017.
C. C. Ciptohartono and M. K. Dermawan, “Pencegahan Viktimisasi Pencurian Data Pribadi,†vol. 3, pp. 157–169, 2019.
R. Komalasari, “KESADARAN AKAN KEAMANAN PENGGUNAAN USERNAME DAN PASSWORD,†J. Teknol. Inf. Dan Komun. Vol. 5, No. 2 Desember 2018, vol. 5, no. 2, pp. 68–77, 2018.
J. Allen, L. Gomez, M. Green, P. Ricciardi, C. Sanabria, and S. Kim, “Social Network Security Issues: Social Engineering and Phishing Attacks,†pp. 1–7, 2012.
S. Suendri, “Hashing Argon2 Untuk Keamanan Password Pada Sistem Berbasis Web Menggunakan Php,†JISTech (Journal Islam. Sci. Technol., vol. 4, no. 1, 2019.
D. Ariyus, Kemanan Multimedia. Yogyakarta: ANDI, 2009.
D. C. Islami, K. B. I.H, and C. Candiwan, “Kesadaran Keamanan Informasi pada Pegawai Bank x di Bandung Indonesia,†J. INKOM, vol. 10, no. 1, p. 19, Nov. 2016.
P. Jati Sekar Agri, “Evaluasi Tingkat Kesadaran Keamanan Informasi Mahasiswa Akuntansi Universitas Sanata Dharma,†Universitas Sanata Dharma, 2019.
Downloads
Published
Issue
Section
License
Copyright (c) 2022 JUSTIN (Jurnal Sistem dan Teknologi Informasi)

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
The author owns the copyright in his paper and agrees to publish his paper to JUSTIN by giving the rights to the first publication of his paper which is simultaneously licensed under the Creative Commons Attribution License, namely the Similar International 4.0 license (CC BY-NC-SA 4.0).

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
You are free to:Share "” copy and redistribute the material in any medium or format
Adapt "” remix, transform, and build upon the material
The licensor cannot revoke these freedoms as long as you follow the license terms.
Under the following terms:
Attribution "” You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
NonCommercial "” You may not use the material for commercial purposes.
ShareAlike "” If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original.
No additional restrictions "” You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.
Notices:
You do not have to comply with the license for elements of the material in the public domain or where your use is permitted by an applicable exception or limitation.
No warranties are given. The license may not give you all of the permissions necessary for your intended use. For example, other rights such as publicity, privacy, or moral rights may limit how you use the material.