Tecnología en Sistemas de Información y de Software
Permanent URI for this collection
Browse
Recent Submissions
Item Tendencias actuales de las vulnerabilidades y ataques XSS(Universidad Santiago de Cali, 2025) Fernandez Gutierrez, Luz Angela; Alvarez Valencia, Leonardo; Arboleda Duque, Andrés Felipe (Director)The objective of the research was to explore Cross Site Scripting (XSS) vulnerabilities and attacks, seen from the topics worked on in recent research and international reports. The methodology consisted of a systematic review that allows knowing the current state addressed from the following questions: What is the trend in XSS attack detections? What are the main techniques to identify this type of vulnerability? How do XSS attacks manifest themselves? What tools are used to identify this type of vulnerability? What are the measures to mitigate this type of vulnerability from being exploited? The databases used were IEEE, Springer and Elsevier taking the period from 2020 to 2024. The results show that more than 100,000 XSS attacks are reported annually according to Vulners, each year it increases by approximately 18% and the main techniques to identify XSS vulnerabilities are: static analysis, penetration testing, passive testing, active testing and black box testing. In addition to firewall implementation practices in web applications using tools such as Dalfox, QualysGuard, XSSER, S2XS2, DomXssMicro. The main measures to mitigate the presence of this type of vulnerabilities and prevent their exploitation were aimed at: implementing content security policies, secure cookies, reinforcing Phishing attacks and implementing WAF and coding frameworks based on the type of XSS that is present, whether it is: reflected, stored or DOM. It is concluded that XSS attacks are a threat to digital transformation.Item Más allá del diseño manual: Algoritmos y técnicas de generación procedimental en Unity(Universidad Santiago de Cali, 2026) Restrepo Ortega, Santiago; Barreto Martínez, Alejandro; Loaiza Buitrago, Diego Fernando (Director)Procedural generation (PG) constitutes a fundamental technique in modern video game development for automatic content creation through algorithms. This review article analyzes, systematizes, and integrates the main procedural generation approaches applied between 2021 and 2025, with emphasis on three fundamental techniques: Perlin Noise for topographic terrains, L-Systems for organic vegetation, and Wave Function Collapse for coherent modular architecture. A theoretical framework is presented addressing the historical evolution of PG from its origins to contemporary techniques based on artificial intelligence, including generative adversarial networks (GANs) and reinforcement learning. Practical implementations of the three main techniques in Unity 2023 are documented, evaluating their computational performance, visual quality, and ease of use. Results confirm a 60% reduction in manual design time with comparable visual quality. A systematic comparative analysis is presented evaluating classical techniques versus generative AI approaches, and centralized versus decentralized architectures, establishing objective selection criteria based on computational efficiency, artistic control, versatility, and gameplay guarantees. Decision matrices and specific recommendations for professional projects are provided according to team type and budget constraints. The work demonstrates that no universally superior technique exists, but rather that optimal selection depends on the specific project context, identifying advantages and limitations of each approach to guide informed decisions in professional development.Item La integración de ChatGPT en el Diseño UML: Potenciando la Eficiencia y la Calidad del Proceso de Desarrollo de Software(Universidad Santiago de Cali, 2024-05-17) Urbano Martínez, Erick Salomón; Ramirez Hernandez, Juan José; Villegas, Alejandro; Loaiza Buitrago, Diego Fernando (Director)Currently, the world is amazed by the capabilities demonstrated by ChatGPT as support and assistance in daily activities. Fields such as science, research, and technology have been the main sectors interested in integrating artificial intelligence to optimize work times and further deepen creations and investigations. In the field of software development, ChatGPT has proven to be of great importance as it allows reducing work times in specific tasks, such as UML diagramming and code construction. The integration of ChatGPT in UML design has led to greater efficiency and quality when working on diagrams with all possible relationships that may exist. This monograph will analyze the use given to ChatGPT for UML diagramming and the role it plays in software development.Item Inteligencia artificial, un aliado de la ciberseguridad(Universidad Santiago de Cali, 2024-03-20) Carvajal Henao, Juan Camilo; Loaiza Buitrago, Diego Fernando (Director)Cybersecurity and artificial intelligence (AI) are increasingly strengthening their strong relationship. On the one hand, there is how artificial intelligence (AI) techniques that are currently being implemented can be used to improve the cybersecurity of products and services. However, artificial intelligence (AI) is also starting to be used by cybercriminals and other types of cyber attackers to compromise cybersecurity and trigger different types of attacks to generate fake news (attack approach). Different AI systems are susceptible to various cyberattacks, so it is necessary and indispensable to develop increasingly secure AI systems that can safeguard privacy, systems that can be trusted and receive high user acceptance, that handle a broad trust approach. Given the close relationship and good interaction between artificial intelligence (AI) and cybersecurity, it is necessary that the strategies to be implemented in the systems are coordinated to create excellent techniques, tools and methods that facilitate the design, deployment, validation and development.