Biblio
Filters: Author is Flores, Pamela [Clear All Filters]
.
2018. FraudFind: Financial fraud detection by analyzing human behavior. 2018 IEEE 8th Annual Computing and Communication Workshop and Conference (CCWC). :281–286.
Financial fraud is commonly represented by the use of illegal practices where they can intervene from senior managers until payroll employees, becoming a crime punishable by law. There are many techniques developed to analyze, detect and prevent this behavior, being the most important the fraud triangle theory associated with the classic financial audit model. In order to perform this research, a survey of the related works in the existing literature was carried out, with the purpose of establishing our own framework. In this context, this paper presents FraudFind, a conceptual framework that allows to identify and outline a group of people inside an banking organization who commit fraud, supported by the fraud triangle theory. FraudFind works in the approach of continuous audit that will be in charge of collecting information of agents installed in user's equipment. It is based on semantic techniques applied through the collection of phrases typed by the users under study for later being transferred to a repository for later analysis. This proposal encourages to contribute with the field of cybersecurity, in the reduction of cases of financial fraud.
.
2019. XSStudent: Proposal to Avoid Cross-Site Scripting (XSS) Attacks in Universities. 2019 3rd Cyber Security in Networking Conference (CSNet). :142–149.
QR codes are the means to offer more direct and instant access to information. However, QR codes have shown their deficiency, being a very powerful attack vector, for example, to execute phishing attacks. In this study, we have proposed a solution that allows controlling access to the information offered by QR codes. Through a scanner designed in APP Inventor which has been called XSStudent, a system has been built that analyzes the URLs obtained and compares them with a previously trained system. This study was executed by means of a controlled attack to the users of the university who through a flyer with a QR code and a fictional link accessed an infected page with JavaScript code that allowed a successful cross-site scripting attack. The results indicate that 100% of the users are vulnerable to this type of attacks, so also, with our proposal, an attack executed in the universities using the Beef software would be totally blocked.