Droidglance: Network Topology Generator and Device ... - SERSC

International Journal of Software Engineering and Its Applications Vol.8, No.5 (2014), pp.189-204 http://dx.doi.org/10.14257/ijseia.2014.8.5.15

Droidglance: Network Topology Generator and Device Security Assessment Application on Android Mobile Device Aditya Kurniawan, Doni Nathaniel Pranama, Junius, and Martina Megasari Bina Nusantara University [email protected], [email protected], [email protected], [email protected] Abstract Nowadays, the number of mobile device and Internet users is increasing significantly. The growing of sophisticated technology has eased people’s productivity. However, in the other hand, security risks have also grown without an equal degree of awareness of the society. The objective of this research is to design and develop an Android application that is able to draw a topology of a network and do a simple security assessment towards a host in order to detect host's vulnerability. The information gathered will be presented in a PDF report and can be used for maintenance purposes. The application will have wizard feature, where the user can analyze network and discover an underlying vulnerability with guided steps. The methodology is interview, literature study, observation and system design using object oriented approach. DroidGlance, an Android application that can draw a wireless network topology generator and help security tester analyze a host's vulnerability. The application main feature are Topology generator, Ping, Traceroute, Port Scanner, Vulnerability Checker, and Listen. These features are tested. These features are able to run well. However, they need several improvements for future development. Keywords: Network, Topology, Security, Android

1. Introduction Internet usage has been increasing from time to time. It is now considered as one of the most useful technology of the modern times, which gives us so much help in our daily lives. Internet makes the world interconnected. Communication with people around the world can be easily done with a computer and Internet connection. Internet is also a large encyclopedia for everyone. People use Internet to gain many kinds of information and do researches. That’s why the number of Internet user keeps increasing. Internet is now used in many aspects of daily lives. People rely more and more on the Internet. People with high mobility in this era want to have Internet connection anytime and anywhere; they want to improve their work efficiency. Along with the improvement in mobile broadband services, this tendency stimulates the increasing demand in the mobile device market. Sales of mobile devices, such as smartphones and tablets exceed PCs. And now, mobile devices are transforming our lives in almost every way; connecting our physical and digital worlds. However, increasing number of Internet users and mobile devices users can also bring harm, such as cybercrime. According to Symmantec Internet Security Threat Report 2013, as expected, the amount of mobile malware in 2012 has been rising [11]. There was 58% increase in mobile malware families compared to 2011. The total number of 2012 accounted for 59 percent of all malware to-date. These malwares also accounted to data breaches. The

ISSN: 1738-9984 IJSEIA Copyright ⓒ 2014 SERSC

International Journal of Software Engineering and Its Applications Vol.8, No.5 (2014)

report stated that the top cause of data breaches in 2012 are hackers. 40% of the data breaches case is caused by hackers. An action should be taken to handle this situation. A network should be made as secure as possible. Network security professionals need some tools to notify them about the vulnerability of the system. Some of the tools are networking tools and security assessment, to detect vulnerability and cover them. 1.1. Penetration Testing There are several steps how hackers work: Reconnaissance >> Scanning >> Gaining Access >> Maintaining Access >> Clearing Track [12]. Reconnaissance is the phase of preparation where the hackers gather information about the target. The information gathered may include the employees, operations, network, and systems. There are two types of reconnaissance: passive (without direct interaction with the target) and active (with direct interaction with the target). Scanning is the pre-attack phase when the hackers scan the network for more specific information as an extension to those in the previous step (reconnaissance). It includes port scan, network mapping, and vulnerability scanner. As a final step in this phase, the information is extracted. Gaining Access is the phase when the hackers have obtained access to the computer or network. The testers can also escalate the privilege to obtain total control. Maintaining Access is the phase when the tester maintain a shortcut to regain the access next time. The testers have to set up exclusive access, for example, backdoors. Clearing trakc is the phase when the testers attempt to cover malicious acts. The testers overwrite server, log, and the system. The purpose of this phase is to gain continuous access stealthily Unlike hackers, ethical hackers do the steps above not to destroy, but to protect instead, by finding out what intruders can obtain from the network (Reconnaissance and Scanning phases), what intruders can exploit using the acquired information (Gaining Access and Maintaining Access phases), whether the victims notice any malicious attempt. (Reconnaissance and Covering Tracks phases). Penetration Testing use several tools such as ping, port scanning tools, vulnerability assessment tools an many more. 1.2. State of the Art State of the art of this research is to design an Android application for drawing network topology and for analyzing the vulnerability of a host through port scanning. It also provides reporting feature for network or security maintenance purposes. These features will be arranged in a wizard so that user can use it in several clicks. Hopefully, this application can help security experts to detect security holes and make a network as secure as possible.

