Inf ormation Technologies and Cyber security
Kriativ-tech Volume 1, Issue 9, January 2023, Pages: xxx Received: Jan. 22, 2023; Accepted: Jan. 27, 2023. Published: Mar. 13, 2023.
Authors
Luísa Orvalho - Professor Coordinator and Research at CITECA- ISTEC Porto
Mariana Lopes - 3rd year Student of the degree in Multimedia Engineering ISTEC Porto
Francisco Santos - 3rd year Student of the degree in Multimedia Engineering ISTEC Porto
Media
To cite this article
Luísa Orvalho, Mariana Lopes, Francisco Santos Information Technologies and Cyber security
DOI: 10.31112/kriativ tech 2023 06 92
Abstract
The rapid evolution of Information Technology (IT) and the growing use of connected devices have driven the need for enhanced cybersecurity measures. This scientific article examines the interaction between IT and cybersecurity, highlighting the challenge s faced in the current era due to the emergence of cyber threats and the need to protect data and systems. It emphasizes best practices in cybersecurity, including technical measures, awareness and training, as well as the industry standards, legi slation, and regulations in this field. The article concludes that a holistic approach is essential to address the challenges of cybersecurity and ensure trust in the digital era.
Keywords
Information Technologies, Cybersecurity, Data Security Types of Cyber A ttacks, Security measures, GDPR, CNCS C DAYS
References
[1] Martins, J. C. (2021). Gestão de Segurança da Informação e cibersegurança nas organizações (1ª Edição). Silabas & Desafios.
[2] Infoprotect. (2023). 5 maiores tecnologias de cibersegurança. [Web Page]. https://infoprotect.com.br/5 maiores tecnologias da ciberseguranca/
[3] Cecyber. (2022). Diferenças entre TI e Cibersegurança. [Web Page]. https://cecyber.com/diferencas-entre-ti-eciberseguranca/
[4] Iubenda. (2023). O que é GDPR? Um guia completo com tudo que você precisa saber para estar em conformidade. [Web Page]. https://www.iubenda.com/pt-br/help/43925-oque-e-o-gdpr-um-guia-completo-sobre-tudo-oque-voce-saber-para-estar-em-conformidade
[5] Kelvin Zimmer. (2020, setembro 9). 8 tipos de ataques cibernéticos e como se proteger. [Web Page]. https://www.lumiun.com/blog/8-tiposde-ataques-ciberneticos-e-como-se-proteger/
[6] NAU. (2021, 30 de novembro). Boas práticas de cibersegurança – os cinco pontos críticos [Web Page].https://www.nau.edu.pt/pt/2021/11/30/boaspraticas-de-ciberseguranca-os-cinco-pontoscriticos/
[7] CGD. (2020 setembro 25). Como minimizar os efeitos dos ciber-riscos: seguros e medidas. Lumiun. [Web Page]. https://www.cgd.pt/Site/SaldoPositivo/protecao/Pages/ciber-riscos-segurose-medidas.aspx.
[8] Álvarez, Irene Iglesias (2023). Investimentos em cibersegurança deverão crescer 13% em 2023. Computerworld. [Web Page].
https://www.computerworld.com.pt/2023/ 01/19/investimento-em-cibersegurancadevera-crescer-13-em-2023/
[9] Bruce, G., & Dempsy, R. (1997). Security in Distributed Computing. Hewllett Packard Professional Books.
[10] Pplware (2022). Ciberataques – Portugal é um alvo preferido dos criminosos? [Web Page].
https://pplware.sapo.pt/informacao/ciberataque s-portugal-e-um-alvo-preferido-doscriminosos/
[11] Forbes Portugal (2020). Gastos com cibersegurança aumentam cerca de 10% em 2021. [Web Page] https://www.forbespt.com/gastos-com-ciberseguranca-aumentam-cerca-de-10-em-2021/
[12] Antunes, M., & Rodrigues, B. (2018). Introdução à Cibersegurança. FCA
[13] Agência Lusa. (2022). Ciberataques: cronologia de outros ataques em Portugal além da Vodafone. CNN Portugal. [Web Page].
https://cnnportugal.iol.pt/mariovaz/ataqueinfor matico/vodafone-e-a-maisrecente-vitimaemseis-anos-de-ciberataques/%2020500208/62028bd00cf2184
7f0a9ddfa
Digital Inclusion: Accessibility of websites and mobile applications
Kriativ-tech Volume 1, Issue 9, January 2023, Pages: xxx Received: Jan. 22, 2023; Accepted: Jan. 27, 2023. Published: Mar. 13, 2023.
Authors
Luísa Orvalho - Professor Coordinator and Research at CITECA- ISTEC Porto
Carlos Couto - Assistant Professor at ISTEC Porto
Diogo Faria - 3rd year Student of the degree in Multimedia Engineering – ISTEC Porto
Diogo Dias - 3rd year Student of the degree in Multimedia Engineering- ISTEC Porto
Media
To cite this article
Luísa Orvalho, Carlos Couto, Diogo Faria, Diogo Dias Digital Inclusion: Accessibility of websites and mobile applications
DOI: 10.31112/kriativ-tech-2023-06-95
Abstract
This scientific article analyzes the state of the art on web accessibility and highlights users with disabilities or impairments, taking into account usability and user experience. It presents the four pillars related to accessibility on the web, some practical suggestions to be taken into account for the design and construction of websites and also refers to the competent entity for the development of actions to monitor compliance with the legislation. As a reference example of good digital inclusion practice, the Apple website (https://www.apple.com/pt/) is analyzed, which allows access to people with some type of disability.
