Cybersecurity in learning management system (LMS)

Authors

  • Monica Paulina Echeverria Broncano Pontificia Universidad Católica del Ecuador Sede Ambato Author
    • Diego Fernando Ávila Pesantez Pontificia Universidad Católica del Ecuador Sede Ambato

      DOI:

      https://doi.org/10.46480/esj.5.1.98

      Keywords:

      Cybersecurity, Learning Management Systems, Moodle, Blackboard.

      Abstract

      Learning Management Systems (LMS) are software applications with multiple tools to channel the teaching-learning process online. Due to the massive LMS growth derived from the pandemic situation, it is necessary to analyze the different vulnerabilities and attacks that these systems are exposed to. Therefore, this study presents a systematic review of the literature using the protocol defined by Kitchenham (2007), based on three phases: planning, performance, and analysis results. Thirty-one potential studies were identified, within the 2014-2020 period, using various digital libraries. The results indicate that in the face of vulnerabilities, educational institutions must create procedures to prevent and mitigate failures that occur in the LMS

      Downloads

      Download data is not yet available.

      References

      Al-azaiza, R. (2016). Detection and Prevention of XSS Vulner-abili ties in MOODLE. https://iugspace.iugaza.edu.ps/handle/20.500.12358/20201

      Arakelyan, V. A. (2013). Vulnerable Security Problems in Learn-ing Management System (LMS) Moodle. 6.

      Bandara, I., Ioras, F., & Maher, K. (2014). CYBER SECURITY CONCERNS IN E-LEARNING EDUCATION. 7.

      Barhoom, T. S., & Azaiza, R. J. (2016). Enhance MOODLE Securi-ty Against XSS Vulnerabilities. International Journal of Computing and Digital Systems, 05(05). http://dx.doi.org/10.12785/IJCDS/050507

      Barhoom, T, & Hamada, M. (2014). PalXSS: Client Side Secure Tool to Detect XSS Attacks. Saba Journal Of Infor-mation Technology And Networking (SJITN)-ISSN: 2312-4989, 2(2), Article 2. http://www.ojs.sabauni.net/index.php/SJITN/article/view/14

      Blackboard Inc. (2018). Declaración de seguridad de los productos Blackboard | Ayuda de Blackboard. https://help.blackboard.com/es-es/Product_Security

      Carlini, A. (2016). Ciberseguridad: Un nuevo desafío para la comunidad internacional. bie3: Boletín IEEE, 2 (Abril-junio), 950–966. https://dialnet.unirioja.es/servlet/articulo?codigo=5998287

      Clarenc. (2013). Instrumento de evaluación de LMS, materia-les educativos digitales y recursos de la WEB 3.0 | Tecnologia Educacional | Software. Scribd. https://es.scribd.com/doc/175057118/Instrumento-de-evaluacion-de-LMS-materiales-educativos-digitales-y-recursos-de-la-WEB-3-0

      Cloudflare. (2020). What Is a Distributed Denial-of-Service (DDoS) Attack? Cloudflare. https://www.cloudflare.com/es-la/learning/ddos/what-is-a-ddos-attack/

      Costinela Luminiţa, C. (Defta), & Nicoleta Magdalena, C. (Iacob). (2012). E-learning Security Vulnerabilities. Procedia - Social and Behavioral Sciences, 46, 2297–2301. https://doi.org/10.1016/j.sbspro.2012.05.474

      Costinela-Luminiţa, C. (Defta), & Nicoleta-Magdalena, C. (Iacob). (2012). E-learning Security Vulnerabilities. Procedia - Social and Behavioral Sciences, 46, 2297–2301. https://doi.org/10.1016/j.sbspro.2012.05.474

      Domínguez, A. R. D., Sepúlveda, J. C. S., & Nuñez, Y. N. (2018). CMS y LMS vulnerables a ataques de sus adminis-tradores de bases de datos. Revista Arquitectura e Ingeniería, 12(2), 2. https://dialnet.unirioja.es/servlet/articulo?codigo=6548141

      Escobar, H. A. Q. M., Pérez, D. A. D., & Rul, M. N. P. (2016). La seguridad informática en las plataformas educa-tivas que se utilizan en el nivel superior: Una tarea pendiente. Revista Multidisciplinaria de Avances de Investigación, 2(3), 1–18. http://www.remai.ipn.mx/index.php/REMAI/article/view/21

      Hernandez, J., & Chavez, M. (2008). Moodle security vulnera-bilities. 2008 5th International Conference on Electri-cal Engineering, Computing Science and Automat-ic Control, 352–357. https://doi.org/10.1109/ICEEE.2008.4723399

      Ibrahim, H., Karabatak, S., & Abdullahi, A. A. (2020). A Study on Cybersecurity Challenges in E-learning and Da-tabase Management System. 8th International Symposium on Digital Forensics and Security, ISDFS 2020. Scopus. https://doi.org/10.1109/ISDFS49300.2020.9116415

      Keng, S., Chee, O., Mahinderjit Singh, M. (Mandy), & Hassan, R. (2014). SQL Injections Attack and Session Hijack-ing on E-Learning Systems. En I4CT 2014—1st Interna-tional Conference on Computer, Communications, and Control Technology, Proceedings. https://doi.org/10.1109/I4CT.2014.6914201

      Kitchenham, B., & Charters, S. (2007). Guidelines for performing Systematic Literature Reviews in Software Engineering.

