PENGUJIAN KEAMANAN SISTEM INFORMASI AKADEMIK MENGGUNAKAN METODE PENETRATION TESTING (Studi Kasus: Institut Pertanian Stiper Yogyakarta)

Fauzan, Rum (2019) PENGUJIAN KEAMANAN SISTEM INFORMASI AKADEMIK MENGGUNAKAN METODE PENETRATION TESTING (Studi Kasus: Institut Pertanian Stiper Yogyakarta). Tugas Akhir thesis, University of Technology Yogyakarta.

[img]
Preview
Text
Naskah Publikasi-Rum Haidar Fauzan-5140411327.pdf

Download (1MB) | Preview

Abstract

SIA (Academic Information System) is an application designed to manage all academic information. The object of research in this study is the SIA used at Institut Pertanian Stiper Yogyakarta. The advantage of SIA is that it can update data that is available in real-time and minimize the duplication of data that is commonly found in conventional systems. Another thing to consider is system security. If there is a gap in SIA security, it will have harmful consequences for crucial data such as financial data and KRS data to be out of sync. Therefore, this study conducted an SIA security test using the Penetration Testing method to determine cracks in the system. The stages in this research are Planning, Information Gathering, Vulnerability Assessment, Exploiting, and Reporting. Testing requires supporting tools, namely Acunetix v10.5, Shell AlfaTeam v3, and Sublime Text 3. Acunetix v10.5 functions as a scanner of vulnerable system parts, Shell AlfaTeam v3 is used to exploit the system, and Sublime Text 3 is used to create or change scripts. From this research, the results show that there are weaknesses in Institut Pertanian Stiper Yogyakarta’s SIA, which are classified into three categories, namely high risk in the form of SQL Injection and Cross-Site Scripting attacks, medium risk in the form of backdoor shell attacks, and low risk in the form of login-guessing attacks. Keywords: Penetration Testing, Vulnerability, System Security.

Item Type: Thesis (Skripsi, Tugas Akhir or Kerja Praktek) (Tugas Akhir)
Subjects: T Technology > T Technology (General)
Divisions: Fakultas Teknologi Informasi dan Elektro > S1 Informatika
Depositing User: Kaprodi S1 Informatika UTY
Date Deposited: 02 Nov 2019 15:42
Last Modified: 02 Nov 2019 15:42
URI: http://eprints.uty.ac.id/id/eprint/4203

Actions (login required)

View Item View Item