Keywords
Web Accessibility Requirements, Usability and User Experience, Tools to support digital accessibility and usability, Web Accessibility Tips, APPLE case study of digital inclusion
References
[1] Ferati, M., & Vogel. B. (2020). Accessibility in Web Development Courses: A Case Study. https://www.mdpi.com/
[2] Instituto Nacional para a Reabilitação. (2022). Acessibilidade Digital Pereira, M., & Farina, R. (2022). ACESSIBILIDADE NA WEB. RECIMA21- Revista Científica Multidisciplinar 2675-6218, 3, 6, 6, DOI: https://doi.org/10.47820/recima21.v3i6.1622
[3] Pereira, M., & Farina, R. (2022). ACESSIBILIDADE NA WEB. RECIMA21- Revista Científica Multidisciplinar. ISSN 2675-6218, 3, 6, 6, https://doi.org/10.47820/recima21.v3i6.1622
[4] Nielsen, J. (Apr. 24, 1994; Updated Nov. 15, 2020). 10 Usability Heuristics for User Interface Design. Nielsen Norman Group. https://www.nngroup.com/articles/ten-usability-heuristics/
[5] W3C. (2008, 11 de dezembro). Wave Web Accessibility Evaluation Tools. [Sítios da web]. https://www.w3.org/Translations/WCAG20-pt-PT/
[6] Equidox. (2021). Equidox The 4 Pillars of Web Content Accessibility Guidelines (WCAG). [Bog]. https://equidox.co/blog/the-four-pillars-of-web-content-accessibility-guidelines-wcag/
[7] TutorAI. (2023, maio). Tips about Web Accessibility. [Sítios da web]. https://www.tutorai.me/
[8] Decreto-Lei n.º 83/2018 da Presidência do Conselho de Ministros (2018). Diário da República: I série, n.º 202. https://dre.pt/dre/detalhe/decreto-lei/83-2018-116734769
[9] WAVE. (2023, maio). Wave Web Accessibility Evaluation Tools. [Sítios da web]. https://wave.webaim.org
[10] AXE. (2023, Maio). Accessibility Testing Tools and Software. [Sítios da web]. https://www.deque.com/axe/
[11] WebAIM. (2023, maio). WebAim web accessibility in mind. [Sítios da web]. https://webaim.org/resources/contrastchecker/
[12] Microsoft Edge. (2022, 13 de outubro). Microsoft Edge for everyone | Making the web more accessible. [Video]. Youtube. https://www.youtube.com/watch?v=9tFYYOifHmI&ab_channel=MicrosoftEdge
The digital economy - outlines and perplexities of its evolution
Kriativ-tech Volume 1, Issue 9, January 2023, Pages: xxx Received: Jan. 22, 2023; Accepted: Jan. 27, 2023. Published: Mar. 13, 2023.
Authors
João Gonçalves, Assistant Professor at ISTEC
Media
To cite this article
João Gonçalves, The digital economy - outlines and perplexities of its evolution
DOI: 10.31112/kriativ-tech-2022-06-82
Abstract
Due to the evolution of science and knowledge, the digital economy is increasingly a reality associated with technological development and the progress of societies and States – Is Portugal moving in that direction? The objective of this article is to identify the level of evolution of the digital economy in Portugal.
Keywords
Digital economy, technology, market, digital transformation.
References
[1] Menezes, Heloísa (2021). In Digital: Economia Digital passada a limpo. Síntese e insights/Núcleo de Inovação e Empreendedorismo. Nova Lima: Fundação Dom Cabral
[2], [3],
[9] Lorenzetti, Eduardo (2002). O sistema de pagamento empresarial eletrônico na era da economia digital – Uma análise do seu custo/beneficio. Universidade Federal de Santa Catarina
[4] Comissão Europeia (2023). Available at https://commission.europa.eu/strategy-and-policy/priorities-2019-2024/europe-fit-digital-age/europes-digital-decade-digital-targets-2030_pt#direitos-e-princ%C3%ADpios-digitais; Accessed on 05-03-2023
[5] Programa Década Digital para 2030 (2022). In Jornal Oficial da União Europeia of 19-12-2022
[6], [7],
[11] Agência para a Sociedade do Conhecimento (2010). Fórum para a Sociedade da Informação. Economia Digital - Novas Oportunidades e Desafios para a Economia Digital. Lisboa, 12 de outubro.
[12] Cardoso, J. (2020). A economia digital e o conceito de criação de valor. Dissertação de mestrado. Faculdade de Direito – Universidade do Porto
[13] Queiróz, F. (2016). A Economia Digital: novos desafios para um regime estabelecido. Dissertação de mestrado. Faculdade de Direito – Universidade de Lisboa
Open Educational Resources in Higher Education: experimental study
Kriativ-tech Volume 1, Issue 9, January 2023, Pages: xxx Received: Jan. 22, 2023; Accepted: Jan. 27, 2023. Published: Mar. 13, 2023.
Authors
Paulo Duarte Branco, Associated Professor at ISTEC
Andreia Teles Vieira, Assistant Professor at ISTEC
Media
To cite this article
Paulo Duarte Branco, Andreia Teles Vieira Educational Resources in Higher Education: experimental study
DOI: 10.31112/kriativ-tech-2022-06-83
Abstract
Over the past few years the need for the adoption of open educational resources in higher education has been growing. The Covid 19 pandemic has shown the gap for the creation and development of technology mediated learning on Higher Education.
