Analysis of security Vulnerability Assessment In Web Application Environment Using Common Vulnerability Scoring System Method

Analysis of security Vulnerability Assessment In Web Application Environment Using Common Vulnerability Scoring System Method

• By Wahidin, Ahmad Jurnaidi;
• Jurnal Internasional
• 428
• 19-24

The development of this increasingly advanced era, many companies spend all means to be able to improve security on the side of the system used, the increasing crime in the digital world, one of which is cyber crime such as hacking activities. In order to maintain security in the data, the company needs to test the security of the information system, one of which is by testing the penetration testing. Security vulnerability in a web application system cannot be denied because the web is generally dynamic and accessible to the public, therefore penetration testing is needed to test the extent to which the security level in the system is running. The analysis of security vulnerability assessment in the Web Application Environment in this study uses the Common Vulnerability Scoring System (CVSS) with penetration testing as a testing technique, with the aim of measuring the level of vulnerability in a Common Vulnerability Scoring System (CVSS) system. found that it can be improved its vulnerability level, in this study found at the level of high vulnerability obtained the value of 8.50 using two tools namely nessus and acunetix with the method of penetration testing results obtained have similar vulnerability levels and the findings of vulnerability can be calculated manually using the Common Vulnerability Scoring System (CVSS). 

• Katakunci CVSS, Vulnerability Assessment, Penetration Testing, System Security, System Vulnerabilities.
• URL http://www.ijctjournal.org/Volume5/Issue6/IJCT-V5I6P4.pdf
• Penerbit ,

REFERENSI

[1] Christian Mainka, J. S. (2012). Penetration Testing Tool for Web Services Security. IEEE Eighth World Congress on Services.

[2] Farkhod Alisherov A., a. F. (2011). Methodology for Penetration Testing. International Journal of of Grid and Distributed Computing. Serverity Base Score Range None 0.0 Low 0.1-3.9 Medium 4.0-6.9 High 7.0-8.9 Critical 9.0-10.0 

[3] Goel, J. N. (2015). Vulnerability Assessment & Penetration Testing as a Cyber Defence Technology. International Conference on Recent Trends in Computing.

[4] Gupta, A. (2013). Vulnerability Assessment and Penetration Testing. International Journal of Engineering Trends and TechnologyVolume4Issue3- 2013.

[5] Kaur, M. G. (2017). Penetration Testing – Reconnaissance with NMAP Tool. International Journal of Advanced Research in Computer Science.

[6] Keramati, M. a. (2013). CVSS-based Security Metrics for Quantitative Analysis Of Attack Graphs. International Conference on Computer and Knowledge Engineering (ICCKE 2013).

[7] Klíma, T. (2017). Methodology of Information . Acta Informatica Pragensia, 2016, 5(2): 98–117.

[8] McDonald, J. D. (2016). Improving Penetration Testing Methodologies for Security-Based Risk Assessment . Cybersecurity Symposium.

[9] Muhammad Zunnurain Hussain, M. Z. (2017). Penetration Testing In System Administration. INTERNATIONAL JOURNAL OF SCIENTIFIC & TECHNOLOGY RESEARCH VOLUME 6, ISSUE 06.

[10] Salas, M. (2014). Security Testing Methodology for Vulnerabilities Detection of XSS in Web Services and WS-Security. Electronic Notes in Theoretical Computer Science