      Kumar, S., & Dutta, K. (2011). Investigation on security in lms moodle. International Journal of Information Tech-nology and Knowledge Management, Vol4(Issue 1), PP:233-238.

      Leon, M. T., Larenas, F. P., & Fajardo, M. C. (2015). Compara-ción de los LMS Moodle y CourseSites de Black-board usando el modelo de aceptación tecnoló-gica TAM / Comparison of LMS Moodle and Black-board CourseSites using the technology acceptan-ce model TAM. CIENCIA UNEMI, 8(16), 78–85. http://ojs.unemi.edu.ec/index.php/cienciaunemi/article/view/221

      Lim, C. C., & Jin, J. S. (2006). A Study on Applying Software Security to Information Systems: E-Learning Portals. 6.

      López, A. B., Aldana, A. C. A., & Cuervo, M. C. (2014). Vulne-rabilidad de Ambientes Virtuales de Aprendizaje utilizando SQLMap, RIPS, W3AF y Nessus [Vulnerabili-ty in Virtual Learning Environments using SQLMap, RIPS, W3AF and Nessus]. Ventana Informatica, 30, Article 30. https://doi.org/10.30554/ventanainform.30.276.2014

      Luo, T., Murray, A., & Crompton, H. (2017). Designing Authentic Learning Activities to Train Pre-Service Teachers About Teaching Online. International Review of Re-search in Open and Distance Learning, 18(7). https://doi.org/10.19173/irrodl.v18i7.3037

      Mohd Alwi, N. H., & Fan, I.-S. (2010). E-Learning and Infor-mation Security Management. International Jour-nal for Digital Society, 1(2), 148–156. https://doi.org/10.20533/ijds.2040.2570.2010.0019

      Molina, V., Furfaro, A., Malena, G., & Parise, A. (2015). Ataques Distribuidos de Denegación de Servicios: Modela-ción y simulación con eventos discretos. https://doi.org/10.13140/RG.2.1.5123.5687

      Moodle. (2020). Estadísticas de Moodle. https://stats.moodle.org/

      Orehovački, T. (2008). Determination of optimal security set-tings for LMS Moodle. Proceedings of the 31st MIPRO International Convention on Information Systems Security. Recuperado el 24 de noviembre de 2020, de https://www.academia.edu/600843/Determination_of_optimal_security_settings_for_LMS_Moodle

      Políticas de usuario—MoodleDocs. (s/f). Recuperado el 3 de diciembre de 2020, de https://docs.moodle.org/310/en/User_policies

      Raza, S., Qazi, W., Khan, K., & Salam, J. (2020). Aislamiento social y aceptación del sistema de gestión del aprendizaje (LMS) en tiempos de la pandemia COVID-19: Una expansión del modelo UTAUT. Jour-nal of Educational Computing Research, 0735633120960421. https://doi.org/10.1177/0735633120960421

      Referrer-Policy. (s/f). MDN Web Docs. Recuperado el 3 de diciembre de 2020, de https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy

      Sánchez, J., & Parra, P. (2018). ANÁLISIS DE VULNERABILIDADES DE CREDENCIALES DÉBILES O POR DEFECTO EN APLICACIONES WEB LMS (HERRAMIENTAS DE GES-TIÓN DE APRENDIZAJE). https://repositorio.pucesa.edu.ec/handle/123456789/2712

      Santiso, H., Koller, J, & Bisaro, M. (2016). Seguridad en Entornos de Educación Virtual. Memoria Investigaciones en Ingeniería, 14, 67–88. http://revistas.um.edu.uy/index.php/ingenieria/article/view/337

      Savulescu, C., Polkowski, Z., Cosmin, D. I., & Elena, B. C. (2015). Security in e-learning systems. 2015 7th International Conference on Electronics, Computers and Artificial Intelligence (ECAI), WE-19-WE-24. https://doi.org/10.1109/ECAI.2015.7301225

      Violettas, G, Theodorou, T, & Stephanides, G. (2013). E-Learning Software Security: Tested for Security Vul-nerabilities & Issues. 2013 Fourth Interna-tional Conference on e-Learning "Best Prac-tices in Management, Design and Development of e-Courses: Standards of Excellence and Creativi-ty" https://www.academia.edu/8066233/E_Learning_Soft-ware_Security_Tested_for_Security_Vulnerabilities_and_Issues

      Downloads

      Published

      2021-03-31

      Issue

      Vol. 5 No. 1 (2021): March

      Section

      Review Paper

      License

      Authors retain the copyright of their articles and are therefore free to share, copy, distribute, perform, and publicly communicate their work on their personal websites or in institutional repositories after its publication in this journal, provided that full bibliographic information is given to acknowledge its original publication.

      How to Cite

      [1]
      M. P. Echeverria Broncano, “Cybersecurity in learning management system (LMS)”, Ecuad. Sci. J, vol. 5, no. 1, pp. 46–54, Mar. 2021, doi: 10.46480/esj.5.1.98.
      Crossref
      Scopus
      Google Scholar
      Europe PMC

      Similar Articles

      21-30 of 137

      You may also start an advanced similarity search for this article.