The curricular unit of Multimedia Technologies for eLearning of the Multimedia Engineering degree from the Instituto Superior de Tecnologias Avançadas (Lisbon, Portugal) was the chosen example for the promotion and development of this kind of content.
After defining the needs arising from the teaching-learning system of the 21st century we came to the conclusion that the video effect would be the widely adopted resource. Thinking about online video consumption to captivate the attention and motivate young students was part of this study.
In this article we have tried to give a brief approach to an experiment of a higher education institution that we hope has given, besides testimony, contributions to a design of proximity between Professors and Students.
Keywords
E-learning; Open educational resources; Education; Audio-scripto-visual.
References
[1] Branco, P. D. (2020). Video as a media in distance learning: guiding principles. Kriativ-Tech, 1(7). https://doi.org/10.31112/kriativ-tech-2020-06-36.
[2] Governo de Portugal. (2019). RJEAD - Decreto-Lei n.o 133/2019. Diário Da República, 1(168), 49–57. https://data.dre.pt/eli/dec-lei/133/2019/09/03/p/dre
[3] Eurostat. (2022). Interest in online education grows in the EU. https://ec.europa.eu/eurostat/web/products-eurostat-news/-/edn-20220124-1
[4] Hylén, J. (2020). Open Educational Resources: Opportunities and Challenges The OECD/CERI study on OER. www.oecd.org/edu/ceri
[5]
[6] OER Commons. (2022). Open Educational Resources. https://www.oercommons.org/oer-101
[7] Stracke, C. M., Downes, S., Conole, G., Burgos, D., & Nascimbeni, F. (2019). Are MOOCs Open Educational Resources? A literature review on history, definitions and typologies of OER and MOOCs. Open Praxis, 11(4), 331. https://doi.org/10.5944/openpraxis.11.4.1010
[8] Yuan, l. & Powell, S. (2014). Moocs and Open Education: implications for higher education. http://publications.cetis.ac.uk/wp-content/uploads/2013/03/moocs-and-open-education.pdf
[9]
[10]
[11]
[12]
[13]
[14]
[15]
[16]
Harden, N. (2013). The End of the University as We Know It, The American Interest. Retirado de http://the-american-interest.com/article.cfm?piece=1352.
Google. (2017). The Values of YouTube Study. https://www.thinkwithgoogle.com/advertising-channels/video/self-directed-learning-youtube/ accessed 14, november, 2022.
Oxford Economics. (2021). The State of The Creator Economy: Assessing the Economic, Societal, and Cultural Impact of YouTube in the US in 2021. https://www.oxfordeconomics.com/wp-content/uploads/2022/07/YT_OE_US_ImpactReport_2021.pdf
Lombard, M., & Ditton, T. (1997). At the heart of it all: The concept of presence. Journal of Computer-Mediated Communication, 3(2).
Dron, J., & Anderson, T. (2007). Collectives, networks, and groups in social software for e-learning. World Conference on E-Learning in Corporate, Government, Healthcare, and Higher Education (ELEARN) 2007, Quebec City, Quebec, Canada.
Vázquez, E. (2013). The Videoarticle: New Reporting Format in Scientific Journals and its Integration in MOOCs. Comunicar, 41, 83-91. (DOI: 10.3916/C41-2013-08).
Garrison, D. R., Anderson, T., & Archer, W. (2000). Critical inquiry in a text-based environment: Computer conferencing in higher education. Internet and Higher Education, 2(2-3), 87-105.
Application tool for information security and cybersecurity risk management in an organization
Kriativ-tech Volume 1, Issue 9, January 2023, Pages: xxx Received: Jan. 22, 2023; Accepted: Jan. 27, 2023. Published: Mar. 13, 2023.
Authors
Sérgio Pinto, Assistant Professor at ISTEC
Media
To cite this article
Sérgio Pinto, Application tool for information security and cybersecurity risk management in an organization
DOI: 10.31112/kriativ-tech-2022-06-81
Abstract
Currently organizations are increasingly exposed to information security and cybersecurity attacks. Therefore, this article intends to describe a process for analyzing/auditing potential risks to be able to assist an organization in choosing the security measures and controls to define and implement an adequate level of security. Additionally, this article also intends to be a reference for the development of an application tool to implement this process.
Keywords
Cybersecurity, Impact, Organization, Probability, Risk, Threat, Vulnerability.
References
[1] CNCS (2022), “Guia para Gestão de Riscos em matérias de Segurança da Informação e Cibersegurança”, retrieved from: https://www.cncs.gov.pt/docs/guia-de-gestao-dos-riscos.pdf
[2] CNCS (2019), “QNRCS: Quadro Nacional de Referência para a Cibersegurança”, retrieved from:
[3] Artigo 10º Decreto Lei nº 65/2021, 30 de julho, “Regime Jurídico da Segurança do Ciberespaço“, retrieved from:
[4] CNCS (2020), “Quadro de Avaliação de Capacidades de Cibersegurança”, retrieved from: https://www.cncs.gov.pt/docs/cncs-quadrodeavaliacao.pdf
[5] ISO/IEC 27005:2018, “Information technology -- Security techniques -- Information security risk management”, retrieved from: https://www.standards-pdf-download.com/iso-iec-27005-2018-download-free.html
[6] NIST (2022), “Risk Management Framework: Security and Privacy Controls for Information Systems and Organizations, Revision 5”, SP 800-53, retrieved from: https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final
[7] NP ISO/IEC 31000, “Gestão do Risco – Linhas de orientação”, retrieved from: http://qualitividade.pt/wp-content/uploads/2016/04/NPISO031000_2012.pdf
[8] ISO/IEC 27001:2022, “Information security, cybersecurity and privacy protection — Information security management systems — Requirements”
Enhancing Caesar’s Cipher
Kriativ-tech Volume 1, Issue 9, January 2023, Pages: xxx Received: Jan. 22, 2023; Accepted: Jan. 27, 2023. Published: Mar. 13, 2023.
