Abstract
This paper reports on security concerns in the E-voting used for the election of village heads. Analysis of the system and server uses two different tools to determine the accuracy of scanning vulnerabilities based on the OWASP Framework. We reported that the results of the scanning using the ZAP tool got vulnerability information with the following risk level, one high level, three medium levels, and eleven low levels. The Arachni tool got vulnerability information with the following risk level, one high level, three medium levels, and two low levels. ZAP has a more complex vulnerability view than Arachni. Fatal findings on E-voting in this E-voting system is XSS, which impacts clients, which can be exploited by attackers to bypass security. Directory Traversal allows attackers to access directories and can execute commands outside of the web server’s base directory. Cyber Hiscox Readiness report in 2018 in several European countries such as The United States, Britain, Germany, Spain, and the Netherlands, that the Attackers target through the most vulnerable security holes such as injection, Broken Authentication, Sensitive Data Exposure, XXE, Merged, Security Misconfiguration, XSS, Insecure Deserialization, Using Components with Known Vulnerabilities, Insufficient Logging, and Monitoring. The purpose of cyberattacks alone can threaten the stability of the country and disturb other factors. E-voting, as part of an electronic government system, needs to be audited in terms of security, which can cause the system to disrupt.
Highlights
The development of information technology is used to replace previous habits that have not been computerizing
This research focuses on preventing attacks targeting web applications, servers, and artefacts related to vulnerability analysis in the E-voting tested concerning source code, libraries, folders, encryption, and web interfaces
In Zed Attack Proxy4 (ZAP) Scanning Report consists of Summary of Alerts, which are grouping in certain levels along with the amount
Summary
The development of information technology is used to replace previous habits that have not been computerizing. ZAP can automatically scan for security vulnerabilities in web applications when they are developed and tested. In addition to explaining application security risks, OWASP Top 10 is a Guide for developers and security teams to control weaknesses in web applications that are vulnerable to attack and to anticipate. These various vulnerabilities make it easy for intruders to embed malware, search for data, or completely take over the site [10]. This research focuses on preventing attacks targeting web applications, servers, and artefacts related to vulnerability analysis in the E-voting tested concerning source code, libraries, folders, encryption, and web interfaces. In ZAP Scanning Report consists of Summary of Alerts, which are grouping in certain levels along with the amount
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Advanced Computer Science and Applications
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
