Roberto Omar Andrade

• Doctor of Engineering
• Professor at Universidad San Francisco de Quito

Organizations should face cybersecurity attacks that can strongly affect their operational processes, business image, and security of critical information. Establishing security mechanisms helps to reduce possible weaknesses that can be exploited by attackers; however, they will not always be sufficient, and an attack can be successful. Therefore,...

Organizations should face cybersecurity attacks that can strongly affect their operational processes, business image, and security of critical information. Establishing security mechanisms helps to reduce possible weaknesses that can be exploited by attackers; however, they will not always be sufficient, and an attack can be successful. Therefore,...

The detection of security vulnerabilities in software design patterns and antipatterns is crucial for maintaining robust and maintainable systems, particularly in dynamic Continuous Integration/Continuous Deployment (CI/CD) environments. Traditional static analysis tools, while effective for identifying isolated issues, often lack contextual awaren...

In the era of digitalization, the interaction between humans and machines, particularly in Natural Language Processing, has gained crucial importance. This study focuses on improving the effectiveness and accuracy of chatbots based on Natural Language Processing. Challenges such as the variability of human language and high user expectations are ad...

Cyberattacks capitalize on human behaviors. The prevalence of cyberattacks surged during the COVID-19 pandemic, fueled by the increased interconnectivity of individuals on online platforms and shifts in their psychological dynamics due to the pandemic’s context. The enhancement of human factors becomes imperative in formulating a robust cybersecuri...

Software development stands out as one of the most rapidly expanding markets due to its pivotal role in crafting applications across diverse sectors like healthcare, transportation, and finance. Nevertheless, the sphere of cybersecurity has also undergone substantial growth, underscoring the escalating significance of software security. Despite the...

Currently, the internet of things (IoT) is a technology entering various areas of society, such as transportation, agriculture, homes, smart buildings, power grids, etc. The internet of things has a wide variety of devices connected to the network, which can saturate the central links to cloud computing servers. IoT applications that are sensitive...

Uno de los delitos cibernéticos más reportados a nivel mundial es el phishing. En la actualidad se están desarrollando diversos sistemas anti-phishing (APS) para identificar este tipo de ataque en sistemas de comunicación en tiempo real. A pesar de los esfuerzos de las organizaciones, este ataque continúa creciendo, teniendo como causas: la detecci...

La circulación de noticias falsas en internet, especialmente las de sátira política a través de redes sociales, ha afectado a la mayoría de la población ecuatoriana. Este trabajo presenta una metodología basada en el aprendizaje estadístico que detecta de forma precisa y automática noticias falsas en español utilizando técnicas de aprendizaje autom...

The growth of the Internet of Things (IoT) has accelerated digital transformation processes in organizations and cities. However, it has also opened new security challenges due to the complexity and dynamism of these systems. The application of security risk analysis methodologies used to evaluate information technology (IT) systems have their limi...

Teaching cybersecurity to children is not a trivial task due to the complexity of explaining online-threat-related topics such as sexting or cyberbullying. Moreover, most of the courses designed to raise awareness in these controversial subjects has been mainly produced in English. However, during the Covid-19 pandemic, getting access to Spanish-ba...

The increasing rate at which IoT technologies are being developed has enabled smarter and innovative solutions in the sectors of health, energy, transportation, etc. Unfortunately, some inherent characteristics of these technologies are compromised to attack. Naturally, risk analysis emerges, as it is one of many steps to provide a reliable securit...

Cognitive security is the interception between cognitive science and artificial intelligence techniques used to protect institutions against cyberattacks. However, this field has not been addressed deeply in research. This study aims to define a Cognitive Cybersecurity Model by exploring fundamental concepts for applying cognitive sciences in cyber...

A risk assessment model for a smart home Internet of Things (IoT) network is implemented using a Bayesian network. The directed acyclic graph of the Bayesian network is constructed from an attack graph that details the paths through which different attacks can occur in the IoT network. The parameters of the Bayesian network are estimated with the m...

IoT systems contribute to digital transformation through the development of smart concepts. However, the IoT has also generated new security challenges that require security tools to be adapted, such as risk analysis methodologies. With this in mind, the purpose of our study is based on the following question: Which factors of IoT devices should be...

Cities have adopted the smart city model based on decision-making to maintain their sustainability and resilience. The decision-making process on a smart city is based on data generated in real-time for the city’s senzorization layer of physical components. For this goal, the digital abstraction of the physical aspects of city using digital twin to...

The decision-making process in the city needs to consider cyber risks. For this reason, evaluating the impact of technological solutions and the stakeholder preferences allows selecting the best cybersecurity strategies. A critical factor in developing risk management is the time; as traditional computer systems have more static characteristics tha...

Several risk assessment methodologies are available and established for information systems, but the IoT is now developing. Nurse et al. [1] mention that current risk assessment methods fail in IoT ecosystems due to the following aspects. First, traditional risk methodologies are generally not focused on being carried out in short periods. However,...

Cities improve their decision-making capabilities by using emergent technologies such as IoT, big data, and cloud computing. However, the hyper-connectivity product for using these technologies builds new challenges for city officers because it increases the attack surface. Therefore, city officers need to define the best cybersecurity strategies f...

The inclusion of technological solutions in modern cities opens the possibility to new attacks that can significantly affect the continuity of cities’ services operations. From a security perspective, there is a need to reduce the impact of these attacks through technical and non-technical controls. Since improving cybersecurity has an associated c...

The objective of this work is to carry out a systematic analysis of decision support system (DSS) methodologies that could be applied to IoT systems. Decision support systems (DSS) are systems that gather information from various sources, facilitate its organization and analysis in a way that is useful for a particular decision, and provide a good...