Authors
António Santos, Assistant Professor at ISTEC
Media
To cite this article
António Santos, Enhancing Caesar’s Cipher
DOI: 10.31112/kriativ-tech-2022-06-80
Abstract
Before the invention of computers all methods were calculated manually, and as such the cryptographic methods developed during that period took this limitation into account. The Caesar Cipher method was one of the first to be used and disseminated in several countries. This method is very simple, which means that with current means you can break your security quickly and easily. However, it has a characteristic that, given its nature, any change to the method increases its safety, and like other authors in this article, it will be shown that a small change will imply some improvement in the method's safety; transforming the monoalphabetic substitution Caesar cipher into a polyalphabetic substitution cipher with a key created from the displacement element (key) supplied by the user.
Keywords
Encryption, Substitution cipher, Monoalphabetic, polyalphabetic, Caesar cipher, Vigenère cipher.
References
[1] Katz J, Lindell Y. (2015). Introduction to Modern Cryptography. 2nd ed. Florida: Taylor & Francis Group, LLC, CRC Press.
[2] Stinson DR, Paterson MB. (2018). Cryptography: Theory and Practice. 4th ed. Textbooks in Mathemátics. Florida: CRC Press.
[3] Holden J. (2017). The Mathematics of Secrets: Cryptography from Caesar Ciphers to Digital Encryption. New Jersey: Princeton University Press.
[4] Kahate A. (2003). Cryptography and Network Security. New Delhi: Tata McGraw-Hill.
[5] Kipper G. (2004). Investigator´s Guide to Steganography. Florida: Auerbach Publications.
[6] Paar C, Pelzl J. (2010). Understanding Cryptography: A Textbook for Students and Practitioners. Berlin: Springer-Verlag.
[7] Delfs H, Knebl H. (2007). Introduction to Cryptography: Principles and Applications. 2nd ed. Berlin: Springer-Verlag.
[8] Aggarwal S. (2016). A Review on Enhancing Caesar Cipher. International Journal of Research Science & Management. 3 (6): 14-20.
[9] Shrivastava M, Jain S, Singh P. (2016). Content Based Symmetric Key Algorithm, International Conference on Computational Modeling and Security, Procedia Computer Science. 85: 222-227.
[10] Stallings W. (2011). Cryptography and network security: Principles and Practice. 5th ed. New York: Prentice Hall.
[11] Singh S. (1999). The Code Book, Anchor Books: The Science of Secrecy from Ancient Egypt to Quantum Cryptography. New York: Anchor Boks.
[12] Stamp M, Low RM. (2007). Applied Cryptanalysis - Breaking Ciphers in the Real World, San Jose: Wiley-Interscience, John Wiley & Sons, Inc..
[13] Cobb C. (2004). Cryptography for Dummies, New Jersey: Wiley Publishing.
[14] Kumari S. (2017). A research Paper on Cryptography Encryption and Compression Techniques. International Journal Of Engineering And Computer Science. 6(4): 20915-20919.
[15] Katz J, Lindell Y. (2008). Introduction to Modern Cryptography. Florida: Taylor & Francis Group, LLC, CRC Press.
[16] Trappe W, Washington L. (2006). Introduction to Cryptography with Coding Theory. 2nd ed. New Jersey: Pearson Education Inc., Pearson-Prentice Hall.
[17] Churchhouse R. (2004). Codes and ciphers: Julius Caesar, the Enigma and the Internet. Cambridge: Cambridge University Press.
[18] Easttom W. (2021). Modern Cryptography Applied Mathematics for Encryption and Information Security. Cham: Springer Nature Switzerland AG, Springer.
[19] Sinkov A. (1966). Elementary Cryptanalysis - A Mathematical Approach. 5th Printing. Washington The Mathematical Association of America.
[20] Baldoni M.W, Ciliberto C. and Cattaneo G.M.P. (2009). Elementary Number Theory, Cryptography and Code. Roma: Springer-Verlag.
[21] Bauer C. (2013). Secret History: The Story of Cryptology. Filadelfia: Chapman and Hall/CRC.
[22] Schneier B. (1996). Applied Cryptography, 2nd ed. Illinois: John Wiley & Sons.
[23] Musa S.M. (2018). Network Security and Cryptography: A Self-teaching Introduction. Virgínia: Mercury Learning & Information.
[24] Mathur A. (2012). A Research paper: An ASCII value based dataencryption algorithm and its comparison with other symmetric data encryption algorithms. International Journal on Computer Science and Engineering (IJCSE). 4(9): 1650-1657..
[25] Singh P, Sen P. (2017). Enhancing Security of Caesar Cipher Using Divide and Conquer Approach. International Journal of Advance Research in Science and Enginheering. 6 (02): 144-150.
