Text
Implementasi otomasi uji penetrasi serangan terdistribusi menggunakan dynamic infrastructure framework axiom pada sistem berbasis web
Abstrak:
Penggunaan internet terus meningkat dikarenakan meningkatnya penggunaan sistem berbasis web, karena hampir disetiap aspek kehidupan saat ini menggunakan sistem berbasis web, berdasarkan laporan Hackerone 2021 meningkat pula serangan siber terutama pada sistem berbasis web. Salah satu cara untuk mengetahui kerentanan pada sistem berbasis web adalah melakukan uji penetrasi. Penelitian yang sudah dilakukan adalah mengimplementasikan otomasi uji penetrasi secara terdistribusi pada sistem berbasis web menggunakan Dynamic Infrastructure Framework Axiom sebagai tools membangun infrastruktur secara terdistribusi. Peneliti melakukan pengujian tiga kerentanan yaitu, Cross-site Scripting atau XSS, SQL Injection, dan Arbitary Code Injection, karena ketiga kerentanan tersebut masuk ke sepuluh besar kerentanan terbanyak yang ditemukan berdasarkan laporan Hackerone 2021. Hasil dari penelitian yang sudah dilakukan adalah terlihat perbedaan waktu pengujian yang signifikan antara otomasi uji penetrasi terdistribusi dan tanpa terdistribusi yang dimana otomasi uji penetrasi terdistribusi lebih cepat daripada uji penetrasi tanpa terdistribusi maupun terotomasi.
Abstract:
The increasing use of the internet is attributed to the growing reliance on web-based systems, as nearly every aspect of present-day life utilizes such systems. According to the HackerOne 2021 report, there has also been a rise in cyberattacks, particularly targeting web-based systems. One method of identifying vulnerabilities in web-based systems is through penetration testing. The conducted research involves the implementation of distributed penetration testing on web-based systems using the Dynamic Infrastructure Framework Axiom as a tool for constructing distributed infrastructure. The researchers tested three vulnerabilities: Cross-site Scripting (XSS), SQL Injection, and Arbitrary Code Injection. These three vulnerabilities are among the top ten most frequently identified vulnerabilities according to the HackerOne 2021 report. The results of the research reveal a significant difference in testing times between distributed and non-distributed automated penetration testing. Distributed automated penetration testing was notably faster compared to both non-distributed and non-automated penetration testing.
Availability
Detail Information
- Series Title
-
--
- Call Number
-
2023 PRA i
- Publisher
- Bogor : Politeknik Siber dan Sandi Negara., 2023
- Collation
-
xv, 105 halaman
- Language
-
Indonesia
- ISBN/ISSN
-
--
- Classification
-
Rekayasa Keamanan Siber
- Content Type
-
-
- Media Type
-
-
- Carrier Type
-
-
- Edition
-
--
- Subject(s)
- Specific Detail Info
-
--
- Statement of Responsibility
-
Pratama Aji Prisadi
Other version/related
No other version available
File Attachment
Comments
You must be logged in to post a comment
Computer Science, Information & General Works 
Philosophy & Psychology 
Religion 
Social Sciences 
Language 
Pure Science 
Applied Sciences 
Art & Recreation 
Literature 
History & Geography