Article Per Year (5 Year)
p-Index From 2020 - 2025
0.817
P-Index
This Author published in this journals
All Journal Jurnal of Applied Multimedia and Networking Jurnal Teknik Informatika (JUTIF) Jurnal Pengabdian kepada Masyarakat Politeknik Negeri Batam ROUTERS: Jurnal Sistem dan Teknologi Informasi
Nelmiawati, Nelmiawati
Unknown Affiliation
Arts Computer Science & IT Control & Systems Engineering Decision Sciences, Operations Research & Management Economics, Econometrics & Finance Education Electrical & Electronics Engineering Engineering Library & Information Science Mechanical Engineering Other

Published : 4 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 4 Documents
Search

 1 
Analisis terhadap Enkripsi Data SSL di MySQL: Menguji Keamanan In-Transit Haikal, Antoni; Putra, Septafiansyah Dwi; Nelmiawati, Nelmiawati
ROUTERS: Jurnal Sistem dan Teknologi Informasi Vol. 2 No. 2, Juli 2024
Publisher : Program Studi Teknologi Rekayasa Internet, Politeknik Negeri Lampung

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.25181/rt.v2i2.3446

Abstract

Data transmission security has become a pivotal point in database management, especially in response to the evolving cyber threats. This study examines a critical aspect of data security: the in-transit data encryption using Secure Sockets Layer (SSL) within MySQL. The main focus of the research is on testing data encryption by employing Wireshark, a network analysis tool capable of capturing and displaying transmitted data packets. The testing process consisted of two scenarios: first, data transmission with SSL enabled on the MySQL server; second, data transmission without the use of SSL. The results show a significant contrast between the two scenarios. With SSL, the data packets intercepted by Wireshark appeared unreadable, indicating that encryption was successful in preventing data content exposure. Conversely, without SSL, the data packets could be read as plain text, demonstrating a lack of encryption and a high security risk. This research delves only into the aspect of in-transit data encryption security in MySQL and does not explore the implications related to SSL performance or configuration further. This analysis offers a useful perspective for database administrators in efforts to enhance data security, identifying SSL as a crucial tool to ensure the security of in-transit data.
Analysis of Polyglot Obfuscation Techniques against ModSecurity in Preventing Cross-Site Scripting (XSS) and SQL Injection Attacks with Experimental Method Nelmiawati, Nelmiawati; Dealova, Kessy
Jurnal Teknik Informatika (Jutif) Vol. 6 No. 4 (2025): JUTIF Volume 6, Number 4, Agustus 2025
Publisher : Informatika, Universitas Jenderal Soedirman

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.52436/1.jutif.2025.6.4.5000

Abstract

Internet use has increased every year, as shown by the percentage of internet users in Indonesia reaching 79.50% in 2024. However, security is something that cannot be ignored, especially with the growing number of Cross-Site Scripting (XSS) and SQL Injection Attacks in web platforms. According to OWASP Top 10 report, these two attacks were listed in 2017 and appeared again in the 2021 version, showing that they are still relevant today. In fact, in June 2024, XSS and SQL Injection vulnerabilities were found in a company, PT. XYZ. One way to mitigate these attacks is by using a Web Application Firewall (WAF) such as ModSecurity, which can protect websites from exploitation. However, previous research found that older versions of ModSecurity had weaknesses that could be bypassed with simple obfuscation techniques. This study aims to analyze the effectiveness of the built-in rules in ModSecurity Core Rule Set (CRS) version 4.7 in handling XSS and SQL Injection payloads with polyglot obfuscation, a method that uses complex character encoding to avoid WAF detection. The research was conducted using an experimental method. This study contributes to improve WAF security by testing against modern obfuscation-based attacks, so that security does not rely solely on the default WAF configuration. The results show that all payloads were detected and blocked by ModSecurity with an HTTP 403 response, proving that the CRS 4.7 built-in rules can effectively protect against XSS and SQL Injection threats.
Sistem Informasi Manajemen Praktek Kerja Lapangan Berbasis Website Studi Kasus SMK Ma'arif Kota Batam Nelmiawati, Nelmiawati
JOURNAL OF APPLIED MULTIMEDIA AND NETWORKING Vol 7 No 2 (2023): Journal of Applied Multimedia and Networking
Publisher : Politeknik Negeri Batam

