Published: 2023-01-01

Security Audit for Vulnerability Detection and Mitigation of UPT Integrated Laboratory (ILab) ITERA Website Based on OWASP Zed Attack Proxy (ZAP)

DOI: 10.35870/jtik.v7i1.657

Ilham Firman Ashari Ashari, Muhammad Affandi, Hendri Tri Putra, Muhammad Telaga Nur
  • Ilham Firman Ashari Ashari: Sumatera Institute of Technology , Indonesia . image/svg+xml
  • Muhammad Affandi: Sumatera Institute of Technology , Indonesia . image/svg+xml
  • Hendri Tri Putra: Sumatera Institute of Technology , Indonesia . image/svg+xml
  • Muhammad Telaga Nur: Sumatera Institute of Technology , Indonesia . image/svg+xml
Issue Cover

Downloads

Article Metrics
Share:

Abstract


Information technology now has many positive and negative effects on comfort. One of the negative effects of this technology is high level security attacks that can exploit various vulnerabilities and loopholes. Vulnerability testing (security audits) is therefore necessary to identify and overcome the vulnerabilities of the risks raised. The author is UPT Terpada Laboratory (Ilab) ITERA (https:http://ilab.itera.ac.id), a website maintained by his UPT Institute at the University of Technology Sumatra. This website contains all information about the labs of the University of Technology of Sumatra. Security audits are performed using the OWASP ZAP tool. A security check was performed on web ilab.itera.ac.id and the high priority alert results are: 1 vulnerability, medium priority warning: Three vulnerabilities, low priority warnings: Seven vulnerabilities and information: 3 vulnerabilities.

Keywords

Security ; Audit ; OWASP ZAP ; Vulnerabilities

Peer Review Process

This article has undergone a double-blind peer review process to ensure quality and impartiality.

Indexing Information

Discover where this journal is indexed at our indexing page to understand its reach and credibility.

Open Science Badges

This journal supports transparency in research and encourages authors to meet criteria for Open Science Badges by sharing data, materials, or preregistered studies.

How to Cite

Ashari, I. F. A., Affandi, M., Putra, H. T., & Nur, M. T. (2023). Security Audit for Vulnerability Detection and Mitigation of UPT Integrated Laboratory (ILab) ITERA Website Based on OWASP Zed Attack Proxy (ZAP). Jurnal JTIK (Jurnal Teknologi Informasi Dan Komunikasi), 7(1), 24-34. https://doi.org/10.35870/jtik.v7i1.657
Article Information

This article has been peer-reviewed and published in the Jurnal JTIK (Jurnal Teknologi Informasi dan Komunikasi). The content is available under the terms of the Creative Commons Attribution 4.0 International License.

  • Issue: Vol. 7 No. 1 (2023)

  • Section: Computer & Communication Science

  • Published: %750 %e, %2023

AI Research Hub

This article is indexed and available through various AI-powered research tools and citation platforms. Our AI Research Hub ensures that scholarly work is discoverable, accessible, and easily integrated into the global research ecosystem. By leveraging artificial intelligence for indexing, recommendation, and citation analysis, we enhance the visibility and impact of published research.

Semantic Scholar Scite Dimensions Connected Papers
Scholarly Connection Platforms
Dimensions Dimensions Connected Papers Connected Papers Scite Scite Google Scholar Google Scholar Semantic Scholar Semantic Scholar Garuda Garuda Scilit Scilit Crossref Crossref BASE BASE Zenodo Zenodo Unpaywall Unpaywall OpenCitations OpenCitations
Author Biographies
Ilham Firman Ashari Ashari
Google Scholar ResearchGate ORCID

Informatics Engineering Study Program, Faculty of Production Technology and Industry, Institut Teknologi Sumatera

Muhammad Affandi
Google Scholar ResearchGate ORCID

Informatics Engineering Study Program, Faculty of Production Technology and Industry, Institut Teknologi Sumatera

Hendri Tri Putra
Google Scholar ResearchGate ORCID

Informatics Engineering Study Program, Faculty of Production Technology and Industry, Institut Teknologi Sumatera

Muhammad Telaga Nur
Google Scholar ResearchGate ORCID

Informatics Engineering Study Program, Faculty of Production Technology and Industry, Institut Teknologi Sumatera

