Implementation of Wireshark Application in Data Security Analysis on LMS Website

Journal of Computer Networks, Architecture and High Performance Computing Volume xx, Number xx, month Year https://doi.org/10.47709/cnahpc.v4i1.1345 Submitted : Jan 20, 2022 Accepted : Jan 25, 2022 Published : Jan 25, 2022 Implementation of Wireshark Application in Data Security Analysis on LMS Website I Kadek Noppi Adi Jaya1)*, Ida Ayu Utari Dewi2), Gede Surya Mahendra3) 1)2) 1) Universitas Hindu Indonesia, Indonesia, 3)STMIK STIKOM Indonesia, Indonesia , 2), 3) ABSTRACT Data security issues are an important aspect of data and information communication over networks. In addition, it is also necessary to look at the security side of the software. In addition to software, computers have an internet protocol in the form of HTTP which is commonly used to access websites. On the LMS website, students have access to lecture materials, discussion forums with lecturers and access to assignments given by lecturers. Wireshark is used to analyze network protocols, can log all packets going through and display detailed data. The purpose of this study is to use a Wireshark application to sniff LMS and pinpoint vulnerabilities in the system. The results of the sniffing process carried out using Wireshark on an LMS that uses the HTTP protocol clearly indicate the absence of encryption and expose the risk of vulnerabilities to the system. Recommendations given to LMS are the use of HTTPS protocol, implementation of Multi Factor Authentication, website log monitoring and password management. Recommended password management are periodic password changes, standardization policies for the use of characters in passwords and password hashing. It is hoped that when the recommendations are implemented it will improve security on the LMS website and reduce risks in data communications Keywords: LMS, Security, Sniffing, Website, Wireshark 1. INTRODUCTION Data security issues are an important aspect of data and information communication over networks. Advances in the field of computer networks and the concept of open systems, making it easier for people to access the network. This can result in the process of sending data at risk of being unsafe and can be used by other people or parties who are not responsible for retrieving data or information in the middle of the road (Huzaeni, Gunawan, Purnomo, Yanti, & Krisdayanti, 2021). There is also a risk of data theft on the network or hackers shutting down network resources (Nitra & Ryansyah, 2019). In addition to the importance of security in the circulation of data and information in the network, it is also necessary to look at the security of the software. In carrying out its operation, the computer has supporting software which runs on top of the operating system and plays a very important role in performing the tasks performed by the users. With the help of software, the computer can execute commands that help the user's work. However, not all software can support and accelerate human work, and there are several types of software that can cause damage or harm other users, such as malware which is dominated by 3 categories of malware, first the malware category itself (44%) followed by Adware (38%) and the last one is Trojan (18%) (Manoppo, Lumenta, & Karouw, 2020). In addition to software that runs on a computer operating system, it also has an internet protocol in the form of HTTP which is commonly used to access websites or web-based platforms. This technology will never erode over time, because the site can be accessed quickly from almost any technology device, such as smartphones, notebooks, tablets, and others. Because of this convenience, more and more security holes appear, and it is not uncommon for internet network users to become victims due to a lack of understanding of website security protocols. The stolen data is usually the username and password of the victim's account, which is used for malicious purposes. In previous studies, several studies have been conducted regarding the use of Wireshark to determine network security (Abdillah, Yudhana, & Fadil, 2020; Luthfansa & Rosiani, 2021; Malek & Amran, 2021). Learning Management System (LMS) is an information technology system designed to manage and support the learning process, distribute lecture materials, and enable collaboration between lecturers and students (Fitriani, 2020). * Corresponding author This is an Creative Commons License This work is licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License. 79 Journal of Computer Networks, Architecture and High Performance Computing Volume xx, Number xx, month Year https://doi.org/10.47709/cnahpc.v4i1.1345 Submitted : Jan 20, 2022 Accepted : Jan 25, 2022 Published : Jan 25, 2022 At LMS, students have access to lecture materials provided, discussion forums with lecturers through forums, chats, and access to assignments given by lecturers. Instructors are also encouraged to be creative with learning materials through learning videos that can be uploaded to the LMS. LMS contributes in terms of utilization. The flexibility of the learning management system allows instructors and students to access the LMS anytime, anywhere from a variety of devices. Based on the considerations that have been described previously, the condition of data security in the LMS is a vital concern. The urgency of this research is that if it is not carried out immediately, the LMS website will expose a lot of sensitive data from its users so that it will pose a high risk to data security. There will be vulnerabilities to campus data security, making it easier for data security criminals such as hackers to steal users' personal data to damage internal systems. So that research on the implementation of the Wireshark application in data security analysis on the LMS website needs to be carried out and the recommendations given from the results of this study need to be considered. 2. LITERATURE REVIEW Learning Management System (LMS) is a technical term specifically used to manage and facilitate the entire online learning process (Rakhmawati, Mardliyah, Fitri, Darni, & Laksono, 2021). LMS, also known as Course Management System (CMS) or Virtual Learning Environment (VLE), is a software application used by educators at universities/colleges and schools as internet-based online learning media (e-learning). By using LMS, Lecturers/Teachers/Instructors can manage programs/classes and exchange information with students. In addition, access to learning materials that occur within a predetermined period of time (Putri, 2018). The functions provided by LMS to educational institutions are managing user access rights, managing courses, managing teaching materials (resources), managing activities, managing grades, displaying grades and transcripts, and managing grades. visualization of e-learning so that it can be accessed using a web browser. Examples of LMS platforms include Google Classroom, Canvas, Moodle, Edmodo, Schoology, and others (...truncated)