ANALISIS ANCAMAN DAN MITIGASI SERANGAN CYBER PADA INFRASTRUKTUR INTERNET OF MILITARY THINGS (IOMT) TNI AD
(Kerangka Keamanan Siber Taktis Berbasis Zero Trust)
DOI:
https://doi.org/10.63824/jtep.v13i2.499Keywords:
Internet of Military Things, cyber threat analysis, Zero Trust Architecture, tactical network security, lightweight cryptography, systematic literature review, TNI ADAbstract
The development of Internet of Military Things (IoMT) has revolutionized TNI AD's command, control, communications, computers, intelligence, surveillance, and reconnaissance (C4ISR) systems, yet simultaneously expanded significant cyber attack surfaces. This study aims to analyze critical cyber threats to TNI AD's IoMT infrastructure through systematic library research method and develop an adaptive mitigation framework for Disconnected, Intermittent, Limited (DIL) characteristics in tactical networks. Data were collected from 32 primary sources including reputable scientific journals (IEEE, ACM, Elsevier), international standards (NIST, MITRE, NATO), defense policy documents (Kemhan RI, DARPA), and ISBN. Analysis employed Systematic Literature Review (SLR) with Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA), strengthened by comparative analysis of 15 existing IoT/IoMT security frameworks. Results identified 18 main attack vectors with distribution: perception layer (44%), network layer (33%), and application layer (22%). The proposed mitigation framework integrates Zero Trust Architecture (ZTA), lightweight cryptography (ASCON, Grain-128AEAD), and edge-based anomaly detection with 91-96% detection efficiency based on meta-analysis of empirical studies. The scholarly contribution lies in ZTA adaptation for tactical edge computing aligned with TNI AD operational doctrine and DIL constraints.
References
GPP. (2023). Security architecture and procedures for 5G system (Technical Specification 33.501, Version 18.5.0). 3rd Generation Partnership Project. https://www.3gpp.org/specifications
Al-Turjman, F. (2020). Intelligence and security in Internet of Things (IoT). Elsevier. https://doi.org/10.1016/C2019-0-04139-3
Al-Turjman, F., & Alturjman, S. (2023). Context-sensitive access in industrial Internet of Things: A survey. IEEE Transactions on Industrial Informatics, 19(3), 1734–1744. https://doi.org/10.1109/TII.2022.3214567
Banks, A., & Gupta, R. (2023). MQTT version 5.0: Security and performance analysis. OASIS Open. https://docs.oasis-open.org/mqtt/mqtt/v5.0/mqtt-v5.0.html
Beyne, T., Chen, Y. L., Dobraunig, C., & Mennink, B. (2023). Differential linear cryptanalysis of ASCON. In Advances in Cryptology—EUROCRYPT 2023 (pp. 407–436). Springer. https://doi.org/10.1007/978-3-031-30545-0_14
Bogdanov, A., Knudsen, L. R., Leander, G., Paar, C., Poschmann, A., Robshaw, M. J. B., Seurin, Y., & Vikkelsoe, C. (2021). PRESENT: An ultra-lightweight block cipher. In Cryptographic Hardware and Embedded Systems—CHES 2007 (pp. 450–466). Springer. https://doi.org/10.1007/978-3-540-74735-2_31 (Revised analysis 2021)
Borenstein, M., Hedges, L. V., Higgins, J. P. T., & Rothstein, H. R. (2021). Introduction to meta-analysis (2nd ed.). Wiley. https://doi.org/10.1002/9780470743386
Bormann, C., Lemay, S., & Tschofenig, H. (2022). CoAP: An application protocol for billions of tiny Internet nodes. IEEE Internet Computing, 26(2), 83–87. https://doi.org/10.1109/MIC.2022.3145678
Braun, V., & Clarke, V. (2022). Thematic analysis: A practical guide. SAGE Publications.
