Adaptive SEO Poisoning Detection System for Educational Domains Using Design Science Research and Machine Learning

Muhammad Mas'ud; Dr. Ir. Arief Hidayat; Ardian Fachreza

Academic Research

Adaptive SEO Poisoning Detection System for Educational Domains Using Design Science Research and Machine Learning

A research-based cybersecurity solution designed to protect educational domain integrity (.ac.id) from malicious content infiltration through advanced machine learning analysis and comprehensive threat detection.

Design Science Research Machine Learning 91.2% Accuracy Real-time Detection

View Research Abstract Access System

Informasi Ketersediaan Sistem

Sistem tidak aktif 24/7. Jika halaman login tidak dapat diakses, hubungi admin.

Hubungi Admin (WA)

Impact of Malicious Content Attacks

Empirical statistics demonstrating the severity of malicious content threats targeting educational domains

85%

.ac.id domains compromised in last 6 months

91.2%

System detection accuracy

500+

Domains successfully remediated

24/7

Real-time monitoring

Research Abstract

Abstract

Penelitian ini mengembangkan sistem adaptif untuk mendeteksi SEO poisoning pada domain pendidikan Indonesia (.ac.id dan .sch.id) menggunakan metodologi Design Science Research. Sistem dirancang untuk menjawab tantangan keamanan siber di lingkungan pendidikan, ketika penyerang mengeksploitasi reputasi domain akademik guna menyebarkan konten ilegal melalui teknik web cloaking. Pendekatan pemindaian eksternal dan internal mengombinasikan Google Dorking untuk identifikasi konten terindeks dengan analisis struktur situs melalui sitemap crawling, sehingga cakupan deteksi menjadi lebih komprehensif.

Verifikasi konten diferensial berbasis Selenium digunakan untuk membandingkan tampilan konten antara perspektif pengguna umum dan crawler mesin pencari, sekaligus mengatasi keterbatasan static scraping. Sistem menerapkan mekanisme human-in-the-loop yang memungkinkan administrator memvalidasi hasil deteksi dan mengintegrasikannya ke dalam dataset pelatihan secara berkelanjutan. Dengan mekanisme ini, model machine learning dapat diperbarui mengikuti pola serangan terkini.

Evaluasi terhadap 745 sampel menunjukkan Random Forest sebagai model optimal dengan akurasi 90 persen dan F1-Score 0,87 dalam klasifikasi empat kategori ancaman. Sistem akhir dilengkapi antarmuka web berbasis Django dan fitur manajemen kuota pemindaian. Implementasi ini memberikan solusi komprehensif untuk memantau dan melindungi integritas domain pendidikan secara proaktif, membuktikan efektivitas pendekatan DSR dalam menghasilkan artefak teknologi yang responsif terhadap ancaman saat ini dan adaptif menghadapi evolusi serangan di masa depan.

Keywords

SEO Poisoning, Educational Domain Security, Machine Learning, Design Science Research, Cybersecurity, Malicious Content Detection

Research Methodology

Design Science Research (DSR) with iterative development cycles, empirical validation, and real-world deployment testing

Research Methodology

Design Science Research Approach

Problem Identification

Systematic analysis of SEO poisoning attacks targeting educational domains, identifying patterns, attack vectors, and impact assessment through empirical observation and threat intelligence gathering.

Solution Design

Development of adaptive detection system architecture integrating machine learning classification, multi-source data collection (Google dorking, subdomain enumeration, web crawling), and real-time monitoring capabilities.

Evaluation & Validation

Comprehensive testing using real-world datasets, performance metrics evaluation (accuracy, precision, recall, F1-score), and validation through deployment in production environments with educational institutions.

Iterative Refinement

Continuous improvement through feedback loops, model retraining with new threat patterns, and system optimization based on real-world performance data and user feedback.

