Article Per Year (5 Year)
p-Index From 2020 - 2025
0.408
P-Index
This Author published in this journals
All Journal Kesatria : Jurnal Penerapan Sistem Informasi (Komputer dan Manajemen)
Alifurfan Wiradwipa Pranowo
Universitas Telkom, Indonesia
Computer Science & IT Control & Systems Engineering

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

 1 
Implementasi dan Analisis Attack Tree pada Aplikasi DVWA Berdasar Metrik Time dan Cost Alifurfan Wiradwipa Pranowo; Adityas Widjajarto; Muhammad Fathinuddin
Kesatria : Jurnal Penerapan Sistem Informasi (Komputer dan Manajemen) Vol 4, No 4 (2023): Edisi Oktober
Publisher : LPPM STIKOM Tunas Bangsa

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.30645/kesatria.v4i4.234

Abstract

Exploitation against web applications can be formulated into an attack tree. This research aims to explore the relationship between the attack tree and the exploitation characteristics based on time and cost metrics. The study involves conducting exploitation experiments on the DVWA platform. The exploitation stages are utilized to construct the attack tree, which is then organized based on two conditions: with Web Application Firewall (WAF) and without WAF. The attack tree is composed of five types of exploitation, namely SQL Injection, XSS (Reflected), Command Injection, CSRF, and Brute Force. The analysis results without WAF indicate that the XSS (Reflected) attack tree occupies the top position with a score of 53.69, while the SQL Injection attack tree ranks last with a score of 682.49. On the other hand, with WAF, the XSS (Reflected) attack tree remains at the top with a score of 61.11, and the SQL Injection attack tree still occupies the last position, but with a lower score of 207.22. Consequently, this relationship can be utilized to categorize attack trees based on time and cost metrics. Future research opportunities may involve measuring subsystem processes of the system.
Co-Authors Adityas Widjajarto Muhammad Fathinuddin