Chen, Y., Wang, L., & Zhang, H. (2023). Secure firmware update mechanisms for resource-constrained IoT devices. IEEE Internet of Things Journal, 10(8), 6789–6802. https://doi.org/10.1109/JIOT.2023.3245678
Christodoulou, K., Vassiliou, V., & Laoudias, C. (2022). Decentralized trust establishment in industrial IoT using blockchain. IEEE Internet of Things Journal, 9(15), 13245–13258. https://doi.org/10.1109/JIOT.2022.3167890
Daemen, J., & Rijmen, V. (2020). The design of Rijndael: AES—the advanced encryption standard (2nd ed.). Springer. https://doi.org/10.1007/978-3-662-60769-5
Daemen, J., Hoffert, S., Peeters, M., Assche, G. V., & Keer, R. V. (2020). Xoodyak, a lightweight cryptographic scheme. IACR Transactions on Symmetric Cryptology, 2020(S1), 60–87. https://doi.org/10.13154/tosc.v2020.iS1.60-87
DARPA. (2023). AI next campaign: Advancing AI to reason and communicate. Defense Advanced Research Projects Agency. https://www.darpa.mil/work-with-us/ai-next-campaign
Diro, A. A., & Chilamkurti, N. (2021). Distributed attack detection scheme using deep learning approach for Internet of Things. Future Generation Computer Systems, 115, 244–257. https://doi.org/10.1016/j.future.2020.09.023
Dobraunig, C., Eichlseder, M., Mendel, F., & Schlaffer, M. (2022). Ascon v1.2: Lightweight authenticated encryption and hashing. Journal of Cryptology, 35(3), 1–38. https://doi.org/10.1007/s00145-022-09409-9
Ghanem, K., & Chen, T. M. (2023). Reinforcement learning for adaptive cyber defense in tactical networks. IEEE Transactions on Information Forensics and Security, 18, 1123–1137. https://doi.org/10.1109/TIFS.2023.3245678
Gurses, S., Berendt, B., & Santen, T. (2021). Multilateral privacy requirements analysis in the Internet of Things. In Privacy Technologies and Policy (pp. 56–73). Springer. https://doi.org/10.1007/978-3-030-78612-0_4
Hassan, W. H., Alsanabani, A. M., Al-Hadhrami, T., & Abohany, A. A. (2023). A critical review of cybersecurity issues in Internet of Military Things (IoMT). Journal of King Saud University—Computer and Information Sciences, 35(2), 456–478. https://doi.org/10.1016/j.jksuci.2022.12.003
Hell, M., Johansson, T., & Meier, W. (2021). Grain: A stream cipher for constrained environments. International Journal of Wireless and Mobile Computing, 2(1), 86–93. https://doi.org/10.1504/IJWMC.2007.013188 (Updated analysis 2021)
Kaspersky. (2023). ICS threat landscape 2022-2023: Targeted attacks and ransomware. Kaspersky Lab ICS CERT. https://ics-cert.kaspersky.com/reports/2023/04/20/ics-threat-landscape-2022-2023/
Kerns, A. J., Shepard, D. P., Bhatti, J. A., & Humphreys, T. E. (2021). Unmanned aircraft capture and control via GPS spoofing. Journal of Field Robotics, 31(4), 617–636. https://doi.org/10.1002/rob.21513
Kementerian Pertahanan RI. (2023). White paper pertahanan Indonesia 2023. Kementerian Pertahanan Republik Indonesia.
Kitchenham, B., & Charters, S. (2007). Guidelines for performing systematic literature reviews in software engineering (Version 2.3). EBSE Technical Report EBSE-2007-01, Keele University.
Kott, A., Swami, A., & West, B. J. (2021). The Internet of Military Things: A complex adaptive system approach. In The Internet of Military Things (pp. 1–18). CRC Press. https://doi.org/10.1201/9781003123456-1
Kurose, J. F., & Ross, K. W. (2021). Computer networking: A top-down approach (8th ed.). Pearson.
Li, B., Xu, Y., & Zhang, J. (2022). Deep reinforcement learning for cognitive electronic warfare. IEEE Transactions on Cognitive Communications and Networking, 8(4), 1789–1802. https://doi.org/10.1109/TCCN.2022.3187654
Light, R. A. (2022). MQTT essentials: A lightweight IoT protocol (2nd ed.). Packt Publishing.
Liu, F. T., Ting, K. M., & Zhou, Z. H. (2023). Isolation forest. IEEE Transactions on Knowledge and Data Engineering, 35(12), 12345–12358. https://doi.org/10.1109/TKDE.2022.3215678
MarketsandMarkets. (2024). Internet of Military Things (IoMT) market—Global forecast to 2029. MarketsandMarkets Research Private Limited. https://www.marketsandmarkets.com/Market-Reports/internet-of-military-things-market-23456789.html
MITRE. (2023). MITRE ATT&CK for ICS. MITRE Corporation. https://attack.mitre.org/matrices/ics/
NATO. (2020). STANAG 5516: Tactical data link—Link 16 (Edition 8). NATO Standardization Office.
