Publications

@article{marcelo001,

title = {“Animation” URL in NFT marketplaces considered harmful for privacy},

author = {Patricia Callejo and Ignacio Gómez-Fernandez and Marcelo Bagnulo},

doi = {https://doi.org/10.1007/s10207-024-00908-x},

issn = {1615-5270},

year  = {2024},

date = {2024-09-17},

journal = {International Journal of Information Security},

abstract = {Non-Fungible Tokens (NFTs) are becoming increasingly popular as a way to represent and own digital property. However, the usage of NFTs also prompts questions about privacy. In this work, we show that it is possible to use NFTs to retrieve enough information to fingerprint users. By doing so, we can uniquely associate users with blockchain accounts. This would allow linking several blockchain accounts to the same user. This work focuses on the vulnerabilities presented by some popular NFT marketplaces. Since NFTs may have HTML files embedded, they allow the use of fingerprinting techniques if not handled carefully. Finally, we provide recommendations and countermeasures for the different actors in this ecosystem to avoid these kinds of tracking methods and, in doing so, safeguard user privacy.},

keywords = {Blockchain, I-Shaper, NFT, privacy},

pubstate = {published},

tppubtype = {article}

}

@article{marta001,

title = {Reducing DNS Traffic to Enhance Home IoT Device Privacy},

author = {Marta Moure-Garrido and Carlos García-Rubio and Celeste Campo},

url = {https://www.mdpi.com/1424-8220/24/9/2690/pdf?version=1713941333},

doi = {https://doi.org/10.3390/s24092690},

year  = {2024},

date = {2024-04-24},

urldate = {2024-04-24},

journal = {Sensors },

volume = {24},

issue = {9},

publisher = {Sensors 2024},

abstract = {The deployment of Internet of Things (IoT) devices is widespread in different environments, including homes. Although security is incorporated, homes can become targets for cyberattacks because of their vulnerabilities. IoT devices generate Domain Name Server (DNS) traffic primarily for communication with Internet servers. In this paper, we present a detailed analysis of DNS traffic from IoT devices. The queried domains are highly distinctive, enabling attackers to easily identify the IoT device. In addition, we observed an unexpectedly high volume of queries. The analysis reveals that the same domains are repeatedly queried, DNS queries are transmitted in plain text over User Datagram Protocol (UDP) port 53 (Do53), and the excessive generation of traffic poses a security risk by amplifying an attacker’s ability to identify IoT devices and execute more precise, targeted attacks, consequently escalating the potential compromise of the entire IoT ecosystem. We propose a simple measure that can be taken to reduce DNS traffic generated by IoT devices, thus preventing it from being used as a vector to identify the types of devices present in the network. This measure is based on the implementation of the DNS cache in the devices; caching few resources increases privacy considerably.},

keywords = {compromise, DNS, I-Shaper, IoT privacy, network traffic, Qursa},

pubstate = {published},

tppubtype = {article}

}

@article{campo002,

title = {Real time detection of malicious DoH traffic using statistical analysis },

author = {Marta Moure-Garrido and Celeste Campo-Vázquez and Carlos García-Rubio},

url = {http://hdl.handle.net/10016/38151},

doi = {https://doi.org/10.1016/j.comnet.2023.109910},

issn = {1389-1286},

year  = {2023},

date = {2023-10-09},

urldate = {2023-10-09},

journal = {COMPUTER NETWORKS},

volume = {234},

issue = {109910},

pages = {1-10},

abstract = {The DNS protocol plays a fundamental role in the operation of ubiquitous networks. All devices connected to these networks need DNS to work, both for traditional domain name to IP address translation, and for more advanced services such as resource discovery. DNS over HTTPS (DoH) solves certain security problems present in the DNS protocol. However, malicious DNS tunnels, a covert way of encapsulating malicious traffic in a DNS connection, are difficult to detect because the encrypted data prevents performing an analysis of the content of the DNS traffic.



In this study, we introduce a real-time system for detecting malicious DoH tunnels, which is based on analyzing DoH traffic using statistical methods. Our research demonstrates that it is feasible to identify in real-time malicious traffic by analyzing specific parameters extracted from DoH traffic. In addition, we conducted statistical analysis to identify the most significant features that distinguish malicious traffic from benign traffic. Using the selected features, we achieved satisfactory results in classifying DoH traffic as either benign or malicious.},

keywords = {classification, compromise, computer science, cynamon, dns tunnels, doh traffic, intrusion detection system, malicious doh, Qursa, statistical analysis},

pubstate = {published},

tppubtype = {article}

}

@article{almenarez017,

title = {Enhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI)},

author = {Fernando Gutierrez-Portela and Harold-Brayan Arteaga-Arteaga and Florina Almenares-Mendoza and Liliana Calderon-Benavides and Héctor-Gabriel Acosta-Mesa and Reinel Tabares-Soto},

