D4 Rekayasa Keamanan Siber
Permanent URI for this collectionhttps://repository.polibatam.ac.id/handle/PL029/1769
Browse
Item Analysis of Cyber Security Knowledge and Skills for Capture the Flag Competition(Jurnal Integrasi, 2022-04-12) Gilbert,Joy; Tirstan,Jean;CTF (Capture The Flag) competitions have emerged as a pivotal instrument in development of cyber security education over the past six years. It is imperative to ensure that the CTF competitions continue to develop to facilitate growth of cyber security education. To achieve the desired growth, it is necessary to analyze the progress achieved in the last six years the program has been implemented. This research collects and analyzes approximately 500 CTF solutions from the CTFtime platform. From the results of this analysis, we have identified that skills and techniques are needed in each category of CTF questions. We use the results of this analysis as a reference for questions on the CTF Platform that we created during PCT (Polibatam Cyber Team) regeneration. PCT consists of a group of students from the Cyber Security Engineering study program who are prepared to be at the forefront in participating in various activities related to Cyber Security.The method we use is different from other CTFs, in thatwe use a skill-based and technique-based approach. We found that this approach was able to attract 80% of participants in solving and improving their skills in Cyber Security towards any challenges in a competitive environment.Item Analysis of Cyber Security Knowledge and Skills for Capture the Flag Competition(Jurnal Integrasi, 2022-04-22) Tambunan, Jean; Arapenta, Joy;CTF (Capture The Flag) competitions have emerged as a pivotal instrument in development of cyber securityeducation over the past six years. It is imperative to ensure that the CTF competitions continue to develop tofacilitate growth of cyber security education. To achieve the desired growth, it is necessary to analyze the progressachieved in the last six years the program has been implemented. This research collects and analyzes approximately500 CTF solutions from the CTFtime platform. From the results of this analysis, we have identified that skills andtechniques are needed in each category of CTF questions. We use the results of this analysis as a reference forquestions on the CTF Platform that we created during PCT (Polibatam Cyber Team) regeneration. PCT consistsof a group of students from the Cyber Security Engineering study program who are prepared to be at the forefrontin participating in various activities related to Cyber Security. The method we use is different from other CTFs, inthat we use a skill-based and technique-based approach. We found that this approach was able to attract 80% ofparticipants in solving and improving their skills in Cyber Security towards any challenges in a competitiveenvironment.Item Analisis Pengaruh Kesadaran Keamanan Siber Terhadap Perilaku Pemilihan Kata Sandi Pengguna Mobile Banking di Batam Menggunakan Metode Regresi(2024) Panjaitan, Monita Cisilia; Haikal, AntoniThis research examines the influence between cyber security awareness and password selection behavior of mobile banking users of Batam residents or residents aged 17-65 years. The method used to process the data is simple linear regression using SPSS 25. This research shows that cyber security awareness positively influences the password selection behavior of mobile banking users. With an R Square value of 0.275, the independent variable's ability to explain the dependent variable is small and limited to 27.5%. The findings from this study will help academics expand their research to include additional potential factors.Item Analisis Risiko Keamanan Informasi Berdasarkan ISO 27001 dengan Menggunakan Metodologi FMEA pada Perusahaan XYZ(2024) Abidin, Ismail Wafi Khoerul Abidin; Arif, Hamdani; Arif, HamdaniRisiko merupakan potensi yang dapat mengakibatkan kerugian atau gangguan terhadap aset atau informasi dalam suatu sistem. Penelitian ini difokuskan pada analisis risiko keamanan informasi pada perusahaan XYZ menggunakan metode FMEA dengan mengacu standar ISO 27001:2022. Adanya penelitian ini, diharapkan mampu memberikan pemahaman yang komprehensif mengenai risiko keamanan informasi dan memberikan rekomendasi untuk meningkatkan keamanan informasi perusahaan XYZ. Melalui pendekatan kualitatif dan kuantitatif, penelitian ini akan mengidentifikasi potensi risiko keamanan informasi dan mengembangkan rencana tindakan untuk mencegah atau mengurangi risiko tersebut.Item Evaluasi Penerapan Standar ISO 27001 di Pusat Data X(Polieknik