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.30871/jamn.v7i2.6913

Abstract

SMK Ma'arif Kota Batam adalah sekolah kejuruan yang saat ini menjalankan program Praktek Kerja Lapangan (PKL). PKL menjadi salah satu persyaratan utama dalam menyelesaikan proses pendidikan yang dijalankan oleh siswa/i kelas tiga setiap tahunnya. Pelaksanaan mekanisme PKL pada SMK Ma'arif Kota Batam masih menggunakan sistem konvensional, dimana siswa/i datang ke sekolah untuk memenuhi semua administrasi yang berkaitan dengan PKL. Dengan begitu, terdapat beberapa hambatan dalam hal koordinasi antara pihak sekolah dan pihak industri, terutama pada saat melaksanakan pengawasan selama siswa/i menjalankan PKL. Berdasarkan permasalahan tersebut, penelitian ini membangun Sistem Informasi Manajemen Praktek Kerja Lapangan Berbasis Website atau E-PKL yang dibutuhkan guna menyelesaikan permasalahan tersebut. Beberapa fitur yang tersedia seperti: pengajuan surat permohonan PKL, mencetak surat permohonan PKL, melengkapi presensi, log book dan laporan mingguan, mencetak surat penarikan PKL, serta laporan untuk penarikan data dari laporan PKL dalam format (.pdf) sehingga menjadikan pengelolaan dan pengawasan pelaksanaan PKL dalam satu sistem yang terpusat. Dalam metode pengembangan sistem menggunakan metode Personal Extreme Programming (PXP) yang diimplementasikan oleh pengembang perangkat lunak tunggal serta pengujian sistem mendapatkan hasil bahwa kebutuhan fungsional 100% valid menggunakan metode black box testing. Dengan demikian, sistem beroperasi dengan lancar dan dapat digunakan dengan baik.
Workshop Cybersecurity Awareness Meningkatkan Literasi Keamanan Digital di Wilayah Suburban Kepulauan Riau Nelmiawati, Nelmiawati; Fani, Maidel; Arif, Hamdani; Khaira, Hajrul; Ramadhan, Gilang Bagus; Afif, Iqbal
Jurnal Pengabdian kepada Masyarakat Politeknik Negeri Batam Vol. 5 No. 2 (2023): Jurnal Pengabdian kepada Masyarakat Politeknik Negeri Batam
Publisher : Politeknik Negeri Batam

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.30871/abdimaspolibatam.v5i2.6821

Abstract

Phishing attack works by deceiving the victim so that they give their asset such as credential information to the attacker. The high level of cybercrime in form of phishing after COVID-19 pandemic has increasingly affected. It reaches new quarterly high in late 2022, where there was more than 4.7 million of phishing attacks has been launched, based on Anti-Phishing Work Group (APWG) Phishing Activity Trends Report. The importance of knowledge about phishing awareness is very necessary to minimize the affected victim. In order to decrease the issue, a Cybersecurity Awareness workshop has been conducted at several schools in Batam suburban area; SMK Negeri 1 Batam, SMK Multistudi High School (MHS) Batam, and SMK Negeri 1 Tanjung Pinang. The aim of these activity is to increase cybersecurity public awareness of phishing attack from an early age, especially at schools. As an approach, several activities related to phishing awareness have been executed in a workshop, including phishing simulation as well as socialization. Based on these activities, results shown that phishing awareness has been achieved in average 70% currently at young age.
Co-Authors Afif, Iqbal Arif, Hamdani Dealova, Kessy Fani, Maidel Haikal, Antoni Khaira, Hajrul Putra, Septafiansyah Dwi Ramadhan, Gilang Bagus