scholarly journals Vulnerability Assessment and Penetration Testing On The Xyz Website Using Nist 800-115 Standard

2022 ◽  
Vol 7 (1) ◽  
pp. 520
Author(s):  
Wasis Wardana ◽  
Ahmad Almaarif ◽  
Adityas Widjajarto

Currently the website has become an effective communication tool. However, it is essential to have vulnerabilities assessment and penetration testing using specific standards on released websites to the public for securing information. The problems raised in this research are conducting vulnerability testing on the XYZ website to analyze security gaps in the XYZ website, as well as conducting penetration testing on high vulnerabilities found. Testing was conducted using the NIST 800 – 115 Standard through 4 main stages: planning, discovery, attack, and report. Several tools were used: Nmap, OWASP ZAP, Burp Suite, and Foxy Proxy. This research results are presented and analyzed. There were seven vulnerabilities found, one high-level vulnerability, two medium-level vulnerabilities, and four low-level vulnerabilities. At the high level, SQL Injection types are found, at the medium level, Cross-Domains Misconfiguration and vulnerabilities are found, at the low level, Absence of Anti-CSRF Tokens, Incomplete or No Cache-control and Pragma HTTP Header Set, Server Leaks Information via “X-Powered-By” HTTP Response Header Field and X-Content-Type-Options Header Missing are found.

2021 ◽  
pp. 0308518X2199781
Author(s):  
Xinyue Luo ◽  
Mingxing Chen

The nodes and links in urban networks are usually presented in a two-dimensional(2D) view. The co-occurrence of nodes and links can also be realized from a three-dimensional(3D) perspective to make the characteristics of urban network more intuitively revealed. Our result shows that the external connections of high-level cities are mainly affected by the level of cities(nodes) and less affected by geographical distance, while medium-level cities are affected by the interaction of the level of cities(nodes) and geographical distance. The external connections of low-level cities are greatly restricted by geographical distance.


2018 ◽  
Vol 36 (6) ◽  
pp. 1114-1134 ◽  
Author(s):  
Xiufeng Cheng ◽  
Jinqing Yang ◽  
Lixin Xia

PurposeThis paper aims to propose an extensible, service-oriented framework for context-aware data acquisition, description, interpretation and reasoning, which facilitates the development of mobile applications that provide a context-awareness service.Design/methodology/approachFirst, the authors propose the context data reasoning framework (CDRFM) for generating service-oriented contextual information. Then they used this framework to composite mobile sensor data into low-level contextual information. Finally, the authors exploited some high-level contextual information that can be inferred from the formatted low-level contextual information using particular inference rules.FindingsThe authors take “user behavior patterns” as an exemplary context information generation schema in their experimental study. The results reveal that the optimization of service can be guided by the implicit, high-level context information inside user behavior logs. They also prove the validity of the authors’ framework.Research limitations/implicationsFurther research will add more variety of sensor data. Furthermore, to validate the effectiveness of our framework, more reasoning rules need to be performed. Therefore, the authors may implement more algorithms in the framework to acquire more comprehensive context information.Practical implicationsCDRFM expands the context-awareness framework of previous research and unifies the procedures of acquiring, describing, modeling, reasoning and discovering implicit context information for mobile service providers.Social implicationsSupport the service-oriented context-awareness function in application design and related development in commercial mobile software industry.Originality/valueExtant researches on context awareness rarely considered the generation contextual information for service providers. The CDRFM can be used to generate valuable contextual information by implementing more reasoning rules.


2021 ◽  
Vol 6 (1) ◽  
pp. 62-68
Author(s):  
M. Arif Wahyu Daroini ◽  
Tri Novita Irawati ◽  
Sholahudin Al Ayubi

This study aims to determine students' mathematical problem solving abilities based on their high, medium and low level of ability in solving the problem. This type of research is descriptive qualitative. The data collecting method that use are observation, test, and interview. The results showed that the problem-solving ability of high-level subjects reached an average of 75%, the problem-solving abilities of medium-level subjects reached an average of 67%, the problem-solving abilities of low-level subjects reached an average of 67%, out of a maximum score of 100. The result of interview, ability level high, medium, and low, students are capable and good even though it does not reach 100%. So, it can be concluded that high, medium, and low level abilities are good for going through the problem solving ability indicator.  Keywords: problem solving, online learning  


2019 ◽  
Vol 10 (5) ◽  
pp. 602-611
Author(s):  
Airee Afiq Abd Rahim ◽  
Shahrum Abdullah ◽  
Salvinder Singh Karam Singh ◽  
Mohd. Zaki Nuawi

Purpose The purpose of this paper is to focus on the reliability assessment on the basis of automobile suspension fatigue life using wavelet decomposition method. Design/methodology/approach The discrete wavelet transform (DWT) of automobile coil spring signal is implemented as a response to different road surfaces. A reliability analysis is applied to determine the potential of the wavelet implementation in fatigue life analysis. The signals used in this study are highway and rural road. Findings On the basis of the implementation of wavelet decomposition method, low-level decomposition replicates the original signals in comparison with high-level decomposition. The fatigue life of low-level decomposition lies in the 2:1 and 1:2 correlation graph. The percentage difference for mean cycle to failure presents low values for low-level decomposition, with 44.31 per cent for highway and 44.20 per cent for rural road. The percentage of difference for high-level decomposition is high. Originality/value The determination of fatigue life analysis by using the DWT method is suitable for low-level decomposition. High-level decomposition is considered noise that cannot be eliminated and does not contribute to the failure of the structure.