url = {https://ieeexplore.ieee.org/document/10172186},

doi = {https://doi.org/10.1109/ACCESS.2023.3292267},

issn = {2169-3536},

year  = {2023},

date = {2023-07-04},

urldate = {2023-07-04},

journal = {IEEE Access},

volume = {11},

pages = {70542 - 70559},

abstract = {One of the fields where Artificial Intelligence (AI) must continue to innovate is computer security. The integration of Wireless Sensor Networks (WSN) with the Internet of Things (IoT) creates ecosystems of attractive surfaces for security intrusions, being vulnerable to multiple and simultaneous attacks. This research evaluates the performance of supervised ML techniques for detecting intrusions based on network traffic captures. This work presents a new balanced dataset (IDSAI) with intrusions generated in attack environments in a real scenario. This new dataset has been provided in order to contrast model generalization from different datasets. The results show that for the detection of intruders, the best supervised algorithms are XGBoost, Gradient Boosting, Decision Tree, Random Forest, and Extra Trees, which can generate predictions when trained and predicted with ten specific intrusions (such as ARP spoofing, ICMP echo request Flood, TCP Null, and others), both of binary form (intrusion and non-intrusion) with up to 94% of accuracy, as multiclass form (ten different intrusions and non-intrusion) with up to 92% of accuracy. In contrast, up to 90% of accuracy is achieved for prediction on the Bot-IoT dataset using models trained with the IDSAI dataset.},

keywords = {compromise, intrusion detection system, IoT},

pubstate = {published},

tppubtype = {article}

}

@article{diazsanchez010,

title = {Kriper: A blockchain network with permissioned storage},

author = {MaríaIsabel Rojo-Rivas and Daniel Díaz-Sánchez and Florina Almenarez and Andrés Marín-Lopez},

doi = {https://doi.org/10.1016/j.future.2022.08.006},

issn = {0167-739X},

year  = {2022},

date = {2022-08-17},

urldate = {2022-08-17},

journal = {Future Generation Computer Systems},

volume = {138},

pages = {160-171},

abstract = {Blockchain has been a revolution in the past few years. Beyond the new currencies that were created around different incarnations of the blockchain concept, there are many other contributions that provide interesting services as a data linked structure using a decentralized network that provide a high level of security. Companies have developed many projects to incorporate blockchain into their business logic pursuing to incorporate other related services as persistence of large volumes of data, privacy or anonymity of transactions, distributed data processing, security (confidentiality, integrity, and availability), document management or micro messages in real time. Nevertheless, as it will be discussed in this article, current blockchains do not meet the needs of companies in many aspects, leading to a scarce or superficial adoption. This article introduces Kriper, a blockchain that aims at meeting corporate world needs by responding with a community-based, open blockchain that may also be segregated and private for certain uses whereas it provides a permissioned distributed storage and micro message lightweight services.},

keywords = {Access control, Blockchain, compromise, Confidentiality, cynamon, Distributed storage, Permissioned storage, privacy, ricon},

pubstate = {published},

tppubtype = {article}

}

@article{campo003,

title = {Entropy-Based Anomaly Detection in HouseholdElectricity Consumption},

author = {Marta Moure-Garrido and Celeste Campo-Vázquez and Carlos García-Rubio},

doi = {https://doi.org/10.3390/en15051837},

issn = {1996-1073},

year  = {2022},

date = {2022-03-02},

urldate = {2022-03-02},

journal = {Energies},

volume = {15},

abstract = {Energy efficiency is one of the most important current challenges, and its impact at a global level is considerable. To solve current challenges, it is critical that consumers are able to control their energy consumption. In this paper, we propose using a time series of window-based entropy to detect anomalies in the electricity consumption of a household when the pattern of consumption behavior exhibits a change. We compare the accuracy of this approach with two machine learning approaches, random forest and neural networks, and with a statistical approach, the ARIMA model. We study whether these approaches detect the same anomalous periods. These different techniques have been evaluated using a real dataset obtained from different households with different consumption profiles from the Madrid Region. The entropy-based algorithm detects more days classified as anomalous according to context information compared to the other algorithms. This approach has the advantages that it does not require a training period and that it adapts dynamically to changes, except in vacation periods when consumption drops drastically and requires some time for adapting to the new situation.},

keywords = {anomaly detection, behavior pattern, compromise, cynamon, entropy, household electricity consumption, load forecasting, magos},

pubstate = {published},

tppubtype = {article}

}

@article{campos004,

title = {Performance evaluation of CoAP and MQTT with security support for IoT environments},

author = {Victor Seoane-Merida and Carlos García-Rubio and Florina Almenares-Mendoza and Celeste Campo-Vázquez},

