{"title":"设计和开发易受攻击的Web应用程序作为软件安全教育媒体","authors":"Riama Kristallia, Hermawan Setiawan, Siti Manayra Sabiya","doi":"10.1109/ICIC54025.2021.9632902","DOIUrl":null,"url":null,"abstract":"Lack of developer knowledge of software security is one of the vulnerability factors in applications, especially the web, so it is necessary to have educational media that can provide an understanding of software security awareness with competencies measurement. In this study, a hands-on vulnerable web application was designed as a media for software security education. The application is developed using a design research methodology with a prototyping development method that produces two parts: the vulnerable and public applications. Both applications were tested using functional testing, security testing, and achievement measurement. Functional and security test results show that the application can run according to the designed functionality and the security case used. The measure of achievement shows that the mean value of the user’s score is 3.86 out of 20, the achievement total being 58 out of 300, with a standard deviation of 3.24. It is influenced by the diversity of basic competencies possessed by the user.","PeriodicalId":189541,"journal":{"name":"2021 Sixth International Conference on Informatics and Computing (ICIC)","volume":"100 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Design and Development Hands-On Vulnerable Web Application as a Software Security Educational Media\",\"authors\":\"Riama Kristallia, Hermawan Setiawan, Siti Manayra Sabiya\",\"doi\":\"10.1109/ICIC54025.2021.9632902\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Lack of developer knowledge of software security is one of the vulnerability factors in applications, especially the web, so it is necessary to have educational media that can provide an understanding of software security awareness with competencies measurement. In this study, a hands-on vulnerable web application was designed as a media for software security education. The application is developed using a design research methodology with a prototyping development method that produces two parts: the vulnerable and public applications. Both applications were tested using functional testing, security testing, and achievement measurement. Functional and security test results show that the application can run according to the designed functionality and the security case used. The measure of achievement shows that the mean value of the user’s score is 3.86 out of 20, the achievement total being 58 out of 300, with a standard deviation of 3.24. It is influenced by the diversity of basic competencies possessed by the user.\",\"PeriodicalId\":189541,\"journal\":{\"name\":\"2021 Sixth International Conference on Informatics and Computing (ICIC)\",\"volume\":\"100 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-11-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 Sixth International Conference on Informatics and Computing (ICIC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICIC54025.2021.9632902\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 Sixth International Conference on Informatics and Computing (ICIC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICIC54025.2021.9632902","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Design and Development Hands-On Vulnerable Web Application as a Software Security Educational Media
Lack of developer knowledge of software security is one of the vulnerability factors in applications, especially the web, so it is necessary to have educational media that can provide an understanding of software security awareness with competencies measurement. In this study, a hands-on vulnerable web application was designed as a media for software security education. The application is developed using a design research methodology with a prototyping development method that produces two parts: the vulnerable and public applications. Both applications were tested using functional testing, security testing, and achievement measurement. Functional and security test results show that the application can run according to the designed functionality and the security case used. The measure of achievement shows that the mean value of the user’s score is 3.86 out of 20, the achievement total being 58 out of 300, with a standard deviation of 3.24. It is influenced by the diversity of basic competencies possessed by the user.