Article Per Year (5 Year)
p-Index From 2020 - 2025
6.497
P-Index
This Author published in this journals
All Journal JRSI (Jurnal Rekayasa Sistem dan Industri) SEIKO : Journal of Management & Business Jiko (Jurnal Informatika dan komputer) J-SAKTI (Jurnal Sains Komputer dan Informatika) JIPI (Jurnal Ilmiah Penelitian dan Pembelajaran Informatika) Sarwahita : Jurnal Pengabdian Kepada Masyarakat JURNAL PENDIDIKAN, SAINS DAN TEKNOLOGI Jurasik (Jurnal Riset Sistem Informasi dan Teknik Informatika) J-SAKTI (Jurnal Sains Komputer dan Informatika) Journal Evidence Of Law Jurnal Indonesia Sosial Teknologi eProceedings of Engineering SmartComp Kesatria : Jurnal Penerapan Sistem Informasi (Komputer dan Manajemen)
Muhammad Fathinuddin
Universitas Telkom
Humanities Computer Science & IT Control & Systems Engineering Decision Sciences, Operations Research & Management Economics, Econometrics & Finance Education Electrical & Electronics Engineering Energy Engineering Environmental Science Industrial & Manufacturing Engineering Law, Crime, Criminology & Criminal Justice Mathematics Social Sciences Other

Published : 46 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 4 Documents
Search
Journal : J-SAKTI (Jurnal Sains Komputer dan Informatika)

 1 
Implementasi dan Analisis Attack Tree pada Aplikasi DVWA Berdasar Metrik Time dan Skill Level Nugraha, Yadi; Widjajarto, Adityas; Fathinuddin, Muhammad
J-SAKTI (Jurnal Sains Komputer dan Informatika) Vol 7, No 2 (2023): EDISI SEPTEMBER
Publisher : STIKOM Tunas Bangsa Pematangsiantar

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.30645/j-sakti.v7i2.690

Abstract

Attack trees can be formulated based on the steps of exploitation that occur in web applications. The aim of this research is to understand the relationship between attack trees and exploitation characteristics based on time and skill level metrics. The platform for exploitation testing uses DVWA and is organized into an attack tree. The attack tree is structured with both protected and unprotected WAF conditions. The attack tree is organized based on five vulnerabilities: SQL Injection, XSS (Reflected), Command injection, CSRF, and Brute force. The analysis results with the unprotected WAF condition conclude that the XSS (Reflected) attack tree ranks first with a score of 131.92. The SQL Injection attack tree ranks last with a score of 1727.56. Meanwhile, with the WAF, the SQL Injection attack tree ranks first with a score of 54. The Brute force attack tree ranks last with a score of 319.51. Thus, this relationship can be used for ranking attack trees based on time and skill level metrics. Further research can involve detailing the steps of exploitation using CVSS scores as a skill level calculation and measuring parameters using IDS as one of the firewall features.
Analisis Security Mitigation dengan Metode Vulnerability Assesment and Penetration Testing (VAPT) (Kasus Website Kerja Praktek dan Pengabdian Masyarakat) Fadillah, Muhammad Iqbal; Yanto, Umar Yunan Kurnia Sept; Fathinuddin, Muhammad
J-SAKTI (Jurnal Sains Komputer dan Informatika) Vol 7, No 2 (2023): EDISI SEPTEMBER
Publisher : STIKOM Tunas Bangsa Pematangsiantar

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.30645/j-sakti.v7i2.683

Abstract

The current development of technology is progressing rapidly in line with the ease of accessing information through various means, whether through mobile applications or websites. This convenience has had a significant impact on various industries, governments, and educational institutions that utilize websites as information support for learning and teaching activities, including at XYZ Faculty. The website is used to manage student activities in Internship and Community Service (ICS). In previous research, vulnerability assessment was conducted to identify vulnerabilities on the website; however, no mitigation was implemented for the vulnerabilities found. Therefore, security mitigation is needed to address the risks associated with these vulnerabilities. The method used in this process is Vulnerability Assessment and Penetration Testing (VAPT) with gray box testing techniques, as well as the tools Burp Suite, Acunetix, and Nessus. Vulnerability analysis was performed on the identified vulnerabilities on the website to determine a list of vulnerabilities for further exploitation. Through testing on this ICS website, nine vulnerabilities were found, including one high-level vulnerability, four medium-level vulnerabilities, and four low-level vulnerabilities. These vulnerabilities were then mitigated, and the results showed that four out of the nine vulnerabilities were successfully mitigated, improving the website's security compared to before.
Implementasi dan Analisis Attack Tree pada Aplikasi DVWA Berdasar Metrik Time dan Probability Irawan, Alfian Rifki; Widjajarto, Adityas; Fathinuddin, Muhammad
J-SAKTI (Jurnal Sains Komputer dan Informatika) Vol 7, No 2 (2023): EDISI SEPTEMBER
Publisher : STIKOM Tunas Bangsa Pematangsiantar