2. Related Research 2.1. Design and Implementation of Common Network Security Scanning System Network security scanning can be used for protecting a system and for destroying a system by intruders [14]. To protect a system, an administrator can use the system to detect backdoors or any malicious software before the system is damaged. There are some methods for scanning:

190

Copyright ⓒ 2014 SERSC

International Journal of Software Engineering and Its Applications Vol.8, No.5 (2014)

1. Port Scanning The aim of port scanning is to find some open ports on the remote host. Port scanning can find out which ports are open, which are closed, and which are filtered. A common way of port scanning is to send protocol packet to the remote port and get the result packet from the remote machine. The result can identify the status of the remote machine port. For example, if SYN packet is sent to a remote open port, the remote host will respond back with a SYN+ACK packet. If the port is closed, the remote host will respond back with a RST packet. There are three ways of port scanning [3] : •

Open Scanning. It uses the three-way TCP/IP handshake mechanism and it needs a whole network connection. It produces more log information and can be detected easily. However, it is fast and can get the correct result.

•

Half-Open Scanning. It doesn't finish the whole connection progress and it can avoid the IDS (Intrusion Detection System). The example of half-open scanning is SYN scanning.

•

Stealth Scanning. It can avoid the IDS and firewall, but may get the error result because of the network configuration.

2. Remote Operating System Detection. Different OS has its security character, especially in a network environment. The remote operating system detection is the first step of network security scanning. It is very useful for the OS vulnerability detection. Because different OS has different kernel or implement style, the remote operating system detection became very essential to get the correct method to find the vulnerability of the system. There are some tools that can be used to detect remote operating system [15]: •

Nmap (Network Mapper). It provides a comprehensive method of scanning and detects the remote operating system using protocol fingerprint [3]. It supports the wide range of protocols such as UDP, TCP, connect(), TCP SYN, ftp proxy, ICMP, FIN, ACK sweep and Null scan [3]. Nmap also has its GUI version, called Zenmap. Compared to the classic Nmap, Zenmap arranges the scanning result in a convenient way. Additionally, it can generate a topology. Zenmap also provide a comparison between two scans. It can also keeps track of the scan results. The scanning configuration can also be saved.

•

RING (Remote Identification Next Generation). It is designed to identify the OS running on the remote machine with minimal target disturbance.

•

Xprobe. It's a remote active OS fingerprinting tool. It detects the remote OS through a matrix based fingerprinting approach.

3. Vulnerability Scanning Vulnerability detection is done to identify and fix system weaknesses before some people use them against the system. It is often deployed with the penetration testing which simulate network attack behavior and the process of intrusion.

