Jurnal Teknik Informatika (JUTIF)
Vol. 4 No. 6 (2023): JUTIF Volume 4, Number 6, Desember 2023

EFFECTIVENESS OF SECURITY THROUGH OBSCURITY METHODS TO AVOID WEB APPLICATION VULNERABILITY SCANNERS

Kurniawan, Azis (Unknown)
Ramli , Kalamullah (Unknown)

Article Info

Publish Date
23 Dec 2023

Abstract

The concept of security through obscurity is not recommended by the National Institute of Standards and Technology (NIST) as a form of system security. Basically this concept hides assets as difficult as possible so that it is not easy for attackers to find them, so that it can be used to avoid vulnerability scanner applications that are widely used by attackers to find out web system weaknesses. This research was conducted by modifying the web application firewall (WAF) and testing using the SQLMap and OWASP Zed Attack Proxy (ZAP) vulnerability scanner applications. The results of the study show that SQLMap takes up to 1238 times longer to complete a scan on a modified web application firewall than without modification, while OWASP ZAP cannot complete a scan on the same treatment. Thus the concept of security through obscurity can be applied to web security to extend vulnerability scanning time.

Copyrights © 2023




Citation Download
RIS
EndNote, Reference Manager, ProCite
BibTex
Latex, Jabref
Original Source
Download Original
Google Scholar
Check in Google Scholar
Journal Info
Jurnal Teknik Informatika (JUTIF)
Website

Abbrev

jurnal

Publisher

Universitas Jenderal Soedirman

Subject

Computer Science & IT

Description

Jurnal Teknik Informatika (JUTIF) is an Indonesian national journal, publishes high-quality research papers in the broad field of Informatics, Information Systems and Computer Science, which encompasses software engineering, information system development, computer systems, computer network, ...