Optimasi Keamanan Web Server terhadap Serangan Broken Authentication Menggunakan Teknologi Blockchain

Imam Riadi; Herman; Aulyah Zakilah Ifani

doi:10.14421/jiska.2021.6.3.139-148

Authors

Imam Riadi Universitas Ahmad Dahlan
Herman Universitas Ahmad Dahlan
Aulyah Zakilah Ifani Universitas Ahmad Dahlan

DOI:

https://doi.org/10.14421/jiska.2021.6.3.139-148

Keywords:

Authentication, Broken Authentication, Blockchain, Burp Suite, Login System

Abstract

The aspect of the internet that needs to be considered a security is the login system. The login system usually uses a username and password as an authentication method because it is easy to implement. However, data in the form of usernames and passwords are very vulnerable to theft, so it is necessary to increase the security of the login system. The purpose of this research is to investigate the security of the system. Whether the system is good at protecting user data or not, minimizing execution errors from the system and minimizing risk errors on the system so that the login system can be used safely. This research is conducted to test the system security with Burp Suite on the login system that has been built. Testing the security of this system by experimenting with POST data which is secured using blockchain technology makes the data sent in the form of hash blocks safer and more confidential so that the system is safer than before. Blockchain technology has successfully secured usernames and passwords from broken authentication attacks. By using the Burp Suite testing system, login is more specific in conducting security testing.

References

Azis, H., & Fattah, F. (2019). ANALISIS LAYANAN KEAMANAN SISTEM KARTU TRANSAKSI ELEKTRONIK MENGGUNAKAN METODE PENETRATION TESTING. ILKOM Jurnal Ilmiah, 11(2), 167–174. https://doi.org/10.33096/ilkom.v11i2.447.167-174

Bouscaren, E. (1989). Elementary pairs of models. Annals of Pure and Applied Logic, 45(2), 129–137. https://doi.org/10.1016/0168-0072(89)90057-2

Dilley, J., Poelstra, A., Wilkins, J., Piekarska, M., Gorlick, B., & Friedenbach, M. (2016). Strong Federations: An Interoperable Blockchain Solution to Centralized Third-Party Risks.

Fadlil, A., Riadi, I., & Nugrahantoro, A. (2020). Data Security for School Service Top-Up Transactions Based on AES Combination Blockchain Technology. Lontar Komputer : Jurnal Ilmiah Teknologi Informasi, 11(3), 155. https://doi.org/10.24843/LKJITI.2020.v11.i03.p04

Fauzan, N. I. (2018). TEKNOLOGI BLOCKCHAINDAN PERANANNYA DALAM ERA DIGITAL. Jurnal BJB University, 4, 1–15.

Guntoro, G., Costaner, L., & Musfawati, M. (2020). ANALISIS KEAMANAN WEB SERVER OPEN JOURNAL SYSTEM (OJS) MENGGUNAKAN METODE ISSAF DAN OWASP (STUDI KASUS OJS UNIVERSITAS LANCANG KUNING). JIPI (Jurnal Ilmiah Penelitian Dan Pembelajaran Informatika), 5(1), 45. https://doi.org/10.29100/jipi.v5i1.1565

Harjowinoto, D., Noertjahyana, A., & Andjarwirawan, J. (2016). VULNERABILITY TESTING PADA SISTEM ADMINISTRASI RUMAH SAKIT X. Jurnal Infra, 4(1), 227–232.

Hassan, M. M., Nipa, S. S., Akter, M., Haque, R., Deepa, F. N., Rahman, M. M., Siddiqui, M., & Sharif, M. H. (2018). Broken Authentication and Session Management Vulnerability: A Case Study of Web Application. International Journal of Simulation: Systems, Science & Technology, 1–11. https://doi.org/10.5013/IJSSST.a.19.02.06

Hu, S. D. K., Palit, H. N., & Handojo, A. (2019). IMPLEMENTASI BLOCKCHAIN: STUDI KASUS E-VOTING. Jurnal Infra, 7(1), 183–189.

Joshi, C., & Kumar, U. (2016). Security Testing and Assessment of Vulnerability Scanners in Quest of Current Information Security Landscape. International Journal of Computer Applications, 145(2), 1–7. https://doi.org/10.5120/ijca2016910563

Kunang, Y. N., Muklis, F., & Sauda, S. (2013). PENGUJIAN CELAH KEAMANAN PADA CMS (CONTENT MANAGEMENT SYSTEM). Prosiding Seminar Nasional Ilmu Komputer (SeNAIK 2013), 398–406.

Laksmiati, D. (2020). VULNERABILITY ASSESSMENT PADA SITUS WWW.HATSEHAT.COM MENGGUNAKAN OPENVAS. Jurnal Akrab Juara, 5(3), 240–246.

OWASP. (2017). OWASP Top Ten Web Application Security Risks. OWASP. https://owasp.org/www-project-top-ten/

Pangalila, R., Noertjahyana, A., & Andjarwirawan, J. (2015). PENETRATION TESTING SERVER SISTEM INFORMASI MANAJEMEN DAN WEBSITE UNIVERSITAS KRISTEN PETRA. Jurnal Infra, 3(2), 271–276.