Copyright ⓒ 2014 SERSC

191

International Journal of Software Engineering and Its Applications Vol.8, No.5 (2014)

Vulnerability scanner scans a specified set of ports on a remote host and tries to detect the service offered at each port for its known vulnerabilities, which can lead some threats to the system. There are two types of vulnerability scanning: host scanning and network scanning. The former needs agent software to be installed on each host. Instead of having each host be installed with an agent, the latter needs dedicated computer to run scanning solution. Nessus is a famous remote security scanner. It runs on one host to scan all the services offered by a remote host in order to detect whether the remote host is safeguarded against the known security vulnerabilities. 2.2. Development of Security Scanner with High Usability A security scanner detects vulnerabilities in routine operation, and informs the user about its findings [13]. Many security scanners were not easy to use nor understandable. Usability is useful, convenience, ease of use/operation, and ease of understanding. Many products are built with very high functionality but lack of usability. A security scanner with high usability should have the following characteristics: 1. Easy Installation 2. Easy Operation 3. Intelligible scanned result 2.3. Session Hijacking with Mobile Device Single authentication is popular technique today for login for many system. This technique begin popular implement on web service for make user comfort to login to related system without re-enter username and password. Username and password are store in session identifier on web service server. Regarding to Koch (2011) who make a session hijacking tool for android called Droidsheep, session identifier id can steal from any broadcast wireless network. Session identifier are stateless and not reliable [16]. Many website do not offer encrypted communication using TLS like HTTPS on web service that used for session store mechanism Session cookies information placed on packet data that broadcast on wireless network. On wireless network public, a user can read any packet that spread out over the network and read packet data content and generate

Figure 1. Capturing Session Cookies in Wireless Network [16]

192

Copyright ⓒ 2014 SERSC

International Journal of Software Engineering and Its Applications Vol.8, No.5 (2014)

Session cookies are generated from packet data then we could use this session cookie for own request. The attacker will be send request with same cookies until user logout and the session will be invalidate on the server [16]. Example session cookie data on Figure 2.

GET /securesite HTTP/1.1\r\n Host: www.example.com\r\n Accept: text/html,application/xhtml+xml, application/xml;q=0.9,∗/∗;q=0.8\r\n Cookie : SESSION_ID=1234567890;\ r \n

Figure 2. Example of Generated HTTP Request Containing Stolen Session ID [16] We could simply capture all cookies and reuse this session cookie for own request [16]. But Droidsheep has filter session cookie that can be hijack. The way capturing cookie-names is with read from browser with plugin that use to read cookie like Mozilla Firefox. The following is example of cookie-names that exists on DroidSheep on Table 1. Table 1. Example Cookie-Names on Droidsheep [16] amazon.de

1

facebook.com 4

x-abcde c_user,datr, lu, xs

flickr.com

1

cookie_session

twitter.com

2

auth_token, _twitter_sess

3. Material and Method The main title (on the first page) should begin 1 3/16 inches (7 picas) from the top edge of the page, centered, and in Times New Roman 14-point, boldface type. Capitalize the first letter of nouns, pronouns, verbs, adjectives, and adverbs; do not capitalize articles, coordinate conjunctions, or prepositions (unless the title begins with such a word). Please initially capitalize only the first word in other titles, including section titles and first, second, and third-order headings (for example, “Titles and headings” — as in these guidelines). Leave two blank lines after the title. 3.1. Software Requirement The software requirement for DroidGlance are: •

Android Operating System v. 4.0 (Ice Cream Sandwich) or above

•

Super user privillege on the Android (rooted)

•

Optional e-mail address and PDF reader appication for to send and read PDF reports

Copyright ⓒ 2014 SERSC

193

International Journal of Software Engineering and Its Applications Vol.8, No.5 (2014)

•

Busybox v.1.21.1 or above.

BusyBox is a collection of many common UNIX utilities. It also acts as an alternative to most utilities found in GNU fileutils, shellutils, etc., in a simpler version, which can also be set up to have similar functionality like GNU counterparts. BusyBox provides inequitably complete environment for any small or embedded system on UNIX operating system. 3.2. DroidGlance Use Case

Figure 3. DroidGlance Use Case Diagram Figure 3 describes the use case diagram of DroidGlance. DroidGlance provides user with several feature which are Ping, Traceroute, Topology Generator, Port Scanning, Vulnerability Checking, Report Saving, Open Report, Listen and References. Listen is an additional feature to spoof a network. With Listen feature, a user can capture cookies from insecure connected host. Therefore, further actionscan be taken to prevent those insecure connection. It can be beneficial to guard devices in the network from accessing any critical or restricted area. Some of these features are arranged in a Wizard so that user can use data from an operation to perform the next operation.

