Abstract

The concept of security through obscurity is not recommended by the National Institute of Standards and Technology (NIST) as a form of system security. Basically this concept hides assets as difficult as possible so that it is not easy for attackers to find them, so that it can be used to avoid vulnerability scanner applications that are widely used by attackers to find out web system weaknesses. This research was conducted by modifying the web application firewall (WAF) and testing using the SQLMap and OWASP Zed Attack Proxy (ZAP) vulnerability scanner applications. The results of the study show that SQLMap takes up to 1238 times longer to complete a scan on a modified web application firewall than without modification, while OWASP ZAP cannot complete a scan on the same treatment. Thus the concept of security through obscurity can be applied to web security to extend vulnerability scanning time.

Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Translating Research Into the Classroom: The NIST Summer Institute for Middle School Science Teachers
Toby Ratcliffe ... Mary B Satterfield
MRS Proceedings | VOL. 1583
Toby Ratcliffe, et. al.Toby Ratcliffe ... Mary B Satterfield
01 Jan 2013
TU-B-224-01: Impact of the National Institute of Standards and Technology (NIST) on Radiation Dosimetry in Medical Physics
M Mcewen ... R Tosh
Medical Physics | VOL. 38
M Mcewen, et. al.M Mcewen ... R Tosh
01 Jun 2011
Identification and application of security measures for petrochemical industrial control systems
John W Piper ... H.M Leith
Journal of Loss Prevention in the Process Industries | VOL. 26
John W Piper, et. al.John W Piper ... H.M Leith
23 Oct 2013
Gas Standards Development in Support of NASA’s Sensor Calibration Program Around the Space Shuttle
Eric J Gore ... Walter R Miller
Analytical Chemistry | VOL. 81
Eric J Gore, et. al.Eric J Gore ... Walter R Miller
03 Apr 2009
View more papers

More From: Jurnal Teknik Informatika (Jutif)

Paper Title
Journal
Date
Author
TEXT CLASSIFICATION USING INDOBERT FINE-TUNING MODELING WITH CONVOLUTIONAL NEURAL NETWORK AND BI-LSTM
Alda Zevana ... Dwiza Riana
Jurnal Teknik Informatika (Jutif) | VOL. 4
Alda Zevana, et. al.Alda Zevana ... Dwiza Riana
15 Jan 2024
COMPARISON OF ALGORITHM BETWEEN CLASSIFICATION & REGRESSION TREES AND SUPPORT VECTOR MACHINE IN DETERMINING STUDENT ACCEPTANCE IN STATE UNIVERSITIES
M Anwar Sadat ... Pujiono Pujiono
Jurnal Teknik Informatika (Jutif) | VOL. 4
M Anwar Sadat, et. al. M Anwar Sadat ... Pujiono Pujiono
08 Jan 2024
REAL TIME ONLINE EXAM PROCTORING SYSTEM IN HIGHER EDUCATION USING WEBRTC TECHNOLOGY
Mychael Maoeretz Engel ... Jeems Terri Agustinus
Jurnal Teknik Informatika (Jutif) | VOL. 4
Mychael Maoeretz Engel, et. al.Mychael Maoeretz Engel ... Jeems Terri Agustinus
06 Jan 2024
ANALYSIS OF THE INFLUENCE OF BUSINESS INTELLIGENCE ON BEVERAGE SALES KONNICHIWA COFFEE USING THE METHOD EQUIVALENCE CLASS TRANSFORMATION
Leonard Vincent Satria ... Afifah Trista Ayunda
Jurnal Teknik Informatika (Jutif) | VOL. 4
Leonard Vincent Satria, et. al.Leonard Vincent Satria ... Afifah Trista Ayunda
04 Jan 2024
View more papers