PENGUJIAN KEAMANAN APLIKASI BERBASIS WEB TERHADAP SERANGAN PARAMETER TAMPERING
DOI:
https://doi.org/10.69714/7eb4g917Keywords:
web application security, parameter tampering, security testing, OWASPAbstract
The abstract contains a = Web application security is a critical aspect in ensuring the confidentiality and integrity of user data. One of the most common attack vectors is parameter tampering, which involves manipulating parameter values transmitted between the client and the server to alter application logic. This study aims to analyze the level of vulnerability of web applications to parameter tampering attacks and to identify the resulting security impacts. The research adopts a qualitative approach using a case study method through web application security testing based on black-box testing techniques. The testing process is conducted using tools such as Burp Suite and OWASP ZAP to observe application responses to parameter modifications. The results indicate that weaknesses in server-side parameter validation mechanisms still exist and may be exploited by attackers. Therefore, the implementation of strict server-side parameter validation and regular security testing is essential to enhance the overall security of web applications.
References
Albestty I. Rafeli, Seta, H. B., & Widi, I. W. (2022). Pengujian celah keamanan menggunakan metode OWASP Web Security Testing Guide (WSTG) pada website XYZ. Jurnal Informatik.
https://ejournal.upnvj.ac.id/informatik/article/view/4632
Anugrah, R. D., & Alwi, E. I. (2025). Vulnerability assessment method for website security. International Journal of Open Information Technologies.
https://jurnal.yoctobrain.org/index.php/ijonit/article/view/169
Anonymous. (2024). Automated web security testing guide mapping to accelerate process on penetration testing. Procedia Computer Science, 235, 103–110.
https://www.sciencedirect.com/science/article/pii/S1877050924004988
Bisht, P., Hinrichs, T., Skrupsky, N., & Venkatakrishnan, V. N. (2010). NoTamper: Automatic black-box detection of parameter tampering vulnerabilities. In Proceedings of the ACM Conference on Computer and Communications Security (CCS) (pp. 607–618).
Jose, L., Khanna, M. R., Meganathan, D., & B. T., P. (2022). Web-based parameter tampering on shopping site using Burp Suite testing. In Proceedings of the National Conference on Cyber Security.
https://doi.org/10.52458/978-81-955020-5-9-51
OWASP Foundation. (2014). OWASP testing guide v2.0 (Archived).
https://owasp.org/www-project-web-security-testing- guide/assets/archive/OWASP_Testing_Guide_v2.pdf
OWASP Foundation. (2025). OWASP web security testing guide (WSTG).
https://owasp.org/www-project-web-security-testing-guide/
OWASP Foundation. (2025). Web parameter tampering.
https://owasp.org/www-community/attacks/Web_Parameter_Tampering
Yun, S. Y., & Cho, N.-W. (2025). A machine learning-based detection for parameter tampering vulnerabilities in web applications using BERT embeddings. Symmetry, 17(7), Article 985.
Downloads
Published
Issue
Section
License
Copyright (c) 2026 Jurnal Riset Sistem Informasi
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
