Analysis of Higher Education SIAKAD Website Security Gaps Using the Vulnerability Assessment Method

Abstract

SIAKAD is a website-based application designed to facilitate academic management and academic activities by universities. The SIAKAD system contains sensitive and important information from lecturers and students such as personal, academic, and financial information. Seeing the importance of information security, universities must be able to ensure that their SIAKAD is protected by a strong and reliable security system. To find out threats that can be exploited by hackers, it is necessary to analyze security holes in a system. The research procedure was carried out through (1) Terminal, Zenmap, Whois, Wappalyzer as tools for foot printing or data collection, (2) OWASP ZAP as a tool for conducting Vulnerability Scanning. The results of this study revealed that there were 11 vulnerabilities found, consisting of 5 medium vulnerability levels and 6 low level vulnerabilities. In addition, to deal with these vulnerabilities, this research also discusses solutions that can be alternatives for increasing information security in higher education SIAKAD.