194

Copyright ⓒ 2014 SERSC

International Journal of Software Engineering and Its Applications Vol.8, No.5 (2014)

3.3. Algorithm Flowchart Features The Topology feature is described in Figure 5. DroidGlance will get the data about traceroute that has been done before and captured cookies if the user has ever started Listen feature. The data will be used to draw the topology. The topology resembles star topology. •

Connected host will be drawn into circular shape. The angular distance between two hosts will equal to 360° divided with the number of hosts connected to the network.

•

If the number of hosts is more than 36, the topology will be drawn in 3 circular layers

•

For every three hosts from the first to the last host, the first host in a group will be drawn in the first (inner) layer, the second one will be drawn in the second (middle) layer 1.2 times farther than the first layer, and the last one will be drawn in third (outer) layer 1.5 times farther than the first layer.

Figure 4. Flowchart of Wizard Features Traceroute nodes will be drawn connected to the Access Point. Cookies will have lines connected to the host from which it is grabbed. If the user clicks a traceroute node, DroidGlance will show the detailed data about the traceroute node. If the user clicks a Cookie node, he/she can open the website using the cookie. If the user clicks a connected host node, the detailed data will be shown and he/she can choose to perform Port Scanner feature. Port Scanner is described in Figure 6. DroidGlance will scan the host using Nmap command from Nmap v6.51. Open port number then will be passed to be queried in National Institute of Standards and Technology's National Vulnerability Database (NVD) [] to obtain the vulnerabilities data related to the port. However, the data passed to the website hasn’t included the service version running on the port. The web page result will be parsed and saved so if next scanning results in same port number, the querying process can be skipped and vulnerability data can be directly shown to the user. Scanning result can be generated into a PDF report. This is described in Figure 7. If a user chooses to save the report, DroidGlance will generate a PDF report and an object report. DroidGlance uses iTextG v5.4.4 as an additional library to generate the report. The object

Copyright ⓒ 2014 SERSC

195

International Journal of Software Engineering and Its Applications Vol.8, No.5 (2014)

report saves the data about current network state such as connected devices IP addresses, MAC addresses, etc. Figure 8 is describe algorithm of listening cookies from access point. Listening cookies algorithm using spoofing mechanism from Nmap that DroidGlance will spoof any cookies that exists in access point and parse the cookie into list view on DroidGlance. The cookie that captured can use on browser. For example login username cookie value that can be use to login as that username. It is show that any website which use cookie browser technique. Nmap spoofing have limitation [9]. It feature can’t listen cookie any website who enforce SSL encryption or https and it will detect from any spoofing detection tools PDF File report that generated can send via email. Report history is saved on memory phone via SQLite and can be reopen again if DroidGlance scan same access point and added new device to report history.

Figure 5. Flowchart of Topology Generator

196

Figure 6. Topology of Scanner

Copyright ⓒ 2014 SERSC

International Journal of Software Engineering and Its Applications Vol.8, No.5 (2014)

Figure 7. Flowchart of Saving Features

Figure 8. Flowchart of Listen Cookies

4. Result 4.1. Apps Wizard Flow Process Before entering main menu in DroidGlance, the use is expected to connected to neighbour access point. Otherwise, the user will be prompted to connect one.

