The Science and Information (SAI) Organization
  • Home
  • About Us
  • Journals
  • Conferences
  • Contact Us

Publication Links

  • IJACSA
  • Author Guidelines
  • Publication Policies
  • Metadata Harvesting (OAI2)
  • Digital Archiving Policy

IJACSA

  • About the Journal
  • Call for Papers
  • Author Guidelines
  • Fees/ APC
  • Submit your Paper
  • Current Issue
  • Archives
  • Indexing
  • Editors
  • Reviewers
  • Apply as a Reviewer

IJARAI

  • About the Journal
  • Archives
  • Indexing & Archiving
  • Editorial Board

Special Issues

  • Home
  • Archives
  • Proposals
  • Guest Editors

Computing Conference 2021

  • Home
  • Call for Papers
  • Submit your Paper/Poster
  • Register
  • Venue
  • Contact

Intelligent Systems Conference (IntelliSys) 2021

  • Home
  • Call for Papers
  • Submit your Paper/Poster
  • Register
  • Venue
  • Contact

Future Technologies Conference (FTC) 2021

  • Home
  • Call for Papers
  • Submit your Paper/Poster
  • Register
  • Venue
  • Contact

Future of Information and Communication Conference (FICC) 2021

  • Home
  • Call for Papers
  • Submit your Paper/Poster
  • Register
  • Venue
  • Contact
  • Home
  • Call for Papers
  • Guidelines
  • Fees
  • Submit your Paper
  • Current Issue
  • Archives
  • Indexing
  • Editors
  • Reviewers
  • Subscribe

Article Details

Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

Vulnerability Analysis of E-voting Application using Open Web Application Security Project (OWASP) Framework

Author 1: Sunardi
Author 2: Imam Riadi
Author 3: Pradana Ananda Raharja

Download PDF

Digital Object Identifier (DOI) : 10.14569/IJACSA.2019.0101118

Article Published in International Journal of Advanced Computer Science and Applications(IJACSA), Volume 10 Issue 11, 2019.

  • Abstract and Keywords
  • How to Cite this Article
  • {} BibTeX Source

Abstract: This paper reports on security concerns in the E-voting used for the election of village heads. Analysis of the system and server uses two different tools to determine the accuracy of scanning vulnerabilities based on the OWASP Framework. We reported that the results of the scanning using the ZAP tool got vulnerability information with the following risk level, one high level, three medium levels, and eleven low levels. The Arachni tool got vulnerability information with the following risk level, one high level, three medium levels, and two low levels. ZAP has a more complex vulnerability view than Arachni. Fatal findings on E-voting in this E-voting system is XSS, which impacts clients, which can be exploited by attackers to bypass security. Directory Traversal allows attackers to access directories and can execute commands outside of the web server’s base directory. Cyber Hiscox Readiness report in 2018 in several European countries such as The United States, Britain, Germany, Spain, and the Netherlands, that the Attackers target through the most vulnerable security holes such as injection, Broken Authentication, Sensitive Data Exposure, XXE, Merged, Security Misconfiguration, XSS, Insecure Deserialization, Using Components with Known Vulnerabilities, Insufficient Logging, and Monitoring. The purpose of cyberattacks alone can threaten the stability of the country and disturb other factors. E-voting, as part of an electronic government system, needs to be audited in terms of security, which can cause the system to disrupt.

Keywords: Vulnerability; e-voting; open web application security project framework; attacker

Sunardi , Imam Riadi and Pradana Ananda Raharja, “Vulnerability Analysis of E-voting Application using Open Web Application Security Project (OWASP) Framework” International Journal of Advanced Computer Science and Applications(IJACSA), 10(11), 2019. http://dx.doi.org/10.14569/IJACSA.2019.0101118

@article{2019,
title = {Vulnerability Analysis of E-voting Application using Open Web Application Security Project (OWASP) Framework},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2019.0101118},
url = {http://dx.doi.org/10.14569/IJACSA.2019.0101118},
year = {2019},
publisher = {The Science and Information Organization},
volume = {10},
number = {11},
author = {Sunardi and Imam Riadi and Pradana Ananda Raharja}
}


IJACSA

Upcoming Conferences

Future of Information and Communication Conference (FICC) 2021

29-30 April 2021

  • Virtual

Computing Conference 2021

15-16 July 2021

  • London, United Kingdom

IntelliSys 2021

2-3 September 2021

  • Amsterdam, The Netherlands

Future Technologies Conference (FTC) 2021

28-29 October 2021

  • Vancouver, Canada
The Science and Information (SAI) Organization
BACK TO TOP

Computer Science Journal

  • About the Journal
  • Call for Papers
  • Submit Paper
  • Indexing

Our Conferences

  • Computing Conference
  • Intelligent Systems Conference
  • Future Technologies Conference
  • Communication Conference

Help & Support

  • Contact Us
  • About Us
  • Terms and Conditions
  • Privacy Policy

© 2018 The Science and Information (SAI) Organization Limited. Registered in England and Wales. Company Number 8933205. All rights reserved. thesai.org