Design and Development Hands-On Vulnerable Web Application as a Software Security Educational Media

2021 Sixth International Conference on Informatics and Computing (ICIC) Pub Date : 2021-11-03 DOI:10.1109/ICIC54025.2021.9632902

Riama Kristallia, Hermawan Setiawan, Siti Manayra Sabiya

{"title":"Design and Development Hands-On Vulnerable Web Application as a Software Security Educational Media","authors":"Riama Kristallia, Hermawan Setiawan, Siti Manayra Sabiya","doi":"10.1109/ICIC54025.2021.9632902","DOIUrl":null,"url":null,"abstract":"Lack of developer knowledge of software security is one of the vulnerability factors in applications, especially the web, so it is necessary to have educational media that can provide an understanding of software security awareness with competencies measurement. In this study, a hands-on vulnerable web application was designed as a media for software security education. The application is developed using a design research methodology with a prototyping development method that produces two parts: the vulnerable and public applications. Both applications were tested using functional testing, security testing, and achievement measurement. Functional and security test results show that the application can run according to the designed functionality and the security case used. The measure of achievement shows that the mean value of the user’s score is 3.86 out of 20, the achievement total being 58 out of 300, with a standard deviation of 3.24. It is influenced by the diversity of basic competencies possessed by the user.","PeriodicalId":189541,"journal":{"name":"2021 Sixth International Conference on Informatics and Computing (ICIC)","volume":"100 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 Sixth International Conference on Informatics and Computing (ICIC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICIC54025.2021.9632902","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

Lack of developer knowledge of software security is one of the vulnerability factors in applications, especially the web, so it is necessary to have educational media that can provide an understanding of software security awareness with competencies measurement. In this study, a hands-on vulnerable web application was designed as a media for software security education. The application is developed using a design research methodology with a prototyping development method that produces two parts: the vulnerable and public applications. Both applications were tested using functional testing, security testing, and achievement measurement. Functional and security test results show that the application can run according to the designed functionality and the security case used. The measure of achievement shows that the mean value of the user’s score is 3.86 out of 20, the achievement total being 58 out of 300, with a standard deviation of 3.24. It is influenced by the diversity of basic competencies possessed by the user.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

设计和开发易受攻击的Web应用程序作为软件安全教育媒体

开发人员缺乏软件安全知识是应用程序，特别是web的脆弱性因素之一，因此有必要有教育媒体，可以提供对软件安全意识的理解和能力测量。本研究设计了一个易受攻击的web应用程序，作为软件安全教育的媒介。应用程序的开发采用设计研究方法和原型开发方法，产生两部分:易受攻击的应用程序和公共应用程序。这两个应用程序都使用功能测试、安全性测试和成就度量进行了测试。功能和安全测试结果表明，该应用程序可以按照设计的功能和使用的安全案例运行。成就度量显示，用户得分的平均值为3.86分(满分20分)，成就总数为58分(满分300分)，标准差为3.24。它受用户所拥有的基本能力的多样性的影响。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2021 Sixth International Conference on Informatics and Computing (ICIC)

自引率

0.00%

发文量