Negeri Batam, 2024-06-04) Lajuba,Sopia,Ayu; Triwinarko, Andypusat data X data center is an important part of Telkom Indonesia (Persero) and TelkomGroup's plan to make Indonesia a global digital hub. The data center plays an important role in storing and managing sensitive data to support the development of Indonesia's digital ecosystem. However, the challenge faced by pusat data X is to ensure that information security runs well in its operations. This assessment is crucial to evaluate the degree to which pusat data X has implemented necessary security practices to safeguard sensitive data and ensure operational reliability. The aim of this study is to determine the level of information security maturity at pusat data X and offer recommendations based on the assessment. Analysis of the current maturity level reveals that the detection aspect of information security has attained the highest level of maturity, scoring 4.75. However, there was the lowest score on the identification aspect, specifically on the sub-aspects of asset management, risk management, and reporting, which achieved a score of 4.61. The overall average maturity is 4.67. In addition, gaps between actual conditions and the ISO/IEC 27001:2022 standard were identified, and recommendations have been provided to improve alignment. By comprehending the degree of adherence to the ISO 27001 standard, strategies for enhancement and advancement can be formulated to bolster information security at pusat data X, thus aiding Indonesia's endeavors to materialize its vision as a globally recognized digital hub with a robust and fortified infrastructure.Item ANALISIS PENERAPAN FITUR UNIFIED THREAT MANAGEMENT (UTM) FORTIGATE SEBAGAI FIREWALL UNTUK MENINGKATKAN KINERJA JARINGAN DENGAN PEMBATASAN AKSES APLIKASI SOSIAL MEDIA DAN PLATFORM STREAMING PADA PT. SANIPAK INDONESIA(Politeknik Negeri Batam, 2024-06-10) Hastuti, Dessy Nur; Triwinarko, AndyIn the era of open internet connectivity, enterprises are faced with increasing security threats in the digital world. Therefore, protecting sensitive data and network performance are top priorities to achieve optimal operational performance. By implementing policies to restrict access to social media applications and streaming platforms, companies can strengthen defenses against cyber attacks such as phishing and optimize network infrastructure performance more effectively. This research uses the features provided by Fortigate 80F to block unauthorized applications and streaming platforms, as well as to perform real-time network traffic monitoring. Network performance is measured by applying Quality of Service (QoS) calculations that include throughput, packet loss, and delay parameters, which use TIPHON standards. The results of the research conducted at PT Sanipak Indonesia show that network security has been successfully improved by blocking phishing activities and network performance has also improved significantly, as evidenced by reaching index 4 on the TIPHON scale which indicates a high level of satisfaction.Item Perancangan dan Analisa Jaringan Wifi Hotspot di PT Labtech Penta Internasional Menggunakan Mikrotik(Polieknik Negeri Batam, 2024-06-11) FITRI, EKA SYAH; TRIWINARKO, ANDYThe expanding use of the internet in the digital era has become an essential necessity, spanning across organizational, educational, and business domains. PT Labtech Penta Internasional faces challenges in their business operations due to areas with blank spots and poor network access management. This leads to suboptimal network performance and delays in business processes. The NDLC method is employed to tackle these challenges in implementing hotspot networks. By leveraging the Network Development Life Cycle method at each stage to analyze problems, design, implement, monitor, and manage WiFi networks at PT Labtech Penta Internasional, efforts are made to mitigate blank spot areas by modifying and adding hardware in the blank spot areas. Access management is implemented to regulate the usage of the hotspot network with user credentials and user access. The objective of this research is to ensure more even coverage of WiFi signals across all areas and to establish effective network access management. The results of this study indicate that areas experiencing signal difficulties have received improved WiFi network access with better Signal Strength. Access management for users wishing to connect to the hotspot network includes user credentials and rate limits per user profile.Item Memory DumpAnalysis in Capture The Flag: Using Volatility 3 to Extract Hidden Files(Politeknik