Implementasi Dan Analisa Security Auditing Menggunakan Open Source Software Dengan Framework Mitre Att&ck

Authors

  • Muhammad Athallariq Rabbani Telkom University
  • Avon Budiyono Telkom University
  • Adityas Widjajarto Telkom University

Abstract

Abstrak Security auditing merupakan proses pengumpulan dan evaluasi bukti-bukti untuk menentukan apakah sistem komputer yang digunakan telah dapat melindungi aset milik organisasi. Pada penelitian ini security auditing dilakukan berdasarkan analisa vulnerability dan threat agar dapat melihat hubungan yang terjadi antara vulnerability dan threat yang telah dilakukan pada aset IT tersebut. Pada penelitian ini objek yang digunakan yaitu vulnerable operating system (VulnOSv2) dengan tujuan untuk mengetahui vulnerability dan threat. Pada penilitian ini digunakan 10 walkthrough dengan tujuan dapat dilakukan analisis perbandingan pada masing masing walkthrough serta melihat efisiensi dari masing-masing tools yang digunakan. Eksperimen dilakukan dengan menggunakan framework MITRE ATT&CK dimana digunakan sebagai dasar untuk pengembangan model dan metodologi ancaman. Open source software OpenVAS dapat diterapkan guna melihat hasil kuantitatif yang berdasarkan scanning eskploitasi berupa vulnerability. Sedangkan secara kualitatif dengan menyusun model attack trees. Framework MITRE ATT&CK yang dibuat dapat mengakomodasi model attack trees yaitu sebesar 80%. Kata kunci : Security Auditing, Vulnerability, Threat, Risk, Framework MITRE ATT&CK Abstract Security auditing is the process of gathering and evaluating evidence to determine whether the computer system used has been able to protect the assets belonging to the organization. In this research, security auditing is conducted based on the analysis of vulnerability and threat in order to see the relationship that occurs between vulnerability and threats that have been carried out on these IT assets. In this study the object used is vulnerable operating system (VulnOSv2) with the aim to determine vulnerability and threat. In this research 10 walkthroughs are used with the aim that comparative analysis can be performed on each walkthrough and see the efficiency of each tool used. Experiments were carried out using the MITRE ATT&CK framework which is used as a basis for developing threat models and methodologies. Open source software OpenVAS can be applied to see quantitative results based on exploitation scanning in the form of vulnerability. Whereas arranging attack tree models the MITRE ATT&CK Framework created can accommodate attack tree models, which is 80%. Keywords : Security Auditing, Vulnerability, Threat, Risk, Framework MITRE ATT&CK

Downloads

Published

2020-08-01

Issue

Section

Program Studi S1 Sistem Informasi