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.30645/j-sakti.v7i2.688

Abstract

The formulation of attack trees can be based on the exploitation stages in web-based applications. According to this formulation, this research aims to understand the relationship between attack trees and exploitation characteristics using time and probability metrics. The construction of attack trees is based on experimental platforms using the DVWA web-based application, both in protected and unprotected conditions by a Web Application Firewall (WAF). Exploitation is carried out on five vulnerabilities, namely SQL Injection, XSS (Reflected), Command Injection, CSRF, and Brute Force. The analysis results without a WAF show that the Cross-Site Request Forgery attack tree occupies the top position with a score of 18.19. On the other hand, the Brute Force attack tree ranks last with a score of 230.09. With the presence of a WAF, the Command Injection attack tree takes the first position with a score of 4.80, while the Brute Force attack tree remains in the last position with a score of 43.08. Further research in this study may involve a detailed examination of probability metrics and the calculation of vulnerability factors.
Optimisasi Strategi Security Mitigation Dengan Vapt Pada Website Absensi Praktikan Dan Asisten Laboratorium Praktek Basyirah, Aulia; Hediyanto, Umar Yunan Kurnia Septo; Fathinuddin, Muhammad
J-SAKTI (Jurnal Sains Komputer dan Informatika) Vol 7, No 2 (2023): EDISI SEPTEMBER
Publisher : STIKOM Tunas Bangsa Pematangsiantar

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.30645/j-sakti.v7i2.684

Abstract

Information technology is growing rapidly alongside its users. One of the uses of information technology is websites, which have been widely adopted by various parties, including XYZ University, utilizing them for academic and internal purposes. One such website at the university is used for attendance tracking during practical sessions in the Faculty of XYZ. However, technological advancements have also brought an increase in security attacks on websites by unauthorized entities. Therefore, a vulnerability assessment was conducted using the Vulnerability Assessment and Penetration Testing (VAPT) method, employing automated scanning tools such as Nessus, Burpsuite, and OWASP ZAP to identify vulnerabilities in the website. During the testing, 27 security vulnerabilities were found and consolidated into 9 issues for exploitation and mitigation. Eventually, 4 out of the 9 security vulnerabilities were successfully mitigated.
Co-Authors Aditya Nugroho, Rizky Adityas Widjajarto Al Gilbran, Ksatria Vege Alifurfan Wiradwipa Pranowo Ankhal, Rian Bimo Arief, Muhammad Rifqi Aurora Margaretha Rompas Basyirah, Aulia Daffa, Raihan Dzulfahmi, Irfan Fadillah, Muhammad Iqbal Falah, Muhammad Rafif Farmadika, Pramudya febriyanto, Akbar Gymnatsiar, Ridwan Hadist, Putri Alviona Hafitzhah, Yolanda Hamim Maafifa Nugraha Hawari, Azizan Hediyanto , Umar Yunan Septo Herdiyanto, Umar Yunan Kurnia Septo Irawan, Alfian Rifki Ismayana, I Nyoman Gede Kurniawan, M. Teguh M Hafiz Hawarizmi M Teguh Kurniawan M. Rafi Maulana, Noor Panca Mochamad Teguh Kurniawan Muhammad Hibban Mikhail Muhammad Iqbal Nugraha, Yadi Oktavia, Taresa Vindy Perkasa, Bimasetya Rahman, Dega Fauzan Rd. Rohmat Saedudin Rifqi Zain Naufal Rizkiardi, Jizdan Safitra, Muhammad Fakhrul Sahrial Hasan Wicaksana Sanum, Fachri Fadhilah Septiawan, Muhammd Rizki Shidqi T , Daffa Tarjono, Muhamad Felix Nugraha Teuku Zulfikar Umar Yunan Kurnia Septo Hediyanto Widjajarto, A Yanto, Umar Yunan Kurnia Sept Yolanda Hafitzhah Yunan Sukho Aditya