COMPARISON OF PORT SCANNING, VULNERABILITY SCANNING, AND PENETRATION TESTING COMBINATIONS FOR NETWORK VULNERABILITY DETECTION IN GNS3 TESTBED

RUSDIANTO, RUSDIANTO (2025) COMPARISON OF PORT SCANNING, VULNERABILITY SCANNING, AND PENETRATION TESTING COMBINATIONS FOR NETWORK VULNERABILITY DETECTION IN GNS3 TESTBED. S1 thesis, Universitas Mercu Buana Jakarta.

[img] Text (TALK 41521010167)
TALK+41521010167.pdf
Restricted to Registered users only
Download (2MB)

Abstract

Network security faces significant challenges due to the increasing number and complexity of system vulnerabilities. This study aims to develop and evaluate a full combination method (ABC) integrating port scanning (Nmap), vulnerability scanning (OpenVAS), and penetration testing (Metasploit), and compare it with partial combinations (AB, BC, AC) for more effective vulnerability detection. Using a quantitative experimental approach within a controlled GNS3 TestBed, three key indicators were analyzed: number of vulnerabilities detected, detection time, and exploit validity. Experimental results show that the ABC method detected 62 potential vulnerabilities, including 11 high and medium severity CVEs, matching the AB method but significantly outperforming AC, which detected none. In terms of detection time, the ABC method achieved a balanced performance at 91 minutes, which is 31.5% faster than AB (133 minutes), while maintaining full exploit validation. Notably, the ABC method successfully validated 100% of critical vulnerabilities using Metasploit, confirming the practical applicability and reliability of the integrated approach compared to dual combinations. Overall, the findings demonstrate that the full combination method (ABC) offers superior accuracy and comprehensiveness in detecting and validating network vulnerabilities. This research contributes to cybersecurity practices by proposing an integrated detection workflow that effectively balances speed and depth of analysis, setting a practical benchmark for vulnerability detection systems applicable to both simulated and real-world network environments. Kata kunci: Network Security, Vulnerability Detection, Penetration Testing, TestBed, Combination Methods Keamanan jaringan menghadapi tantangan signifikan akibat semakin banyaknya jumlah dan kompleksitas kerentanan sistem. Penelitian ini bertujuan untuk mengembangkan dan mengevaluasi metode kombinasi penuh (ABC) yang mengintegrasikan port scanning (Nmap), vulnerability scanning (OpenVAS), dan penetration testing (Metasploit), serta membandingkannya dengan kombinasi parsial (AB, BC, AC) untuk deteksi kerentanan yang lebih efektif. Dengan menggunakan pendekatan eksperimen kuantitatif dalam lingkungan TestBed GNS3 yang terkontrol, tiga indikator utama dianalisis: jumlah kerentanan yang terdeteksi, waktu deteksi, dan validitas eksploitasi. Hasil eksperimen menunjukkan bahwa metode ABC mendeteksi 62 potensi kerentanan, termasuk 11 CVE dengan tingkat keparahan tinggi dan sedang, setara dengan metode AB namun secara signifikan melampaui metode AC yang tidak mendeteksi sama sekali. Dari segi waktu deteksi, metode ABC mencapai kinerja yang seimbang selama 91 menit, yang 31,5% lebih cepat dibandingkan AB (133 menit), sambil tetap mempertahankan validasi eksploitasi secara penuh. Secara khusus, metode ABC berhasil memvalidasi 100% kerentanan kritis menggunakan Metasploit, yang menegaskan penerapan praktis dan keandalan pendekatan terintegrasi dibandingkan kombinasi ganda. Secara keseluruhan, temuan ini menunjukkan bahwa metode kombinasi penuh (ABC) menawarkan akurasi dan cakupan yang lebih unggul dalam mendeteksi dan memvalidasi kerentanan jaringan. Penelitian ini memberikan kontribusi terhadap praktik keamanan siber dengan mengusulkan alur deteksi terintegrasi yang secara efektif menyeimbangkan kecepatan dan kedalaman analisis, serta menetapkan tolak ukur praktis bagi sistem deteksi kerentanan yang dapat diterapkan baik di lingkungan simulasi maupun jaringan nyata. Kata kunci: Keamanan Jaringan, Deteksi Kerentanan, Pengujian Penetrasi, Lingkungan Uji, Metode Kombinasi

Item Type: Thesis (S1)
Call Number CD: FIK/INFO. 25 143
NIM/NIDN Creators: 41521010167
Uncontrolled Keywords: Keamanan Jaringan, Deteksi Kerentanan, Pengujian Penetrasi, Lingkungan Uji, Metode Kombinasi
Subjects: 000 Computer Science, Information and General Works/Ilmu Komputer, Informasi, dan Karya Umum > 000. Computer Science, Information and General Works/Ilmu Komputer, Informasi, dan Karya Umum > 004 Data Processing, Computer Science/Pemrosesan Data, Ilmu Komputer, Teknik Informatika
000 Computer Science, Information and General Works/Ilmu Komputer, Informasi, dan Karya Umum > 020 Library and Information Sciences/Perpustakaan dan Ilmu Informasi > 021 Relationship of Libraries/Hubungan-hubungan Perpustakaan, Arsip dan Kearsipan, Pusat Informasi > 021.6 Cooperation and Networks/Kerja Sama dan Jaringan Antar Perpustakaan > 021.65 Network, Systems, Consortia/Jaringan, Sistem, Konsorsium Antar Perpustakaan
700 Arts/Seni, Seni Rupa, Kesenian > 700. Arts/Seni, Seni Rupa, Kesenian > 702 Miscellany of Fine and Decorative Art/Aneka Ragam tentang Kesenian, Aneka Ragam tentang Karya Seni > 702.8 Techniques, Precedures, Apparatus, Equipment, Materials/Teknik, Prosedur, Perlengkapan, Peralatan, Bahan > 702.89 Safety Measures/Keamanan
Divisions: Fakultas Ilmu Komputer > Informatika
Depositing User: khalimah
Date Deposited: 11 Aug 2025 04:26
Last Modified: 11 Aug 2025 04:26
URI: http://repository.mercubuana.ac.id/id/eprint/96753

Actions (login required)

View Item View Item
UMB Repository is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.