[26] Jain A, Dedhia R, Patil (2015). A. Enhancing the Security of Caesar Cipher Substitution Method using a Randomized Approach for more Secure Communication. International Journal of Computer Applications. 129(13): 6-11.
[27] Singh A, Nandal A, Malik S. (2012). Implementation of Caesar Cipher with Rail Fence for Enhancing Data Security. International Journal of Advanced Research in Computer Science and Software Engineering. (12): 78-82.
[28] Senthil K, Prasanthi K, Rajaram R. (2013). A Modern Avatar Of Julius Caesar and Vigenere Cipher. Proceedings of IEEE International Conference on Computational Intelligence and Computing Research.
[29] Bowne S. (2018). Hands-On Cryptography with Python. Birmingham: Packt Publishing.
Machine Learning and APTs
Kriativ-tech Volume 1, Issue 9, April 2018, Pages: xxx Received: Dec. 28, 2019; Accepted: Feb. 25, 2020. Published: Oct. 11, 2022.
Authors
Pedro Ramos Brandão, Full Professor – ISTEC Lisbon
Gabriel Pereira Matos, Computer Science MSc Student
Media
To cite this article
Pedro Ramos Brandão, Gabriel Pereira Matos Machine Learning and APTs
DOI: 10.31112/kriativ-tech-2022-06-79
Abstract
APTs, also known as Advanced Persistent Threats, are a type of cyberattack characterized by slow and stealthy methods of attack. As one of the most worrying attack methods today, it's important to understand what they are and how they work. At the moment, there are already some techniques for detecting APTs through the training and learning method known as Machine Learning. This article introduces the definitions of APTs and machine learning clarifies the operation of APTs, and introduces and discusses some techniques for APTs detection.
Keywords
Advanced Persistent Threats, Cybersecurity, Machine Learning
References
[1]A. Alshamrani, S. Myneni, A. Chowdhary, and D. Huang, “A survey on Advanced persistent threats: Techniques, solutions, challenges, and research opportunities,” IEEE Communications Surveys & Tutorials, vol. 21, no. 2, pp. 1851–1877, Jan. 2019.
[2]R. S. Ross, “Managing information security risk: Organization, mission, and information system view,” Special Publication (NIST SP)- 800-39, 2011.
[3]P. Chen, L. Desmet, and C. Huygens, “A study on advanced persistent threats,” in IFIP International Conference on Communications and Multimedia Security. Springer, 2014, pp. 63–72.
[4] E. M. Hutchins, M. J. Cloppert, R. M. Amin, and others, “Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains,” Leading Issues in Information Warfare & Security Research, vol. 1, no. 1, p. 80, 2011.
[5] A. K. Sood and R. J. Enbody, “Targeted cyberattacks: a superset of advanced persistent threats,” IEEE security & privacy, vol. 11, no. 1, pp. 54–61, 2013.
[6] O. S. V. D. (OSVDB), “Open source vulnerability database (osvdb),” 2012.
[7] P. Mell, K. Scarfone, and S. Romanosky, “Common vulnerability scoring system,” IEEE Security & Privacy, vol. 4, no. 6, 2006.
[8] M. Motoyama, D. McCoy, K. Levchenko, S. Savage, and G. M. Voelker, “An analysis of underground forums,” in Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference. ACM, 2011, pp. 71–80.
[9] M. Ussath, D. Jaeger, F. Cheng, and C. Meinel, “Advanced persistent threats: Behind the scenes,” in Information Science and Systems (CISS), 2016 Annual Conference on. IEEE, 2016, pp. 181–186.
[10]A. TrendLabsSM, “Spear-Phishing Email: Most Favored APT Attack Bait”, 2012.
[11]G. O’Gorman and G. McDonald, “The elderwood project”. Symantec Corporation, 2012.
[12]W. Gragido, “Lions at the watering hole: The voho affair,” RSA blog, vol. 20, 2012.
[13]D. Kindlund, D. Caselden, X. Chen, N. Moran, and M. Scott, “Operation SnowMan: DeputyDog Actor Compromises US Veterans of Foreign Wars Website,” FireEye, 13-Feb-2014. [Online]. Available: https://www.fireeye.com/blog/threat-research/2014/02/operation-snowman-deputydog-actor-compromises-us-veterans-of-foreign-wars-website.html. [Accessed: 13-Jul-2022].
[14]S. McClure et al., “Protecting your critical assets-lessons learned from operation aurora,” Tech. Rep., 2010.
[15]RSA FraudAction Research Labs, “The anatomy of the RSA attack,” RSA blog, 01-Apr-2011. [Online]. Available: http://blogs.rsa.com/anatomy-of-an-attack/. [Accessed: 13-Jul-2022].
[16]X. Wang, K. Zheng, X. Niu, B. Wu, and C. Wu, “Detection of command and control in advanced persistent threat based on independent access,” in Communications (ICC), 2016 IEEE International Conference on. IEEE, 2016, pp. 1–6.
[17]B. Harris, “Shadows in the cloud: An investigation of cyber espionage 2.0,” GovTech, 02-Aug-2010. [Online]. Available: https://www.govtech.com/dc/articles/shadows-in-the-cloud-an-investigation.html. [Accessed: 13-Jul-2022].