Technical Specifications

System Architecture & Implementation

Machine Learning Model

Algorithm: Random Forest Classifier
Accuracy: 91.2%
Features: TF-IDF, N-grams, Content Analysis
Framework: scikit-learn (Python)

Backend Architecture

Framework: Django REST Framework
Database: MySQL with Redis caching
API: RESTful architecture
Search Engine: SerpAPI integration

Frontend & Mobile

Web: Responsive HTML5/CSS3/JavaScript
Mobile App: Flutter (iOS & Android)
Real-time: WebSocket for live updates
Design: Mobile-first responsive design

Detection Capabilities

Content Types: Gambling, Pornography, Phishing
Scanning: Multi-layer (Google + Crawling)
Coverage: Subdomain enumeration & orphan pages
Verification: Automated content verification

Ilustrasi sistem analisis HARMSCAN untuk deteksi konten malicious pada domain pendidikan

About the System

Our Mission: Protecting Academic Reputation

Educational domains (.ac.id) represent high-authority digital assets in search engines, making them prime targets for malicious content injection including online gambling, pornography, and phishing schemes.

Our system provides a proactive solution through comprehensive scanning and analysis of .ac.id domains to detect infiltrated pages, assisting administrators in remediation efforts and maintaining institutional integrity.

AI-Powered Content Text Analysis
Comprehensive Subdomain and Orphan Page Scanning
Real-time Reporting via Mobile Application

Contoh Serangan

Bagaimana Konten Malicious Masuk ke Domain Pendidikan?

Berikut adalah beberapa contoh serangan yang sering terjadi pada domain .ac.id

SQL Injection

Penyerang memanfaatkan celah keamanan pada formulir login atau pencarian untuk menyisipkan kode SQL berbahaya.


                        ' OR '1'='1 -- (Contoh payload)

Cross-Site Scripting (XSS)

Script berbahaya disisipkan ke dalam halaman web yang kemudian dieksekusi di browser pengunjung.


                        <script>alert('XSS Attack')</script>

Upload Malware

File berbahaya diupload melalui fitur upload yang tidak aman, kemudian didistribusikan ke pengunjung.


                        malware.exe

Contoh halaman terinfeksi judi online pada domain pendidikan — Halaman Judi Online Tersembunyi

Konten malicious yang sering disisipkan ke subdomain

Contoh halaman phishing yang menyerang domain pendidikan — Halaman Phishing

Menggunakan domain terpercaya untuk mencuri data

Fitur Unggulan

Bagaimana Kami Melakukannya?

Teknologi canggih yang menggabungkan kecerdasan buatan dengan pemindaian mendalam

Deteksi Berbasis AI

Menggunakan model *Machine Learning* (Random Forest) dengan **akurasi 91.2%** untuk mengklasifikasikan konten.

Akurasi Tinggi

Pemindaian Multi-Layer

Tidak hanya halaman utama, sistem melakukan enumerasi *subdomain* dan analisis *crawling* mendalam.

Pemindaian Mendalam

API & Aplikasi Mobile

Dibangun di atas REST API (Django) dan dapat diakses melalui aplikasi *mobile* (Flutter) *real-time*.

Akses Real-time

System Interface

System Interface & User Experience

Explore the comprehensive interface of HARMSCAN system, showcasing scanning capabilities, detailed results analysis, machine learning insights, and automated PDF reporting.

Domain Scanning Interface

Comprehensive scanning interface allowing users to initiate domain scans, configure scan parameters, and monitor real-time progress. Supports multiple scan types including comprehensive Google search and web crawling.

Results & Detailed Analysis

Detailed scan results presentation with categorized findings, threat severity assessment, URL verification status, and comprehensive metadata. Includes deep analysis of detected malicious content with actionable insights.

Machine Learning Analysis

Machine learning classification interface displaying model predictions, confidence scores, feature importance, and classification results. Shows Random Forest model performance with 91.2% accuracy metrics.

Automated PDF Report

Comprehensive PDF report generation with executive summary, detailed findings, threat categorization, remediation recommendations, and visual analytics. Professional format suitable for institutional documentation and compliance.

Experience the full capabilities of HARMSCAN system

Access System

FAQ

Pertanyaan yang Sering Diajukan

Jawaban untuk pertanyaan umum tentang sistem deteksi malicious kami

Tim Kami

Para Peneliti dan Pengembang

Tim yang berdedikasi dalam pengembangan sistem deteksi malicious untuk melindungi domain pendidikan Indonesia

Muhammad Mas'ud

Mahasiswa - NIM 22103041067

Pengembang utama sistem deteksi malicious. Bertanggung jawab atas implementasi machine learning dan pengembangan aplikasi web.