Parizi, R. M., Dehghantanha, A., Choo, K.-K. R., & Singh, A. (2018). Empirical Vulnerability Analysis of Automated Smart Contracts Security Testing on Blockchains. In Proceedings of the 28th Annual International Conference on Computer Science and Software Engineering (CASCON18), 103–113. https://doi.org/10.5555/3291291.3291303

Putra, A. W. P., Bhawiyuga, A., & Data, M. (2018). Implementasi Autentikasi JSON Web Token (JWT) Sebagai Mekanisme Autentikasi Protokol MQTT Pada Perangkat NodeMCU. Jurnal Pengembangan Teknologi Informasi Dan Ilmu Komputer (J-PTIIK), 2(2), 584–593.

Putra, H. F., Wirawan, W., & Penangsang, O. (2019). Penerapan Blockchain dan Kriptografi untuk Keamanan Data pada Jaringan Smart Grid. Jurnal Teknik ITS, 8(1). https://doi.org/10.12962/j23373539.v8i1.38525

Rahardja, U., Harahap, E. P., & Christianto, D. D. (2019). PENGARUH TEKNOLOGI BLOCKCHAIN TERHADAP TINGKAT KEASLIAN IJAZAH. Technomedia Journal, 4(2), 211–222. https://doi.org/10.33050/tmj.v4i2.1107

Ramadhan, M. S., & Ariyani, F. (2018). PENINGKATAN KEAMANAN LOGIN WEBSITE DENGAN IMPLEMENTASI ONE TIME PASSWORD MENGGUNAKAN ALGORITMA SHA1 DAN MD5 BERBASIS MOBILE. SKANIKA, 1(2), 689–696.

Riadi, I., Umar, R., & Busthomi, I. (2020). Optimasi Keamanan Autentikasi dari Man in the Middle Attack (MiTM) Menggunakan Teknologi Blockchain. Journal of Information Engineering and Educational Technology, 4(1), 15–19. https://doi.org/http://dx.doi.org/10.26740/jieet.v4n1.p15-19

Riadi, I., Umar, R., & Lestari, T. (2020). Analisis Kerentanan Serangan Cross Site Scripting (XSS) pada Aplikasi Smart Payment Menggunakan Framework OWASP. JISKA (Jurnal Informatika Sunan Kalijaga), 5(3), 146–152. https://doi.org/10.14421/jiska.2020.53-02

Riadi, I., Yudhana, A., & W, Y. (2020). Analisis Keamanan Website Open Journal System Menggunakan Metode Vulnerability Assessment. Jurnal Teknologi Informasi Dan Ilmu Komputer, 7(4), 853. https://doi.org/10.25126/jtiik.2020701928

Rusdan, M., & Sabar, M. (2020). Design and Analysis of Wireless Network with Wireless Distribution System using Multi-Factor Authentication-based User Authentication. Journal of Information Technology, 2(1), 17–24. https://doi.org/10.47292/joint.v2i1.004

Sai Kiran, K. V. V. N. L., Devisetty, R. N. K., Kalyan, N. P., Mukundini, K., & Karthi, R. (2020). Building a Intrusion Detection System for IoT Environment using Machine Learning Techniques. Procedia Computer Science, 171(2019), 2372–2379. https://doi.org/10.1016/j.procs.2020.04.257

Sitinjak, H. S. F., Hediyanto, U. Y. K. S., & Widjajarto, A. (2020). Security Auditing Pada Vulnerable Machine Menggunakan Open Source Ids Dan Vulnerability Scanner Berdasarkan Nist Cybersecurity Framework. EProceedings of Engineering, 7(2), 7638–7646.

Sudiarto Raharjo, W., E.K. Ratri, I. D., & Susilo, H. (2017). IMPLEMENTASI TWO FACTOR AUTHENTICATION DAN PROTOKOL ZERO KNOWLEDGE PROOF PADA SISTEM LOGIN. Jurnal Teknik Informatika Dan Sistem Informasi, 3(1), 127–136. https://doi.org/10.28932/jutisi.v3i1.579

T, G. S., & Sasikala, D. (2019). Vulnerability Assessment of Web Applications using Penetration Testing. International Journal of Recent Technology and Engineering, 8(4), 1552–1556. https://doi.org/10.35940/ijrte.B2133.118419

Wibowo, F., Harjono, H., & Wicaksono, A. P. (2019). Uji Vulnerability pada Website Jurnal Ilmiah Universitas Muhammadiyah Purwokerto Menggunakan OpenVAS dan Acunetix WVS. Jurnal Informatika, 6(2), 212–217. https://doi.org/10.31311/ji.v6i2.5925

Optimasi Keamanan Web Server terhadap Serangan Broken Authentication Menggunakan Teknologi Blockchain

Authors

DOI:

Keywords:

Abstract

References

Downloads

Published

How to Cite

Issue

Section

License

Most read articles by the same author(s)

Make a Submission

Indexed by

Information

Statistic