No image available for this title
Bookmark Share

Text

Analisis komparatif keamanan aplikasi berbasis sistem operasi android berdasarkan mobile application security verification standard, NIST SP 800-163 rev 1 dan NIAP protection profile for application software

Abstrak:
Pengguna internet di Indonesia terus mengalami peningkatan. Peningkatan tersebut sejalan dengan berkembangnya teknologi smartphone Android yang mulai menggantikan telepon seluler terdahulu. Meskipun demikian, banyak pengguna smartphone Android masih belum siap menghadapi perubahan ini. Hal ini ditandai dengan rendahnya tingkat kesadaran pengguna smartphone Android di Indonesia terhadap keamanan informasinya. Selain itu, masih sedikit informasi terkait aplikasi pesan instan berbasis Android yang aman. Kondisi tersebut menjadi salah satu potensi terjadinya kasus pelanggaran privasi hingga peretasan akun. Menghadapi masalah tersebut, diperlukan analisis terhadap aplikasi pesan instan berbasis Android untuk memberikan informasi kepada pengguna mengenai aplikasi pesan instan yang aman. Analisis yang dilakukan berupa analisis statis terhadap kode sumber aplikasi pesan instan dengan memanfaatkan MobSF (Mobile Security Framework). Terdapat sebelas aplikasi yang dianalisis pada penelitian ini, yakni Element, Line, Mesibo, Rocket.Chat, Signal, Skype, Snapchat, Speek!, Telegram, Viber dan WhatsApp. Analisis tersebut dijalankan pada MobSF sesuai dengan standar internasional tentang keamanan aplikasi mobile. Standar-standar yang terbukti efektif dalam melakukan analisis keamanan aplikasi mobile antara lain OWASP Mobile Application Security Verification Standard, NIST SP 800-163 Rev 1 dan NIAP Protection Profile for Application Software. Hasil dari analisis yang telah dilakukan dirangkum ke dalam narasi deskriptif dan tabel perbandingan yang berisi temuan kerentanan setiap aplikasi. Berdasarkan hasil penelitian, Speek! mendapatkan nilai keamanan tertinggi dibandingkan sepuluh aplikasi lainnya. Hasil ini didukung oleh total temuan kerentanan pada Speek! berjumlah 9 temuan. Sedangkan aplikasi pesan instan yang paling tidak aman adalah Viber dengan jumlah 32 temuan kerentanan. Hasil yang diperoleh dapat disempurnakan kembali dengan melakukan analisis dinamis terhadap aplikasi pesan instan tersebut.

Abstract:
Number of internet users in Indonesia are growing. This growth aligns with the development of Android smartphones that are starting to replace previous mobile phones. However, many Android smartphone users are still not prepared for this change. This is indicated by the low level of awareness among Android smartphone users in Indonesia regarding their information security. Moreover, there is still limited information regarding secure Android-based instant messaging applications. These conditions pose a potential risk of privacy violations and account hacking. To address these issues, an analysis of Android-based instant messaging applications is needed to provide users with information about secure messaging apps. The analysis involves static analysis of the source code of instant messaging applications using the Mobile Security Framework (MobSF). Eleven applications were analyzed in this research, namely Element, Line, Mesibo, Rocket.Chat, Signal, Skype, Snapchat, Speek!, Telegram, Viber, and WhatsApp. The analysis was conducted on MobSF according to international standards for mobile application security. Effective standards for mobile application security analysis include OWASP Mobile Application Security Verification Standard, NIST SP 800-163 Rev 1, and NIAP Protection Profile for Application Software. The results of the analysis are summarized in descriptive narratives and comparison tables that contain vulnerability findings for each application. Based on the research findings, Speek! obtained the highest security score compared to the other ten applications. This result is supported by a total of 9 vulnerability findings in Speek!. On the other hand, Viber is the least secure instant messaging application with a total of 32 vulnerability findings. The obtained results can be further improved by conducting dynamic analysis of these instant messaging applications.

Availability
#
Rekayasa Keamanan Siber 2023 ALD a
TA20230101662
Available - Read on Location
#
Rekayasa Keamanan Siber 2023 ALD a
TA20230101663
Available - Read on Location
Detail Information
Series Title
--
Call Number
2023 ALD a
Publisher
Bogor : Politeknik Siber dan Sandi Negara.,
Collation
xvi, 182 halaman
Language
Indonesia
ISBN/ISSN
--
Classification
Rekayasa Keamanan Siber
Content Type
-
Media Type
-
Carrier Type
-
Edition
--
Subject(s)
Aplikasi Pesan Instan Android
Keamanan Aplikasi Android
Mobile Security Framework
Mobile Application Security Verification Standard
NIST SP 800-163 Rev 1
NIAP Protection Profile for Application Software
Specific Detail Info
--
Statement of Responsibility
Other version/related

No other version available

File Attachment
No Data
Comments
You must be logged in to post a comment