[18]M. Z. Rafique, P. Chen, C. Huygens, and W. Joosen, “Evolutionary algorithms for classification of malware families through different network behaviors,” in Proceedings of the 2014 Annual Conference on Genetic and Evolutionary Computation, 2014, pp. 1167–1174.
[19]E. Rajalakshmi, N. Asik Ibrahim, and V. Subramaniyaswamy, “A survey of machine learning techniques used to combat against the advanced persistent threat,” Applications and Techniques in Information Security, pp. 159–172, Nov. 2019.
[20]I. Ghafir, M. Hammoudeh, V. Prenosil, L. Han, R. Hegarty, K. Rabie, and F. J. Aparicio-Navarro, “Detection of advanced persistent threat using machine-learning correlation analysis,” Future Generation Computer Systems, vol. 89, pp. 349–359, Jul. 2018.
[21]H. HaddadPajouh, A. Dehghantanha, R. Khayami, and K.-K. R. Choo, “A deep recurrent neural network based approach for internet of things malware threat hunting,” Future Generation Computer Systems, vol. 85, pp. 88–96, Mar. 2018.
[22]F. J. Aparicio-Navarro, K. G. Kyriakopoulos, Y. Gong, D. J. Parish, and J. A. Chambers, “Using Pattern-of-Life as Contextual Information for Anomaly-Based Intrusion Detection Systems,” IEEE Access, vol. 5, pp. 22177–22193, 2017, doi: 10.1109/ACCESS.2017.2762162.
[23]S.-T. Liu, Y.-M. Chen, and S.-J. Lin, “A novel search engine to uncover potential victims for apt investigations,” in IFIP International Conference on Network and Parallel Computing, 2013, pp. 405–416.
[24]G. E. Hinton, “Deep belief networks,” Scholarpedia, vol. 4, no. 5, p. 5947, 2009.
[25]M. Moradi and M. Zulkernine, “A neural network based system for intrusion detection and classification of attacks,” in Proceedings of the IEEE international conference on advances in intelligent systems-theory and applications, 2004, pp. 15–18.
[26]M. Balduzzi, V. Ciangaglini, and R. McArdle, “Targeted attacks detection with spunge,” in 2013 Eleventh Annual Conference on Privacy, Security and Trust, 2013, pp. 185–194.
[27]A. Azmoodeh, A. Dehghantanha, and K.-K. R. Choo, “Robust malware detection for internet of (battlefield) things devices using deep eigenspace learning,” IEEE transactions on sustainable computing, vol. 4, no. 1, pp. 88–95, 2018.
Women in ICT Engineering Courses: Problem-Based Learning to Encourage their Empowerment
Kriativ-tech Volume 1, Issue 9, April 2018, Pages: xxx Received: Dec. 28, 2019; Accepted: Feb. 25, 2020. Published: Oct. 11, 2022.
Authors
Dulce Mourato, Assistant Professor at ISTEC
Media
To cite this article
Dulce Mourato, Women in ICT Engineering Courses: Problem-Based Learning to Encourage their Empowerment
DOI: 10.31112/kriativ-tech-2022-06-77
Abstract
The disparity in numbers was evident and could not be ignored in terms of research: twelve students women, included in a class with a total of 126 students men, attended the last year of Computer and Multimedia Engineering Degree courses, at the Higher Institute of Advanced Technologies (ISTEC) in Lisbon, Portugal, in the academic year 2020/21.
The general objective of this study was to realize, through the different proposals of research themes, developed by all students in their practical project – the final dissertation (in order to achieve certification of their degrees) configured the reflection of what happens in society in general, referring to a gender set of stereotypes, which obstructs knowledge, stagnates or delays the ability to respond with new solutions for all, so common in these cutting-edge technological areas, and how to change the underlying mentality of women students and reconfigure positive impact on their action, mentality and on their technological practice in future proposals or jobs.
To better describe what happened, this research uses a case study that aims to demonstrate why Women in ICT are so few and how the use of Problem Based Learning (PBL) could help to understand why it happens. PBL was used to simplify research themes, based on real technological contexts and if those research themes made a difference from a gender point of view. Faced with so little female academic representation in this particular area, as a woman researcher, it was an imperative goal to recognize how and why this occurs so frequently, but also prove a simple theory: if PBL could be adapted for each person and maybe adjust in individual, social and professional terms, regardless of gender. Another challenge was to realize the biases and stereotypes perception and which these factors were reflected in the lack of gender equality and identity and promote incentives for women empowerment in the technological world.
Keywords
Women in ICT, Identity and Gender Equality, Innovation, Entrepreneurship, Empowerment.
References
[1] Blau, F. & L. Kahn (2017). The gender wage gap: Extent, trends, and explanations. Journal of Economic Literature, Vol. 55, Issue 3, pp. 789-865. http://dx.doi.org/10.1257/jel.20160995.
[2] Blumhof, J., Hall, M., & Honeybone, A. (2001). Using problem-based learning to develop graduate skills. Planet, 4(1), 6–9. https://doi.org/10.11120/plan.2001.00040006.
[3] EQUALS (2019). I’d blush If I could. Closing gender divides in digital skills through education. https://unesdoc.unesco.org/ark:/48223/pf0000367416.page=74
[4] EIGE (2018). Women and men in ICT: a chance for better work–life balance. Research Note. Luxembourg: Publications Office of the European Union. https://eige.europa.eu/publications/women-and-men-ict-chance-better-work-life-balance-research-note
[5] European Commission. (2020). Digital Education Action Plan 2021-2027. Resetting education and training for the digital age. SWD - 209 final. https://ec.europa.eu/education/sites/default/files/document-library-docs/deap-swd-sept2020_en.pdf
[6] Hawking, S. (1988). A Brief History of Time: From the Big Bang to Black Holes. The phenomenal International Bestseller. Updated Editions. Bantam Books.
