đĄī¸ Flowchart Sistem Deteksi Malware
Sistem Edukatif dengan Checksum, Rule-Based Detection & AI Analysis
graph TB
Start([đ¤ User Upload File]) --> Validate{Validasi File}
Validate -->|â Size > 50MB| Error1[Error: File Terlalu Besar]
Validate -->|â Format Invalid| Error2[Error: Format Tidak Valid]
Validate -->|â
Valid| Save[đž Simpan Temporary
/uploads/]
Save --> Hash[đ Hitung Hash]
Hash --> MD5[MD5 Hash]
Hash --> SHA256[SHA256 Hash]
MD5 --> CheckDB{đ Cek Database
malware_signatures}
SHA256 --> CheckDB
CheckDB -->|â
Hash Match| Malicious[đ´ MALICIOUS
Known Malware]
CheckDB -->|â No Match| ReadFile[đ Baca File Content]
ReadFile --> Rules{đ Rule-Based
Pattern Matching}
Rules --> P1[eval\( ]
Rules --> P2[base64_decode]
Rules --> P3[shell_exec]
Rules --> P4[\$_POST.*eval]
Rules --> P5[c99|r57|wso]
P1 --> Found{Pattern
Found?}
P2 --> Found
P3 --> Found
P4 --> Found
P5 --> Found
Found -->|â
Yes| Suspicious[đĄ SUSPICIOUS
Malicious Pattern]
Found -->|â No| CheckZip{đĻ ZIP/RAR?}
CheckZip -->|Yes| Extract[Ekstrak Archive]
Extract --> ScanInside[Scan Files Inside]
ScanInside --> ThreatInside{Threat?}
ThreatInside -->|Yes| Suspicious
ThreatInside -->|No| CheckAI
CheckZip -->|No| CheckAI{đ¤ AI Enabled?}
CheckAI -->|Yes| CallAPI[Call Claude API]
CallAPI --> AIAnalysis[AI Analysis:
- Behavioral Pattern
- Code Structure
- Obfuscation]
AIAnalysis --> AIResult{AI Risk Level}
AIResult -->|HIGH/CRITICAL| Suspicious
AIResult -->|MEDIUM| Suspicious
AIResult -->|LOW| Safe[đĸ SAFE
No Threats]
CheckAI -->|No| Safe
Malicious --> SaveDB[(đž Save to Database
MariaDB)]
Suspicious --> SaveDB
Safe --> SaveDB
SaveDB --> DeleteTemp[đī¸ Delete Temporary File]
DeleteTemp --> ShowResult[đ Tampilkan Hasil]
ShowResult --> UserAction{User Action}
UserAction -->|View Detail| Detail[đ Detail Page:
- Filename
- MD5/SHA256
- Threat Level
- Detection Method]
UserAction -->|View History| History[đ History Page:
- Total Scans
- Statistics
- All Records]
UserAction -->|Delete| Delete[đī¸ Delete from DB]
UserAction -->|Scan Again| Start
History --> HistoryAction{Action}
HistoryAction -->|View Detail| Detail
HistoryAction -->|Delete One| Delete
HistoryAction -->|Delete All| DeleteAll[đī¸ Truncate Table]
style Malicious fill:#fee2e2,stroke:#ef4444,stroke-width:3px
style Suspicious fill:#fef3c7,stroke:#f59e0b,stroke-width:3px
style Safe fill:#d1fae5,stroke:#10b981,stroke-width:3px
style CallAPI fill:#e0e7ff,stroke:#667eea,stroke-width:2px
style AIAnalysis fill:#e0e7ff,stroke:#667eea,stroke-width:2px
style SaveDB fill:#ddd6fe,stroke:#8b5cf6,stroke-width:2px
MALICIOUS
Known malware detected
SUSPICIOUS
Malicious pattern found
AI Analysis
Claude API integration
âšī¸ Komponen Sistem:
âĸ Frontend: HTML, CSS, JavaScript
âĸ Backend: PHP 7.x, Nginx, PHP-FPM
âĸ Database: MariaDB (MySQL)
âĸ AI Engine: Claude API (Anthropic)
âĸ Detection Methods: Checksum (MD5/SHA256), Rule-Based Pattern Matching, Archive Analysis, AI Behavioral Analysis
âĸ Server: ilhameffendy.my.id (103.245.38.25)