References
  • Krisdiyawan, R.D. and Kuswantoro, R.H., 2017. Audit keamanan sistem informasi pada rs mata dr. Yap yogyakarta menggunakan framework cobit 5. Jurnal Ilmiah Manajemen Informasi dan Komunikasi, 1(1), pp.8-15.
    Google Scholar Scite Semantic Scholar Scilit Crossref Connected Papers
  • Aritonang, I.J., Udayanti, E.D. and Iksan, N., 2018. Audit Keamanan Sistem Informasi Menggunakan Framework Cobit 5 (APO13). ITEJ (Information Technology Engineering Journals), 3(2), pp.6-10. DOI: 10.24235/itej.v3i2.27.
    Google Scholar Scite Semantic Scholar Scilit Crossref Connected Papers
  • Ashari, I.F., Aryani, A.J. and Ardhi, A.M., 2022. Design and Build Inventory Management Information System Using The Scrum Method. JSiI (Jurnal Sistem Informasi), 9(1), pp.27-35. DOI: https://doi.org/10.30656/jsii.v9i1.4050.
    Google Scholar Scite Semantic Scholar Scilit Crossref Connected Papers
  • Ashari, I.F., 2021. The Evaluation of Image Messages in MP3 Audio Steganography Using Modified Low-Bit Encoding. Evaluation, 14(2).
    Google Scholar Scite Semantic Scholar Scilit Crossref Connected Papers
  • Kusumoningtyas, A.A., 1997. Dilema Hak Perlindungan Data Pribadi Dan Pengawasan Siber: Tantangan Di Masa Depan. Law Review, 66, pp.177-205. DOI: 10.54629/jli.v17i2.706.
    Google Scholar Scite Semantic Scholar Scilit Crossref Connected Papers
  • Purba, A.D., Purnawan, I.K.A. and Pratama, I.P.A.E., 2018. Audit Keamanan TI Menggunakan Standar ISO/IEC 27002 Dengan COBIT 5. Jurnal Ilmiah Merpati (Menara Penelitian Akademika Teknologi Informasi), pp.148-158. DOI: 10.24843/jim.2018.v06.i03.p01.
    Google Scholar Scite Semantic Scholar Scilit Crossref Connected Papers
  • Wicaksono, B., 2020. Pengujian Celah Keamanan Aplikasi Berbasis Web Menggunakan Teknik Penetration Testing Dan Dast (Dynamic Application Security Testing) (Doctoral dissertation, Institut Sains dan Teknologi AKPRIND Yogyakarta).
    Google Scholar Scite Semantic Scholar Scilit Crossref Connected Papers
  • Ghozali, B., Kusrini, K. and Sudarmawan, S., 2019. Mendeteksi Kerentanan Keamanan Aplikasi Website Menggunakan Metode Owasp (Open Web Application Security Project) Untuk Penilaian Risk Rating. Creative Information Technology Journal, 4(4), pp.264-275. DOI: 10.24076/citec.2017v4i4.119.
    Google Scholar Scite Semantic Scholar Scilit Crossref Connected Papers
  • Sunaringtyas, S.U. and Prayoga, D.S., 2021. Implementasi Penetration Testing Execution Standard Untuk Uji Penetrasi Pada Layanan Single Sign-On. Edu Komputika Journal, 8(1), pp.48-56. DOI: https://doi.org/10.15294/edukomputika.v8i1.47179.
    Google Scholar Scite Semantic Scholar Scilit Crossref Connected Papers
  • Elanda, A. and Buana, R.L., 2020. Analisis Keamanan Sistem Informasi Berbasis Website Dengan Metode Open Web Application Security Project (OWASP) Versi 4: Systematic Review. CESS (Journal of Computer Engineering, System and Science), 5(2), pp.185-191. DOI: 10.24114/cess.v5i2.17149.
    Google Scholar Scite Semantic Scholar Scilit Crossref Connected Papers
  • Riadi, I., Umar, R. and Lestari, T., 2020. Analisis Kerentanan Serangan Cross Site Scripting (XSS) pada Aplikasi Smart Payment Menggunakan Framework OWASP. JISKA (Jurnal Informatika Sunan Kalijaga), 5(3), pp.146-152. DOI: 10.14421/jiska.2020.53-02.
    Google Scholar Scite Semantic Scholar Scilit Crossref Connected Papers
  • Ashari, I.F. and Alfarizi, M., 2022. Vulnerability Analysis And Proven On The neonime. co Website using OWASP Zap 4 and XSpear. JTKSI (Jurnal Teknologi Komputer dan Sistem Informasi), 5(2), pp.75-81. DOI: 10.56327/jtksi.v5i2.1130.
    Google Scholar Scite Semantic Scholar Scilit Crossref Connected Papers
  • Hariyadi, D. and Nastiti, F.E., 2021. Analisis Keamanan Sistem Informasi Menggunakan Sudomy dan OWASP ZAP di Universitas Duta Bangsa Surakarta. Jurnal Komtika (Komputasi dan Informatika), 5(1), pp.35-42. DOI: 10.31603/komtika.v5i1.5134.
    Google Scholar Scite Semantic Scholar Scilit Crossref Connected Papers
  • Yudiana, Y., Elanda, A. and Buana, R.L., Analisis Kualitas Keamanan Sistem Informasi E-Office Berbasis Website Pada STMIKRosma Dengan Menggunakan OWASP Top 10. CESS (Journal of Computer Engineering, System and Science), 6(2), pp.37-43. DOI: 10.24114/cess.v6i2.24777.
    Google Scholar Scite Semantic Scholar Scilit Crossref Connected Papers
  • Mburano, B. and Si, W., 2018, December. Evaluation of web vulnerability scanners based on owasp benchmark. In 2018 26th International Conference on Systems Engineering (ICSEng) (pp. 1-6). IEEE. DOI: 10.1109/ICSENG.2018.8638176.
    Google Scholar Scite Semantic Scholar Scilit Crossref Connected Papers
  • Zen, B.P., Gultom, R.A. and Reksoprodjo, A.H., 2020. Analisis Security Assessment Menggunakan Metode Penetration Testing dalam Menjaga Kapabilitas Keamanan Teknologi Informasi Pertahanan Negara. Teknologi Penginderaan, 2(1).
    Google Scholar Scite Semantic Scholar Scilit Crossref Connected Papers
  • Ashari, I.F., 2020. Implementation of cyber-physical-social system based on service oriented architecture in smart tourism. Journal of Applied Informatics and Computing, 4(1), pp.66-73. DOI: https://doi.org/10.30871/jaic.v4i1.2077.
    Google Scholar Scite Semantic Scholar Scilit Crossref Connected Papers
  • Ashari, I.F. and Munir, R., 2018, September. Graph Steganography Based On Multimedia Cover To Improve Security and Capacity. In 2018 International Conference on Applied Information Technology and Innovation (ICAITI) (pp. 194-201). IEEE. DOI: 10.1109/ICAITI.2018.8686741.
    Google Scholar Scite Semantic Scholar Scilit Crossref Connected Papers
License & Copyright
Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