Negeri Batam, 2024-06-12) Yusriyah, Isnaeni Hari; Arapenta, Joy Gilbert; Tambunan, Jean Tirstan; Arif, HamdaniThe field of study that examines how to uncover, collect, analyze, and present digital evidence from electronic devices is called computer forensics. This research focuses on the analysis of memory dumps in the Capture The Flag (CTF) cybersecurity competition with the aim of uncovering hidden files that may be concealed in memory by an attacker. Conducting analysis on memory dumps is an important technique in digital forensics and security incident investigation to uncover suspicious activities and hidden evidence that is not available on storage media. The Volatility Framework is utilized as the main framework for analyzing memory dumps. The analysis process adopts the general stages of the computer forensics investigation model, including acquisition, analysis, and extraction. Various Volatility plugins and modules, such as imageinfo, pslist, cmdline, filescan, grep, and dumpfiles, are optimized to identify suspicious processes, locations of hidden files, and passwords required to open encrypted files. This research shows that the Volatility Framework is an effective memory forensics tool for extracting important information from memory dumps, including hidden files, which is highly useful in the context of cybersecurity competitions such as Capture The Flag (CTF).Item Respon Mahasiswa Pada Pemahaman Penetration Testing Melalui Gamifikasi Capture The Flag (Studi Kasus Program Studi Rekayasa Keamanan Siber Politeknik Negeri Batam)(2024-06-21) Indriani, Yunita Tri; Resda, Dodi Prima; Haikal, AntoniThe increase in cybercrime is one of the triggers for knowledge about cybersecurity. The ever-evolving cyber knowledge is the task of teachers in finding solutions on how to keep up with the knowledge that continues to evolve every time. Cybersecurity knowledge has been applied in various ways, one of which is in the form of gamification capture the flag. Gamification of capture the flag has become the choice of many students to learn the understanding of penetration testing. This solution requires the support of student responses in its implementation in the Batam State Polytechnic Cybersecurity Engineering Study Program. This study program has supported learning with capture the flag gamification and collaborated with project-based learning penetration testing so that the respondents taken meet the requirements in this study. This research aims to help teachers determine the right learning techniques and get responses related to the implementation of gamification capture the flag with an understanding of penetration testing. In this study, the method used is a quantitative method with descriptive statistical analysis with three factors analyzed, namely theoretical understanding, practical understanding, and awareness of the importance of penetration testing. The results of this study resulted in a good response from students regarding the understanding of penetration testing through gamification capture the flag, both in theoretical understanding, practical understanding, and awareness of the importance of penetration testing.Item AUDIT TATA KELOLA TEKNOLOGI INFORMASI DI PT SMOE INDONESIA MENGGUNAKAN FRAMEWORK COBIT 2019(Journal of Applied Informations and Computing (JAIC), 2024-06-24) Al Mouf, Depri; Sari, Festy WindaInformation technology governance is an important part of the Company. Every Company that has implemented information technology in its activities must have good IT governance so that the company's business goals can be achieved with optimal utilization of information technology. This study examines the implementation of information technology governance at PT. SMOE Indonesia with the aim of improving information security. In this context, the information technology governance audit uses the COBIT 2019 framework. The audit was conducted to determine the domains and processes that exist at PT. SMOE Indonesia, the domains and processes used are APO13 and DSS05. The audit was conducted to determine the level of capability of each IT process running at PT. SMOE Indonesia.Item Analisis Pengaruh Capture The Flag Jeopardy-Style Dalam Memperkenalkan Pendidikan Digital Forensik Menggunakan Metode User Experience Questionnaire(2024-06-24) Meirasari, Mudjrika; Resda, Dodi Prima; Haikal, AntoniThe importance of cybersecurity education in the digitalization era is a big concern. One of them is through the concept of gamification, which is a technique of using games by applying educational principles. Based on this, Capture The Flag (CTF) is used as a set of challenges to improve the basics of cybersecurity which includes several questions with the primary goal of finding the flag. CTF has several fields, one of which will be discussed specifically in this paper regarding the CTF Jeopardy-Style platform especially digital forensics which has been created to introduce digital forensics education especially for beginners. digital forensics is used to identify and analyze digital evidence. In the concept of CTF, participants are required to gather information, analyze files, and solve the challenge of the question using digital forensic techniques, either using tools or manually, to get flags as evidence of successful completion of the challenge. The interrelation between CTF and digital forensics provides an important foundation in the development of skills needed to fight digital crime. Additionally, UEQ is used as a tool to test the learning platform to determine if it is fulfilling the user's expectations based on their experience while playing.Item Analysis of Cybersecurity Maturity Level at PT XYZ Using Cyber Security Maturity (CSM)(Politeknik Negeri Batam, 2024-06-25) CUT ISNAINI MARDZIYYAH CUT ISNAINI MARDZIYYAH; Haikal, AntoniIn an effort to enhance cybersecurity at PT XYZ, a Cyber Security Maturity (CSM) analysis was conducted. This assessment identified the level of cybersecurity maturity and highlighted strengths and weaknesses across various aspects. The results indicate that PT XYZ's cybersecurity still requires improvement. Although there are structured organizations and procedures in place, the implementation of cybersecurity is still inconsistent, potentially increasing cybersecurity risks. This analysis provides a better understanding of PT XYZ's cybersecurity condition and encourages improvement plans to strengthen their cybersecurity.Item Analisis Kesadaran Keamanan Dengan Model Kruger & Kearney Dalam Penggunaan E-Wallet Pada Generasi Z (Gen-Z) Di Indonesia(Politeknik Negeri Batam, 2024-07-08) Nur, Muhammad Abdul Razak; Arif, HamdaniIn recent years, e-wallets, sometimes known as digital wallets, have gained popularity in Indonesia. Under all the comforts offered, patrons are exposed to a multitude of security hazards. Similar to how the human factor is crucial to cybersecurity and information, security awareness is necessary. This study used primary data to analyze variations in security awareness according to the demographic features of the 207 E-Wallet users in Indonesia who took part in an online survey. The study aimed to measure the consumers' degree of security awareness. Indonesian E-Wallet users have a generally high level of security awareness, according to the measurement results based on the Kruger and Kearney model. However, there is still room for improvement in terms of knowledge, attitudes, and behaviors regarding software, the internet, and PINs/passwords, all of which are lower than in the hardware focus area. Additionally, this survey found that the two main factors influencing Indonesian E-Wallet users' level of security awareness are age and gender (generation Z). The study's findings can be utilized to develop a variety of targeted policies or interventions aimed at raising security awareness among all Indonesian e-wallet users.Item Analisis Sistem Keamanan Akses Fisik Ruang Perangkat Next Generation Network Berdasarkan Standar Sni 8799 Tahun 2019 Di PT.Telkom Indonesia(Politeknik Negeri Batam, 2024-07-12) Rahman, Mhd.Rafid; TRIWINARKO, ANDYPhysical security of Next Generation Network (NGN) equipment rooms at PT.Telkom Indonesia is crucial to maintain the integrity and reliability of the national telecommunications network. This study aims to analyze the current level of physical access security, observe the conditions of NGN equipment rooms, and propose improvements in accordance with the SNI 8799:2019 security standards. Through analysis and observation methodologies, it was found that while the existing physical security systems adequately protect most areas, there are vulnerabilities that need immediate attention. One such issue is the use of conventional keys at access points, which are inadequate, along with the need to increase the number of CCTV cameras to monitor critical areas more effectively. Recommended improvements include enhancing security systems with biometric technology for tighter access control, augmenting surveillance infrastructure such as CCTV, and implementing comprehensive standard regulations to ensure compliance with physical security arrangements. These steps are expected to enhance protection of NGN equipment