Copyright ⓒ 2014 SERSC

197

International Journal of Software Engineering and Its Applications Vol.8, No.5 (2014)

To simplify, there are basically two menus: The first one is Wizard menu, which is the usage of main features of DroidGlance in guide steps. The second one is Custom menu, where users can access seperated features and some aditional features of DroidGlance. Main menu describe on Figure 9. Figure 10 explain how apps flow run on Wizard menu. On wizard step 1, the user is confirmed whether user is going to analyze the network at the connected access point. If the user has been connected to desired access point, user can proceed to the next step [2]. Otherwise, the user can re-select the access point by pressing Choose button. If the user press the Choose button, this menu will be called, in order to select an access point.

Figure 9. Main Menu On wizard step 2, the application loads what have been acquired from the mapping activity. On the top of screen, there are 2 tabs: List and Topology. List shows the list of connected device while topology draws the simple topology of the network. In this list, user is asked to choose one of the device that user wants to analyze. The provided information about the device about the device is IP Address, Mac Address, and remark wether it is the default gateway of the network. The topology draws the network within /24 subnet mask. Topology on Figure 7 step 2, the user can click the icon of the host to be analyzed. The important note here is that the straight

198

Copyright ⓒ 2014 SERSC

International Journal of Software Engineering and Its Applications Vol.8, No.5 (2014)

red line does not depict wether the host is connected through wire or wireless. Additionally, the canvas of the topology is zoom-able (through pinch) Wizard step 1

Wizard step 4

Wizard step 2

Wizard step 3.2

Wizard step 2

Wizard step 3.1

Figure 10. Apps Flow Wizard Menu

Copyright ⓒ 2014 SERSC

199

International Journal of Software Engineering and Its Applications Vol.8, No.5 (2014)

After the user has selected one of the devices on wizard step 3.1, more detailed information is provided about selected device: IP Address; Default Gateway, Mac Address, Mac Vendor, and Operating System. On wizard step 3.2 show what type of scan the user wants. The user can give check mark to type of scan user wants to conduct. The user can check the port scan option dependently. However, if the user wants to have vulnerability check, port scan is obligatory. After the user has selected desired assessment, the user is prompted to press “Scan” button to start the assessment. The vulnerability scan feature used the information about open ports and pass it to NASA (NVD) website check the vulnerability of the open ports. On wizard step 4, a quick glimpse the result show that contain expendable list, giving information about the open ports and possible vulnerabilities from NASA database. If the list is expanded, user is able to see list of the ID vulnerability, followed with the severity of the flaw. If listen cookies feature is active then the topology can generated any website user open in browser and view with globe world icon. The classification of session cookies could be classify into scheme based on user activity on browser [10] OS Fingerprint also a popular feature on Nmap [13]. Nmap was design to solve the OS classification model that consist of database of thousand of reference summary data for known operating system [13]. DroidGlance use this NMap database for query OS footprinting to identify name and type of the device. Active and passive probing for detection any host connected are use to discovery new devices that connect to wireless network [5]. On DroidGlance also listen and discovery any user who new connect to wireless network and draw the device on the topology. 4.2. Generate Report Scan Result User can generate report and save it from scanning result with click Send button on wizard step 4. User generate report with a few options: 1. User can save report in PDF file, saved on phone internal storage with with choose report type: • All host, all port reference – Saving information about all connected host and lists all scanned ports on all device from all time • All host, related port reference – Saving information about all connected, but only list scanned ports gathered from current scan. • Related hosts, all port reference – Saving information about scanned host and lists all scanned ports on all devices from all time 2. Send – Send the previously saved report using installed e-mail application on the phone This generate report option is describe on Figure 11. 4.3 Custom Mode In this custom mode, the user is expected to have been connected to an access point. Basically there are 7 menus for Custom mode where the user can choose describe on Figure 12. Sub menu on custom menu consist of: Open Report that view any report has been generated; Ping menu where the user can ping IP or website target to tested it live or not; Traceroute menu that allows the user check the route of the data packet IP target from source to the destination; Vulnerability check menu that allow user to select one host to analyze open port from list view IP device connected; Topology menu basically the same as with wizard step 2 on figure 8 where user can see list of device connected in the same network; Listen

200

Copyright ⓒ 2014 SERSC

International Journal of Software Engineering and Its Applications Vol.8, No.5 (2014)

menu allows the user capture unencrypted cookies travelling within the network and show them on the list. Cookies On listen menu describe on Figure 13, the user can set up website and their cookies that user want to capture. The listed website are already set up. The user can delete unwanted site by giving check mark at the top right corner of the list and press Delete Site at the bottom of screen.

