Analysis of Higher Education SIAKAD Website Security Gaps Using the Vulnerability Assessment Method
DOI:
https://doi.org/10.59653/ijmars.v1i03.177Keywords:
OWASP, Zenmap, vulnerability, SIAKAD, Vulnerability ScanningAbstract
SIAKAD is a website-based application designed to facilitate academic management and academic activities by universities. The SIAKAD system contains sensitive and important information from lecturers and students such as personal, academic, and financial information. Seeing the importance of information security, universities must be able to ensure that their SIAKAD is protected by a strong and reliable security system. To find out threats that can be exploited by hackers, it is necessary to analyze security holes in a system. The research procedure was carried out through (1) Terminal, Zenmap, Whois, Wappalyzer as tools for foot printing or data collection, (2) OWASP ZAP as a tool for conducting Vulnerability Scanning. The results of this study revealed that there were 11 vulnerabilities found, consisting of 5 medium vulnerability levels and 6 low level vulnerabilities. In addition, to deal with these vulnerabilities, this research also discusses solutions that can be alternatives for increasing information security in higher education SIAKAD.
Downloads
References
Akmal, A. M., Heryana, N., & Solehudin, A. (2017). Analisis Keamanan Website Universitas Singaperbangsa Karawang Menggunakan Metode Vulnerability Assessment. Al-Irsyad, 105(2), 79.
Alwi, E. I., Herdianti, H., & Umar, F. (2020). Analisis Keamanan Website Menggunakan Teknik Footprinting dan Vulnerability Scanning. INFORMAL: Informatics Journal, 5(2), 43. https://doi.org/10.19184/isj.v5i2.18941
Aziz, M. (2021). Vulnerability Assesment Untuk Mencari Celah Keamanan Web Aplikasi E-Learning Pada Universitas Xyz. Jecsit, 1(1), 101–109.
Cunong, D. N., Saputra, M., & Puspitasari, W. (2020). ANALYSIS OF OROS MODELER DATA REPORTING PROCESS TO SAP HANA IN ACTIVITY BASED COSTING FOR INDONESIA TELECOMMUNICATION INDUSTRY. 7(1).
Dewi, M., Budiono, A., & Hediyanto, U. Y. K. S. (2023). Vulnerability Assessment pada Website Rekruitasi Asisten ( IRIS ) Fakultas Rekayasa Industri menggunakan Nikto dan Nessus. 10(2), 1631–1636.
Elanda, A., & Lintang Buana, R. (2021). ANALISIS KUALITAS KEAMANAN SISTEM INFORMASI E-OFFICE BERBASIS WEBSITE PADA STMIK ROSMA DENGAN MENGGUNAKAN OWASP TOP 10 (Vol. 6, Issue 2).
Fauzan, F. Y., & Syukhri, S. (2021). Analisis Metode Web Security PTES (Penetration Testing Execution And Standart) Pada Aplikasi E-Learning Universitas Negeri Padang. Voteteknika (Vocational Teknik Elektronika Dan Informatika), 9(2), 105. https://doi.org/10.24036/voteteknika.v9i2.111778
Hidayatulloh, S., & Saptadiaji, D. (2021). Penetration Testing pada Website Universitas ARS Menggunakan Open Web Application Security Project (OWASP). Jurnal Algoritma, 18(1), 77–86. https://doi.org/10.33364/algoritma/v.18-1.827
Indera, R., Budiono, A., & Hediyanto, U. Y. K. S. (2023). Vulnerability Assessment Pada Situs Web KPPM FRI Dengan Burp Suite dan Intruder. 10(2), 1623–1630.
Kuncoro, A. W., & Rahma, F. (2021). Analisis Metode Open Web Application Security Project (OWASP) pada Pengujian Keamanan Website: Literature Review. Automata, 3(1), 1–5.
Maulana, R., Liwanto, I., & Lucman, C. (2017). Software Testing pada Aplikasi Website PT Semen Tonasa menggunakan Metode Assessment Vulnerability. Jurnal Insypro (Information System and Processing), 2(2), 3–6. https://doi.org/10.24252/insypro.v2i2.4069
Moret, W. (2014). Vulnerability Assessment Methodologies: A Review of the Literature. United States Agency for International Development (USAID), 54(2), 1–89.
