Nurbojatmiko, Aris Lathifah, Faaza Bil Amri, A. Rosidah
{"title":"基于OWASP-ZAP的伊斯兰教教众筹网站安全漏洞分析","authors":"Nurbojatmiko, Aris Lathifah, Faaza Bil Amri, A. Rosidah","doi":"10.1109/CITSM56380.2022.9935837","DOIUrl":null,"url":null,"abstract":"Indonesia is a country with fairly high market development in Financial Technology (FinTech) Services in the Asia Pacific region. The innovative benefit of FinTech is sharia crowdfunding. Data and information security are important for a company or organization. The problem faced by the use of websites in various fields, especially on the sharia crowdfunding website, is the security of information concerning data from an organization. This study aims to analyze the security vulnerabilities of the sharia crowdfunding website with the Open Web Application Security Project (OWASP) approach using the Zed Attack Proxy (ZAP) tool. OWASP is an open-source framework for improving the security of application software on websites. The results of this study determine the level of vulnerability in the Sharia Crowdfunding Website. This test is carried out to find vulnerabilities and risks on a crowdfunding website and provide recommendations for improving security on the website. The top 10 Security Vulnerabilities based on OWASP consist of 4 high levels, 5 medium levels, 14 low levels, and 9 information levels including Broken Access Control, Injection, Insecure Design, Security Misconfiguration, Vulnerable and Outdated Components, and Software and Data Integrity Failures.","PeriodicalId":342813,"journal":{"name":"2022 10th International Conference on Cyber and IT Service Management (CITSM)","volume":"60 4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-09-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Security Vulnerability Analysis of the Sharia Crowdfunding Website Using OWASP-ZAP\",\"authors\":\"Nurbojatmiko, Aris Lathifah, Faaza Bil Amri, A. Rosidah\",\"doi\":\"10.1109/CITSM56380.2022.9935837\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Indonesia is a country with fairly high market development in Financial Technology (FinTech) Services in the Asia Pacific region. The innovative benefit of FinTech is sharia crowdfunding. Data and information security are important for a company or organization. The problem faced by the use of websites in various fields, especially on the sharia crowdfunding website, is the security of information concerning data from an organization. This study aims to analyze the security vulnerabilities of the sharia crowdfunding website with the Open Web Application Security Project (OWASP) approach using the Zed Attack Proxy (ZAP) tool. OWASP is an open-source framework for improving the security of application software on websites. The results of this study determine the level of vulnerability in the Sharia Crowdfunding Website. This test is carried out to find vulnerabilities and risks on a crowdfunding website and provide recommendations for improving security on the website. The top 10 Security Vulnerabilities based on OWASP consist of 4 high levels, 5 medium levels, 14 low levels, and 9 information levels including Broken Access Control, Injection, Insecure Design, Security Misconfiguration, Vulnerable and Outdated Components, and Software and Data Integrity Failures.\",\"PeriodicalId\":342813,\"journal\":{\"name\":\"2022 10th International Conference on Cyber and IT Service Management (CITSM)\",\"volume\":\"60 4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-09-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 10th International Conference on Cyber and IT Service Management (CITSM)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CITSM56380.2022.9935837\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 10th International Conference on Cyber and IT Service Management (CITSM)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CITSM56380.2022.9935837","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Security Vulnerability Analysis of the Sharia Crowdfunding Website Using OWASP-ZAP
Indonesia is a country with fairly high market development in Financial Technology (FinTech) Services in the Asia Pacific region. The innovative benefit of FinTech is sharia crowdfunding. Data and information security are important for a company or organization. The problem faced by the use of websites in various fields, especially on the sharia crowdfunding website, is the security of information concerning data from an organization. This study aims to analyze the security vulnerabilities of the sharia crowdfunding website with the Open Web Application Security Project (OWASP) approach using the Zed Attack Proxy (ZAP) tool. OWASP is an open-source framework for improving the security of application software on websites. The results of this study determine the level of vulnerability in the Sharia Crowdfunding Website. This test is carried out to find vulnerabilities and risks on a crowdfunding website and provide recommendations for improving security on the website. The top 10 Security Vulnerabilities based on OWASP consist of 4 high levels, 5 medium levels, 14 low levels, and 9 information levels including Broken Access Control, Injection, Insecure Design, Security Misconfiguration, Vulnerable and Outdated Components, and Software and Data Integrity Failures.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
