Concientización en técnicas de anti phishing al personal administrativo de Universidad Nacional de Loja, mediante el uso de la herramienta GoPhish.
Over the years, the Internet has evolved, becoming the largest network in the world, where the largest amount of information can be found. Simultaneously, cyber-attacks on computer systems are also evolving, using countless techniques, including social engineering, which is based on identity theft a...
Saved in:
| 主要作者: | |
|---|---|
| 格式: | masterThesis |
| 语言: | spa |
| 出版: |
2023
|
| 主题: | |
| 在线阅读: | https://dspace.unl.edu.ec/jspui/handle/123456789/26984 |
| 标签: |
添加标签
没有标签, 成为第一个标记此记录!
|
添加标签 | _version_ | 1840710507472879616 |
|---|---|
| author | Calderón Ordoñez, Cristian Leonardo |
| author_facet | Calderón Ordoñez, Cristian Leonardo |
| author_role | author |
| collection | Repositorio Universidad Nacional de Loja |
| dc.contributor.none.fl_str_mv | Tucker Yépez, John Jossimar |
| dc.creator.none.fl_str_mv | Calderón Ordoñez, Cristian Leonardo |
| dc.date.none.fl_str_mv | 2023-05-08T21:51:37Z 2023-05-08T21:51:37Z 2023-05-08 SEGURIDAD INFORMÁTICA |
| dc.format.none.fl_str_mv | 63 p. application/pdf |
| dc.identifier.none.fl_str_mv | https://dspace.unl.edu.ec/jspui/handle/123456789/26984 |
| dc.language.none.fl_str_mv | spa |
| dc.publisher.none.fl_str_mv | Universidad Nacional de Loja |
| dc.rights.none.fl_str_mv | http://creativecommons.org/licenses/by-nc-sa/3.0/ec/ info:eu-repo/semantics/openAccess |
| dc.source.none.fl_str_mv | reponame:Repositorio Universidad Nacional de Loja instname:Universidad Nacional de Loja instacron:UNL |
| dc.subject.none.fl_str_mv | PHISHING INGENIERÍA SOCIAL ATAQUE INFORMÁTICO |
| dc.title.none.fl_str_mv | Concientización en técnicas de anti phishing al personal administrativo de Universidad Nacional de Loja, mediante el uso de la herramienta GoPhish. |
| dc.type.none.fl_str_mv | info:eu-repo/semantics/publishedVersion info:eu-repo/semantics/masterThesis |
| description | Over the years, the Internet has evolved, becoming the largest network in the world, where the largest amount of information can be found. Simultaneously, cyber-attacks on computer systems are also evolving, using countless techniques, including social engineering, which is based on identity theft and deception (Phishing), which puts the information of public and private institutions at risk, threatening the confidentiality, integrity and availability of information. The objective of this research is to contribute to the improvement of information security at the Universidad Nacional de Loja, specifically regarding the prevention of social engineering attacks known as Phishing. To achieve this, it will be necessary to implement an ethical simulation campaign of a social engineering attack called Phishing, directed towards the administrative staff of the institution. This will be carried out through the institutional emails of the administrative staff, using the GoPhish tool, which allows recreating a simulation environment of social engineering attacks such as Phishing, with the aim of assessing the level of knowledge of the administrative staff regarding Phishing attacks. Results of the simulation will be collected and stored, identifying the number of people who were victims of the cyberattack simulation, which will be shared with the Technology Department (DTI) personnel. This will enable them to implement subsequent campaigns on the prevention of cyber-attacks under this modality. Finally, administrative staff at Universidad Nacional de Loja who were victims of the Phishing attack simulation will be trained, explaining the causes and consequences of being victims of this type of attack, and how to remain vigilant and prevent the theft of confidential information belonging to both the staff and the institution they work for. Keywords: Phishing, Information Security, Social Engineering, GoPhish, Simulation, Cyber-Attack. |
| eu_rights_str_mv | openAccess |
| format | masterThesis |
| id | UNL_88f9f65c07bff724f77a2fe3a10a32f5 |
| instacron_str | UNL |
| institution | UNL |
| instname_str | Universidad Nacional de Loja |
| language | spa |
| network_acronym_str | UNL |
| network_name_str | Repositorio Universidad Nacional de Loja |
| oai_identifier_str | oai:dspace.unl.edu.ec:123456789/26984 |
| publishDate | 2023 |
| publisher.none.fl_str_mv | Universidad Nacional de Loja |
| reponame_str | Repositorio Universidad Nacional de Loja |
| repository.mail.fl_str_mv | * |
| repository.name.fl_str_mv | Repositorio Universidad Nacional de Loja - Universidad Nacional de Loja |
| repository_id_str | 0 |
| rights_invalid_str_mv | http://creativecommons.org/licenses/by-nc-sa/3.0/ec/ |
| spelling | Concientización en técnicas de anti phishing al personal administrativo de Universidad Nacional de Loja, mediante el uso de la herramienta GoPhish.Calderón Ordoñez, Cristian LeonardoPHISHINGINGENIERÍA SOCIALATAQUE INFORMÁTICOOver the years, the Internet has evolved, becoming the largest network in the world, where the largest amount of information can be found. Simultaneously, cyber-attacks on computer systems are also evolving, using countless techniques, including social engineering, which is based on identity theft and deception (Phishing), which puts the information of public and private institutions at risk, threatening the confidentiality, integrity and availability of information. The objective of this research is to contribute to the improvement of information security at the Universidad Nacional de Loja, specifically regarding the prevention of social engineering attacks known as Phishing. To achieve this, it will be necessary to implement an ethical simulation campaign of a social engineering