url = {http://hdl.handle.net/10016/33795},

doi = {https://doi.org/10.1016/j.comnet.2021.108338},

issn = {1389-1286},

year  = {2021},

date = {2021-10-04},

urldate = {2021-10-04},

journal = {COMPUTER NETWORKS},

volume = {197},

issue = {108338},

pages = {1-22},

abstract = {World is living an overwhelming explosion of smart devices: electronic gadgets, appliances, meters, cars, sensors, camera and even traffic lights, that are connected to the Internet to extend their capabilities, constituting what is known as Internet of Things (IoT). In these environments, the application layer is decisive for the quality of the connection, which has dependencies to the transport layer, mainly when secure communications are used. This paper analyses the performance offered by these two most popular protocols for the application layer: Constrained Application Protocol (CoAP) and Message Queue Telemetry Transport (MQTT). This analysis aims to examine the features and capabilities of the two protocols and to determine their feasibility to operate under constrained devices taking into account security support and diverse network conditions, unlike the previous works. Since IoT devices typically show battery constraints, the analysis is focused on bandwidth and CPU use, using realistic network scenarios, since this use translates to power consumption.},

keywords = {coap, cynamon, Internet of Things, magos, mqtt, Performance evaluation, Security},

pubstate = {published},

tppubtype = {article}

}

@article{marin002,

title = {Security Information Sharing in Smart Grids: Persisting Security Audits to the Blockchain},

author = {Andrés Marín-López and Sergio Chica-Manjarrez and David Arroyo and Florina Almenares-Mendoza and Daniel Díaz-Sánchez },

url = {https://www.mdpi.com/2079-9292/9/11/1865

},

doi = {https://doi.org/10.3390/electronics9111865},

issn = {2079-9292},

year  = {2020},

date = {2020-11-06},

urldate = {2020-11-06},

journal = {Electronics},

volume = {9},

pages = {1865},

abstract = {With the transformation in smart grids, power grid companies are becoming increasingly

dependent on data networks. Data networks are used to transport information and commands for

optimizing power grid operations: Planning, generation, transportation, and distribution. Performing

periodic security audits is one of the required tasks for securing networks, and we proposed in a

previous work AUTOAUDITOR, a system to achieve automatic auditing. It was designed according

to the specific requirements of power grid companies, such as scaling with the huge number of

heterogeneous equipment in power grid companies. Though pentesting and security audits are

required for continuous monitoring, collaboration is of utmost importance to fight cyber threats.

In this paper we work on the accountability of audit results and explore how the list of audit result

records can be included in a blockchain, since blockchains are by design resistant to data modification.

Moreover, blockchains endowed with smart contracts functionality boost the automation of both

digital evidence gathering, audit, and controlled information exchange. To our knowledge, no such

system exists. We perform throughput evaluation to assess the feasibility of the system and show

that the system is viable for adaptation to the inventory systems of electrical companies.},

keywords = {cynamon, inteligenciafuentesabiertas, permissioned blockchain, scalability, security auditing, smart grid security},

pubstate = {published},

tppubtype = {article}

}

@article{diazsanchez009,

title = {Specification and Unattended Deployment of Home Networks at the Edge of the Network},

author = {Iván Bernabé-Sánchez and Daniel Díaz-Sánchez and Mario Muñoz-Organero},

url = {https://ieeexplore.ieee.org/document/9173527},

doi = {10.1109/TCE.2020.3018543},

issn = {0098-3063},

year  = {2020},

date = {2020-08-21},

urldate = {2020-08-21},

journal = {IEEE TRANSACTIONS ON CONSUMER ELECTRONICS},

volume = {66},

issue = {4},

pages = {279 - 288},

abstract = {Consumer devices continue to expand their capabilities by connecting to digital services and other devices to form information-sharing ecosystems. This is complex and requires meeting connection requirements and minimal processing capabilities to ensure communication. The emergence of new services, and the evolution of current technologies, constantly redefine the rules of the game by opening up new possibilities and increasing competition among service providers. Paradigms such as edge computing, softwarization of physical devices, self-configuration mechanisms, definition of software as a code and interoperability between devices, define design principles to be taken into account in future service infrastructures. This work analyzes these principles and presents a programmable architecture in which services and virtual devices are instantiated in any computing infrastructure, as cloud or edge computing, upon request according to the needs specified by service providers or users. Considering that the target computing infrastructures are heterogeneous, the solution defines network elements and provides network templates to ensure it can be deployed on different infrastructures irrespectively of the vendor. A prototype has been developed and tested on a virtualized cloud-based home network relying on open source solutions.},

keywords = {Cloud computing, connected consumer devices, edge computing, fog computing, joint digital transformation, orchestrator},

pubstate = {published},

tppubtype = {article}

}

@article{campo005,

title = {A hybrid analysis of LBSN data to early detect anomalies in crowd dynamics},

