Application Security Testing to Support Digital-Based Cultural Ecosystem in Jogja Smart Province

https://doi.org/10.22146/jpkm.80089

Sahirul Alam(1*), Sri Lestari(2), Budi Bayu Murti(3), Nur Rohman Rosyid(4), Ronald Adrian(5), Anni Karimatul Fauziyyah(6), Muhammad Hamdan(7), Josua Rusdi Hutagaol(8), Sakhiya Abida(9), Ingrid Rorez Dialusi Sinurat(10)

(1) Department of Electrical Engineering and Informatics, Vocational College, Universitas Gadjah Mada, Yogyakarta, Indonesia
(2) Department of Electrical Engineering and Informatics, Vocational College, Universitas Gadjah Mada, Yogyakarta, Indonesia
(3) Department of Electrical Engineering and Informatics, Vocational College, Universitas Gadjah Mada, Yogyakarta, Indonesia
(4) Department of Electrical Engineering and Informatics, Vocational College, Universitas Gadjah Mada, Yogyakarta, Indonesia
(5) Department of Electrical Engineering and Informatics, Vocational College, Universitas Gadjah Mada, Yogyakarta, Indonesia
(6) Department of Electrical Engineering and Informatics, Vocational College, Universitas Gadjah Mada, Yogyakarta, Indonesia
(7) Department of Electrical Engineering and Informatics, Vocational College, Universitas Gadjah Mada, Yogyakarta, Indonesia
(8) Department of Electrical Engineering and Informatics, Vocational College, Universitas Gadjah Mada, Yogyakarta, Indonesia
(9) Department of Electrical Engineering and Informatics, Vocational College, Universitas Gadjah Mada, Yogyakarta, Indonesia
(10) Department of Electrical Engineering and Informatics, Vocational College, Universitas Gadjah Mada, Yogyakarta, Indonesia
(*) Corresponding Author

Abstract


The Jogja Smart Province (JSP) is a framework for using IT to encourage regional cooperation to assist in resolving specific strategic challenges or difficulties. Additionally, JSP supports the growth of potential in Yogyakarta’s Special Region. Several digital apps, including mobile and web-based ones, support JSP. These applications are crucial to actualizing the five JSP aspects of smart living, culture, society, environment, and governance. However, several significant issues, such as cyberattacks on JSP applications, pose a danger to the long-term viability of JSP. To do penetration testing of JSP-owned applications, the Department of Electrical Engineering and Informatics at the Vocational College of Universitas Gadjah Mada is conducting this community participation initiative. The Communication and Informatics Office of the Special Region of Yogyakarta permitted to handle JSP apps, is a partner in this community involvement initiative. Applications including Jogja Istimewa, Visiting Jogja, e-Prima, BiroHukum, Paperless, Jogjaplan, LPSE, Peladen, Sadewa, Jogjaprov, and Simpeg2 are among those targeted for penetration testing. The potential flaws detected in JSP applications can be found by performing penetration testing on these apps. In addition, several recommendations are made to strengthen JSP applications’ resistance to future cyberattacks. Therefore, this activity can improve the security of the users’ data and directly impact the community.


Keywords


Application penetration testing; Cyber-attack; Information security; Jogja smart province

Full Text:

PDF


References

3S Labs. (2022). Web application penetration testing. https://www.3slabs.com/web-application-penetration-testing.php

Bastian, A., Sujadi, H., & Abror, L. (2020). Analisis keamanan aplikasi data pokok pendidikan (DAPODIK) menggunakan penetration testing dan SQL injection. INFOTECH journal, 65-70.

Diskominfo DIY. (2022). Jogja istimewa apps. https://diskominfo.jogjaprov.go.id/layanan/lihat/jogja-istimewa-apps

Diskominfo DIY. (2022). Jogja smart province - development plans. https://jsp.jogjaprov.go.id/p/6-development-plans

Hanafi, T. A., Iswahyudi C., & Rachmawati, R. Y. (2019). Aplikasi pendeteksi celah keamanan aplikasi web dengan penetration testing menggunakan metode input validation. Jurnal SCRIPT, 132-141.

Henry, K. M. (2012). Penetration testing: Protecting networks and systems. IT Governance Ltd.

Lee, H., Kwon, E., Yoo, K., & Chai, S. (2016). An impact of information security investment on information security incidents: A case of Korean organizations. ACM International Conference Proceeding Series,1-4.

Lopes, N. V. (2017). Smart governance: A key factor for smart cities implementation. International Conference on Smart Grid and Smart Cities, 277-282.

OWASP. (2022). About the OWASP foundation. https://owasp.org/about/

Pohan, Y. A., Yunus, Y., & Sumijan. (2021). Meningkatkan keamanan webserver aplikasi pelaporan pajak daerah menggunakan metode penetration testing execution standar. Jurnal Sistim Informasi dan Teknologi, 1-6.

Tarigan, B. V., Kusyanti, A., & Yahya, W. (2017). Analisis perbandingan penetration testing tool untuk aplikasi web. Jurnal Pengembangan Teknologi Informasi dan Ilmu Komputer, 206-214.

Wicaksono, B., Kusumaningsih, R. Y., & Iswahyudi, C. (2020). Pengujian celah keamanan aplikasi berbasis web menggunakan teknik penetration pesting dan DAST (Dynamic Application Security Testing). Jurnal Jarkom, 1-9.



DOI: https://doi.org/10.22146/jpkm.80089

Article Metrics

Abstract views : 1754 | views : 1066

Refbacks

  • There are currently no refbacks.




Copyright (c) 2023 Jurnal Pengabdian kepada Masyarakat (Indonesian Journal of Community Engagement)

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Jurnal Pengabdian kepada Masyarakat (Indonesian Journal of Community Engagement)

ISSN (print) 2460-9447ISSN (online) 2541-5883