Abstract
Low Power Wide Area Networks (LPWAN) are used worldwide in several Internet of Things (IoT) applications that rely on large-scale deployments. Despite most of these networks include their own security mechanisms with built-in encryption, they are still vulnerable to a range of attacks that can be performed using low-cost Software Defined Radio (SDR) hardware and low-complexity techniques. This work provides an experimental setup implemented to exploit physical layer vulnerabilities with SDR techniques. Several attack vectors typically related to LPWAN within the IoT ecosystem are implemented and tested such as Global Positioning (GPS) Spoofing, Replay Attacks, Denial-of-Service (DoS) and Jamming, in environments that rely specifically on LoRaWAN networks. The results show that, in LoRAWAN networks, a set of vulnerabilities can be exploited leading to the incorrect functioning of the executed applications, and possible damage to the systems in which they operate. It was possible to verify that, depending on the type of activation method used between the devices and the LoRaWAN server, the communications and the devices can be compromised.

Abstract
Social engineering attacks such as phishing are performed against companies and institutions and thus, cybersecurity awareness and training of technical and non-technical human resources play a fundamental role in preventing and mitigating a set of cyberattacks. This paper presents a comparative study based on simulated phishing attacks on two organizations with contrasting security practices and procedures. The first organization is a secondary school, with no IT staff, no defined information security policy, no guidance from top management on cybersecurity issues, and no training actions. The other is a company with a permanent IT staff, a defined security policy, and where its employees receive regular cybersecurity awareness training exercises. Two simulated phishing attack scenarios were deployed to compare these organisations regarding the behaviour of their employees and the readiness of their IT staff and to verify if the employees’ academic degree is a decisive criterion to protect them against this type of attack. The main results show that the rapid reporting and action of the IT staff in the organization where it existed, was an effective measure to mitigate the impact of the simulated phishing attack. In addition, the results show that about 18% of school employees leaked their data, compared to about 10% of the company. Furthermore, this study allows us to deduce that the academic level of employees does not seem to be a decisive criterion to protect them against phishing attacks. © 2022, Innovative Information Science and Technology Research Group. All rights reserved.

Abstract
An intrusion detection system (IDS) is an important tool to prevent potential threats to systems and data. Anomaly-based IDSs may deploy machine learning algorithms to classify events either as normal or anomalous and trigger the adequate response. When using supervised learning, these algorithms require classified, rich, and recent datasets. Thus, to foster the performance of these machine learning models, datasets can be generated from different sources in a collaborative approach, and trained with multiple algorithms. This paper proposes a vote-based architecture to generate classified datasets and improve the performance of supervised learning-based IDSs. On a regular basis, multiple IDSs in different locations send their logs to a central system that combines and classifies them using different machine learning models and a majority vote system. Then, it generates a new and classified dataset, which is trained to obtain the best updated model to be integrated into the IDS of the companies involved. The proposed architecture trains multiple times with several algorithms. To shorten the overall runtimes, the proposed architecture was deployed in Fed4FIRE+ with Ray to distribute the tasks by the available resources. A set of machine learning algorithms and the proposed architecture were assessed. When compared with a baseline scenario, the proposed architecture enabled to increase the accuracy by 11.5% and the precision by 11.2%.

Abstract
In the past years, the automotive industry has been integrating multiple hardware in the vehicle to enable new features and applications. In particular automotive applications, it is important to monitor the actions and behaviors of drivers and passengers to promote their safety and track abnormal situations such as social disorders or crimes. These applications rely on multiple sensors that generate real-time data to be processed, and thus, they require adequate data acquisition and analysis systems.This article proposes a prototype to enable in-vehicle data acquisition and analysis based on the middleware framework Robot Operating System (ROS). The proposed prototype features two processing devices and enables synchronized audio and video acquisition, storage, and processing. It was assessed through the implementation of a live inference system consisting of a face detection algorithm from the data gathered from the cameras and the microphone. The proposed prototype inherits the flexibility of the ROS framework and has a modular and scalable design; thus, more sensors, processing devices, and applications can be deployed.

Abstract
Currently, there are several security-related standards and recommendations concerning Domain Name System (DNS) and Hypertext Transfer Protocol (HTTP) services, that are highly valuable for governments and their services, and other public or private organizations. This is also the case of Higher Education Institutions (HEIs). However, since these institutions have administrative autonomy, they present different statuses and paces in the adoption of these web-related security services. This paper presents an overview regarding the implementation of security standards and recommendations by the Portuguese HEIs. In order to collect these results, a set of scripts were developed and executed. Data were collected concerning the security of the DNS and HTTP protocols, namely, the support of Domain Name System Security Extensions (DNSSEC), HTTP main configurations and redirection, digital certificates, key size, algorithms and Secure Socket Layer (SSL)/Transport Layer Security (TLS) versions used. The results obtained allow to conclude that there are different progresses between HEIs. In particular, only 11.7% of HEIs support DNSSEC, 14.4% do not use any SSL certificates, 74.8% use a 2048 bits encryption key, and 81.1% use the Rivest-Shamir-Adleman (RSA) algorithm. Also, 6.3% of HEIs still negotiate with the vulnerable SSLv3 version. © 2022, ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering.

Abstract
Internet of Things (IoT) and Wireless Sensor Networks (WSN) are a set of low-cost wireless sensors that can collect, process and send environment's data. WSN nodes are battery powered, therefore energy management is a key factor for long live network. One way to prolong lifetime of network is to utilize routing protocols to manage energy consumption. To have an energy efficient protocol in environment interactions, we can apply ZigBee protocols. Among these Artificial Intelligence Interactions routing methods, Tree Routing (TR) that acts in the tree network topology is considered a simple routing protocol with low overhead for ZigBee. In a tree topology, every nodes can be recognized as a parent or child of another node and in this regard, there is no circling. The most important problem of TR is increasing the number of steps to get data to the destination. To solve this problem several algorithms were proposed that its focus is on fewer steps. In this research we present an artificial Intelligence Tree Routing based on RNN and ZigBee protocol in IoT environment. Simulation results show that NEWTR improve the network lifetime by 5.549% and decreases the energy consumption (EC) of the network by 5.817% as compared with AODV routing protocol.