WEBSITE SECURITY ANALYSIS CURUG VILLAGE GOVERNMENT USING OPEN WEB APPLICATION SECURITY PROJECT (OWASP)

Authors

  • Syahrul Dwi Hilda Universitas Singaperbangsa Karawang
  • Nono Heryana Universitas Singaperbangsa Karawang
  • Azhari Ali Ridha Universitas Singaperbangsa Karawang

DOI:

https://doi.org/10.23960/jitet.v12i3S1.5236

Abstract Views: 298 File Views: 367

Abstract

Cybersecurity has become a crucial issue in the current digital era, especially for government websites that are often targeted by attacks. According to the National Cyber and Crypto Agency (BSSN), government websites are vulnerable to hacking. This study aims to analyze the security of the Curug Village Government website using the Open Web Application Security Project (OWASP). The analysis was conducted on the ten main categories of web application security vulnerabilities listed in OWASP Top 10 2021, including Broken Access Control, Cryptographic Failures, Injection, Insecure Design, Security Misconfiguration, Vulnerable and Outdated Components, Identification and Authentication Failures, Software and Data Integrity Failures, Security Logging and Monitoring Failures, and Server-side Request Forgery. The results of the testing showed that 4 out of 8 vulnerabilities fall into the OWASP TOP 10 for 2021, particularly in the categories of Injection and Security Misconfiguration. Recommendations for improvements are provided based on these findings, which are expected to help the Curug Village Government strengthen their cybersecurity.

Downloads

Download data is not yet available.

References

C. D. Berliana, T. A. Saputra, and I. Gunawan, “Analisis Serangan dan Keamanan pada Denial of Service (DOS): Sebuah Review Sistematik,” JIIFKOM (Jurnal Ilm. Inform. Komputer) STTR Cepu, vol. 1, no. 2, pp. 33–38, 2022, [Online]. Available: https://www.sttrcepu.ac.id/jurnal/index.php/jiifkom/article/view/229/140

A. Mutedi and B. Tjahjono, “Systematic Literature Review: Preventing SQL Injection Attacks Using Tools OWASP CSR Web Application Firewall,” J. Inform. Univ. Pamulang, vol. 7, no. 1, pp. 151–156, 2022, [Online]. Available: http://openjournal.unpam.ac.id/index.php/informatika

BSSN, “Laporan Tahunan Monitoring Keamanan Siber,” Direktorat Operasi Keamanan Siber Badan Siber Dan Sandi Negara, pp. 1–236, 2022, [Online]. Available: https://cloud.bssn.go.id/s/Lyw8E4LxwNiJoNw

I. O. Riandhanu, “Analisis Metode Open Web Application Security Project (OWASP) Menggunakan Penetration Testing pada Keamanan Website Absensi,” J. Inf. dan Teknol., vol. 4, no. 3, pp. 160–165, 2022, doi: 10.37034/jidt.v4i3.236.

A. A. Arafat, Penetration Testing Pada Website Registrar Pengelola Nama Domain Internet Indonesia ( Pandi ), vol. 20. 2020. [Online]. Available: http://repository.uinjkt.ac.id/dspace/handle/123456789/53637

R. M. Wibowo and A. Sulaksono, “Web Vulnerability Through Cross Site Scripting (XSS) Detection with OWASP Security Shepherd,” Indones. J. Inf. Syst., vol. 3, no. 2, pp. 149–159, 2021, doi: 10.24002/ijis.v3i2.4192.

M. Nurfathullah, “Pengujian Blackbox Pada Sistem Pemesanan Untuk Sales Order Di Pt Bukit Muria Jaya Berbasis Equivalence Partitions,” J. Inform. dan Tek. Elektro Terap., vol. 12, no. 2, pp. 1141–1147, 2024, doi: 10.23960/jitet.v12i2.4174.

R. R. Daniswara, G. Made, A. Sasmita, P. Agus, and E. Pratama, “Testing for Information Gathering Using OWASP Testing Guide v4 (Case Study : Udayana University SIMAK-NG Application),” JITTER-Jurnal Ilm. Teknol. dan Komput., vol. 1, no. 1, 2020.

Z. Faizi, Puwantoro, and A. A. Ridha, “Analisis Web Security Hole Menggunakan Metode Penetration Testing Execution and Standard (Studi Kasus: Universitas …,” J. Inf. dan Komput., no. 2, pp. 322–327, 2023, [Online]. Available: https://dcckotabumi.ac.id/ojs/index.php/jik/article/view/480%0Ahttps://dcckotabumi.ac.id/ojs/index.php/jik/article/download/480/324

P. Sharma, “Securing Your Web Application A Deep Dive into OWASP Top 3 Security Risks,” 2023.

N. M. Farhan and B. Setiaji, “Indonesian Journal of Computer Science,” Indones. J. Comput. Sci., vol. 12, no. 2, pp. 284–301, 2023, [Online]. Available: http://ijcs.stmikindonesia.ac.id/ijcs/index.php/ijcs/article/view/3135

I. O. Riandhanu, “Analisis Metode Open Web Application Security Project (OWASP) Menggunakan Penetration Testing pada Keamanan Website Absensi,” J. Inf. dan Teknol., 2022, doi: 10.37034/jidt.v4i3.236.

Y. Armando and R. Rosalina, “Penetration Testing Tangerang City Web Application With Implementing OWASP Top 10 Web Security Risks Framework,” JISA(Jurnal Inform. dan Sains), vol. 6, no. 2, pp. 105–109, 2023, doi: 10.31326/jisa.v6i2.1656.

U. Ravindran and R. V. Potukuchi, “A Review on Web Application Vulnerability Assessment and Penetration Testing,” Rev. Comput. Eng. Stud., vol. 9, no. 1, pp. 1–22, 2022, doi: 10.18280/rces.090101.

M. R. Ramdani, N. Heryana, and Y. S. A. Irawan, “Penetration Testing pada Website Universitas Singaperbangsa Karawang Menggunakan Open Web Application Security Project (OWASP),” J. Pendidik. dan Konseling, vol. 4, no. 3, pp. 5522–5529, 2022, [Online]. Available: http://journal.universitaspahlawan.ac.id/index.php/jpdk/article/view/6353

Downloads

Published

2024-10-12

How to Cite

Hilda, S. D., Heryana, N., & Ridha, A. A. (2024). WEBSITE SECURITY ANALYSIS CURUG VILLAGE GOVERNMENT USING OPEN WEB APPLICATION SECURITY PROJECT (OWASP). Jurnal Informatika Dan Teknik Elektro Terapan, 12(3S1). https://doi.org/10.23960/jitet.v12i3S1.5236

Issue

Vol. 12 No. 3S1 (2024)

Section

Articles

Most read articles by the same author(s)

1 2 > >>