Implementation of Penetration Testing Tools to Test Wi-Fi Security Levels at the Directorate of Innovation and Business Incubators
DOI:
10.29303/jppipa.v9i12.5551Published:
2023-12-20Issue:
Vol. 9 No. 12 (2023): DecemberKeywords:
Kali linux, Penetration testing, Security, Tool, Wi-FiResearch Articles
Downloads
How to Cite
Downloads
Metrics
Abstract
Wi-Fi networks have become a critical infrastructure in many organisations, including the Directorate of Innovation and Business Incubator. However, potential vulnerabilities in Wi-Fi networks also increase as technology advances. Therefore, testing is needed to identify and address security that can harm network users. This research aims to implement penetration testing tools in testing the security level of Wi-Fi networks at the Directorate of Innovation and Business Incubator. The penetration testing method is used to test security and assess the level of resistance to attacks on Wi-Fi in the form of simulated attacks. One of the operating systems that provides penetration testing tools that meet the needs of testing is linux times. The tools used in the penetration testing process are airmon-ng, airodump-ng, aireplay-ng, aircrack-ng, macchanger, ettercap and wireshark. The results showed that the Wi-Fi security of the Directorate of Innovation and Business Incubator still needs to be improved where the results of the four types of attacks only one failed, namely MAC Spoofing. In addition, the tests on Denial of Service, Cracking the Encryption, and Man-in-the-Middle attacks were successful. The application of anticipation by increasing Wi-Fi security based on the attacks that have been carried out can prevent these attacks.
References
Abdulqader, M. F., & Y. Dawod, A. (2016). Penetration Testing of Wireless Networks. Kirkuk University Journal-Scientific Studies, 11(3), 136–151. https://doi.org/10.32894/kujss.2016.124737
Adiguna, M. A., & Widagdo, B. W. (2022). Analisis Keamanan Jaringan WPA2-PSK Menggunakan Metode Penetration Testing (Studi Kasus : Router Tp-Link Mercusys Mw302r). Jurnal SISKOM-KB (Sistem Komputer Dan Kecerdasan Buatan), 5(2), 1–8. https://doi.org/10.47970/siskom-kb.v5i2.268
Alamanni, M. (2015). Kali Linux Wireless Penetration Testing Essentials. In Community experience distilled.
Alsahlany, A. M., Alfatlawy, Z. H., & Almusawy, A. R. (2018). Experimental evaluation of different penetration security levels in wireless local area network. Journal of Communications, 13(12), 723–729. https://doi.org/10.12720/jcm.13.12.723-729
Ariyadi, T., Widodo, T. L., Apriyanti, N., & Kirana, F. S. (2023). Analisis Kerentanan Keamanan Sistem Informasi Akademik Universitas Bina Darma Menggunakan OWASP. Techno.Com, 22(2), 418–429. https://doi.org/10.33633/tc.v22i2.7562
Astriani, T. (2021). Analisa Kerentanan Pada Vulnerable Docker Menggunakan Scanner Openvas Dan Docker Scan Dengan Acuan Standar Nist 800-115. JATISI (Jurnal Teknik Informatika Dan Sistem Informasi), 8(4), 2041–2050. https://doi.org/10.35957/jatisi.v8i4.1232
Bertoglio, D. D., & Zorzo, A. F. (2017). Overview and open issues on penetration test. Journal of the Brazilian Computer Society, 23(1), 1–16. https://doi.org/10.1186/s13173-017-0051-1
Bosnjak, L., Sres, J., & Brumen, B. (2018). Brute-force and dictionary attack on hashed real-world passwords. 2018 41st International Convention on Information and Communication Technology, Electronics and Microelectronics, MIPRO 2018 - Proceedings, February, 1161–1166. https://doi.org/10.23919/MIPRO.2018.8400211
Cetinkaya, A., Ishii, H., & Hayakawa, T. (2019). An overview on denial-of-service attacks in control systems: Attack models and security analyses. Entropy, 21(2), 1–29. https://doi.org/10.3390/e21020210
Chang, T. H., Chen, C. M., Hsiao, H. W., & Lai, G. H. (2019). Cracking of wpa & wpa2 using gpus and rule-based method. Intelligent Automation and Soft Computing, 25(1), 183–192. https://doi.org/10.31209/2018.100000054
Efe, A., & Kaplan, M. B. (2019). Multidisciplinary Studies and Innovative Technologies Wi-Fi Security Analysis For E & M-Government Applications. Nternational Journal of Multidisciplinary Studies and Innovative Technologies, 3(2), 86–98. Retrieved from https://dergipark.org.tr/en/pub/ijmsit/issue/50263/617035
Etta, V. O., Sari, A., Imoize, A. L., Shukla, P. K., & Alhassan, M. (2022). Assessment and Test-case Study of Wi-Fi Security through the Wardriving Technique. Mobile Information Systems, 2022. https://doi.org/10.1155/2022/7936236
Goel, J. N., & Mehtre, B. M. (2015). Vulnerability Assessment & Penetration Testing as a Cyber Defence Technology. Procedia Computer Science, 57, 710–715. https://doi.org/10.1016/j.procs.2015.07.458
Gunawan, T. S., Lim, M. K., Kartiwi, M., Malik, N. A., & Ismail, N. (2018). Penetration testing using Kali linux: SQL injection, XSS, wordpres, and WPA2 attacks. Indonesian Journal of Electrical Engineering and Computer Science, 12(2), 729–737. https://doi.org/10.11591/ijeecs.v12.i2.pp729-737