Figure 11. Generate Report Option

Figure 12. Custom Menu

5. Discussion Purpose of DroidGlance is to simplify penetration test tool that generate report in the end of the process. So network data gathered can analyze to enhance its network security. Reports which generated from DroidGlance has several components as follows: • Up to date topology when report generated • List devices connected with data like vendor name, mac addres, and ip address, and operating system • List port that open on each device • List of session cookies and url web that each device open • Query result from NASSA vulnerability database for open port NMap on mobile device has limitation that this NMap cant detect specific host name from any devices on the network. NMap on mobile also has a weakness that it can not detect any vulnerability which has been patch or fix.

Copyright ⓒ 2014 SERSC

201

International Journal of Software Engineering and Its Applications Vol.8, No.5 (2014)

To evaluate the application, thirty network administrator were gathered and here is the conclusion about the application according to them: • Most respondents (16 people) needed approximately 5-9 minutes to understand how to use the application, which is good enough. While it takes less than 5 minutes for some other respondents. • Most respondents (16 people) needed less than 5 minutes to finish a series of task. • Most respondents will be likely to remember how to use the application due to its simplicity, provided instruction, and interesting design. However, some others still found some difficulties in using the application due because of too many features and undiscoverable function of some features in DroidGlance. • DroidGlance gained 5 out of 6 points in design. • DroidGlance gained 4.97 out of 6 points in satisfaction. There are still limitations found on this application that can be continued for further research and development DroidGlance might contain a simple network topology that cannot draw the topology of another network from other router(s). If looking at the ARP table of other routers' is possible, a more- advanced network topology can be developed. Switch device is currently undetected in the topology due to unknown method how to detect switch since not all switch has an IP address. Because DroidGlance only uses ICMP packet to trace route, then DroidGlance can not detect port if ICMP is filtered out. The network scanned is based on /24, whereas smaller number can cause the application to work much longer since the number of device is doubled on each decrement of the subnet mask

6. Conclusion DroidGlance is an android apps that allowing network admin or network security admin to take a glimpse of the network they are about to analyze only with their fingertips on their smartphones without entering technical commands nor complicated steps. DroidGlance has the following main features: Network Topology Generator, Port Scan, and Vulnerability Scan, with several additional features: Ping, Traceroute, and Listen.

References [1]

[2] [3] [4]

[5]

[6]

[7]

202

Y. Vanaubel, J. J. Pansiot, P. Merindol and B. Donnet, “Network fingerprinting: TTL-based router signatures”, Proceedings of the 2013 conference on Internet measurement conference, New York: ACM New York, (2013), pp. 369-376. A penetration tester's toolkit. (2012). Linux Journal, vol. 213, no. 1, (2012). M. Bauer, “Paranoid Penguin: Checking Your Work with Scanners, Part I (of II): nmap”, Linux Journal, 2001 (85es), vol. 13, (2001). J. R. Barnett and B. Irwin, “Towards a Taxonomy of Network Scanning Techniques”, Proceedings of the 2008 annual research conference of the South African Institute of Computer Scientists and Information Technologists on IT research in developing countries: riding the wave of technology, New York: ACM New York, (2008), pp. 1-7. G. Bartlett, J. Heidemann and C. Papadopoulos, “Understanding passive and active service discovery”, Proceedings of the 7th ACM SIGCOMM conference on Internet measurement, New York: ACM New York, (2007), pp. 57-70. S. Chakrabarti, M. Chakraborty and I. Mukhopadhyay, “Study of snort-based IDS”, Proceedings of the International Conference and Workshop on Emerging Trends in Technology, New York: ACM, (2010), pp. 43-47. T. Ehrenkranz and J. Li, “On the state of IP spoofing defense”, Journal ACM Transactions on Internet Technology, vol. 9, no. 2, (2009).