from physical threats, ensuring optimal system performance for PT Telkom Indonesia in delivering reliable and secure telecommunications services.Item ANALISIS IMPLEMENTASI NIST CYBERSECURITY FRAMEWORK (CSF) DAN CMMI DALAM PENINGKATAN KEMATANGAN SIBER PADA SISTEM JARINGAN KOMPUTER DI PT PORT SEKUPANG BATAM(Politeknik Negeri Batam, 2025) Ningsih, Dwi Ayu; Sari, Festy Winda; Sari, Festy WindaThe maritime sector, especially port operations, heavily relies on computer systems to manage global logistics and communication. PT Port Sekupang Batam, as a strategic port, is facing heightened risks from cyber threats that could cause operational disruptions, financial losses, and damage to reputation. Global incidents of cyber attacks in the maritime sector are continuously rising, targeting supply chains and critical infrastructure. In the context of PT Port Sekupang Batam, computer systems form a complex ecosystem that is vulnerable to advanced attacks such as phishing, ransomware, and Denial of Service (DoS). The audit report in August 2022 showed that PT Port Sekupang Batam had been the target of a phishing attack that resulted in identity theft, unauthorized access to internal networks, and severe operational disruptions, highlighting the profound impact of human misconduct. In light of these threats, port facilities are required to comply with international maritime security regulations (ISPS Code, IMO MSC-FAL.1/Circ.3/Rev.1) and national regulations (PP No. 31, SE – DJPL 16 of 2024) that mandate a cybersecurity assessment (CSA) and a cybersecurity plan (CSP). To address this need, this study proposes a comprehensive cybersecurity framework that incorporates the NIST Cybersecurity Framework (CSF) and the Capability Maturity Model Integration (CMMI). The goal of this integration is to identify potential improvements, assess the effectiveness of security processes, and provide a structured plan for continuous improvement.Item Analisis Hybrid Untuk Deteksi Dan Pencegahan Serangan Malware Qakbot V4 Pada Windows 10(2025-05-22) Tampubolon, Yehezkiel; NelmiawatiSeiring dengan meningkatnya ancaman malware yang menargetkan sistem dan data sensitif, Qakbot, sebuah banking trojan, menjadi ancaman serius yang dapat mencuri data melalui infiltrasi tersembunyi. Penelitian ini bertujuan mengembangkan YARA Rules untuk mendeteksi dan mencegah penyebaran Qakbot. Dengan pendekatan hybrid analysis yang menggabungkan analisis statis dan dinamis, penelitian ini memberikan pemahaman lebih komprehensif mengenai perilaku malware. Analisis dilakukan di lingkungan isolasi berbasis Flare-VM, menggunakan alat seperti Pe Studio, Process Monitor, dan Wireshark, untuk mempelajari karakteristik Qakbot secara aman. Hasil analisis menghasilkan Indicators of Compromise (IoC) dan pola perilaku yang mendalam, yang menjadi dasar penyusunan YARA Rules baru yang dirancang untuk mendeteksi varian Qakbot yang sebelumnya tidak terdeteksi oleh sistem konvensional. Aturan ini diimplementasikan pada sistem Intrusion Detection and Prevention System (IDPS) Suricata untuk mendeteksi dan mencegah infeksi Qakbot secara real-time.Item Analisis Teknik Obfuscation Terhadap ModSecurity Dalam Mencegah Serangan Cross-Site Scripting (XSS) dan SQL Injection(Politeknik Negeri Batam, 2025-06-26) Dealova, Kessy; NelmiawatiPenggunaan Internet terus meningkat setiap tahunnya. Hal ini dibuktikan dengan persentase pengguna internet di Indonesia yang mencapai 79,50% pada tahun 2024. Internet memberikan berbagai kemudahan dalam menyelesaikan pekerjaan. Namun, aspek keamanan menjadi hal yang tidak dapat diabaikan, terutama dengan meningkatnya celah keamanan pada platform web. Salah satu bentuk ancaman yang umum ditemukan pada web adalah Cross-Site Scripting (XSS) dan SQL Injection. Berdasarkan laporan OWASP Top 10, kedua serangan ini tercatat pada daftar tahun 2017 dan kembali muncul dalam versi tahun 2021, yang menunjukkan bahwa ancaman tersebut masih relevan hingga saat ini. Bahkan pada Juni 2024, ditemukan kerentanan XSS dan SQL Injection pada salah satu perusahaan, PT XYZ. Salah satu upaya mitigasi terhadap serangan ini adalah penggunaan Web Application Firewall (WAF), seperti ModSecurity, yang dapat melindungi situs web dari eksploitasi kerentanan. Akan tetapi, berdasarkan penelitian sebelumnya, terdapat celah pada versi lama ModSecurity yang dapat ditembus menggunakan teknik obfuscation sederhana. Penelitian ini bertujuan untuk menganalisis efektivitas aturan bawaan ModSecurity Core Rule Set (CRS) versi 4.7 dalam menghadapi payload XSS dan SQL Injection berjenis polyglot obfuscation, yaitu teknik pengaburan