[7] ITU (2021). Pandemic in the Internet age: From second wave to new normal, recovery, adaptation and resilience. International Telecommunication Union. Geneva: Licence: CC BY-NC-SA 3.0 IGO. 978-92-61-33951-7 (Electronic version).https://www.itu.int/en/myitu/Publications/2021/05/11/08/52/Pandemic-in-the-Internet-age
[8] Miliszewska, I & Moore, A. (2010). Encouraging Girls to Consider a Career in ICT: A Review of Strategies. Journal of Information Technology Education: Innovations in Practice. Volume 9. http://jite.informingscience.org/documents/Vol9/JITEv9IIPp143-166Miliszewska797.pdf
[9] OECD (2018a). Bridging The Digital Gender Divide Include, Upskill, Innovate. Better Policies for Better Lives. Secretary-General of the OECD. https://www.oecd.org/digital/bridging-the-digital-gender-divide.pdf
[10] OECD (2018b). Empowering Women in the Digital Age: Where Do We Stand?. OECD – Paris. http://www.oecd.org/going-digital/empowering-women-in-the-digital-age-brochure.pdf
[11] Sistermans, I.J. (2020). Integrating competency-based education with a case-based or problem-based learning approach in online health sciences. Asia Pacific Educ. Rev. 21, 683–696 https://doi.org/10.1007/s12564-020-09658-6
Security from Caesar to Vigenère
Kriativ-tech Volume 1, Issue 9, April 2018, Pages: xxx Received: Dec. 28, 2019; Accepted: Feb. 25, 2020. Published: Oct. 11, 2021.
Authors
António Santos, Assistant Professor at ISTEC
Media
To cite this article
António Santos, Security from Caesar to Vigenère
DOI: 10.31112/kriativ-tech-2022-06-74
Abstract
Cryptography has accompanied the human being for centuries, starting with being used only by kings and emperors to communicate with their governors and military until now when its use is in all information transfers carried out digitally. The Caesar cipher was one of the first to appear and served for Roman emperors to communicate with their generals and provincial governors. It is a simple substitution number, and as such it has some limitations which, at the time it was used, were not relevant because of the illiteracy of the populations. While the Vigenère cipher brought much more security, filling the vulnerabilities of the Caeser cipher, transforming the Caeser cipher into a polyalphabetic substitution cipher. In this study we will compare the figures: Caeser, Shift and Vigenère; regarding your safety. It is also intended to make some modifications in order to improve and optimize the code without changing the original cipher.
Keywords
Encryption, substitution method, Caesar cipher, Shift cipher, Vigenère cipher.
References
[1] Jain, A., Dedhia, R. and Patil, A. (2015) “Enhancing the Security of Caesar Cipher Substitution Method using a Randomized Approach for more Secure Communication”, International Journal of Computer Applications, Vol. 129 No.13, pp: 144-150,
[2] Saraswat, A., Khatria, C., Sudhakara, Thakrala, P., Biswasa, P.. ( 2016 ) An Extended Hybridization of Vigenere and Caesar Cipher Techniques for Secure Communication, 2nd International Conference on Intelligent Computing, Communication & Convergence (ICCC-2016), Procedia Computer Science 92 pp 355 – 360.
[3] Balogun, A.O. , Sadiku, P. O., Mojeed, H. A., Raifu, H. A. (2017) Multiple Caesar Cypher Encryption Algorithm. ABACUS, (Mathematics Science Series) Vol. 44, No 2. pp 250-258.
[4] Kahate, Atul (2003). Cryptography and network security, Tata McGraw-Hill, New Delhi.
[5] Paar, Christof\ and Pelzl, Jan (2010). Understanding Cryptography: A Textbook for Students and Practitioners. Springer-Verlag, Berlin.
[6] Stinson, D.R. and Paterson, M. B. (2018) Cryptography: Theory and Practice, Fourth Edition. Textbooks in Mathemátics, CRC Press.
[7] Katz, Jonathan and Lindell, Yehuda (2015). Introduction to Modern Cryptography. Second Edition, Taylor & Francis Group, LLC, CRC Press.
[8] Aggarwal, Surabhi (2016). A Review on Enhancing Caesar Cipher, International Journal of Research Science & Management, 3(6).
[9] Stallings, William (2017). Cryptography and network security: Principles and Practice, Fifth Edition, Prentice Hall, New York.
[10] Shrivastava, M., Jain, M, and Singh, P. (2016) Content Based Symmetric Key Algorithm, International Conference on Computational Modeling and Security, Procedia Computer Science 85, pp. 222 – 227.
[11] Singh, Simon (1999).The Code Book, Anchor Books: The Science of Secrecy from Ancient Egypt to Quantum Cryptography. Anchor Boks. New York.
[12] Stamp, Mark and Low, Richard M.(2007). Applied Cryptanalysis - Breaking Ciphers in the Real World. Wiley-Interscience, John Wiley & Sons, Inc..
[13] Holden, Joshua (2017), The Mathematics of Secrets: Cryptography from Caesar Ciphers to Digital Encryption, Princeton University Press, New Jersey.
