Training of information technology personnel through simulations for protection against cyber attacks

Main Article Content

Fatmir Basholli
Besjana Mema
Albina Basholli


Nowadays, the development of information technology, robotics and artificial intelligence, has brought radical changes in every aspect of people's lives and this has made our lives have a lot of access to contemporary information and technology. These technological developments in many areas of business and telecommunications, in addition to their benefits, have also increased the risks. Users should be very careful when using social networks, various applications and navigating the Internet world because the risk of cyber-attacks by irresponsible persons with malicious intentions is very frequent. So, web applications make it possible for website visitors to record data or access data through the browser, where all this data is stored in the website's database, which is often the target of cyber-attacks where the attacker has read access, attempts to modify and delete data from the database. This paper aims to provide the necessary information about attacks and cyber hygiene, where we will recommend the review and analysis of these attacks using tools from the MetaSploit library which is a framework that makes hacking easier and is also a tool essential for many attackers and defenders. So MetaSploit helps developers and web administrators from this library to keep up with the times and take preventive measures against the tricks of irresponsible people.

Article Details

How to Cite
Basholli, F. ., Mema , B. ., & Basholli , A. . (2024). Training of information technology personnel through simulations for protection against cyber attacks. Engineering Applications, 3(1), 45–58. Retrieved from


Gluschke, G., Casin, M. H., & Macori, M. (2018). Cyber security policies and critical infrastructure protection. Institute for Security and Safety Press.

Hyka, D., & Basholli, F. (2023). How secure is our medical data? Is Albania ready for the digitalization of the health care system?. Engineering Applications, 2(3), 235-242.

Breda, F., Barbosa, H., & Morais, T. (2017). Social engineering and cyber security. 11th International Conference on Technology, Education and Development,6-8.

Basholli, F. (2022). Cyber warfare, a new aspect of modern warfare. VI International Scientific Conference CONFSEC, 52-54.

Panda Security. (2018). Type of Cybercrime.

Government of the Netherlands. (2016). Forms of Cybercrime. Available at:

Van Hee, C., Jacobs, G., Emmery, C., Desmet, B., Lefever, E., Verhoeven, B., De Pauw, G., Daelemans, W., & Hoste, V. (2018). Automatic detection of cyberbullying in social media text. PloS One, 13(10), e0203794.

Salahdine, F., & Kaabouch, N. (2019). Social engineering attacks: A survey. Future internet, 11(4), 89.

Rahalkar, S. (2017). Metasploit for beginners. ISBN: 978-1788295970

Basholli, A., Mema, B., Basholli, F., Hyka, D., & Salillari, D. (2023). The role of education in cyber hygiene. Advanced Engineering Days (AED), 7, 178-181.

Timalsina, U., & Gurung, K. (2015). Metasploit framework with kali linux. Technical Report.

Handy, N. (2018). Kali Linux & Metasploit: Getting Started with Pen Testing. 89d28944097b

Morgan, S. (2017). Cybercrime report, cybercrime damages will cost the world us $6 trillion by 2021,” Cybersecurity Ventures, Herjavec Group. Online Report.

Anti-Phishing Working Group. (2018). Phishing Activity Trends Report, 1st Quarter 2018. Unifying the Global Response To Cybercrime. APWG.

Hyka, D., & Basholli, F. (2023). Health care cyber security: Albania case study. Advanced Engineering Days (AED), 6, 121-123.

Anti-Phishing Working Group. (2018). Phishing Activity Trends Report, 2nd Quarter 2018. Unifying the Global Response To Cybercrime. APWG.

Gallaher, M. P., Link, A. N., & Rowe, B. (2008). Cyber security: Economic strategies and public policy alternatives. Edward Elgar Publishing.

Microsoft (2022). › news-events

Daberdini, A., Basholli, F., Metaj, N., & Skenderaj, E. (2022). Cyber security in mail with Fortiweb and Fortinet for companies and institutions. Advanced Engineering Days (AED), 5, 81-83.

Mema, B., Basholli, F., & Hyka, D. (2023). ChatGPT in Albanian higher education: Transformation of learning and virtual interaction. Advanced Engineering Days (AED), 8, 23-27.

Spahiu, A., Panxhi, D., & Dhamo, D. (2022). Increasing productivity and energy efficiency in cement industry by using VSM. Advanced Engineering Days (AED), 5, 64-67.

Singh, J., Kaur, S., Kaur, G., & Kaur, G. (2016). A detailed survey and classification of commonly recurring cyber attacks. International Journal of Computer Applications, 141(10), 15-19.

Popoola, S. I., Iyekekpolo, U. B., Ojewande, S. O., Sweetwilliams, F. O., John, S. N., & Atayero, A. A. (2017, October). Ransomware: Current trend, challenges, and research directions. Proceedings of the World Congress on Engineering and Computer Science, 1, 169-174.

Metalla, J., Dume, G., Basholli, F., & Ndokaj, E. (2023). Modeling and simulation of robotic hand pressure sensor in Simscape. Advanced Engineering Days (AED), 7, 151-154.

Igbe, O., Ajayi, O., & Saadawi, T. (2017, October). Denial of service attack detection using dendritic cell algorithm. 2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON), 294-299.

Bendovschi, A. (2015). Cyber-attacks–trends, patterns and security countermeasures. Procedia Economics and Finance, 28, 24-31.

Basholli, F., & Daberdini, A. (2023). Monitoring and assessment of the quality of electricity in a building. Engineering Applications, 2(1), 32-48.

Wu, M., Miller, R. C., & Garfinkel, S. L. (2006, April). Do security toolbars actually prevent phishing attacks?. In Proceedings of the SIGCHI conference on Human Factors in computing systems, 601-610.