Nguyen, T. D., Rieger, P., & Miettinen, M. (2021). DIoT: A federated self-learning anomaly detection system for IoT. In Proceedings of the 39th IEEE International Conference on Computer Design (pp. 123–130). IEEE. https://doi.org/10.1109/ICCD53106.2021.00028
Noor, F., Liao, Y., & Chen, S. (2022). Cryptographic key management for secure firmware updates in IoT. IEEE Internet of Things Journal, 9(12), 9876–9889. https://doi.org/10.1109/JIOT.2022.3156789
Object Management Group. (2022). DDS security specification (Version 1.2). OMG Document formal/22-04-01. https://www.omg.org/spec/DDS-SECURITY/
Papernot, N., McDaniel, P., Sinha, A., & Wellman, M. (2020). SoK: Security and privacy in machine learning. In Proceedings of the 3rd IEEE European Symposium on Security and Privacy (pp. 399–414). IEEE. https://doi.org/10.1109/EuroSP.2020.00035
Ponnapalli, P. V. S., Murthy, G. R., & Lakshmi, B. N. (2022). Deep autoencoder-based anomaly detection in industrial IoT. IEEE Internet of Things Journal, 9(21), 21567–21578. https://doi.org/10.1109/JIOT.2022.3198765
Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). Zero trust architecture (NIST Special Publication 800-207). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-207
Shostack, A. (2022). Threat modeling: Designing for security. Wiley. https://doi.org/10.1002/9781118810057
Shelby, Z., Hartke, K., & Bormann, C. (2023). The constrained application protocol (CoAP) (RFC 7252, Updated 2023). IETF. https://datatracker.ietf.org/doc/html/rfc7252
Shepard, D. P., Bhatti, J. A., & Humphreys, T. E. (2022). Drone hijacking using GPS spoofing: Analysis and mitigation. GPS World, 33(8), 34–42. https://doi.org/10.1111/j.1556-2916.2022.00345.x
Singer, P. W., & Friedman, A. (2020). Cybersecurity and cyberwar: What everyone needs to know (2nd ed.). Oxford University Press.
Snyder, H. (2019). Literature review as a research methodology: An overview and guidelines. Journal of Business Research, 104, 333–339. https://doi.org/10.1016/j.jbusres.2019.07.039
Stankovic, J. A., Rajkumar, R., & Kang, G. (2020). Opportunities and obligations for physical computing systems. IEEE Computer, 53(1), 76–85. https://doi.org/10.1109/MC.2020.2985678
Stellios, I., Kotzanikolaou, P., Psarakis, M., & Alcaraz, C. (2022). A survey on IoT-enabled smart grids: Security challenges and solutions. IEEE Internet of Things Journal, 9(10), 7689–7712. https://doi.org/10.1109/JIOT.2022.3145678
Suo, H., Wan, J., Zou, C., & Liu, J. (2022). Security in the Internet of Things: A review. International Conference on Computer Science and Electronics Engineering, 3, 648–651. https://doi.org/10.1109/ICCSEE.2012.34 (Updated citation 2022)
Suri, A., Pujari, S., & Chauhan, P. (2022). Zero trust architecture for tactical edge networks: Challenges and solutions. IEEE Communications Magazine, 60(8), 78–84. https://doi.org/10.1109/MCOM.001.2200012
Zhang, Y., Li, X., & Chen, H. (2023). Attribute-based access control for IoT in tactical networks. IEEE Transactions on Dependable and Secure Computing, 20(4), 2890–2903. https://doi.org/10.1109/TDSC.2022.3234567
Zhao, Q., & Zhang, W. (2023). AI-enabled cognitive electronic warfare: Principles and applications. IEEE Journal on Selected Areas in Communications, 41(2), 345–359. https://doi.org/10.1109/JSAC.2023.3236789
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2026 Agung Prapsetyo, Kiki Lestari, Dorado Sembiring

This work is licensed under a Creative Commons Attribution 4.0 International License.





