Ramadhan, M. Fery Afrizal (2024) Penerapan Metode OWASP ZAP Dalam Menganalisis Keamanan Sistem Informasi Akademik Kampus (SIAKAD). Undergraduate thesis, Fakultas Teknologi Informasi Universitas Merdeka Malang.

	Text HALAMAN AWAL.pdf Download (993kB)
	Text BAB I.pdf Download (126kB)
	Text BAB II.pdf Restricted to Repository staff only Download (152kB)
	Text BAB III.pdf Restricted to Repository staff only Download (145kB)
	Text BAB IV.pdf Restricted to Repository staff only Download (414kB)
	Text BAB V.pdf Restricted to Repository staff only Download (44kB)
	Text DAFTAR PUSTAKA.pdf Download (112kB)
	Text HASIL CEK PLAGIASI.pdf Download (255kB)

Abstract

Internet usage in Indonesia continues to increase, with the number of users reaching 221,563,479 in 2024. This development drives advancements in information technology, which is crucial for students to improve time efficiency and academic outcomes. Web-based academic information systems in campuses, such as those used by Universitas Merdeka Malang, are essential tools for managing student data and academic activities. However, these websites are also vulnerable to various cyber threats such as SQL injection, XSS, brute force, and DDoS attacks.
This research employs OWASP ZAP, a recognized tool for web security analysis, to identify security vulnerabilities in Universitas Merdeka Malang's academic information system. The testing results revealed 17 vulnerabilities with the
following distribution: 17.65% (3) High Risk Level, 17.65% (3) Medium Risk Level, 29.41% (5) Low Risk Level, and 35.29% (6) Informational Risk Level. Recommendations are provided, particularly for vulnerabilities in the OWASP A02 (Cryptographic Failures), A03 (Injection), A04 (Insecure Design), and A05 (Security Misconfiguration) categories. It is hoped that these findings can assist the IT staff of Universitas Merdeka Malang in enhancing the security and user experience of their academic information system website

Actions (login required)

View Item