The main function of a security analyst is to protect and make the best decisions for preserving the integrity of computer systems within an organization. Typically, to provide a quick response, analysts usually depend on their good judgement, which should lead them to execute manual processes in a limited time. By dealing with too much information...

The inclusion of Internet of Things (IoT) for building smart cities, smart health, smart grids, and other smart concepts has driven data-driven decision making by managers and automation in each domain. However, the hyper-connectivity generated by IoT networks coupled with limited default security in IoT devices increases security risks that can je...

The management and consumption of resources in cities in sustainable way have been considered a relevant issue worldwide. For that reason, the New Urban Agenda defines a set of sustainable development objectives-SDG for the year 2030. On the other hand, consumerism behaviors by people have had a considerable increase since of the Second World War p...

During the COVID-19 pandemic, fake news has increased considerably. Although fake news is a social problem that has existed for a long time, in the COVID-19 context, it has put people’s lives at risk. Nowadays, a massive amount of information is available, and organizations attempt to send official statements to citizens. However, some factors can...

Emerging technologies make it possible to enhance the sustainability and resilience capacity of smart cities. However, increasingly the same technologies are susceptible to cybersecurity threats. This chapter's objective is to examine the connection between cybersecurity and the sustainability and resilience capabilities of smart cities. To this en...

The increase of security threats and attacks in Ecuador, motivates the implementation of security incident response teams (CSIRT) in the different Ecuadorian organizations in different domains: academic, military, financial, public sector and critical infrastructures. NIST has developed a set of steps that are necessary to establish the CSIRT. The...

This book covers the topics on cyber security in IoT systems used in different verticals such as agriculture, health, homes, transportation within the context of smart cities. The authors provide an analysis of the importance of developing smart cities by incorporating technologies such as IoT to achieve the sustainable development goals (SDGs) wit...

Smart cities exploit emerging technologies such as Big Data, the Internet of Things (IoT), Cloud Computing, and Artificial Intelligence (AI) to enhance public services management. The use of IoT allows detecting and reporting specific parameters related to different domains of the city, such as health, waste management, agriculture, transportation,...

https://lajc.epn.edu.ec/Volumenes/LAJC_vol7no2.pdf

Resumen Según Naciones Unidas-ONU-, en el año 2050, casi el 70% de la población vivirá en áreas urbanas, debido a su desplazamiento gradual hacia estos lugares. Estos procesos migratorios fuerzan el cambio del modelo de gestión de las ciudades con el fin de mantener su sostenibili-dad y mejorar la eficiencia de sus servicios. Este nuevo modelo de g...

The technological and social changes in the current information age pose new challenges for security analysts. To overcome these challenges, new strategies and security solutions are sought to improve security operations concerning the detection and analysis of threats and attacks of security. Security analysts address security challenges by analyz...

The aim of the current study has been the design and development of a model for detecting Phishing attacks using supervised Machine Learning techniques. Thus, we conducted a literature review to identify the features of infected emails by phishing. As a result, a combination of the Naive Bayes and Decision tree algorithms has been constructed using...

The New Urban Agenda (Agenda 2030) adopted at the United Nations Conference related to Sustainable Urban Development (Habitat III) in the year 2016 has the goal of prompting cities to achieve the identified Sustainable Development Goals by the year 2030. In this context, cities can experiment strategies of circular economy for the optimization of r...

The development and high growth of the Internet of Things (IoT) have improved quality of life and strengthened different areas in society. Many cities worldwide are looking forward to becoming smart. One of the most popular use cases in smart cities is the implementation of smart parking solutions, as they allow people to optimize time, reduce fuel...

Nowadays, IoT, cloud computing, mobile and social networks are generating a transformation in social processes. Nevertheless, this technological change rise to new threats and security attacks that produce new and complex cybersecurity scenarios with large volumes of data and different attack vectors that can exceeded the cognitive skills of securi...

Population growth worldwide is considered a health issue in this moment and it will have greater impact in the following years due to the limited number of specialists in the medical field. Health organizations present a special concern in older adults over 65 years because most of them live alone and their growth rate is the highest one in the wor...

In the field of information security, there are several areas of study that are under development. Social engineering is one of them that addresses the multidisciplinary challenges of cyber security. Nowadays, the attacks associated with social engineering are diverse, including the so-called Advanced Persistent Threats (APTs). These have been the...

Nowadays, most universities offer free Internet connections, access to scientific databases, and advanced computer networks for the members of their community, which generates dynamic and complex scenarios. In this context, it is necessary to define proactive security strategies, as well as the integration of technology and research. This work pres...

Nowadays, IoT, cloud computing, mobile and social networks are generating a transformation in social processes. Nevertheless, this technological change rise to new threats and security attacks that produce new and complex cybersecurity scenarios with large volumes of data and different attack vectors that can exceeded the cognitive skills of securi...

The aging process includes the degradation of physical and neurological functions in the people. Although the process of degradation of functions is normal, in some people due to certain risk factors the impact can be high. The appearance of chronic diseases in older adults, one of which is Alzheimer's with about 46.8 million affected worldwide, ca...

This work presents the literature review about the process of handling security incidents to identify standards or guidelines published by international organizations. Based on this research we identified the phases of the incident management processes with the goal of analyze automation proposals for improve efficiency and response times. Finally,...

El presente trabajo tiene como objetivo implementar en el Observatorio Astronómico de Quito un sistema integrado de comunicación, que permita la transmisión de voz, datos y video sobre una misma infraestructura de red, con la finalidad de satisfacer las necesidades de comunicación entre las distintas secciones del Observatorio sin incurrir en los g...