Article Per Year (5 Year)
p-Index From 2019 - 2024
0.444
P-Index
This Author published in this journals
All Journal Indonesian Journal of Electrical Engineering and Computer Science eProceedings of Engineering
Vreseliana Ayuningtyas
Telkom University
Computer Science & IT Control & Systems Engineering Electrical & Electronics Engineering Engineering Industrial & Manufacturing Engineering

Published : 2 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 2 Documents
Search

 1 
Vulnerability and risk assessment for operating system (OS) with framework STRIDE: comparison between VulnOS and Vulnix Adityas Widjajarto; Muharman Lubis; Vreseliana Ayuningtyas
Indonesian Journal of Electrical Engineering and Computer Science Vol 23, No 3: September 2021
Publisher : Institute of Advanced Engineering and Science

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.11591/ijeecs.v23.i3.pp1643-1653

Abstract

The rapid development of information technology has made security become extremely. Apart from easy access, there are also threats to vulnerabilities, with the number of cyber-attacks in 2019 showed a total of 1,494,281 around the world issued by the national cyber and crypto agency (BSSN) honeynet project. Thus, vulnerability analysis should be conducted to prepare worst case scenario by anticipating with proper strategy for responding the attacks. Actually, vulnerability is a system or design weakness that is used when an intruder executes commands, accesses unauthorized data, and carries out denial of service attacks. The study was performed using the AlienVault software as the vulnerability assessment. The results were analysed by the formula of risk estimation equal to the number of vulnerability found related to the threat. Meanwhile, threat is obtained from analysis of sample walkthroughs, as a reference for frequent exploitation. The risk estimation result indicate the 73 (seventy three) for the highest score of 5 (five) type risks identified while later on, it is used for re-analyzing based on the spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of prvilege (STRIDE) framework that indicated the network function does not accommodate the existing types of risk namely spoofing.
Analisis Kerentanan Menggunakan Alienvault Dan Qualys Pada Vulnerability Operating System Berdasarkan Framework Stride Vreseliana Ayuningtyas; Adityas Widjajarto; Avon budiono
eProceedings of Engineering Vol 7, No 2 (2020): Agustus 2020
Publisher : eProceedings of Engineering

Show Abstract | Download Original | Original Source | Check in Google Scholar

Abstract

Abstrak Perkembangan teknologi informasi yang semakin pesat mengakibatkan keamanan menjadi sangat penting. Di samping kemudahan akses, terdapat juga ancaman terhadap kerentanan pada teknologi informasi. Jumlah serangan siber tahun 2019 menunjukan peringkat ke lima dengan jumlah 1.494.281, data ini di dukung oleh statistik serangan siber yang dikeluarkan oleh Honeynet Project BSSN. Oleh karena itu dibutuhkan software analisis pada kerentanan. Kerentanan merupakan kelemahan pada sistem atau desain yang digunakan saat penyusup mengeksekusi perintah, mengakses data yang tidak sah dan melakukan serangan penolakan layanan. Analisis dilakukan dengan menggunakan salah satu fungsi dari software AlienVault dan Qualys yaitu Vulnerability Assessment. Hasil Vulnerability Scanning yang dilakukan dianalisis, kemudian dihitung dengan rumus risk = vulnerability x threat. Threat didapatkan dari analisis sample walkthrough, sebagai acuan eksploitasi yang sering dilakukan. Hasil estimasi risiko dengan jumlah 73 memiliki risiko tertinggi sebesar 75 sebanyak 5 risiko, kemudian estimasi risiko dianalisis kembali menggunkan framework STRIDE dengan hasil salah satu fungsi tidak mengakomodasi jenis risiko yang ada yaitu Spoofing. Kata kunci : vulnerable machine, kerentanan, ancaman, framework STRIDE. Abstract The rapid development of information technology has made security very important. Besides easy access, there are also threats to vulnerabilities in information technology. The number of cyber attacks in 2019 shows the fifth rank with a total of 1,494,281, this data is supported by the statistics of cyber attacks released by the Honeynet Project BSSN. Therefore a vulnerability analysis software is needed. Vulnerability is a weakness in the system or design used when intruders execute commands, access unauthorized data and carry out denial of service attacks. The analysis was performed using one of the functions of AlienVault and Qualys software, namely Vulnerability Assessment. Vulnerability Scanning results are analyzed, then calculated with the formula risk = vulnerability x threat. Threat is obtained from a sample walkthrough analysis, as a reference for exploitation that is often done. The results of the risk estimation with the number 73 have the highest risk of 75 as many as 5 risks, then the risk estimation is analyzed again using the STRIDE framework with the result that one functions does not accommodate the type of risk that exist, namely Spoofing. Keyword
Co-Authors Adityas Widjajarto Avon Budiono Muharman Lubis