Copyright ⓒ 2014 SERSC

International Journal of Software Engineering and Its Applications Vol.8, No.5 (2014)

[8] [9]

[10] [11] [12] [13] [14] [15]

R. Hytnen and M. Garcia, “An analysis of wireless security”, Journal of Computing Sciences in Colleges, (2006), pp. 210-216. W. D. Richardson, D. S. Gribble and T. Kohno, “The limits of automatic OS fingerprint generation”, Proceedings of the 3rd ACM workshop on Artificial intelligence and security, New York: ACM, (2010), pp. 24-34. J. Treurniet, “A network activity classification schema and its application to scan detection”, Journal IEEE/ACM Transactions on Networking (TON), vol. 19, no. 5, (2011), pp. 1396-1404. Symmantec, Internet Security Threat Report 2013, Symmantec, (2013). S. Ali and T. Heriyanto, “BackTrack 4: Assuring Security by Penetration Testing. Birmingham”, Mumbai: Packt Publishing, (2011). M. Yoshimoto, B. B. Bista and T. Takata, “Development of Security Scanner with High Usability”, 18th International Conference on Advanced Information Networking and Application, (2004). W. Liu, “Design and Implement of Common Network Security Scanning System”, International Symposium on Intelligent Ubiquitous Computing and Education, (2009), pp. 148-151. A. Koch, droidsheep.de/download. Retrieved February 20, 2014, from droidsheep: http://droidsheep.de/download/Bachelorarbeit.pdf, (2011) August.

Authors Aditya Kurniawa, was born on March 20, 1986 in Medan, Indonesia. He spent his major on Computer Science in Bina Nusantara University and take Information System Magister also in Bina Nusantara University. In order to develop his soft skills, he joined Software Laboratory Center in Bina Nusantara University as Laboratory teaching staff since 2006 – 2008. Currently, Aditya work as a Concentration Content Coordinator on the field Software Engineering. He is passionate about software engineering, computer networking, and digital security

Doni Nathaniel Pranama, was born on March 9, 1992 in Yogyakarta, Indonesia. He spent his high school on Regina Pacis Surakarta, Indonesia, followed by majoring Computer Science in Binus University after he had graduated. Additionally, he had also experienced a life as an exchange student in Inha University, South Korea for one semester. In order to develop his soft skills, he joined various student organizations in BINUS University, namely: Binus Square Student Committee, Bina Nusantara English Club, and Cyber Security Community. Currently, Doni is passionate about computer networking and digital security. Junius, was born on June 8, 1992 in Jakarta, Indonesia. He spent his high school on Providentia Senior High School, Jakarta, then continue until present day in computer science in Bina Nusantara University. In order to develop his soft skills and hard skills, he joined Software Laboratory Center in Bina Nusantara University as Laboratory teaching staff since 2011 until present. Currently, Junius is passionate about computer networking, cryptography and security issue, desktop and mobile application development, and artificial intelligence.

Copyright ⓒ 2014 SERSC

203

International Journal of Software Engineering and Its Applications Vol.8, No.5 (2014)

Martina Megasari, was born on March 1, 1992 in Jakarta, Indonesia. She went to SMAK 3 Penabur Jakarta and currently is going to graduate from Binus University majoring Computer Science. She started to explore more about computer and network security when she joined Cyber Security Community at campus and took a role as secretary and treasure. She is now a project staff in Technology Development Department of IT Division Bina Nusantara focusing on web technology.

204

Copyright ⓒ 2014 SERSC