Evaluasi Celah Keamanan dengan Metodologi Vulnerability Assessment Sebagai Penilaian Tingkat Kerentanan pada Domain Unud.Ac.Id

Authors

  • Dd Hassel Putra Q Universitas Udayana
  • Ilham Ammarul Aziz Universitas Udayana
  • Eginna Gresia Br Purba Universitas Udayana
  • Dewa Made Wiharta Universitas Udayana
  • I Gusti Ayu Garnita Darmaputri Universitas Udayana

DOI:

https://doi.org/10.55606/jurritek.v4i1.5004

Keywords:

CIA Triad, IDS, OWASP ZAP, OWASP Top 10, Website Security, Snort, Udayana University, Vulnerability Assessment

Abstract

Website security is a crucial aspect, especially for educational institutions that manage sensitive data. Udayana University has over 500 subdomains, but not all have undergone security evaluation, potentially posing significant risks. This study aims to identify security vulnerabilities, assess risk levels, and provide mitigation recommendations. The subdomain ee.unud.ac.id was selected as a sample because it uses a template similar to many other university websites. The method employed is Vulnerability Assessment using white box testing, with tools such as OWASP ZAP, Nessus, RapidScan, and the Snort Intrusion Detection System (IDS). The analysis is based on the OWASP Top 10 (2021) and the CIA Triad principles. The results revealed 25 types of threats across three risk levels and 24 alerts from Snort, indicating potential internal and external threats. Recommended mitigations include strengthening security configurations, implementing firewalls, and regularly updating systems. This study emphasizes the importance of routine security testing and the use of IDS to safeguard systems against cyberattacks.

 

 

Downloads

Download data is not yet available.

References

Akmal, M. (2023). Analisis dan uji coba tingkat keamanan website UIN Ar-Raniry menggunakan Acunetix Web Vulnerability Scanner (Tesis doktoral, UIN Ar-Raniry Banda Aceh).

Andriyani, S., Sidiq, M. F., & Zen, B. P. (2023). Analisis celah keamanan pada website dengan menggunakan metode penetration testing dan framework ISSAF pada website SMK Al-Kautsar. LEDGER: Journal Informatic and Information Technology, 2(1), 1–13.

Aqsa, M., Anwar, A., & Davi, M. (2024). Pengujian kerentanan celah keamanan website menggunakan threat modelling pada website Prodi Teknologi Rekayasa Komputer Jaringan. Proceeding of TIK, 4(2), 198–208.

Arnaldy, D., & Perdana, A. R. (2019). Implementation and analysis of penetration techniques using the man-in-the-middle attack. In 2019 2nd International Conference of Computer and Informatics Engineering (IC2IE) (pp. 188–192). IEEE. https://doi.org/10.1109/IC2IE47452.2019.8940872

Badan Siber dan Sandi Negara. (2022). Informasi serangan siber. https://honeynet.bssn.go.id/

Bitzer, M., Brinz, N., & Ollig, P. (2021). Disentangling the concept of information security properties: Enabling effective information security governance. ECIS 2021 Research Papers, 134, 1–18. https://aisel.aisnet.org/ecis2021_rp/134

Dewanto, A. P. (2018). Penetration testing pada domain uii.ac.id menggunakan OWASP. https://dspace.uii.ac.id/bitstream/handle/123456789/11281/13523025-AdetyaPutraD-laporanskripsi.pdf?sequence=1&isAllowed=y

Fata, D. (2023). Evaluasi risiko celah keamanan menggunakan metodologi Open Web Application Security Project (OWASP) pada aplikasi web sistem informasi akademik (SIAKAD) UIN Ar-Raniry.

Fikri, M. N., Zen, B. P., Adhitama, R., & Firdaus, E. A. (2023). Analisis keamanan sistem informasi website SMA Negeri 1 Sokaraja menggunakan metode Penetration Testing Execution Standard (PTES). Jurnal Informatika, 2(2), 19–27.

Fronita, M. (2016). Analisis celah keamanan website Sitasi menggunakan vulnerability assessment. Jurnal Ilmiah Rekayasa dan Manajemen Sistem Informasi, 9(1), 1–7.

Hidayatulloh, S., & Saptadiaji, D. (2021). Penetration testing pada website Universitas ARS menggunakan Open Web Application Security Project (OWASP). Jurnal Algoritma, 18(1), 77–86.

Mulyanto, Y., Haryanti, E., & Jumirah, J. (2021). Analisis keamanan website SMAN 1 Sumbawa menggunakan metode vulnerability assessment. Jurnal Informatika Teknologi dan Sains (Jinteks), 3(3), 394–400.

Robbani, S. A. (2023). Analisa kerentanan keamanan aplikasi manajemen aset berbasis web menggunakan metode OWASP (Open Web Application Security Project): Studi kasus PT. XYZ (Tesis doktoral, Sekolah Tinggi Teknologi Terpadu Nurul Fikri).

Sanjaya, I. G. A. S., Sasmita, G. M. A., & Arsa, D. M. S. (2020). Evaluasi keamanan website Lembaga X melalui penetration testing menggunakan framework ISSAF. Jurnal Ilmiah Merpati, 8(2), 113–124.

Shafira, K. (2022). Analisis keamanan website repository Institut Teknologi Telkom Purwokerto menggunakan metode vulnerability assessment.

Sholeh, A. N., & Wardaya, M. S. S. (2019). Analisis dan pengujian kerentanan sistem informasi perpustakaan. Jurnal Mandiri: Ilmu Pengetahuan, Seni, dan Teknologi, 3(1), 116–131.

Stallings, W., & Brown, L. (2018). Computer security: Principles and practice. Pearson Education.

Syafaat, A. (2024, January). Identifikasi kerentanan keamanan pada website Fakultas Ilmu Komputer Universitas Subang menggunakan metodologi OWASP. In Global, 11(1), 84–99.

Downloads

Published

2025-04-30

How to Cite

Dd Hassel Putra Q, Ilham Ammarul Aziz, Eginna Gresia Br Purba, Dewa Made Wiharta, & I Gusti Ayu Garnita Darmaputri. (2025). Evaluasi Celah Keamanan dengan Metodologi Vulnerability Assessment Sebagai Penilaian Tingkat Kerentanan pada Domain Unud.Ac.Id. JURAL RISET RUMPUN ILMU TEKNIK, 4(1), 422–447. https://doi.org/10.55606/jurritek.v4i1.5004

Issue

Vol. 4 No. 1 (2025): April : Jurnal Riset Rumpun Ilmu Teknik

Section

Articles

License

Copyright (c) 2025 JURAL RISET RUMPUN ILMU TEKNIK

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Similar Articles

<< < 1 2 3 4 > >> 

You may also start an advanced similarity search for this article.