Mobile Application Bimbingan Tugas Akhir Mahasiswa Pada Stmik Handayani Makassar Sebagai Media Pendukung Pembelajaran Daring

Penelitian ini bertujuan untuk mengembangkan serta menguji akses antara mobile application yang dibangun dengan framework apache cordova dan web server apache melalui hypertext transfer protocol (HTTP) menggunakan Object XHR dari Javascript. Aplikasi yang dibangun menggunakan studi kasus bimbingan tugas akhir pada STMIK Handayani Makassar. Penelitian ini dilaksanakan menggunakan metode research and development (R & D) yang terdiri atas beberapa tahapan yaitu tahap analisis meliputi tinjauan terhadap penggunaan framework apache cordova dan web service, tahap perancangan menggunakan unified modelling language, tahap pembuatan aplikasi dan tahap pengujian menggunakan metode blackbox. Hasil penelitian menunjukkan bahwa seluruh fungsi aplikasi dapat mengakses data dari web service. Terdapat perbedaan waktu request data server ketika aplikasi dijalankan pada emulator (google chrome) dan aplikasi yang diinstalasi langsung pada perangkat android dengan sistem operasi MIUI OS dan ColorOS. Request data server dengan emulator lebih cepat dengan perbedaan waktu yang tidak begitu signifikan yaitu rata-rata selisih waktu hanya 41,76 ms untuk MIUI OS dan 46,52 ms untuk ColorOS.

e-commerce cybersecurity vulnerability, http protocol case

This paper was designed with the intention of analyzing the vulnerability of e-commerce web sites. We are going to describe the transmission of data in clear text without encryption by hypertext transfer protocol (HTTP), reason why we argue that by means of a sniffer technique this information can be captured and this way violating customer privacy information.

MITIGATING SLOW HYPERTEXT TRANSFER PROTOCOL DISTRIBUTED DENIAL OF SERVICE ATTACKS IN SOFTWARE DEFINED NETWORKS

Distributed Denial of Service (DDoS) attacks has been one of the persistent forms of attacks on information technology infrastructure connected to public networks due to the ease of access to DDoS attack tools. Researchers have been able to develop several techniques to curb volumetric DDoS which overwhelms the target with a large number of request packets. However, compared to slow DDoS, limited number of research has been executed on mitigating slow DDoS. Attackers have resorted to slow DDoS because it mimics the behaviour of a slow legitimate client thereby causing service unavailability. This paper provides the scholarly community with an approach to boosting service availability in web servers under slow Hypertext Transfer Protocol (HTTP) DDoS attacks through attack detection using Genetic Algorithm and Support Vector Machine which facilitates attack mitigation in a Software-Defined Networking (SDN) environment simulated in GNS3. Genetic algorithm was used to select the Netflow features which indicates the presence of an attack and also determine the appropriate regularization parameter, C, and gamma parameter for the Support Vector Machine classifier. Results obtained showed that the classifier had detection accuracy, Area Under Receiver Operating Curve (AUC), true positive rate, false positive rate and a false negative rate of 99.89%, 99.89%, 99.95%, 0.18%, and 0.05% respectively. Also, the algorithm for subsequent implementation of the selective adaptive bubble burst mitigation mechanism was presented. This study contributes to the ongoing research in detecting and mitigating slow HTTP DDoS attacks with emphasis on the use of machine learning classification and meta-heuristic algorithms.

Secure Browsing in Local Government: The Case of Portugal

This article addresses the adoption and use of Hypertext Transfer Protocol Secure (HTTPS) in the entry pages of the official websites of all (308) Portuguese municipalities. This is relevant because such websites are typically used to provide transactional services to citizens, and citizens need to trust that websites are authentic and that confidentiality and integrity of the information exchanged is assured in the communication process. Automated and, whenever needed, manual analyses were used to investigate the entry pages. Specifically, we checked for the existence of an HTTPS site; the correctness of website certificates and their certification chain; coherence between contents of the HTTP and HTTPS versions of websites; redirection from the HTTP version of a website to its HTTPS version; the existence of resources fetched using HTTP in HTTPS versions of websites; and exploitation of HSTS. A Quality Indicator was then defined and a classification of the municipalities into quality groups was produced. Possible determinants for the results obtained by the municipalities were also investigated. The general conclusion is that there is still much to be done to assure that citizens can communicate securely with the websites of all Portuguese municipalities, since only 3.6% of the municipalities were considered good, while 46.1% do not guarantee the minimum conditions. We argue that these results are associated with the fact that most Portuguese municipalities do not have the critical technical and managerial mass to correctly implement and maintain their websites. To mitigate this limitation, we propose the dissemination of technical instructions on how to correctly configure and deploy municipal HTTPS websites and the creation of shared services between the smaller municipalities.

