Pengujian Keamanan Aplikasi Perpustakaan Digital Desa Damai Pada Sisi Autentikasi Menggunakan Serangan Sql Injection, Session Hijacking, Dan Brute-Force
Total View This Week0
Total View This Week0
Institusion
Politeknik Negeri Bengkalis
Author
Prawiro, Cahyo
Subject
458 Teknik Informatika
Datestamp
2024-10-03 07:11:57
Abstract :
The Damai Village Digital Library serves as a key aspect in providing information access; however, the authentication security has not been thoroughly examined. This research identifies vulnerabilities in the login form, including the lack of strong password indicators and inadequate special character sanitization. Security testing is conducted against SQL Injection, Session Hijacking, and Brute Force attacks by comparing manual results with the OWASP standard. Results indicate successful Brute Force attacks, emphasizing the need for strengthening authentication security. The use of OWASP ZAP provides additional insights. Conclusions underscore the necessity to enhance login and session mechanisms, with recommendations such as the implementation of session tokens and CAPTCHA. This research offers a deeper understanding of security vulnerabilities in digital library applications, highlighting the importance of a combination of manual and automated testing.
The Damai Village Digital Library serves as a key aspect in providing information access; however, the authentication security has not been thoroughly examined. This research identifies vulnerabilities in the login form, including the lack of strong password indicators and inadequate special character sanitization. Security testing is conducted against SQL Injection, Session Hijacking, and Brute Force attacks by comparing manual results with the OWASP standard. Results indicate successful Brute Force attacks, emphasizing the need for strengthening authentication security. The use of OWASP ZAP provides additional insights. Conclusions underscore the necessity to enhance login and session mechanisms, with recommendations such as the implementation of session tokens and CAPTCHA. This research offers a deeper understanding of security vulnerabilities in digital library applications, highlighting the importance of a combination of manual and automated testing.
Download
book
BibTex
Latex, Jabref
cloud_download
Original Resource
url resource Institution
