Analysis of Security Hotspots in Diploma 3 Information Technology Program's Final Project at Del Institute of Technology

Authors

  • Hernawati Susanti Samosir Information Technology, Del Institute Of Technology Sitoluama, Laguboti Author
  • Muhammad Anis Al Hilmi Politeknik Negeri Indramayu Author
  • Yulanda Pasaribu Information Technology, Del Institute Of Technology Sitoluama, Laguboti Author
  • Salomo Gemayel Josep Sinambela Information Technology, Del Institute Of Technology Sitoluama, Laguboti Author
  • Vivaldi Adventus Simangunsong Information Technology, Del Institute Of Technology Sitoluama, Laguboti Author
  • Benyamin Sibarani Information Technology, Del Institute Of Technology Sitoluama, Laguboti Author
  • Yen Rylin Hutasoit Information Technology, Del Institute Of Technology Sitoluama, Laguboti Author

Keywords:

Security Hotspots, MVC Principles, PHP Laravel, Vulnerabilities, Secure Coding Practices

Abstract

This research investigates security hotspots in Del Institute of Technology students' final project particularly regarding the implementation of the Model-View-Controller (MVC) principles using PHP Laravel. A security hotspot was proposed to find patterns in program code sections that could be hotspots or possible vulnerabilities. Some security hotspot examples are misplacement of logic in the view instead of the controller, improper handling of file uploads in the controller, and various other errors. The research generated through this methodology offers insights into commonly overlooked vulnerable points in software development practices. Additionally, the study includes an analysis of 16 students' final projects, where data is collected, and controller and blade files are separated. This plugin, a result of previous research, is useful for assisting in secure coding, detecting security indicators, and preventing vulnerabilities. Eight security hotspots are created to help detect vulnerabilities in the code. Each line of code is then examined to determine its compatibility with each previously established security hotspot. Furthermore, we used a threshold of around 80% in this research based on IBM standards. The results will be evaluated in terms of accuracy and F1 score, allowing for the identification of which security hotspots are most frequently encountered in student final projects. This research is expected to contribute to the improvement of programming standards and security practices in software engineering, providing a better understanding for educators and developers.

Downloads

Download data is not yet available.

Downloads

Published

2024-11-27

Issue

Vol. 1 No. 1 (2024): ACP-CS: 3rd International Conference on Information Science and Technology Innovation (ICoSTEC)

Section

Articles

License

Copyright (c) 2024 International Journal of Sociology of Religion

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

How to Cite

Analysis of Security Hotspots in Diploma 3 Information Technology Program’s Final Project at Del Institute of Technology. (2024). ASTEEC Conference Proceeding: Computer Science, 1(1), 111-115. https://www.proceedings.asteec.com/index.php/acp-cs/article/view/18