Ingeniería en Sistemas, Electrónica e Industrial
Permanent URI for this communityhttp://repositorio.uta.edu.ec/handle/123456789/1
Browse
2 results
Search Results
Item Modelo de Machine Learning para mitigar los fraudes informáticos de phishing basados en la ingeniería social en la Facultad de Ingeniería en Sistemas Electrónica e Industrial(Universidad Técnica de Ambato. Facultad de Ingeniería en Sistemas, Electrónica e Industrial. Carrera de Tecnologías de la Información, 2023-03) Jaramillo Basantes, Fabiana Patricia; Nogales Portero, Rubén EduardoNowadays, Phishing websites continue to be a significant threat in the vast cyberspace of the internet. When a user visits a Phishing URL, attackers obtain the user's personal and confidential information. Cyber criminals use various social engineering techniques to carry out identity theft or launch targeted attacks. Students and professors are not exempt from the strong influence of different social engineering techniques. Phishers seek ways to harm and make money through the manipulation and extortion of unsuspecting users. To address this problem, the present curricular integration work proposes implementing a Machine Learning model for Phishing detection deployed as a browser extension. 24 characteristics of its structure were extracted for the analysis of URLs and construction of the dataset. A comparison was made between various classification models such as Random Forest (RF), Support Vector Machine (SVM), Artificial Neural Network (RNA), and K-Nearest Neighbors (KNN) to choose the most appropriate and best fit for the problem. Once the algorithms of the different training models were analyzed, the model used to classify URLs is an artificial neural network (RNA) achieving an accuracy of 99.98%. The purpose of this work is to help the FISEI community. The extension will mitigate and prevent users from becoming victims of malicious activities such as falling into Phishing URLs that apply various principles of Social Engineering.Item Políticas de seguridad informática para el teletrabajo en la empresa Bioalimentar(Universidad Técnica de Ambato. Facultad de Ingeniería en Sistemas, Electrónica e Industrial. Carrera de Ingeniería en Sistemas Computacionales e Informáticos, 2021-08) Guerrón Chiluisa, Bryan Andrés; Guevara Aulestia, David OmarAt present due to the pandemic caused by the COVID-19 many companies are in the need to incorporate new ways of working to ensure business continuity and thus not be in the need to dismiss staff or reach the point of closing its doors, as is the case of some companies in Ecuador and in the world. Thanks to the advance of technologies, new ways of guaranteeing the continuity of the activities of the employees in the companies arise, one of them is the telework that allows the realization of the activities of the employees from the comfort of their homes or from any place. A problem when implementing telework, which arose during the pandemic, was the mismanagement and hasty implementation of telework without taking into account certain aspects such as: the technological infrastructure of the companies, work equipment without adequate configurations and without security patches, among others; that when not taken into account can mean a very serious problem for companies. Taking into account the problems generated at the level of computer security around the world and in Ecuador, by the bad implementation of telework is presented the following project focused on computer security in telework and the policies that should exist in the work in order to ensure optimal security and the correct implementation of telework in companies. In the development of the project different evaluations were made to observe the current state in which the company Bioalimentar is by using tools such as InsightVM, Zenmap, OWASP ZAP, among others, in the same way social engineering attacks were made to observe how the staff acts before an attack, and several techniques of Ethical Hacking were applied to validate the developed policies and thus verify the important need for policies that help for a correct implementation of teleworking in companies.