Haque, A., Raj, N., Sinha, A. K., & Singh, N. K. (2020). Wi-Fi Ado ption And Security Surv ey. July 2017. https://doi.org/10.9790/1676-1204016774
Indira Reddy, B., & Srikanth, V. (2019). Review on Wireless Security Protocols (WEP, WPA, WPA2 & WPA3). International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 5(4), 28–35. https://doi.org/10.32628/cseit1953127
Kongara, D. (2023). A Process of Penetration Testing Using Various Tools. Mesopotamian Journal of Cyber Security, August, 94–104. https://doi.org/10.58496/mjcs/2023/014
Kyei, M., & Asante, M. (2020). Penetration Testing of IEEE 802.11 Encryption Protocols using Kali Linux Hacking Tools. International Journal of Computer Applications, 176(32), 26–33. https://doi.org/10.5120/ijca2020920365
Lu, H. J., & Yu, Y. (2021). Research on WiFi Penetration Testing with Kali Linux. Complexity, 2021. https://doi.org/10.1155/2021/5570001
Malgaonkar, S., Patil, R., Rai, A., & Singh, A. (2017). Research on Wi-Fi Security Protocols. International Journal of Computer Applications, 164(3), 30–36. https://doi.org/10.5120/ijca2017913601
Mekhaznia, T., & Zidani, A. (2015). Wi-Fi Security Analysis. Procedia Computer Science, 73(Awict), 172–178. https://doi.org/10.1016/j.procs.2015.12.009
Prabadevi, B., & Jeyanthi, N. (2018). A review on various sniffing attacks and its mitigation techniques. Indonesian Journal of Electrical Engineering and Computer Science, 12(3), 1117–1125. https://doi.org/10.11591/ijeecs.v12.i3.pp1117-1125
Prakosa, B. A. (2020). Security Analysis of Wireless Local Area Network (WLAN) Network with the Penetration Testing Method. Jurnal Mantik, 4(3), 1658–1662. https://doi.org/10.35335/mantik.Vol4.2020.974.pp1658-1662
Pratiwi, F. S. (2022). BSSN Catat 370,02 Juta Serangan Siber ke Indonesia pada 2022. Dataindonesia.Id. Retrieved from https://dataindonesia.id/internet/detail/bssn-cata
Rusdi, M. I., & Prasti, D. (2019). Penetration Testing Pada Jaringan Wifi Menggunakan Kali Linux. Seminar Nasional Teknologi Informasi Dan Komputer 2019, 260–269. Retrieved from https://journal.uncp.ac.id/index.php/semantik/article/view/1524
Santoso, N. A., Ainurohman, M., & Kurniawan, R. D. (2022). Penerapan Metode Penetrasion Testing Pada Keamanan Jaringan Nirkabel. Jurnal Responsif: Riset Sains Dan Informatika, 4(2), 162–167. https://doi.org/10.51977/jti.v4i2.831
Saraun, A., Lumenta, A. S. M., & Sengkey, D. F. (2022). Analisa Keamanan Jaringan Nirkabel IEEE 802.11 pada Kantor Dinas Pendidikan Kabupaten Minahasa. Jurnal Teknik Informatika, 17(1), 565–572. https://doi.org/10.35793/JTI.17.1.2022.35321
Singh, H., & Singh, J. (2017). Penetration Testing In Wireless. International Journal of Advanced Research in Computer Science, 8(5), 2213–2216. https://doi.org/10.26483/ijarcs.v8i5.4012
Sitompul, A. T., Chahyadi, F., Informatika, J. T., Teknik, F., Maritim, U., & Ali, R. (2023). Analisis Penerapan Metode Penetration Testing pada Keamanan Jaringan Wlan (Studi Kasus: Universitas Maritim Raja Ali Haji). Jurnal Hasil Penelitian Dan Industrii Terapan, 12(01), 23–29. Retrieved from http://repositori.umrah.ac.id/3842/
Suroto. (2018). Wlan security: Threats and countermeasures. International Journal on Informatics Visualization, 2(4), 232–238. https://doi.org/10.30630/joiv.2.4.133
Vaidya, A., Jaiswal, S., & Motghare, M. (2016). A review paper on spoofing detection methods in wireless LAN. Proceedings of the 10th International Conference on Intelligent Systems and Control, ISCO 2016, January 2016. https://doi.org/10.1109/ISCO.2016.7727054
Wahyudi, E., & Efendi, M. M. (2019). Wireless Penetration Testing Method To Analyze WPA2-PSK System Security And Captive Portal. Explore, 9(1), 1. https://doi.org/10.35200/explore.v9i1.32
Waliullah, M., & Gan, D. (2014). Wireless LAN Security Threats & Vulnerabilitiess: A Literature Review. (IJACSA) International Journal of Advanced Computer Science and Applications, 5(1), 176–183. Retrieved from https://rb.gy/1hv38i
Wang, S.-L., Wang, J., Feng, C., & Pan, Z.-P. (2016). Wireless Network Penetration Testing and Security Auditing. ITM Web of Conferences, 7, 03001. https://doi.org/10.1051/itmconf/20160703001
Author Biographies
Tamsir Ariyadi, Universitas Bina Darma, Palembang
M. Rizky Pohan, Universitas Bina Darma, Palembang
License
Copyright (c) 2023 Tamsir Ariyadi, M. Rizky Pohan
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with Jurnal Penelitian Pendidikan IPA, agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution 4.0 International License (CC-BY License). This license allows authors to use all articles, data sets, graphics, and appendices in data mining applications, search engines, web sites, blogs, and other platforms by providing an appropriate reference. The journal allows the author(s) to hold the copyright without restrictions and will retain publishing rights without restrictions.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in Jurnal Penelitian Pendidikan IPA.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