Patel, R. S. (2013). Kali Linux Social Engineering: Effectively perform efficient and organized social engineering tests and penetration testing using Kali Linux. Birmingham, VIC: Packt Publishing Ltd.

Mouton, F., Leenen, L., Malan, M. M., & Venter, H. S. (2014). Towards an ontological model defining the social engineering domain. In ICT and Society: 11th IFIP TC 9 International Conference on Human Choice and Computers, HCC11 2014, Turku, Finland, July 30–August 1, 2014. Proceedings 11, 266-279.

Mouton, F., Leenen, L., & Venter, H. S. (2016). Social engineering attack examples, templates and scenarios. Computers & Security, 59, 186-209.

Basholli, F., Daberdini, A., & Basholli, A. (2023). Possibility of protection against unauthorized interference in telecommunication systems. Engineering Applications, 2(3), 265-278.

InsightIDR Overview, (2019).

Basholli, F. (2022). Assessment of airspace surveillance and control in Albanian territory from the current and historical prospective. Advanced Engineering Days (AED), 5, 71-73.

Townsend, M. (2017). What is the different between cyber-crime and cyber- attack?. cyber-attack

Cisco Corporation. (2023). What Is Cybersecurity?.

Basholli, F., Minga, J., & Grepcka, A. (2023). Protection of buildings on a university campus from lightning strikes. Advanced Engineering Days (AED), 8, 35-38.

Hyka, D., Hyra, A., Basholli, F., Mema, B., & Basholli, A. (2023). Data security in public and private administration: Challenges, trends, and effective protection in the era of digitalization. Advanced Engineering Days (AED), 7, 125-127.

Dey, P. K. (2016). Prashant's algorithm for password management system. International Journal of Engineering Science, 2424.

Basholli, F. (2022). Electronic interference and protection from it. Advanced Engineering Days (AED), 5, 74-76.

Basholli, F., Mezini, R., & Basholli, A. (2023). Security in the components of information systems. Advanced Engineering Days (AED), 7, 185-187.

Whitty, M. T., & Buchanan, T. (2012). The online romance scam: A serious cybercrime. CyberPsychology, Behavior, and Social Networking, 15(3), 181-183.

Hopkins, M., & Dehghantanha, A. (2015, November). Exploit Kits: The production line of the Cybercrime economy?. In 2015 second international conference on Information Security and Cyber Forensics (InfoSec), 23-27.

Basholli, F., & Daberdini, A. (2022). Monitoring and evaluation of the quality of electricity in a building. Advanced Engineering Days (AED), 5, 77-80.

Sheme, E., Tafa, I., & Basholli, F. (2023). BattSim-GDC Simulator: How much battery your green datacenter needs?. Advanced Engineering Days (AED), 6, 162-164.

Pajaziti, A., Basholli, F., & Zhaveli, Y. (2023). Identification and classification of fruits through robotic system by using artificial intelligence. Engineering Applications, 2(2), 154-163.

Kurniawan, A., & Fitriansyah, A. (2018). What is Exploit Kit and How Does it Work?. International Journal of Pure and Applied Mathematics, 118(20), 509-516.

GREAT-Global Research and Analysis Team. (2017). Attacks with Exploits: From Everyday Threats to Targeted Campaigns. security/enterprise/KL_Report_Exploits_in_2016_final.pdf

Basholli, F., Daberdinİ, A., & Basholli, A. (2023). Detection and prevention of intrusions into computer systems. Advanced Engineering Days (AED), 6, 138-141.

Samani, R., McFarland, C. (2015). Hacking the human operating system: The role of social engineering within cybersecurity. Santa Clara, CA: McAfee.

Broadhurst, R., & Chantler, A. N. (2008). Social Engineering and Crime Prevention in Cyberspace

Frumento, E., Puricelli, R., Freschi, F., Ariu, D., Weiss, N., Dambra, C., Cotoi, I., Roccetti, P., Rodriguez, M., Adrei, L., Marinelli, G., Kandela, G., Pachego, B. (2016). The role of social engineering in evolution of attacks.

Mema, B., & Basholli, F. (2023). Internet of things in the development of future businesses in Albania. Advanced Engineering Science, 3, 196-205.

Vaisla, K. S., & Saini, R. (2014). Analyzing of zero day attack and its identification techniques. In Proceedings of First International Conference on Advances in Computing & Communication Engineering (ICACCE-2014)

Yeboah-Boateng, E. O., & Amanor, P. M. (2014). Phishing, SMiShing & Vishing: an assessment of threats against mobile devices. Journal of Emerging Trends in Computing and Information Sciences, 5(4), 297-307.

Harizaj, M., Bisha, I., & Basholli, F. (2023). IOT integration of electric vehicle charging infrastructure. Advanced Engineering Days (AED), 6, 152-155.

Remorin, L., Flores, R., & Matsukawa, B. (2018). Tracking trends in business email compromise (BEC) schemes. Trend Micro, 18(1).

De Ryck, P., Nikiforakis, N., Desmet, L., & Joosen, W. (2013, May). Tabshots: Client-side detection of tabnabbing attacks. In Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security, 447-456.

Koops, B. J., & Leenes, R. E. (2006). ID theft, ID fraud and/or ID-related crime-definitions matter. Datenschutz und Datensicherheit, 30(9), 553-556.

Cornell Law School, Legal Information Institute. (2011). U.S. Code § 1028.Fraud and related activity in connection with identification documents, authentication features, and information.

Moore, R. (2014). Cybercrime: Investigating high-technology computer crime. Routledge.

Basholli, F., Hyka, D., Basholli, A., Daberdini, A., & Mema, B. (2023). Analysis of cyber-attacks through simulation. Advanced Engineering Days (AED), 7, 120-122.