Uji Penetrasi Keamanan Website Dinas Komunikasi dan Informatika

Authors

  • Rimba Dirgantara Politeknik Negeri Bengkalis
  • Rezki Kurniati Politeknik Negeri Bengkalis
  • Nurmi Hidayasari Politeknik Negeri Bengkalis

DOI:

https://doi.org/10.62411/tc.v24i1.12259

Abstract

Website resmi Dinas Komunikasi dan Informatika Kabupaten XYZ memiliki peran penting dalam menyebarkan informasi pemerintah kepada masyarakat, tetapi kerentanannya terhadap serangan seperti SQL Injection, Brute Force, XSS, CSRF dan DDoS mengancam integritas data dan ketersediaan layanan. Penelitian ini bertujuan untuk mengidentifikasi celah keamanan, menerapkan mitigasi dan mengukur tingkat keamanan menggunakan sistem penilaian CVSS. Kebaruan penelitian ini terletak pada integrasi metode mitigasi manual dan otomatis serta penerapan notifikasi real-time berbasis Telegram menggunakan Snort sebagai Intrusion Detection System (IDS). Hasil penelitian menunjukkan bahwa mitigasi yang diterapkan, seperti validasi input, sanitasi, penggunaan prepared statements dan CAPTCHA, mampu menghilangkan keberhasilan serangan SQL Injection dan memperkuat perlindungan terhadap potensi serangan Brute Force. Serangan XSS, CSRF, dan DDoS tetap gagal berkat proteksi bawaan. Dengan kombinasi mitigasi dan sistem notifikasi real-time, penelitian ini memberikan kontribusi nyata dalam meningkatkan keamanan website pemerintah, menyediakan langkah konkret untuk mengurangi risiko serangan, dan mempercepat respons terhadap ancaman. Temuan ini relevan untuk penelitian masa depan dalam pengamanan website sektor publik.   Kata kunci: Penetrasi Testing, SQL Injection, Bruteforce, XSS, CSRF

Downloads

Published

2025-02-26

Issue

Vol. 24 No. 1 (2025): Februari 2025

Section

Articles

License

Copyright (c) 2025 Rimba Dirgantara, Rezki Kurniati, Nurmi Hidayasari

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

 

License Terms

All articles published in Techno.COM Journal are licensed under the Creative Commons Attribution-NonCommercial 4.0 International (CC BY-NC 4.0). This means:

1. Attribution

Readers and users are free to:

  • Share – Copy and redistribute the material in any medium or format.

  • Adapt – Remix, transform, and build upon the material.

As long as proper credit is given to the original work by citing the author(s) and the journal.

2. Non-Commercial Use

  • The material cannot be used for commercial purposes.

  • Commercial use includes selling the content, using it in commercial advertising, or integrating it into products/services for profit.

3. Rights of Authors

  • Authors retain copyright and grant Techno.COM Journal the right to publish the article.

  • Authors can distribute their work (e.g., in institutional repositories or personal websites) with proper acknowledgment of the journal.

4. No Additional Restrictions

  • The journal cannot apply legal terms or technological measures that restrict others from using the material in ways allowed by the license.

5. Disclaimer

  • The journal is not responsible for how the published content is used by third parties.

  • The opinions expressed in the articles are solely those of the authors.

For more details, visit the Creative Commons License Page:
? https://creativecommons.org/licenses/by-nc/4.0/

 

Most read articles by the same author(s)

Obs.: This plugin requires at least one statistics/report plugin to be enabled. If your statistics plugins provide more than one metric then please also select a main metric on the admin's site settings page and/or on the journal manager's settings pages.