2016 ◽  
Vol 60 (4) ◽  
pp. 2090-2096 ◽  
Author(s):  
Jung-Yien Chien ◽  
Wei-Yih Chiu ◽  
Shun-Tien Chien ◽  
Chia-Jung Chiang ◽  
Chong-Jen Yu ◽  
...  

ABSTRACTIn order to correlate the mutations inside the entiregyrAandgyrBgenes with the level of resistance to ofloxacin (OFX) and moxifloxacin (MFX) in isolates of multidrug-resistantMycobacterium tuberculosis(MDR-TB), a total of 111 isolates were categorized into OFX-susceptible (MIC, ≤2 μg/ml) and low-level (MIC, 4 to 8 μg/ml) and high-level (MIC, ≥16 μg/ml) OFX-resistant isolates and MFX-susceptible (MIC, ≤0.5 μg/ml) and low-level (MIC, 1 to 2 μg/ml) and high-level (MIC, ≥4 μg/ml) MFX-resistant isolates. Resistance-associated mutations inside thegyrAgene were found in 30.2% of OFX-susceptible and 72.5% and 72.2% of low-level and high-level OFX-resistant isolates and in 28.6% of MFX-susceptible and 58.1% and 83.9% of low-level and high-level MFX-resistant isolates. Compared with OFX-susceptible isolates, low-level and high-level OFX-resistant isolates had a significantly higher prevalence of mutations atgyrAcodons 88 to 94 (17.0%, 65.0%, and 72.2%, respectively;P< 0.001) and a higher prevalence of thegyrBG512R mutation (0.0%, 2.5%, and 16.7%, respectively;P= 0.006). Similarly, compared with MFX-susceptible isolates, low-level and high-level MFX-resistant isolates had a significantly higher prevalence of mutations atgyrAcodons 88 to 94 (14.3%, 51.6%, and 80.6%, respectively;P< 0.001) as well as a higher prevalence of thegyrBG512R mutation (0.0%, 0.0%, and 12.9%, respectively;P= 0.011). D94G and D94N mutations ingyrAand the G512R mutation ingyrBwere correlated with high-level MFX resistance, while the D94A mutation was associated with low-level MFX resistance. The prevalence of mutations atgyrAcodons 88 to 94 and thegyrBG512R mutation were higher among fluoroquinolone (FQ)-susceptible East Asian (Beijing) and Indo-Oceanic strains than they were among Euro-American strains, implying that molecular techniques to detect FQ resistance may be less specific in areas with a high prevalence of East Asian (Beijing) and Indo-Oceanic strains.


2019 ◽  
Vol 63 (5) ◽  
Author(s):  
Jun Li ◽  
Haihong Hao ◽  
Menghong Dai ◽  
Heying Zhang ◽  
Jianan Ning ◽  
...  

ABSTRACT This study aimed to investigate the genetic characteristics, antibiotic resistance patterns, and novel mechanisms involved in fluoroquinolone (FQ) resistance in commensal Escherichia coli isolates. The E. coli isolates were recovered from a previous clinical study and subjected to antimicrobial susceptibility testing and molecular typing. Known mechanisms of FQ resistance (target site mutations, plasmid-mediated quinolone resistance [PMQR] genes, relative expression levels of efflux pumps and porins) were detected using DNA sequencing of PCR products and real-time quantitative PCR. Whole-genome shotgun sequencing was performed on 11 representative strains to screen for single nucleotide polymorphisms (SNPs). The function of a key SNP (A1541G) was investigated by site-directed mutagenesis and allelic exchange. The results showed that long-term enrofloxacin treatment selected multidrug-resistant (MDR) E. coli isolates in the chicken gut and that these E. coli isolates had diverse genetic backgrounds. Multiple genetic alterations, including double mutations on GyrA (S83L and D87N), a single mutation on ParC (S80I) and ParE (S458E), activation of efflux pumps, and the presence of the QnrS1 protein, contributed to the high-level FQ resistance (enrofloxacin MIC [MICENR] ≥ 128 μg/ml), while the relatively low-level FQ resistance (MICENR = 8 or 16 μg/ml) was commonly mediated by decreased expression of the porin OmpF, besides enhancement of the efflux pumps. No significant relationship was observed between resistance mechanisms and virulence genes. Introduction of the A1541G mutation on aegA was able to increase FQ susceptibility by 2-fold. This study contributes to a better understanding of the development of MDR and the differences underlying the mechanisms of high-level and low-level FQ resistance in E. coli.