karakter yang kompleks untuk menghindari deteksi WAF. Penelitian dilakukan dengan metode eksperimental. Kontribusi dari penelitian ini adalah memberikan analisis terhadap ketahanan ModSecurity terhadap serangan obfuskasi polyglot. Hasil penelitian menunjukkan bahwa seluruh payload berhasil dideteksi dan diblokir oleh ModSecurity dengan respon HTTP 403. Hal ini membuktikan bahwa aturan bawaan CRS 4.7 telah mampu memberikan perlindungan yang efektif terhadap ancaman XSS dan SQL Injection.Item Analisis Risiko Keamanan Informasi Berbasis Business Impact Analysis Untuk Memenuhi Standar ISO 27001 Pada Aplikasi XYZ(Politeknik Negeri Batam, 2025-07-22) Putri, Nisrina Amelia; ., NelmiawatiKeamanan informasi tidak hanya mencakup perlindungan terhadap data digital, tetapi juga sistem fisik yang mendukung aktivitas operasional perusahaan. Penelitian ini bertujuan untuk menganalisis risiko keamanan informasi pada Aplikasi XYZ, sebuah sistem manajemen akses fisik yang digunakan oleh Perusahaan SN. Penelitian ini bertujuan untuk menganalisis risiko keamanan informasi pada Aplikasi XYZ dengan menggunakan pendekatan Business Impact Analysis. Business Impact Analysis digunakan untuk mengidentifikasi proses bisnis kritikal, menilai dampak gangguan, serta menentukan parameter pemulihan seperti RTO, RPO, dan MTPD. Hasil analisis menunjukkan dua proses bisnis yang memiliki risiko tinggi dan potensi kerugian finansial yang signifikan. Tiga risiko utama yang teridentifikasi adalah downtime server, serangan brute force, dan kebocoran data oleh pihak internal. Strategi pemulihan disusun berdasarkan skenario kehilangan yang relevan, dan seluruh kontrol keamanan informasi yang diimplementasikan telah sesuai dengan Annex A ISO/IEC 27001:2022. Hasil ini menunjukkan bahwa pendekatan BIA dapat mendukung kesiapan perusahaan dalam memenuhi standar sertifikasi keamanan informasi.Item EVALUASI KINERJA SISTEM ANCAMAN SIBER MELALUI INTEGRASI WAZUH DAN TELEGRAM DI PT.XYZ(Politeknik Negeri Batam, 2025-07-22) Ardhana, Salwa; Idris, MuhammadKeamanan siber merupakan aspek krusial dalam menjaga keberlangsungan operasional sistem informasi perusahaan. PT. XYZ bagai entitas yang mengandalkan infrastruktur TI, memerlukan sistem deteksi dan respons ancaman yang efektif dan real-time. Penelitian ini bertujuan untuk mengevaluasi kinerja sistem keamanan berbasis Wazuh yang diintegrasikan dengan Telegram sebagai media notifikasi instan dalam merespons potensi ancaman siber. Metode yang digunakan meliputi instalasi dan konfigurasi Wazuh sebagai Security Information and Event Management (SIEM), integrasi dengan bot Telegram, serta pengujian melalui simulasi serangan seperti SQL Injection, Broken Access Control, Cryptographic Failures, dan Denial of Service (DoS). Evaluasi dilakukan berdasarkan parameter kecepatan deteksi, akurasi alert, serta efisiensi notifikasi kepada tim keamanan. Hasil penelitian menunjukkan bahwa integrasi Wazuh dengan Telegram mampu meningkatkan responsivitas sistem terhadap ancaman, dengan rata-rata waktu notifikasi di bawah 10 detik setelah deteksi serangan. Temuan ini membuktikan bahwa kombinasi Wazuh dan Telegram dapat menjadi solusi efektif dalam meningkatkan kapabilitas pemantauan dan respons keamanan siber di lingkungan perusahaan. Kata Kunci: Wazuh, Telegram, Keamanan Siber, SIEM, Evaluasi Kinerja, Deteksi Ancaman.Item ANALISIS HYBRID RANSOMWARE LOCKBIT 3.0 UNTUK PENCEGAHAN SERANGAN PADA WINDOWS 10 DAN 11(2025-08-06) Syaputra, Januardi; NelmiawatiLockBit 3.0 adalah salah satu varian ransomware yang menjadi ancaman signifikan dalam lanskap keamanan siber. Penelitian ini dilakukan untuk melihat perilaku ransomware dalam menginfeksi sistem operasi Windows 10 dan 11, serta memberikan saran pencegahan berdasarkan hasil analisis. Penelitian dimulai dengan studi literatur terkait metode infeksi ransomware. Selanjutnya, dibangun lingkungan pengujian yang aman menggunakan virtual machine. Analisis statis dilakukan tanpa mengeksekusi ransomware untuk melihat struktur file dan karakteristik malware, sementara analisis dinamis dilakukan dengan mengeksekusi ransomware di lingkungan isolasi untuk mengamati perilakunya secara langsung. Hasil analisis menunjukkan bahwa tidak terdapat perbedaan signifikan antara respons sistem operasi Windows 10 dan 11 terhadap serangan LockBit 3.0. Hal ini disebabkan oleh kondisi pengujian yang mengharuskan antivirus dinonaktifkan agar ransomware dapat dijalankan, sehingga fitur proteksi bawaan dari kedua sistem tidak dapat berfungsi secara optimal. Selain itu, hasil analisis juga menghasilkan beberapa saran pencegahan terhadap ransomware LockBit 3.0.