Abstract
Information security and cybersecurity management play a key role in modern enterprises. There is a plethora of standards, frameworks, and tools, ISO 27000 and the NIST Cybersecurity Framework being two relevant families of international Information Security Management Standards (ISMSs). Globally, these standards are implemented by dedicated tools to collect and further analyze the information security auditing that is carried out in an enterprise. The overall goal of the auditing is to evaluate and mitigate the information security risk. The risk assessment is grounded by auditing processes, which examine and assess a list of predefined controls in a wide variety of subjects regarding cybersecurity and information security. For each control, a checklist of actions is applied and a set of corrective measures is proposed, in order to mitigate the flaws and to increase the level of compliance with the standard being used. The auditing process can apply different ISMSs in the same time frame. However, as these processes are time-consuming, involve on-site interventions, and imply specialized consulting teams, the methodology usually adopted by enterprises consists of applying a single ISMS and its existing tools and frameworks. This strategy brings overall less flexibility and diversity to the auditing process and, consequently, to the assessment results of the audited enterprise. In a broad sense, the auditing needs of Small and Medium-sized Enterprises (SMEs) are different from large companies and do not fit with all the existing ISMSs' frameworks, that is a set of controls of a particular ISMS is not suitable to be applied in an auditing process, in an SME. In this paper, we propose a generic and client-centered web-integrated cybersecurity auditing information system. The proposed system can be widely used in a myriad of auditing processes, as it is flexible and it can load a set of predefined controls' checklist assessment and their corresponding mitigation tasks' list. It was designed to meet both SMEs' and large enterprises' requirements and stores auditing and intervention-related data in a relational database. The information system was tested within an ISO 27001:2013 information security auditing project, in which fifty SMEs participated. The overall architecture and design are depicted and the global results are detailed in this paper.

Abstract
Network security encloses a wide set of technologies dealing with intrusions detection. Despite the massive adoption of signature-based network intrusion detection systems (IDSs), they fail in detecting zero-day attacks and previously unseen vulnerabilities exploits. Behaviour-based network IDSs have been seen as a way to overcome signature-based IDS flaws, namely through the implementation of machine-learning-based methods, to tolerate new forms of normal network behaviour, and to identify yet unknown malicious activities. A wide set of machine learning methods has been applied to implement behaviour-based IDSs with promising results on detecting new forms of intrusions and attacks. Innovative machine learning techniques have emerged, namely deep-learning-based techniques, to process unstructured data, speed up the classification process, and improve the overall performance obtained by behaviour-based network intrusion detection systems. The use of realistic datasets of normal and malicious networking activities is crucial to benchmark machine learning models, as they should represent real-world networking scenarios and be based on realistic computers network activity. This paper aims to evaluate CSE-CIC-IDS2018 dataset and benchmark a set of deep-learning-based methods, namely convolutional neural networks (CNN) and long short-term memory (LSTM). Autoencoder and principal component analysis (PCA) methods were also applied to evaluate features reduction in the original dataset and its implications in the overall detection performance. The results revealed the appropriateness of using the CSE-CIC-IDS2018 dataset to benchmark supervised deep learning models. It was also possible to evaluate the robustness of using CNN and LSTM methods to detect unseen normal activity and variations of previously trained attacks. The results reveal that feature reduction methods decreased the processing time without loss of accuracy in the overall detection performance.

Abstract
Daily activities have been increasingly supported by intelligent devices and applications. Smart devices are constantly communicating through the Internet of Things (IoT) networks, either by sending collected data and notifying the actions taken or by receiving instructions for actions to be taken. Most of this communication requires the confidentiality of data through the usage of encryption algorithms, being the Advanced Encryption Standard (AES) algorithm one of the most used. However, how do the operation modes of AES algorithm perform in a resource-constraint device? This paper aims to evaluate the impact on the time to encrypt and decrypt different sized messages in IoT devices when using each one of the five AES modes of operation and the three key sizes defined. The test scenario was implemented using two programming languages, running on a Raspberry Pi device. The results achieved infers that Python was quicker and had a more homogeneous result set than JavaScript implementation in most AES operation modes. These results help to understand the trade-off between IoT devices' security needs and delays in communication caused by the selection of the AES algorithm operation mode.

Abstract
Computer network attacks are vast and negatively impact the infrastructure and its applicational services. From a cyber offensive and defensive perspective, there are a plethora of tools to craft and inject customized malicious packets in the network and exploit operating systems and application vulnerabilities. Those tools are however hard to operate by practitioners with less knowledge on networking fundamentals and students in the early stage of their studies. This paper proposes an easy-to-use application tool that can produce customized Denial of Service (DoS) and spoofing attacks. It was developed in Python and takes advantage of scapy library to process and inject network packets. A set of experiments was made, and the results obtained show the efficiency and accuracy of the attacks, by impairing the proper functioning of the victim's machines.

Abstract
Confidentiality protects users' data from digital eavesdroppers when traveling through the Internet. Confidentiality is complex and costly, especially on applications that involve communication and data exchange between multiple users. Cryptography has been the most used medium to achieve confidentiality, being the greatest challenge the sharing of a secret key to a group of people in a safe and effective way. This paper presents a chat application that implements an innovative way of sending messages with end-to-end encryption, in real-time, with a dynamic key store, and without the existence of data persistence. The application stands out from the others by the fact that it innovates the way the keys are shared with multiple users.

Abstract
Detecting malware in computer networks and data streams from Android devices remains a critical challenge for cybersecurity researchers. While machine learning and deep learning techniques have shown promising results, these approaches often require large volumes of labelled data, offer limited interpretability, and struggle to adapt to sophisticated threats such as zero-day attacks. Moreover, their high computational requirements restrict their applicability in resource-constrained environments. This research proposes an innovative approach that advances the state of the art by offering practical solutions for dynamic and data-limited security scenarios. By integrating natural statistical laws, particularly Benford's law, with dissimilarity functions, a lightweight, fast, and scalable model is developed that eliminates the need for extensive training and large labelled datasets while improving resilience to data imbalance and scalability for large-scale cybersecurity applications. Although Benford's law has demonstrated potential in anomaly detection, its effectiveness is limited by the difficulty of selecting relevant features. To overcome this, the study combines Benford's law with several distance functions, including Median Absolute Deviation, Kullback-Leibler divergence, Euclidean distance, and Pearson correlation, enabling statistically grounded feature selection. Additional metrics, such as the Kolmogorov test, Jensen-Shannon divergence, and Z statistics, were used for model validation. This approach quantifies discrepancies between expected and observed distributions, addressing classic feature selection challenges like redundancy and imbalance. Validated on both balanced and unbalanced datasets, the model achieved strong results: 88.30% accuracy and 85.08% F1-score in the balanced set, 92.75% accuracy and 95.29% F1-score in the unbalanced set. The integration of Benford's law with distance functions significantly reduced false positives and negatives. Compared to traditional Machine Learning methods, which typically require extensive training and large datasets to achieve F1 scores between 92% and 99%, the proposed approach delivers competitive performance while enhancing computational efficiency, robustness, and interpretability. This balance makes it a practical and scalable alternative for real-time or resource-constrained cybersecurity environments.