Abstract
The Personal Identification Number or KTP is prone to be stolen and used by unwanted parties, this is also a possibility for the Simpel Desa, a village administration application that also contain and use the Personal Identification Number. This study aims to detect information security vulnerabilities. This study aims to analyze security vulnerabilities in applications using MobSF and ISO 27002:2013. MobSF is used for penetration testing for malware in applications. In MobSF the Simpel Desa application is analyzed in two ways, namely static and dynamic. ISO 27002:2013 is used to map the findings of vulnerabilities and potential misuse of information so that they get accurate analysis results. The control used is domain 9 (access control) and 10 (cryptography). The results obtained in the static analysis found the existence of vulnerabilities in aspects of cryptography and permission access. The dynamic analysis found that Root Detection and Debugger Check Bypass had not been implemented. Overall, based on ISO 27002:2013 information security has not been maximally implemented. The recommendations given focus on the aspects of application permissions and access rights, user authentication, and the implementation of information security.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: INTENSIF: Jurnal Ilmiah Penelitian dan Penerapan Teknologi Sistem Informasi
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.