Vol. 21 No. 3/2017
Issue Topic: Cybersecurity
Using
Ontologies in Cybersecurity Field
Tiberiu Marian GEORGESCU, Ion SMEUREANU 5
This paper is an exploratory research which aims to improve the
cybersecurity field by means of semantic web technologies. The authors present
a framework which uses Semantic Web technologies to automatically extract and
analyse text in natural language available online. The system provides results
that are further analysed by cybersecurity experts to detect black hat hackers’
activities. The authors examine several characteristics of how hacking
communities communicate and collaborate online and how much information can be
obtained by analysing different types of internet text communication channels.
Having online sources as input data, the model proposed extracts and analyses
natural language that relates with cybersecurity field, with the aid of
ontologies. The main objective is to generate information about possible black
hat hacking actions, which later can be analysed punctually by experts. This
paper describes the data flow of the framework and it proposes technological
solutions so that the model can be applied. In their future work, the authors
plan to implement the framework described as a system software application.
Keywords: Cybersecurity, Ontologies, Semantic Web
Web Applications
Vulnerability Management using a Quantitative Stochastic Risk Modeling Method
Sergiu SECHEL 16
The aim of this research is to propose a quantitative risk modeling method that
reduces the guess work and uncertainty from the vulnerability and risk
assessment activities of web based applications while providing users the
flexibility to assess risk according to their risk appetite and tolerance with
a high degree of assurance. The research method is based on the research done
by the OWASP Foundation on this subject but their risk rating methodology
needed de-bugging and updates in different in key areas that are presented in
this paper. The modified risk modeling method uses Monte Carlo simulations to
model risk characteristics that can’t be determined without guess work and it
was tested in vulnerability assessment activities on real production systems
and in theory by assigning discrete uniform assumptions to all risk
charac-teristics (risk attributes) and evaluate the results after 1.5 million
rounds of Monte Carlo simu-lations.
Keywords: Vulnerabilities, Quantitative Risk, Web
Applications, Monte Carlo, Stochastic Systems, Cybersecurity
A Revised Set
of Usability Heuristics for the Evaluation of Interactive Systems
Costin PRIBEANU 31
Usability is a critical quality attribute in the information society.
Inspection based evaluation re-lies on various forms of design knowledge that
are used to assess the usability, such as ergo-nomic criteria, heuristics, and
guidelines. Usability heuristics are widely recognized principles against which
the usability of an interactive system could be evaluated. This work presents a
revised set of usability heuristics that are based on the experience acquired
in previous studies targeting local e-government websites. The underlying goal
is to include the most important er-gonomic criteria and usability heuristics
into a clear hierarchical organization, which helps evaluators to better
explain and developers to better understand the usability problems. The new set
has only fourteen heuristics that are structured into four groups: user
guidance, user effort, user control and freedom, and user support. The main
strength of this approach is the good coverage achieved with a reduced number
of heuristics.
Keywords: Usability Evaluation, Usability Heuristics,
Ergonomic Criteria, Usability Inspection
Is DevOps another Project Management Methodology?
Logica BANICA, Magdalena RADULESCU, Doina ROSCA, Alina HAGIU 39
In this paper, the authors aim to present the concept of DevOps
(Development & Operations), considering its degree of novelty in the area of
project management. Firstly, the authors will bring theoretical arguments to
support the idea that DevOps is an early-stage methodology, built on the Agile
principles, but coming with its own contributions in project management for
software development and implementation. Therefore, we believe that after a
short time, DevOps will replace its predecessors. Secondly, we experienced this
methodology by developing a small project in academic environment by three
teams of master students, using VersionOne software. The Conclusions will
emphasize the relevance and the future expected effects of DevOps methodology
in the project management domain.
Keywords: Project Management Software, DevOps Methodology,
Academic Environment
Dynamic Selection
Screen Generation for SAP Solutions
Cornelia MUNTEAN 52
This paper presents an application for generating a dynamic selection
screen in ABAP and the need and advantages of this solution instead of the
manual modification of the coding itself for adding one or more parameters in
the whole logic of the program. Depending on data found in a customizing table,
we would like to generate a program with a selection screen, containing select
options based on the criteria specified in the customizing table. The presented
solution can be adapted to any dynamically generated ABAP program, according to
the desired selection screen elements, and may be used as a template even for
other programs. The advantages of the proposed solution are also presented
along with the disadvantages, underlining the particularities of the ABAP
programming language.
Keywords: Dynamic Programming, Selection Screen, Customizing
Table, ABAP, SAP
Learning
Analytics Mobile Application for the Bucharest University of Economic Studies’
Students
Anca IANCU, Daniel-Mihai IONESCU 65
Learning analytics refers to improving the educational process by providing
feedback and in-volving all the stakeholders. It is a very useful method with
positive effects on both students and teachers. In ASE, the idea of learning
analytics is not very well shaped, so development is needed on this side. This
article proposes a learning analytics app for better exploitation of SIMUR
database content in order to improve the educational processes in the
university.
Keywords: Learning Analytics, Educational Process Improvement,
Students, Feedback
Social
Networking as a Facilitator for Lifelong Learning in Multinational Employee’s
Career
Andreea Nicoleta VISAN, Florentina Marinela OLTEANU 73
This paper discusses how multinational employees who are leaving in
Bucharest, Romania use social networks as a tool for their everyday tasks and
work, and how they want to satisfy their personal development needs by having
access to information from these digital platforms. The case study described
was conducted in Bucharest in 2017 and followed a results analysis with
structured tables and graphs. In the study took part 24 participants who were
selected among multinational IT employees in Bucharest. Social networks
contribute to employee’s lifelong educational process: besides providing them
positive gratification, they also contribute to their personal development and
careers growth. Even though all individuals who participated in this study use
social networks, more efforts should be done in order for companies in
Bucharest to know the benefits of social networks and employee’s opinion about
their contribution to lifelong learning.
Keywords: Social Network, Lifelong Learning, Multinational
Companies, Bucharest
Publishing Guide for
Authors 82
INFOREC
Association 84
|