PERANCANGAN SIMPLE STATELESS AUTENTIKASI DAN OTORISASI LAYANAN REST-API BERBASIS PROTOKOL HTTP

Arsitektur Microservice merupakan arsitektur pembangunan sistem yang sering digunakan saat ini. Konsepnya adalah memisahkan komponen program / fungsionalitas ke dalam aplikasi yang berbeda. Antar komponen menggunakan protokol Hypertext Transfer Protocol (HTTP) untuk berkomunikasi karena HTTP mendukung multiplatform layaknya sebuah website ditambah lagi munculnya skema REST API. REST API memungkinkan pengguna dan layanan untuk bertukar data antar platform. Permasalahan yang muncul berasal dari semua komunikasi pada protokol HTTP bersifat stateless, yang dimana setiap permintaan yang diterima akan dijalankan secara independen. Termasuk apakah klien sebelumnya sudah diautentikasi atau belum. Hal ini akan rentan terhadap penyusup yang belum terotentikasi sehingga tidak dapat dipastikan otoritasnya dalam mengakses suatu fungsi. Berdasarkan permasalahan tersebut, diperlukan skema otentikasi dan otorisasi yang dapat mengakomodasi skema layanan mikro. Metode yang dapat digunakan adalah dengan pemanfaatan kode otorisasi yang bersifat unik yang ditempelkan pada setiap permintaan layanan yang divalidasi oleh sebuah server independent. Alur dari skemanya digambarkan menggunakan sequence diagram dan didukung dengan konseptual database. Penelitian ini menghasilkan sebuah rancangan metode autentikasi dan otorisasi sederhana yang dapat digunakan sebagai alternatif kemanan pada arsitektur microservice

The Analysis of Project Auditing System

During the current trends in IT and Software industry- DevOps, the project management system is mainly responsible to keep track of various projects that are undertaken by the organization and developed with in same premises or geographically locations. The main problem is to develop a system which can handle various task of project management by providing security to project related work while transferring and to provide a communication system for discussion of problems. So this system will run on the virtual private network of organization also secured socket layer is used instead simple hypertext transfer protocol. In project management system the client wants a system that can be used to check the progress that the projects had made which it had distributed among different organization for development. In this arena a central repository (database) should be created which will be maintained by project developing origination on day-to-day basis i.e. the organization must have to update the database on the basis of progress made by them on the given module. The files will be uploaded by assigned user on any particular project about his daily work. There will be various powers to the user which will be provided according to role of a person in particular project. In this system only the status will be changed and nothing will be deleted until any particular project will be completed. Menu of different project will be shown also according to the role. Each user will be provided unique id. for a particular project however user can perform different role simultaneously.

Buffer-based rate adaptation scheme for HTTP video streaming with consistent quality

Recently, HyperText Transfer Protocol (HTTP) based adaptive streaming (HAS) has been proposed as a solution for efficient use of network resources. HAS performs rate adaptation that adjusts the video quality according to the network conditions. The conventional approaches for rate adaptation involve accurately estimating the available bandwidth or exploiting the playback buffer in HAS clients rather than estimating the network bandwidth. In this paper, we present a playback buffer model for rate adaptation and propose a new buffer-based rate adaptation scheme. First, we model the playback buffer as a queueing system that stores video segments. The proposed scheme selects the next video bitrate that minimizes the difference between the current buffer occupancy and the expected value from the playback buffer model. The evaluation results indicated that the proposed scheme achieves higher video quality than conventional algorithms and can cope with various environments without the tuning of the configuration parameters.

DARE: A decentralized association rules extraction scheme for embedded data sets in distributed IoT devices

In the context of smart home, it is very important to identify usage patterns of Internet of things (IoT) devices. Finding these patterns and using them for decision-making can provide ease, comfort, practicality, and autonomy when executing daily activities. Performing knowledge extraction in a decentralized approach is a computational challenge considering the tight storage and processing constraints of IoT devices, unlike deep learning, which demands a massive amount of data, memory, and processing capability. This article describes a method for mining implicit correlations among the actions of IoT devices through embedded associative analysis. Based on support, confidence, and lift metrics, our proposed method identifies the most relevant correlations between a pair of actions of different IoT devices and suggests the integration between them through hypertext transfer protocol requests. We have compared our proposed method with a centralized method. Experimental results show that the most relevant rules for both methods are the same in 99.75% of cases. Moreover, our proposed method was able to identify relevant correlations that were not identified by the centralized one. Thus, we show that associative analysis of IoT device state change is efficient to provide an intelligent and highly integrated IoT platform while avoiding the single point of failure problem.