Article Per Year (5 Year)
p-Index From 2021 - 2026
5.606
P-Index
This Author published in this journals
All Journal ComEngApp : Computer Engineering and Applications Journal Jupiter Journal of Education and Learning (EduLearn) CommIT (Communication & Information Technology) Indonesian Journal of Forestry Research Rekursif: Jurnal Informatika Jurnal Pseudocode Jurnal Teknologi Informasi dan Ilmu Komputer JUITA : Jurnal Informatika Sisforma: Journal of Information Systems JURNAL PENGABDIAN KEPADA MASYARAKAT JOIN (Jurnal Online Informatika) Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control IT JOURNAL RESEARCH AND DEVELOPMENT JMM (Jurnal Masyarakat Mandiri) JURNAL PENGABDIAN KEPADA MASYARAKAT CARADDE: Jurnal Pengabdian Kepada Masyarakat JURNAL PETIK JSAI (Journal Scientific and Applied Informatics) Dharma Raflesia : Jurnal Ilmiah Pengembangan dan Penerapan IPTEKS Jurnal Teknik Informatika (JUTIF) Abdi Reksa KOPEMAS Indonesian Journal of Forestry Research The International Journal of Remote Sensing and Earth Sciences (IJReSES)
Utama, Ferzha Putra
Information System, Engineering Faculty, Universitas Bengkulu, Indonesia
Agriculture, Biological Sciences & Forestry Arts Humanities Computer Science & IT Control & Systems Engineering Decision Sciences, Operations Research & Management Earth & Planetary Sciences Education Electrical & Electronics Engineering Energy Engineering Industrial & Manufacturing Engineering Languange, Linguistic, Communication & Media Law, Crime, Criminology & Criminal Justice Library & Information Science Social Sciences Other

Published : 47 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search
Journal : CommIT (Communication

 1 
Uncovering the Risk of Academic Information System Vulnerability through PTES and OWASP Method Putra Utama, Ferzha; Hilmi Nurhadi, Raden Muhammad
CommIT (Communication and Information Technology) Journal Vol. 18 No. 1 (2024): CommIT Journal
Publisher : Bina Nusantara University

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.21512/commit.v18i1.9384

Abstract

The security of academic information systems needs consideration to anticipate various threats, resulting in data leakage, misuse of information, modification, and data destruction. There are 36 public and private universities that utilize the academic information system provided by the software developed by Company XYZ. Limited resources in universities contribute to the weak handling of vulnerabilities in academic information systems. The research aims to determine the vulnerability level of academic information systems developed by Company XYZ through penetration testing. The research employs a deductive approach to explore academic system vulnerabilities based on incidents related to system security issues at a university. The research utilizes a combination of two testing methods: Penetration Testing Execution Standard (PTES) and Open Web Application Security Project (OWASP), chosen for their reliability, ease of use, and support by penetration testing tools. Penetration testing follows the PTES, involving seven steps: pre-engagement interaction, information collection, threat modeling, vulnerability analysis, exploitation, postexploitation, and reporting. The threat focus in the research aligns with the top 10 of 2021 OWASP, ranking the ten most critical security risks. Results reveal eight critical security issues based on measurements using the Common Vulnerability Scoring System (CVSS) method. There are two high-level vulnerabilities, five medium-level vulnerabilities, and one low-level vulnerability. Moreover, the three principal vulnerabilities are Structured Query Language (SQL) Injection, broken access control, and weak encryption. Universities can enhance data integrity by independently remediating vulnerabilities discovered in the research. Furthermore, universities are encouraged to raise awareness within the academic community regarding the security of academic data.
Co-Authors Aan Erlansari Adhadi Kurniawan Adi Yulianto, Adi Ahmad Faris, Ahmad Alfarobi, Jemmi Andang Wijanarko Andang Wijanarko Andrei Aiman Omega Apri Andani Arie Vatresia Arie Vatresia Arie Vatresia Arie Vatresia Arie Vatresia Arie Vatresia Asahar Johar Asahar Johar Basuki Sigit Priyono Bismantolo, Putra Daratha, Novalio Debby Seftyarizki Desi Andreswari Desi Andreswari Desi Andreswari Desviansyah Yoga Prasetyo Devina Fitria Eko Sumartono, Eko Endang Widi Winarni Endina Putri Purwandari FAISAL HADI Faurina, Ruvita Febrianti, Tiara E Funny Farady Coastera Hadi, Faisal Hanan Raihana Hastri Winanda Hidayat, Pradifta Irsyad Hilmi Nurhadi, Raden Muhammad Jemmi Alfarobi Julia Purnama Sari Julia Purnama Sari Julia Purnama Sari Kiki Akiong Manishe Kurnia Anggriani Kurnia Anggriani Kurnia Anggriani, Kurnia Lestari, Etika Dwi Lindung Zalbuin Mase Maya Angraini Muhammad Panji Ramadhan Murfid Aqil Nanang Sugianto Nanang Sugianto Nanang Sugianto Nanang Sugianto Nirwana Nirwana Nurul Renaningtias Okta Piani, Sri Oktariani, Widhia Omega, Andrei Aiman Pradifta Irsyad Hidayat Prasetyo, Bimo Putra Bismantolo Putra Bismantolo Putri, S.T, M.Kom, Tiara Eka Putri Raden Muhammad Hilmi Nurhadi Rais, Rendra Regen Regen, Rendra Rendra R Rais Rendra Regen Rendra Regen Rais Rizkianda Rahmansyah Rizky Amanah Putra Rusdi Efendi Ruvita Faurina Safitri Nurhaeni Salsabila, Elvina Sandhy Akmal Nasution Sinta Iryani Sobri, Azzahrah Nur Awaliah Stern Imanuel Kristian Tiara E Febrianti Widhia Oktariani Wijanarko, Andang Wijaya, Gusman Yudi Setiawan Zalbuin Mase, Lindung