[14] Kumari, Sarita (2017) A research Paper on Cryptography Encryption and Compression Techniques, International Journal Of Engineering And Computer Science. Volume 6 Issue 4Page No. 20915-20919. DOI: 10.18535/ijecs/v6i4.20.
[15] Luciano, D. and Priche,, G. Cryptology: From Caesar Ciphers to Public-Key Cryptosystems, The College Mathematics Journal, Vol. 18, No. 1 (Jan., 1987), pp. 2-17
[16] Omolara O.E., Oludare A.I. and Abdulahi S.E..( 2014) Developing a Modified Hybrid Caesar Cipher and Vigenere Cipher for Secure Data Communication, Computer Engineering and Intelligent Systems Vol.5, No.5, pp 34- 47
[17] Singh, Pooja and Sen, Pintu (2017). Enhancing Security of Caesar Cipher Using Divide and Conquer Approach, International Journal of Advance Research in Science and Enginheering, Volume 6, special issue (02).
[18] Sinkov, Abraham (1966), Elementary Cryptanalysis - A Mathematical Approach, Fifth Printing, The Mathematical Association of America. Washington, USA.
[19] Mollin, Richard A. (2007) An Introduction to Cryptography, Second Edition. Discrete Mathematics and its Applications, Chapman & Hall/CRC, California.
[20] Santos, Antonio and Vasconcelos Junior, Renato (2021). Improving Caesar Cipher for greater security. kriativ-tech (9) ,DOI: 10.31112/kriativ-tech-2021-10-54.
[21] Stinson, Douglas and Paterson, Maura. (2018) Cryptography: Theory and Practice fourth edition. CRC Press, CRC Press LLC. Florida.
[22] Musa, Sarhan M. (2018). Network Security and Cryptography: A Self-teaching Introduction. Mercury Learning & Information. Virgínia.
[23] Stallings, William (2017). Cryptography and network security: Principles and Practice, Seventh Edition. Pearson. Essex.
[24] Schneier, Bruce (1996). Applied Cryptography, Second Edition. John Wiley & Sons.
Geographic Information Systems
Kriativ-tech Volume 1, Issue 9, April 2018, Pages: xxx Received: Dec. 28, 2019; Accepted: Feb. 25, 2020. Published: Oct. 11, 2021.
Authors
Luísa Orvalho , Professor Coordinator at ISTEC Porto
João Morais, Undergraduate in Computer Engineering at ISTEC Porto
Carlos Teixeira , Undergraduate in Computer Engineering at ISTEC Porto
Media
To cite this article
Luísa Orvalho, João Morais, Carlos Teixeira, Geographic Information Systems
DOI: 10.31112/kriativ-tech-2022-06-76
Abstract
With this article we intend to review the state of the art regarding Geographic Information Systems (GIS) and recognize the great technological evolution of the last decades. Identifying the objectives of GIS, describing its components, its main uses, functions and characterizing the available software of this technology are the main objectives of this investigation.
Keywords
Geographic Information Systems, Uses, Functions, Components, Desktop GIS Applications, Web GIS Applications, Explore Porto Application
References
[1] ArcGIS (2022). ArcGIS https://www.esri-portugal.pt/pt-pt/arcgis/produtos/arcgis-pro/overview
[2] BOLFE, E., & M. FERREIRA. (2008). Sistemas de Informação Geográfica: uma abordagem contextualizada na história. GEOGRAFIA, Rio Claro, v. 33, n. 1, p. 40-45, jan./abr. file:///Downloads/1775-Texto%20do%20artigo-38395-2-10-20200821%20(3).pdf
[3] CÂMARA, G. & J. MEDEIROS. (2003). Tendências de evolução do geoprocessamento. In: ASSAD, E. D.; SANO, E. (Org.) Sistemas de Informações Geográficas. 2. ed. Brasília, DF: Embrapa, cap. XX, p. 411-424. file:////Downloads/1775-Texto%20do%20artigo-38395-2-10-20200821%20(1).pdf
[4] CARTER, J. (1989). On defining the geographic information system. In: Ripple W J (ed.) Fundamentals of Geographic Information Systems: a compendium. ASPRS/ACSM, Falls Church Virginia. http://lidecc.cs.uns.edu.ar/~nbb/ccm/downloads/Literatura/OVERVIEW%20AND%20DEFINITION%20OF%20GIS.pdf
[5] Explore Porto. (2022). Explore Porto https://explore.porto.pt/
[6] GRASS (2022). GRASS. https://grass.osgeo.org/
[7] gvSIG (2022). gvSIG. http://www.gvsig.com/pt/produtos/gvsig-desktop
[8] Intergraph. (2022). Intergraph. https://www.intergraph.com/
[9] MACHADO, J. A. R. (2000). A emergência dos Sistemas e Informação Geográfica na análise e organização do espaço; Fundação Calouste Gulbenkian. http://koha-bmc.ubi.pt/cgi-bin/koha/opac-detail.pl?biblionumber=16377
[10] Map Server. (2022). Map Server https://www.mapserver.org/
[11] Mapinfo. (2022). Mapinfo http://www.geobis.com/mapinfo-gis-software/
[12] Landsat. (2022). https://en.wikipedia.org/wiki/Landsat_program
[13] OpenJUMP. (2022). OpenJump http://www.openjump.org/
[14] QGIS. (2022). QGIS https://www.qgis.org/en/site/