Pendeteksian Keamanan Website SMA Greenschool Menggunakan Metode Owasp dengan Pengujian XSS

Putri Charly, Kadek Erik Diatmika, I Made Panji Prayoga, I Made Edy Listartha

Abstract


Information security is an important thing that must be considered for every individual and agency, because if information can accessed by unauthorized people then accuracy of the information can be doubted, becoming misleading information and even various problems will be found.  Such problems can be malware attacks, exploits, or database injections. In this study, the mechanism of risk assessment methods was carried out on the website information system of greenschool high school. As the name implies XSS or stands for Cross Site Scripting is one form of interference in the form of Code Injection Attack or code injection attack. Where attackers or outsiders insert malicious code that is usually in the form of Javascript. This’s because the main purpose of using XSS is to retrieve important data and send a program that can damage the user but as if the cause is from the web itself. Web security solutions from hacker interference or attacks can be done by means of self-test, namely testing conducted on the web legally with activities such as hackers. Therefore, an analysis of the vulnerability of  system that refers to the standardization of open web application security project (OWASP) security with combination of several security tools.

Keywords


OWASP; XSS Testing

Full Text:

PDF

References


D. Moher, A. Liberati, J. Tetzlaff, D G. Altman, and P. Grp, “Preferred Reporting Items for Systematic Reviews and

MetaAnalyses: The PRISMA Statement (Reprinted from Annals of Internal Medicine),” Phys. Ther., vol. 89, no. 9, pp. 873–880, 2009.

Mohammad Muhsin, Adi Fajaryanto, “Penerapan Pengujian Keamanan Web Server Menggunakan Metode OWASP versi 4 (Studi Kasus Web Server Ujian Online)”, Multitek Indonesia Vol. 9, No. 1,pp. 31-42, Juni 2015

Mohammad Agung Wibowo, Mohamad Soleh, Winangsari, “Automatic License Plate Recognition dengan Metode Convolutional Neural Network: Systematic Review”

Matteo Meucci and Friends. (2014). OWASP Testing Guide 4.0. The OWASP Foundation.

Dave Wichers. (2013, Juni 12). OWAPS Top Ten. Retrieved December 1, 2014, from OWAPS Documentation Project: https://www.owasp.org/images/1/17/OWASP_Top10_2013AppSec_EU_2013_-_Dave_Wichers.pdf




DOI: http://dx.doi.org/10.22441/10.22441/format.2022.v11.i1.008

Refbacks

  • There are currently no refbacks.


Copyright (c) 2022 Format : Jurnal Ilmiah Teknik Informatika

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Format : Jurnal Ilmiah Teknik Informatika
Fakultas Ilmu Komputer Universitas Mercu Buana
Jl. Raya Meruya Selatan, Kembangan, Jakarta 11650
Tlp./Fax: +62215840816
http://publikasi.mercubuana.ac.id/index.php/format

p-ISSN: 2089-5615
e-ISSN: 2722-7162

 Lisensi Creative Commons
Ciptaan disebarluaskan di bawah Lisensi Creative Commons Atribusi-NonKomersial 4.0 Internasional.

View My Stats