Cybersecurity in learning management system (LMS)

  • Monica Paulina Echeverria Broncano Pontificia Universidad Católica del Ecuador Sede Ambato
  • Diego Fernando Ávila Pesantez Pontificia Universidad Católica del Ecuador Sede Ambato
Keywords: Cybersecurity, Learning Management Systems, Moodle, Blackboard.

Abstract

Learning Management Systems (LMS) are software applications with multiple tools to channel the teaching-learning process online. Due to the massive LMS growth derived from the pandemic situation, it is necessary to analyze the different vulnerabilities and attacks that these systems are exposed to. Therefore, this study presents a systematic review of the literature using the protocol defined by Kitchenham (2007), based on three phases: planning, performance, and analysis results. Thirty-one potential studies were identified, within the 2014-2020 period, using various digital libraries. The results indicate that in the face of vulnerabilities, educational institutions must create procedures to prevent and mitigate failures that occur in the LMS

Downloads

Download data is not yet available.

Metrics

Metrics Loading ...

References

Al-azaiza, R. (2016). Detection and Prevention of XSS Vulner-abili ties in MOODLE. https://iugspace.iugaza.edu.ps/handle/20.500.12358/20201

Arakelyan, V. A. (2013). Vulnerable Security Problems in Learn-ing Management System (LMS) Moodle. 6.

Bandara, I., Ioras, F., & Maher, K. (2014). CYBER SECURITY CONCERNS IN E-LEARNING EDUCATION. 7.

Barhoom, T. S., & Azaiza, R. J. (2016). Enhance MOODLE Securi-ty Against XSS Vulnerabilities. International Journal of Computing and Digital Systems, 05(05). http://dx.doi.org/10.12785/IJCDS/050507

Barhoom, T, & Hamada, M. (2014). PalXSS: Client Side Secure Tool to Detect XSS Attacks. Saba Journal Of Infor-mation Technology And Networking (SJITN)-ISSN: 2312-4989, 2(2), Article 2. http://www.ojs.sabauni.net/index.php/SJITN/article/view/14

Blackboard Inc. (2018). Declaración de seguridad de los productos Blackboard | Ayuda de Blackboard. https://help.blackboard.com/es-es/Product_Security

Carlini, A. (2016). Ciberseguridad: Un nuevo desafío para la comunidad internacional. bie3: Boletín IEEE, 2 (Abril-junio), 950–966. https://dialnet.unirioja.es/servlet/articulo?codigo=5998287

Clarenc. (2013). Instrumento de evaluación de LMS, materia-les educativos digitales y recursos de la WEB 3.0 | Tecnologia Educacional | Software. Scribd. https://es.scribd.com/doc/175057118/Instrumento-de-evaluacion-de-LMS-materiales-educativos-digitales-y-recursos-de-la-WEB-3-0

Cloudflare. (2020). What Is a Distributed Denial-of-Service (DDoS) Attack? Cloudflare. https://www.cloudflare.com/es-la/learning/ddos/what-is-a-ddos-attack/

Costinela Luminiţa, C. (Defta), & Nicoleta Magdalena, C. (Iacob). (2012). E-learning Security Vulnerabilities. Procedia - Social and Behavioral Sciences, 46, 2297–2301. https://doi.org/10.1016/j.sbspro.2012.05.474

Costinela-Luminiţa, C. (Defta), & Nicoleta-Magdalena, C. (Iacob). (2012). E-learning Security Vulnerabilities. Procedia - Social and Behavioral Sciences, 46, 2297–2301. https://doi.org/10.1016/j.sbspro.2012.05.474

Domínguez, A. R. D., Sepúlveda, J. C. S., & Nuñez, Y. N. (2018). CMS y LMS vulnerables a ataques de sus adminis-tradores de bases de datos. Revista Arquitectura e Ingeniería, 12(2), 2. https://dialnet.unirioja.es/servlet/articulo?codigo=6548141

Escobar, H. A. Q. M., Pérez, D. A. D., & Rul, M. N. P. (2016). La seguridad informática en las plataformas educa-tivas que se utilizan en el nivel superior: Una tarea pendiente. Revista Multidisciplinaria de Avances de Investigación, 2(3), 1–18. http://www.remai.ipn.mx/index.php/REMAI/article/view/21

Hernandez, J., & Chavez, M. (2008). Moodle security vulnera-bilities. 2008 5th International Conference on Electri-cal Engineering, Computing Science and Automat-ic Control, 352–357. https://doi.org/10.1109/ICEEE.2008.4723399

Ibrahim, H., Karabatak, S., & Abdullahi, A. A. (2020). A Study on Cybersecurity Challenges in E-learning and Da-tabase Management System. 8th International Symposium on Digital Forensics and Security, ISDFS 2020. Scopus. https://doi.org/10.1109/ISDFS49300.2020.9116415

Keng, S., Chee, O., Mahinderjit Singh, M. (Mandy), & Hassan, R. (2014). SQL Injections Attack and Session Hijack-ing on E-Learning Systems. En I4CT 2014—1st Interna-tional Conference on Computer, Communications, and Control Technology, Proceedings. https://doi.org/10.1109/I4CT.2014.6914201

Kitchenham, B., & Charters, S. (2007). Guidelines for performing Systematic Literature Reviews in Software Engineering.

