Analisis Keamanan Informasi Website Menggunakan Metode Vulnerability Assessment

Hikmayani, Fitratul (2024) Analisis Keamanan Informasi Website Menggunakan Metode Vulnerability Assessment. Undergraduate thesis, Politeknik Negeri Bengkalis.

[img] Text (Daftar Pustaka)
3. TA-6404201026-Daftar Pustaka.pdf - Submitted Version
Available under License Creative Commons Attribution Share Alike.
Download (153kB)
[img] Text (Bab I Pendahuluan)
2. TA-6404201026-Bab I Pendahuluan.pdf - Submitted Version
Available under License Creative Commons Attribution Share Alike.
Download (42kB)
[img] Text (Abstract)
1. TA-6404201026-Abstract.pdf - Submitted Version
Available under License Creative Commons Attribution Share Alike.
Download (29kB)
[img] Text (Full Text)
4. TA-6404201026-Full Text.pdf - Submitted Version
Restricted to Registered users only
Available under License Creative Commons Attribution Share Alike.
Download (2MB) | Request a copy

Abstract

Information security on websites is an important aspect in protecting the system, facing potential attacks that can cause damage, data theft and disruption of website functionality. As a marketplace for UMKM, the information security of the Soodu.id website is key in protecting the data and business integrity of UMKM. This research aims to conduct information security analysis on websites using the vulnerability assessment (VA) method. This method involves a process of defining, identifying and classifying the vulnerabilities of a system. VA can identify vulnerabilities on websites and provide recommended solutions to reduce the risk of attacks. The results of this research show that the Vulnerability Assessment process for the soodu.id website contained 18 vulnerabilities from the OWASP ZAP results and 1 vulnerability from the Openvas results. Findings based on the parameters used in OWASP ZAP involve vulnerabilities to Injection, Sensitive Data Exposure, Broken Access Control, Security Misconfiguration, and Using Components with Known Vulnerabilities. Serious security threats were identified in Sensitive Data Exposure with high levels and several low levels. Based on information security aspects (CIA Triad), the identified vulnerabilities have the potential to jeopardize the confidentiality of information through vulnerabilities like PII Disclosure and Application Error Disclosure. They also threaten data integrity from vulnerabilities such as Cross-Site Scripting (XSS) and impact information availability through potential attacks like CSRF and Clickjacking, which can disrupt services.

Item Type: Thesis (Undergraduate)
Contributors:
ContributionContributorsEmailNIDN/NIDK
Thesis advisorKasmawi, Kasmawikasmawi@polbeng.ac.idNIDN1007067701
Thesis advisorHidayasari, Nurminurmih@polbeng.ac.idNIDN0001099105
Uncontrolled Keywords: Information security, website, Vulnerability Assessment, OWASP ZAP, OpenVAS
Subjects: 410 ILMU TEKNIK > 450 TEKNIK ELEKTRO DAN INFORMATIKA > 458 Teknik Informatika
410 ILMU TEKNIK > 450 TEKNIK ELEKTRO DAN INFORMATIKA > 461 Sistem Informasi
Divisions: Jurusan Teknik Informatika > Sarjana Terapan Keamanan Sistem Informasi > TUGAS AKHIR
Depositing User: Keamanan Sistem Informasi 2024
Date Deposited: 26 Aug 2024 01:20
Last Modified: 26 Aug 2024 01:20
URI: http://eprints.polbeng.ac.id/id/eprint/13248

Actions (login required)

View Item View Item
eprints is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.