Pengujian Keamanan Aplikasi Perpustakaan Digital Desa Damai Pada Sisi Autentikasi Menggunakan Serangan Sql Injection, Session Hijacking, Dan Brute-Force

Prawiro, Cahyo (2024) Pengujian Keamanan Aplikasi Perpustakaan Digital Desa Damai Pada Sisi Autentikasi Menggunakan Serangan Sql Injection, Session Hijacking, Dan Brute-Force. Undergraduate thesis, Politeknik Negeri Bengkalis.

[img] Text (Abstract)
TA-6404201004-Abstract.pdf - Submitted Version
Available under License Creative Commons Attribution Share Alike.
Download (285kB)
[img] Text (Bab 1 Pendahuluan)
TA-6404201004-Bab 1 Pendahuluan.pdf - Submitted Version
Available under License Creative Commons Attribution Share Alike.
Download (196kB)
[img] Text (Daftar Pustaka)
TA-6404201004-Daftar Pusaka.pdf - Submitted Version
Available under License Creative Commons Attribution Share Alike.
Download (303kB)
[img] Text (Full Text)
TA-6404201004-Full Text.pdf - Submitted Version
Restricted to Registered users only
Available under License Creative Commons Attribution Share Alike.
Download (2MB) | Request a copy

Abstract

The Damai Village Digital Library serves as a key aspect in providing information access; however, the authentication security has not been thoroughly examined. This research identifies vulnerabilities in the login form, including the lack of strong password indicators and inadequate special character sanitization. Security testing is conducted against SQL Injection, Session Hijacking, and Brute Force attacks by comparing manual results with the OWASP standard. Results indicate successful Brute Force attacks, emphasizing the need for strengthening authentication security. The use of OWASP ZAP provides additional insights. Conclusions underscore the necessity to enhance login and session mechanisms, with recommendations such as the implementation of session tokens and CAPTCHA. This research offers a deeper understanding of security vulnerabilities in digital library applications, highlighting the importance of a combination of manual and automated testing.

Item Type: Thesis (Undergraduate)
Contributors:
ContributionContributorsEmailNIDN/NIDK
Thesis advisorJaroji, Jarojijaroji@polbeng.ac.idNIDN0007118603
Thesis advisorNurmi, Hidayasarinurmihidayasari@polbeng.ac.idNIDN0001099105
Uncontrolled Keywords: Digital Library, Application Security, Authentication, SQL Injection, Session Hijacking, Brute Force, OWASP ZAP.
Subjects: 410 ILMU TEKNIK > 450 TEKNIK ELEKTRO DAN INFORMATIKA > 458 Teknik Informatika
410 ILMU TEKNIK > 450 TEKNIK ELEKTRO DAN INFORMATIKA > 461 Sistem Informasi
Divisions: Jurusan Teknik Informatika > Sarjana Terapan Keamanan Sistem Informasi > TUGAS AKHIR
Depositing User: KSI 2024
Date Deposited: 24 Aug 2024 06:03
Last Modified: 03 Oct 2024 07:11
URI: http://eprints.polbeng.ac.id/id/eprint/13636

Actions (login required)

View Item View Item
eprints is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.