Authors who publish with this journal agree to the following terms:

1. Copyright Retention and Open Access License

Authors retain copyright of their work and grant the journal non-exclusive right of first publication under the Creative Commons Attribution 4.0 International License (CC BY 4.0).

This license allows unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

2. Rights Granted Under CC BY 4.0

Under this license, readers are free to:

  • Share — copy and redistribute the material in any medium or format
  • Adapt — remix, transform, and build upon the material for any purpose, including commercial use
  • No additional restrictions — the licensor cannot revoke these freedoms as long as license terms are followed

3. Attribution Requirements

All uses must include:

  • Proper citation of the original work
  • Link to the Creative Commons license
  • Indication if changes were made to the original work
  • No suggestion that the licensor endorses the user or their use

4. Additional Distribution Rights

Authors may:

  • Deposit the published version in institutional repositories
  • Share through academic social networks
  • Include in books, monographs, or other publications
  • Post on personal or institutional websites

Requirement: All additional distributions must maintain the CC BY 4.0 license and proper attribution.

5. Self-Archiving and Pre-Print Sharing

Authors are encouraged to:

  • Share pre-prints and post-prints online
  • Deposit in subject-specific repositories (e.g., arXiv, bioRxiv)
  • Engage in scholarly communication throughout the publication process

6. Open Access Commitment

This journal provides immediate open access to all content, supporting the global exchange of knowledge without financial, legal, or technical barriers.

Downloads

Similar Articles

You may also start an advanced similarity search for this article.