attack called Phishing, directed towards the administrative staff of the institution. This will be carried out through the institutional emails of the administrative staff, using the GoPhish tool, which allows recreating a simulation environment of social engineering attacks such as Phishing, with the aim of assessing the level of knowledge of the administrative staff regarding Phishing attacks. Results of the simulation will be collected and stored, identifying the number of people who were victims of the cyberattack simulation, which will be shared with the Technology Department (DTI) personnel. This will enable them to implement subsequent campaigns on the prevention of cyber-attacks under this modality. Finally, administrative staff at Universidad Nacional de Loja who were victims of the Phishing attack simulation will be trained, explaining the causes and consequences of being victims of this type of attack, and how to remain vigilant and prevent the theft of confidential information belonging to both the staff and the institution they work for. Keywords: Phishing, Information Security, Social Engineering, GoPhish, Simulation, Cyber-Attack.El Internet a través de los años ha evolucionado, siendo esta la red más grande del mundo donde se encuentra la mayor cantidad de información, al mismo tiempo los ciberataques a sistemas informáticos también van evolucionando, valiéndose de un sinnúmero de técnicas siendo una de ellas la ingeniería social que se basa en la suplantación de identidad y engaño (Phishing), el cual pone en riesgo la información de instituciones públicas y privadas, atentando contra la confidencialidad, integridad y disponibilidad de la información. La presente investigación tiene como objetivo contribuir al mejoramiento de la seguridad informática en la Universidad Nacional de Loja, específicamente en lo que se refiere a la prevención de ataques de ingeniería social conocido como Phishing para ello será necesario implementar una campaña de simulación de un ataque de ingeniería social denominado Phishing con fines éticos, misma que está dirigida hacia el personal administrativo de la institución, se la realizará por medio de los correos institucionales de los funcionarios administrativos, haciendo uso de la herramienta GoPhish, dicha herramienta permite recrear un ambiente de simulación de ataques de ingeniería social cómo Phishing, con el objetivo de conocer su nivel de conocimiento, en cuanto a los ataques Phishing se refiere, recopilando y almacenando los resultados de la simulación pudiendo identificar la cantidad de personas que fueron víctimas de la simulación del ataque informático, cuyo resultados se darán a conocer al personal de la Dirección de Tecnología de Información (DTI), con el objetivo de que se implementen posteriores campañas sobre la prevención de ataques informáticos bajo esta modalidad, finalmente se procederá a capacitar al personal administrativo de Universidad Nacional de Loja, que fueron víctimas de la simulación del ataque Phishing, dando a conocer las causas y consecuencias a las que se exponen al ser víctimas efectivas de esta modalidad de ataque, y de esta forma se lo mantiene prevenido y alerta al funcionario para evitar el robo de información que es confidencial tanto del funcionario, como para la institución en la que se encuentra laborando. Palabras claves: Phishing, Seguridad Informática, Ingeniería Social, GoPhish, Simulación, Ataque Informático.Universidad Nacional de LojaTucker Yépez, John JossimarSEGURIDAD INFORMÁTICA2023-05-08T21:51:37Z2023-05-08T21:51:37Z2023-05-08info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesis63 p.application/pdfhttps://dspace.unl.edu.ec/jspui/handle/123456789/26984spahttp://creativecommons.org/licenses/by-nc-sa/3.0/ec/info:eu-repo/semantics/openAccessreponame:Repositorio Universidad Nacional de Lojainstname:Universidad Nacional de Lojainstacron:UNL2025-05-02T16:26:03Zoai:dspace.unl.edu.ec:123456789/26984Institucionalhttps://dspace.unl.edu.ec/Universidad públicahttps://unl.edu.ec/https://dspace.unl.edu.ec/oaiEcuador***opendoar:02025-05-02T16:26:03falseInstitucionalhttps://dspace.unl.edu.ec/Universidad públicahttps://unl.edu.ec/https://dspace.unl.edu.ec/oai*Ecuador***opendoar:02025-05-02T16:26:03Repositorio Universidad Nacional de Loja - Universidad Nacional de Lojafalse |
| spellingShingle | Concientización en técnicas de anti phishing al personal administrativo de Universidad Nacional de Loja, mediante el uso de la herramienta GoPhish. Calderón Ordoñez, Cristian Leonardo PHISHING INGENIERÍA SOCIAL ATAQUE INFORMÁTICO |
| status_str | publishedVersion |
| title | Concientización en técnicas de anti phishing al personal administrativo de Universidad Nacional de Loja, mediante el uso de la herramienta GoPhish. |
| title_full | Concientización en técnicas de anti phishing al personal administrativo de Universidad Nacional de Loja, mediante el uso de la herramienta GoPhish. |
| title_fullStr | Concientización en técnicas de anti phishing al personal administrativo de Universidad Nacional de Loja, mediante el uso de la herramienta GoPhish. |
| title_full_unstemmed | Concientización en técnicas de anti phishing al personal administrativo de Universidad Nacional de Loja, mediante el uso de la herramienta GoPhish. |
| title_short | Concientización en técnicas de anti phishing al personal administrativo de Universidad Nacional de Loja, mediante el uso de la herramienta GoPhish. |
| title_sort | Concientización en técnicas de anti phishing al personal administrativo de Universidad Nacional de Loja, mediante el uso de la herramienta GoPhish. |
| topic | PHISHING INGENIERÍA SOCIAL ATAQUE INFORMÁTICO |
| url | https://dspace.unl.edu.ec/jspui/handle/123456789/26984 |