IJISC
  • Indexed in

  • Latest News

    July 1, 2024
    Volume 13, Issue 1 of the International Journal of Information Security and Cybercrime was published
    December 27, 2023
    Volume 12, Issue 2 of the International Journal of Information Security and Cybercrime was published
    June 28, 2023
    Volume 12, Issue 1 of the International Journal of Information Security and Cybercrime was published
  • --- More News ---
  • Popular Articles

  • Cyber Attacks Against E-Learning Platforms. A Case Study Using Attack Trees


    Author(s): PETRICĂ, Gabriel; MIHAI, Ioan-Cosmin

    Quick view | Full article | Citations | Views: 306


    Author(s) keywords: , , ,


    Reference keywords: ,


    Abstract:

    The global context of the first part of 2020 has led to a change in the way humanity has carried out its professional and educational activity. E-learning platforms have become an interesting target for cyber attackers. This paper presents the evolution of Moodle vulnerabilities and a possible AT (Attack Tree) built around this e-learning platform. The AT highlights software vulnerabilities and physical events that can compromise the security / availability of a Moodle platform.



    References:

    [1]. Marsh, The Global Risks Report 2020, https://www.marsh.com/content/dam/marsh/Documents/PDF/UK-en/wef-global-risks-report-2020.pdf.
    [2]. World Economic Forum, The Global Risks Report 2020, Available: https://www.mmc.com/insights/publications/2020/Jan/the-global-risks-report-2020.html.
    [3]. O. Santos, End-to-End Network Security: Defense-in-Depth 1st Edition, Cisco Press, 2007, ISBN 978-1587053320.
    [4]. Defense in Depth, Network Access, 2015, Available: https://www.networkaccess.com/defense-in-depth/.
    [5]. G. Petrică, I.C. Mihai, An analysis on security of e-learning platforms in Romanian higher education, Proceedings of the 14th International Scientific Conference "eLearning and Software for Education" Bucharest, April 19-20, 2018, Vol. 4, pp. 60-65, ISSN 2360-2198, WOS: 000468620000009.
    [6]. M. Dougiamas, Improving the effectiveness of tools for Internet based education, Teaching and Learning Forum 2000, Available: https://litec.curtin.edu.au/events/conferences/tlf/tlf2000/dougiamas.html.
    [7]. Releases - MoodleDocs, Available: https://docs.moodle.org/dev/Releases.
    [8]. C.T. Duque, Moodle Reaches 200 Million Users - Moodle 3.9, 4.0 Readying For The Next 200, 2020, Available: https://www.lmspulse.com/2020/moodle-reaches-200-million-users-moodle-3-9-4-0-readying-for-the-next-200/.
    [9]. G. Petrică, S.D. Axinte, A comparative study on security of e-learning platforms in the Romanian academic field, Considerations on challenges and future directions in cybersecurity, Sitech, 2019, pp. 19-26, ISBN 978-606-11-7004-3.
    [10]. NVD - Statistics, Available: https://nvd.nist.gov/vuln/search/statistics?form_type=Basic&results_type=statistics&query=moodle&search_type=all.
    [11]. CVE security vulnerabilities, versions and detailed reports, Available: https://www.cvedetails.com/product/3590/?q=Moodle.
    [12]. S. Mauw, M. Oostdijk, Foundations of Attack Trees, ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology, Seoul, Korea, December 01 - 02, 2005, pp. 186-198, doi: 10.1007/11734727_17.
    [13]. P. Kordy, P. Schweitzer, The ADTool Manual, 2015, https://satoss.uni.lu/members/piotr/adtool/manual.pdf.



    Additional Information

    Article Title: Cyber Attacks Against E-Learning Platforms. A Case Study Using Attack Trees
    Author(s): PETRICĂ, Gabriel; MIHAI, Ioan-Cosmin
    Date of Publication: 2020-06-22
    Publication: International Journal of Information Security and Cybercrime
    ISSN: 2285-9225 e-ISSN: 2286-0096
    Digital Object Identifier: 10.19107/IJISC.2020.01.05
    Issue: Volume 9, Issue 1, Year 2020
    Section: Cyber-Attacks Evolution and Cybercrime Trends
    Page Range: 37-42 (6 pages)



    Copyright ©2012-2024
    The International Journal of Information Security and Cybercrime (IJISC)

    All rights reserved
    The International Journal of Information Security and Cybercrime is a trademark of the Romanian Association for Information Security Assurance (RAISA).
    No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from RAISA. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Romanian Association for Information Security Assurance, if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.