IMPLEMENTASI PI-HOLE UNTUK MEMBANGUN SISTEM PERTAHANAN JARINGAN DARI SERANGAN MALVERTISING

Nindya Dwi Anggana; Dedi Hariyadi; Rama Sahtyawan; Alfun Roehatul Jannah

doi:10.30989/teknomatika.v15i1.1104

Nindya Dwi Anggana Universitas Jenderal Achmad Yani Yogyakarta
Dedi Hariyadi Universitas Jenderal Achmad Yani Yogyakarta
Rama Sahtyawan Universitas Jenderal Achmad Yani Yogyakarta
Alfun Roehatul Jannah Universitas Jenderal Achmad Yani Yogyakarta

DOI: https://doi.org/10.30989/teknomatika.v15i1.1104

Abstract

The Internet has revolutionized human activities in the digital era, providing new avenues for innovation and connectivity. Online advertising, a significant aspect of this digital landscape, enables advertisers to reach diverse audiences. However, this convenience has also attracted cybercriminals who exploit online advertisements to deploy malicious ads, commonly known as malvertising. This study focuses on implementing Pi-Hole, a network defense system, to combat web-based malvertising attacks and reduce associated risks. Utilizing a Raspberry Pi 3 model B+ device, the Pi-Hole system is deployed within the DMZ network at FTTI Universitas Jenderal Achmad Yani Yogyakarta. By capturing query logs, Pi-Hole effectively blocks malicious ads by employing an adlist. The research was conducted over a 14-day period, from July 26 to August 8, 2022. The results demonstrate the efficacy of the Pi-Hole defense system, with a remarkable 22.7% of the total captured queries, amounting to 895,077 queries, being successfully blocked. Additionally, testing from the client's perspective confirmed the system's ability to prevent ads from appearing on websites and mobile applications. The implementation of Pi-Hole on the FTTI network at Jenderal Achmad Yani Yogyakarta University provides a robust defense against malvertising attacks. By blocking malicious ads, Pi-Hole safeguards users' browsing experiences and reduces the risk of potential harm from online advertisements. This research contributes to the growing body of knowledge on network security and offers practical insights for organizations and individuals seeking effective measures to counter web-based malvertising attacks.

References

[1] A. Bermudez-Villalva, M. Musolesi, and G. Stringhini, “A Measurement Study on the Advertisements Displayed to Web Users Coming from the Regular Web and from Tor,” s Displayed to Web Users Coming from the Regular Web and from Tor’, Proceedings - 5th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2020, pp. 494–499, 2020.

[2] J. Rolon, C. Hinds, and F. Doswell, “SpartanShield: A Layered Defense against Malvertising,” International Conference on Computational Science and Computational Intelligence (CSCI), pp. 185–190, 2019.

[3] M. Hopkins and A. Dehghantanha, “Exploit Kits: The production line of the Cybercrime economy?,” Second International Conference on Information Security and Cyber Forensics (InfoSec), pp. 23–27, 2015.

[4] S. Kumar, S. Rautaray, and M. Pandey, “Malvertising: A case study based on analysis of possible solutions,” nternational Conference on Inventive Computing and Informatics (ICICI), pp. 288–291, 2017.

[5] C.-T. Huang, M. N. Sakib, C. Kamhoua, K. Kwiat, and L. Njilla, “A game theoretic approach for inspecting web-based malvertising,” in 2017 IEEE International Conference on Communications (ICC), IEEE, May 2017, pp. 1–6. doi: 10.1109/ICC.2017.7996807.

[6] C.-T. Huang, M. N. Sakib, C. A. Kamhoua, K. A. Kwiat, and L. Njilla, “A Bayesian Game Theoretic Approach for Inspecting Web-Based Malvertising,” IEEE Trans Dependable Secure Comput, vol. 17, no. 6, pp. 1257–1268, Nov. 2020, doi: 10.1109/TDSC.2018.2866821.

[7] M. N. Sakib and C.-T. Huang, “Automated Collection and Analysis of Malware Disseminated via Online Advertising,” in 2015 IEEE Trustcom/BigDataSE/ISPA, IEEE, Aug. 2015, pp. 1411–1416. doi: 10.1109/Trustcom.2015.539.

[8] T. Zhang, H. Zhang, and F. Gao, “A Malicious Advertising Detection Scheme Based on the Depth of URL Strategy,” in 2013 Sixth International Symposium on Computational Intelligence and Design, IEEE, Oct. 2013, pp. 57–60. doi: 10.1109/ISCID.2013.128.

[9] W. Wang et al., “PAD: Programming third-party web advertisement censorship,” in 2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE), IEEE, Oct. 2017, pp. 240–251. doi: 10.1109/ASE.2017.8115637.

[10] Y. Imamura et al., “Threat Analysis of Fake Virus Alerts Using WebView Monitor,” in 2019 Seventh International Symposium on Computing and Networking (CANDAR), IEEE, Nov. 2019, pp. 28–36. doi: 10.1109/CANDAR.2019.00012.

[11] T.-Y. Ho, W.-A. Chen, M.-K. Sun, and C.-Y. Huang, “Visualizing the Malicious of Your Network Traffic by Explained Deep Learning,” in 2020 International Conference on Artificial Intelligence in Information and Communication (ICAIIC), IEEE, Feb. 2020, pp. 687–692. doi: 10.1109/ICAIIC48513.2020.9065247.

[12] I. S.Ali, S. Hamza, and E. Gunawan, “Implementasi & Analisis Penerapan Pi-Hole Network Ad-Blocking Di Laboratorium Jaringan Teknik Informatika UMMU,” Jurnal Teknik Informatika (J-Tifa), vol. 3, no. 1, pp. 27–31, Mar. 2020, doi: 10.52046/j-tifa.v3i1.1110.