Journal of
Systemics, Cybernetics and Informatics
HOME   |   CURRENT ISSUE   |   PAST ISSUES   |   RELATED PUBLICATIONS   |   SEARCH     CONTACT US
 



ISSN: 1690-4524 (Online)


Peer Reviewed Journal via three different mandatory reviewing processes, since 2006, and, from September 2020, a fourth mandatory peer-editing has been added.

Indexed by
DOAJ (Directory of Open Access Journals)Benefits of supplying DOAJ with metadata:
  • DOAJ's statistics show more than 900 000 page views and 300 000 unique visitors a month to DOAJ from all over the world.
  • Many aggregators, databases, libraries, publishers and search portals collect our free metadata and include it in their products. Examples are Scopus, Serial Solutions and EBSCO.
  • DOAJ is OAI compliant and once an article is in DOAJ, it is automatically harvestable.
  • DOAJ is OpenURL compliant and once an article is in DOAJ, it is automatically linkable.
  • Over 95% of the DOAJ Publisher community said that DOAJ is important for increasing their journal's visibility.
  • DOAJ is often cited as a source of quality, open access journals in research and scholarly publishing circles.
JSCI Supplies DOAJ with Meta Data
, Academic Journals Database, and Google Scholar


Listed in
Cabell Directory of Publishing Opportunities and in Ulrich’s Periodical Directory


Published by
The International Institute of Informatics and Cybernetics


Re-Published in
Academia.edu
(A Community of about 40.000.000 Academics)


Honorary Editorial Advisory Board's Chair
William Lesso (1931-2015)

Editor-in-Chief
Nagib C. Callaos


Sponsored by
The International Institute of
Informatics and Systemics

www.iiis.org
 

Editorial Advisory Board

Quality Assurance

Editors

Journal's Reviewers
Call for Special Articles
 

Description and Aims

Submission of Articles

Areas and Subareas

Information to Contributors

Editorial Peer Review Methodology

Integrating Reviewing Processes


Transfer Learning for Facial Emotion Recognition on Small Datasets
Paolo Barile, Clara Bassano, Paolo Piciocchi
(pages: 1-5)

How to Link Educational Purposes and Immersive Video Games Development? An Ontological Approach Proposal
Nathan Aky
(pages: 6-13)

Application of Building Information Modeling (BIM) in the Planning and Construction of a Building
Renata Maria Abrantes Baracho, Luiz Gustavo da Silva Santiago, Antonio Tagore Assumpção Mendoza e Silva, Marcelo Franco Porto
(pages: 14-19)

Transformative, Transdisciplinary, Transcendent Digital Education: Synergy, Sustainability and Calamity
Rusudan Makhachashvili, Ivan Semenist
(pages: 20-27)

New Online Tools for the Data Visualization of Bivalve Molluscs' Production Areas of Veneto Region
Eleonora Franzago, Claudia Casarotto, Matteo Trolese, Marica Toson, Mirko Ruzza, Manuela Dalla Pozza, Grazia Manca, Giuseppe Arcangeli, Nicola Ferrè, Laura Bille
(pages: 28-32)

Geodata Processing Methodology on GIS Platforms When Creating Spatial Development Plans of Territorial Communities: Case of Ukraine
Olena Kopishynska, Yurii Utkin, Ihor Sliusar, Leonid Flehantov, Mykola Somych, Oksana Yakovlieva, Olena Scryl
(pages: 33-40)

D-CIDE: An Interactive Code Learning Program
Lukas Grant, Matthew F. Tennyson, Jason Owen
(pages: 41-46)

Interdisciplinary Digital Skills Development for Educational Communication: Emergency and Ai-Enhanced Digitization
Rusudan Makhachashvili, Ivan Semenist, Ganna Prihodko, Irina Kolegaeva, Olexandra Prykhodchenko, Olena Tupakhina
(pages: 47-51)

Interdisciplinarity in Smart Systems Applied to Rural School Transport in Brazil
Renata Maria Abrantes Baracho, Mozart Joaquim Magalhães Vidigal, Marcelo Franco Porto, Beatriz Couto
(pages: 52-59)

Peculiarities of the Realization of IT Projects for the Implementation of ERP Systems on the Path of Digitalization of Territorial Communities Activities
Olena Kopishynska, Yurii Utkin, Ihor Sliusar, Khanlar Makhmudov, Olena Kalashnyk, Svitlana Moroz, Olena Kyrychenko
(pages: 60-67)


 

Abstracts

 


ABSTRACT


Enterprise Systems and Threats

Risa Blair


The scenario included a medium-sized international company. The guidelines were to select and include three enterprise systems that were based on databases, one cloud-based and one that was not SQL-based. Systems were accessible via a browser and included mobile applications. Of key importance for this project was to research potential and known vulnerabilities for these three enterprise systems. The systems selected were ADP Streamline Payroll, Salesforce, and MongoDB. There are numerous threats described in this project, including excessive privileges, SQLi attacks, weak auditing, storage media exposure, unnecessary features enabled, broken configurations, and buffer overflows. Enterprise systems are a potential magnet for hackers on the black market and the Dark Web, as they provide extensive confidential data, particularly in the technology, finance, government, education, healthcare, and retail sectors. It was impressive to see how both ADP and Salesforce provided up-to-date known and potential vulnerabilities. What was the most interesting throughout the research was uncovering the Mongo Lock ransomware and the Salesforce Meatpistol malware. What is worse is that the Salesforce team provided a talk in Las Vegas in July of 2017, where they explained how Salesforce attacked its own system to see how well it would hold up against cyber attacks. The talk focused on Meat pistol, a malware too for making it easier to conduct the attacks from the standpoint of infrastructure automation, implant creating, and interaction. The intent was to make it easier for the Salesforce teams to conduct their attacks. They utilized the methodology of the well-known tool, Metasploit, which does not exploit systems or launch attacks. It just provides the framework for hackers to control systems after they have been able to access what they choose. The duo of “red team” inside hackers explained their process for access the system through the utilization of Meatpistol, against the advice of their superiors. Immediately after the presentation, they were fired.

Full Text