Kumar, S., & Dutta, K. (2011). Investigation on security in lms moodle. International Journal of Information Tech-nology and Knowledge Management, Vol4(Issue 1), PP:233-238.

Leon, M. T., Larenas, F. P., & Fajardo, M. C. (2015). Compara-ción de los LMS Moodle y CourseSites de Black-board usando el modelo de aceptación tecnoló-gica TAM / Comparison of LMS Moodle and Black-board CourseSites using the technology acceptan-ce model TAM. CIENCIA UNEMI, 8(16), 78–85. http://ojs.unemi.edu.ec/index.php/cienciaunemi/article/view/221

Lim, C. C., & Jin, J. S. (2006). A Study on Applying Software Security to Information Systems: E-Learning Portals. 6.

López, A. B., Aldana, A. C. A., & Cuervo, M. C. (2014). Vulne-rabilidad de Ambientes Virtuales de Aprendizaje utilizando SQLMap, RIPS, W3AF y Nessus [Vulnerabili-ty in Virtual Learning Environments using SQLMap, RIPS, W3AF and Nessus]. Ventana Informatica, 30, Article 30. https://doi.org/10.30554/ventanainform.30.276.2014

Luo, T., Murray, A., & Crompton, H. (2017). Designing Authentic Learning Activities to Train Pre-Service Teachers About Teaching Online. International Review of Re-search in Open and Distance Learning, 18(7). https://doi.org/10.19173/irrodl.v18i7.3037

Mohd Alwi, N. H., & Fan, I.-S. (2010). E-Learning and Infor-mation Security Management. International Jour-nal for Digital Society, 1(2), 148–156. https://doi.org/10.20533/ijds.2040.2570.2010.0019

Molina, V., Furfaro, A., Malena, G., & Parise, A. (2015). Ataques Distribuidos de Denegación de Servicios: Modela-ción y simulación con eventos discretos. https://doi.org/10.13140/RG.2.1.5123.5687

Moodle. (2020). Estadísticas de Moodle. https://stats.moodle.org/

Orehovački, T. (2008). Determination of optimal security set-tings for LMS Moodle. Proceedings of the 31st MIPRO International Convention on Information Systems Security. Recuperado el 24 de noviembre de 2020, de https://www.academia.edu/600843/Determination_of_optimal_security_settings_for_LMS_Moodle

Políticas de usuario—MoodleDocs. (s/f). Recuperado el 3 de diciembre de 2020, de https://docs.moodle.org/310/en/User_policies

Raza, S., Qazi, W., Khan, K., & Salam, J. (2020). Aislamiento social y aceptación del sistema de gestión del aprendizaje (LMS) en tiempos de la pandemia COVID-19: Una expansión del modelo UTAUT. Jour-nal of Educational Computing Research, 0735633120960421. https://doi.org/10.1177/0735633120960421

Referrer-Policy. (s/f). MDN Web Docs. Recuperado el 3 de diciembre de 2020, de https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy

Sánchez, J., & Parra, P. (2018). ANÁLISIS DE VULNERABILIDADES DE CREDENCIALES DÉBILES O POR DEFECTO EN APLICACIONES WEB LMS (HERRAMIENTAS DE GES-TIÓN DE APRENDIZAJE). https://repositorio.pucesa.edu.ec/handle/123456789/2712

Santiso, H., Koller, J, & Bisaro, M. (2016). Seguridad en Entornos de Educación Virtual. Memoria Investigaciones en Ingeniería, 14, 67–88. http://revistas.um.edu.uy/index.php/ingenieria/article/view/337

Savulescu, C., Polkowski, Z., Cosmin, D. I., & Elena, B. C. (2015). Security in e-learning systems. 2015 7th International Conference on Electronics, Computers and Artificial Intelligence (ECAI), WE-19-WE-24. https://doi.org/10.1109/ECAI.2015.7301225

Violettas, G, Theodorou, T, & Stephanides, G. (2013). E-Learning Software Security: Tested for Security Vul-nerabilities & Issues. 2013 Fourth Interna-tional Conference on e-Learning "Best Prac-tices in Management, Design and Development of e-Courses: Standards of Excellence and Creativi-ty" https://www.academia.edu/8066233/E_Learning_Soft-ware_Security_Tested_for_Security_Vulnerabilities_and_Issues

Published
2021-03-31
Stats
Abstract 296
PDF (Español (España)) 214
How to Cite
Echeverria Broncano, M. P., & Ávila Pesantez, D. F. (2021). Cybersecurity in learning management system (LMS). Ecuadorian Science Journal, 5(1), 46-54. https://doi.org/10.46480/esj.5.1.98
Section
Review Paper
Share |
Citation