2018 ◽  
Vol 7 (3) ◽  
pp. 279-290 ◽  
Author(s):  
Im Gon Cho

Purpose The purpose of this paper is to make policy recommendations for the current fiscal decentralization discussion by examining the operating mechanisms of local taxes, unconditional grants, and conditional grants within the fiscal relationships between the national government and local governments in Korea. Design/methodology/approach After examining the current fiscal relationships between the national government and the local governments, this paper analyzes trends of local taxes, unconditional grants from both national and high-level local governments, and conditional grants from both national and high-level (or provincial level) local governments between 2002 and 2015. Local governments are classified into high-level local governments, and three types of low-level local governments are: si, kun, and ku. Findings Since the structure of local government finances in Korea is very complicatedly intertwined, the present decentralization discussion regarding increasing the share of local tax revenues may not achieve its purpose of fiscal decentralization. The authorities in charge of revenue allocation should be first decentralized at high-level local governments; high-level local governments should then arrange unconditional and conditional grants from high-level local governments to low-level local governments while taking into consideration unconditional and conditional grants from the national government to low-level governments. Originality/value The dichotomy between the central government and local municipalities has been utilized in the existing discussion regarding fiscal decentralization in Korea, but this study highlights the important resource allocation roles of high-level local governments.


2021 ◽  
Vol 930 (1) ◽  
pp. 012094
Author(s):  
E P Anindia ◽  
E Hidayah ◽  
R U A Wiyono

Abstract Puger sub-district is categorized as a tsunami-prone area because of its location in the South Coast, directly facing the Indian Ocean, which is the meeting point for two active tectonic plates. The active plate zone is prone to causing earthquakes that raise tsunamis. This article will describe the tsunami hazard and vulnerability level in Puger sub-district using the Geographic Information System (GIS) application. The method in this study uses a weighted overlay method. The weighting method is carried out to determine the level of tsunami hazard and vulnerability by following the weighting criteria in previous studies. Physical vulnerability criteria include land elevation, slope, beach type, land use, coastline distance, and rivers. The tsunami hazard level is determined based on the tsunami run-up map from previous studies. Based on the results of the risk mapping, it was found that there were five risk categories in Puger sub-district, namely the very low level (13.90 Ha), low level (271.99 Ha), medium level (7133.25 Ha), high level (644.22 Ha), and very high level (23.29 Ha).


Author(s):  
Yosua Ade Pohan ◽  
Yuhandri Yunus ◽  
S Sumijan

Regional Tax Reporting Application Webserver is one of the public services for taxpayers to report their sales transactions. This application can be accessed on the domain http://sptpd.payakumbuhkota.go.id. This application is public, so the principles of information security must be applied to prevent cyber attacks. The principles of information security include confidentiality, integrity, and availability. To apply this information security principle, it is necessary to conduct vulnerability assesment of the application webserver. This study aims to improve the security of the application webserver so that the data and information in it is secure. The method used in this study is the Penetration Testing Execution Standard which is one of the methods developed by the Pentest Organization to become a standard in analyzing or auditing security systems. The results of vulnerability testing using software Acunetix, Nikto, BurpSuite and Owasp, there are seven types of vulnerabilities, namely: X-Frame Header Options is Missing, CSRF Attack, Cookie Without Only Flash, DNS Vulnerability, Ddos Attack, Bruteforce Page Login and Open Port. The vulnerability can be exploited, where the level of application vulnerability is in the medium category. The recommendations for fixing vulnerabilities can be applied by the developer, so that after repairs are made, the vulnerability level of the application webserver is in the low category and there is only one type of vulnerability, namely BruteForce Page


Author(s):  
Priyanka Patra ◽  
S. S. Dana ◽  
S. B. Ramya Lakshmi

The present study was conducted to assess the empowerment level of women in the fisheries sector in the Ganjam district of Odisha. In the inland sector, the highest numbers of women are of the fishermen population in Ganjam district i.e. 29476 out of a total 263514 number of female fisheries population of the state (Directorate of Fisheries, Government of Odisha, 2015). A very good concentration of women is involving in fisheries activities in this district. But when sector-specific cases are concerned, there are very few studies found where different dimensions of women empowerment through fisheries are discussed. The results revealed that the majority of the respondents (66.60%) in the Inland sector are grouped under a medium level of empowerment followed by low and high-level empowerment (16.70%). These results indicated that there is a significant move towards the empowerment of women in the case of inland fisheries. However, in the Marine sector equal percentage of respondents belonged to both medium and high levels of women empowerment i.e. each 30 (50.00%) and low level of empowerment was nil which indicates the level of empowerment in the marine fisheries activities compared to inland fisheries. With this background, the overall empowerment score was categorized into the low, medium, and high level of empowerment where a majority of the respondents (71.6%) were under the medium level of empowerment followed by the equal percentage of the low and high level of empowerment (14.2%). The composite score of empowerment of women is also encouraging. However, efforts are needed to bring women empowerment from medium level to a higher level. There is also a need to uplift a section of women who are still in the lower category of empowerment.


Sign in / Sign up

Export Citation Format

Share Document