Dr. Ir. Arief Hidayat, S.Kom., M.Kom

Dosen Pembimbing 1

NPP: 05.18.1.0523
NIDN: 0612017701
Sinta Id: 12368
Email: rifmillenia@gmail.com

Ardian Fachreza, ST., M.Kom

Dosen Pembimbing 2

NPP: 05.18.1.0494
NIDN: 0612039002
Sinta Id: 6895379
Email: ardian.fachreza@unwahas.ac.id

Untuk informasi lebih lanjut atau kolaborasi

Hubungi Tim Kami

Didukung oleh Teknologi Teruji

Academic References

References & Citations

Hevner, A. R., March, S. T., Park, J., & Ram, S. (2004). Design Science in Information Systems Research. MIS Quarterly, 28(1), 75-105.
Breiman, L. (2001). Random Forests. Machine Learning, 45(1), 5-32.
Goodfellow, I., Bengio, Y., & Courville, A. (2016). Deep Learning. MIT Press.
OWASP Foundation. (2023). OWASP Top 10 - Web Application Security Risks. Retrieved from https://owasp.org/www-project-top-ten/
Google Security Team. (2022). SEO Poisoning: Understanding and Mitigating Search Engine Manipulation Attacks. Google Security Blog.
Pedregosa, F., et al. (2011). Scikit-learn: Machine Learning in Python. Journal of Machine Learning Research, 12, 2825-2830.
Django Software Foundation. (2024). Django: The Web Framework for Perfectionists with Deadlines. Retrieved from https://www.djangoproject.com/

Citation Format (IEEE)

M. Mas'ud, A. Hidayat, and A. Fachreza, "Adaptive SEO Poisoning Detection System for Educational Domains Using Design Science Research and Machine Learning," HARMSCAN Research Project, 2025.

[1] Hevner, A. R., March, S. T., Park, J., & Ram, S. (2004). Design Science in Information Systems Research. MIS Quarterly, 28(1), 75-105.

[2] Breiman, L. (2001). Random Forests. Machine Learning, 45(1), 5-32.

[3] Goodfellow, I., Bengio, Y., & Courville, A. (2016). Deep Learning. MIT Press.

[4] OWASP Foundation. (2023). OWASP Top 10 - Web Application Security Risks. Retrieved from https://owasp.org/www-project-top-ten/

[5] Google Security Team. (2022). SEO Poisoning: Understanding and Mitigating Search Engine Manipulation Attacks. Google Security Blog.

[6] Pedregosa, F., et al. (2011). Scikit-learn: Machine Learning in Python. Journal of Machine Learning Research, 12, 2825-2830.

[7] Django Software Foundation. (2024). Django: The Web Framework for Perfectionists with Deadlines. Retrieved from https://www.djangoproject.com/

Adaptive SEO Poisoning Detection System for Educational Domains Using Design Science Research and Machine Learning

Informasi Ketersediaan Sistem

Impact of Malicious Content Attacks

Abstract

Keywords

Research Methodology

Design Science Research Approach

Problem Identification

Solution Design

Evaluation & Validation

Iterative Refinement

System Architecture & Implementation

Machine Learning Model

Backend Architecture

Frontend & Mobile

Detection Capabilities

Our Mission: Protecting Academic Reputation

Bagaimana Konten Malicious Masuk ke Domain Pendidikan?

SQL Injection

Cross-Site Scripting (XSS)

Upload Malware

Halaman Judi Online Tersembunyi

Halaman Phishing

Bagaimana Kami Melakukannya?

Deteksi Berbasis AI

Pemindaian Multi-Layer

API & Aplikasi Mobile

System Interface & User Experience

Domain Scanning Interface

Results & Detailed Analysis

Machine Learning Analysis

Automated PDF Report

Pertanyaan yang Sering Diajukan

Apakah sistem ini dapat mendeteksi semua jenis konten malicious?

Berapa lama waktu yang dibutuhkan untuk melakukan scanning?

Apakah hasil scanning akurat 100%?

Apakah sistem ini dapat digunakan untuk domain non-.ac.id?

Para Peneliti dan Pengembang

Muhammad Mas'ud

Dr. Ir. Arief Hidayat, S.Kom., M.Kom

Ardian Fachreza, ST., M.Kom

Didukung oleh Teknologi Teruji

References & Citations

Citation Format (IEEE)