Mulyanto, Y., Haryanti, E., & Jumirah, J. (2021). Analisis Keamanan Website Sman 1 Sumbawa Menggunakan Metode Vulnerability Asesement. Jurnal Informatika Teknologi Dan Sains, 3(3), 394–400. https://doi.org/10.51401/jinteks.v3i3.1260
Nuari, N. (n.d.). PERANCANGAN APLIKASI LAYANAN MOBILE INFORMASI ADMINISTRASI AKADEMIK BERBASIS ANDROID MENGGUNAKAN WEBSERVICE (STUDI KASUS REG.B UNIVERSITAS TANJUNGPURA).
Orisa, M., & Ardita, M. (2021). VULNERABILITY ASSESMENT UNTUK MENINGKATKAN KUALITAS KEMANAN WEB. In Jurnal MNEMONIC (Vol. 4, Issue 1).
Priyawati, D., Rokhmah, S., & Utomo, I. C. (2022). Website Vulnerability Testing and Analysis of Internet Management Information System Using OWASP. International Journal of Computer and Information System (IJCIS) Peer Reviewed-International Journal, 03(03), 2745–9659.
Purwati, A. A., Hamzah, M. L., Hamzah, & Rahman, S. (2018). PENGARUH KUALITAS SISTEM INFORMASI AKADEMIK TERHADAP KEPUASAN DAN LOYALITAS MAHASISWA PERGURUAN TINGGI THE. Journal of Economic, Business and Accounting (COSTING), 2(1), 84–92.
Riadi, I., Yudhana, A., & Korspondensi, P. (2020). ANALISIS KEAMANAN WEBSITE OPEN JOURNAL SYSTEM MENGGUNAKAN METODE VULNERABILITY ASSESSMENT. 7(4). https://doi.org/10.25126/jtiik.202071928
Riandhanu, I. O. (2022). Analisis Metode Open Web Application Security Project (OWASP) Menggunakan Penetration Testing pada Keamanan Website Absensi. Jurnal Informasi Dan Teknologi, 4(3), 160–165. https://doi.org/10.37034/jidt.v4i3.236
Sirait, F., Studi, P., Elektro, T., Teknik, F., Buana, U. M., Studi, P., Elektro, T., Teknik, F., & Buana, U. M. (2018). Implementasi Metode Vulnerability Dan Hardening Pada Sistem Keamanan Jaringan. Jurnal Teknologi Elektro, 9(1), 16–22.
Siregar, B., & Situmeang, M. (2022). Pemanfaatan SIAKAD dalam Menunjang Pelaksanaan Pendidikan serta Manfaatnya bagi Institusi dan Mahasiswa Utilization. 2(1), 210–216.
Suryandani, F., Basori, B., & Maryono, D. (2017). PENGEMBANGAN SISTEM INFORMASI AKADEMIK BERBASIS WEB SEBAGAI SISTEM PENGOLAHAN NILAI SISWA DI SMK NEGERI 1 KUDUS. Jurnal Ilmiah Pendidikan Teknik Dan Kejuruan, 10(1), 71. https://doi.org/10.20961/jiptek.v10i1.14976
Suryawan, M. B., & Prihandoko, P. (2018). Evaluasi Penerapan SIAKAD Politeknik Negeri Madiun Menggunakan Pendekatan TAM dan EUCS. Creative Information Technology Journal, 4(3), 233. https://doi.org/10.24076/citec.2017v4i3.113
Tania, A. M., Setiyadi, D., Khasanah, F. N., Kunci, K., Cvss, :, Linux, K., & Website, K. (2018). Copyright@2018. P2M STMIK BINA INSANI Keamanan Website Menggunakan Vulnerability Assessment. INFORMATICS FOR EDUCATORS AND PROFESSIONALS, 2(2), 171–180.
Wibowo, F., Harjono, H., & Wicaksono, A. P. (2019). Uji Vulnerability pada Website Jurnal Ilmiah Universitas Muhammadiyah Purwokerto Menggunakan OpenVAS dan Acunetix WVS. Jurnal Informatika, 6(2), 212–217. https://doi.org/10.31311/ji.v6i2.5925
Zattu Maharani, M., Rossi Andrian, H. S., & Juli Irzal Ismail, S. S. (n.d.). ANALISIS KEAMANAN WEBSITE MENGGUNAKAN METODE SCANNING DAN PERHITUNGAN SECURITY METRIKS ANALYSIS WEBSITE SECURITY USING SCANNING METHOD AND CALCULATION OF SECURITY METRICS.
Downloads
Published
How to Cite
Issue
Section
Categories
License
Copyright (c) 2023 Naufal Athif Syarifudin, Lila Setiyani
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution-ShareAlike that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