author = {Rebeca Diaz-Redondo and Carlos García-Rubio and Ana Fernandez-Vilas Celeste Campo-Vázquez and Alicia Rodriguez-Carrion},

url = {http://hdl.handle.net/10016/33771},

doi = {https://doi.org/10.1016/j.future.2020.03.038},

issn = {0167-739X},

year  = {2020},

date = {2020-08-10},

urldate = {2020-08-10},

journal = {Future generation computer systems},

volume = {109},

pages = {83-94},

abstract = {Undoubtedly, Location-based Social Networks (LBSNs) provide an interesting source of geo-located data that we have previously used to obtain patterns of the dynamics of crowds throughout urban areas. According to our previous results, activity in LBSNs reflects the real activity in the city. Therefore, unexpected behaviors in the social media activity are a trustful evidence of unexpected changes of the activity in the city. In this paper we introduce a hybrid solution to early detect these changes based on applying a combination of two approaches, the use of entropy analysis and clustering techniques, on the data gathered from LBSNs. In particular, we have performed our experiments over a data set collected from Instagram for seven months in New York City, obtaining promising results.},

keywords = {crowd dynamics, density-based clustering, emadrid, entropy analysis, instagram, location-based social network},

pubstate = {published},

tppubtype = {article}

}

@article{almenarez006,

title = {INRISCO: INcident monitoRing in Smart COmmunities},

author = {MÓNICA AGUILAR-IGARTUA AND FLORINA ALMENARES-MENDOZA AND REBECA DÍAZ-REDONDO AND MANUELA MARTÍN-VICENTE AND JORDI FORNÉ AND CELESTE CAMPO AND ANA FERNÁNDEZ-VILAS AND LUIS CRUZ-LLOPIS AND CARLOS GARCÍA-RUBIO AND ANDRÉS MARÍN-LÓPEZ AND AHMAD MOHAMAD-MEZHER AND DANIEL DÍAZ-SÁNCHEZ AND HÉCTOR CEREZO-COSTAS AND DAVID REBOLLO-MONEDERO AND PATRICIA ARIAS-CABARCOS AND FRANCISCO JOSÉ RICO-NOVELLA

},

url = {https://ieeexplore.ieee.org/document/9064504

https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=9064504},

doi = {https://doi.org/10.1109/ACCESS.2020.2987483},

issn = {2169-3536},

year  = {2020},

date = {2020-04-13},

urldate = {2020-04-13},

journal = {IEEE Access},

volume = {8},

pages = {72435 - 72460},

abstract = {Major advances in information and communication technologies (ICTs) make citizens to be considered as sensors in motion. Carrying their mobile devices, moving in their connected vehicles or actively participating in social networks, citizens provide a wealth of information that, after properly processing, can support numerous applications for the benefit of the community. In the context of smart communities, the INRISCO [1] proposal intends for (i) the early detection of abnormal situations in cities (i.e., incidents), (ii) the analysis of whether, according to their impact, those incidents are really adverse for the community; and (iii) the automatic actuation by dissemination of appropriate information to citizens and authorities. Thus, INRISCO will identify and report on incidents in traffic (jam, accident) or public infrastructure (e.g., works, street cut), the occurrence of specific events that affect other citizens' life (e.g., demonstrations, concerts), or environmental problems (e.g., pollution, bad weather). It is of particular interest to this proposal the identification of incidents with a social and economic impact, which affects the quality of life of citizens.},

keywords = {big data analysis, citizen sensor, early detection of incidents, inrisco, Smart Cities, social networks, vehicular communications},

pubstate = {published},

tppubtype = {article}

}

@article{Diaz_Sanchez_2019,

title = {DNS/DANE Collision-Based Distributed and Dynamic Authentication for Microservices in IoT †},

author = {Daniel Díaz-Sánchez and Andrés Marín-Lopez and Florina Almenárez Mendoza and Patricia Arias Cabarcos},

url = {http://dx.doi.org/10.3390/s19153292

/download/DNS_DANE_Collision-Based_Distributed_and_Dynamic_Authentication_for_Microservices_in_IoT.pdf},

doi = {https://doi.org/10.3390/s19153292},

issn = {1424-8220},

year  = {2019},

date = {2019-07-26},

urldate = {2019-07-26},

journal = {Sensors},

volume = {19},

issue = {15},

pages = {1-23},

publisher = {MDPI AG},

abstract = {IoT devices provide real-time data to a rich ecosystem of services and applications. The volume of data and the involved subscribe/notify signaling will likely become a challenge also for access and core networks. To alleviate the core of the network, other technologies like fog computing can be used. On the security side, designers of IoT low-cost devices and applications often reuse old versions of development frameworks and software components that contain vulnerabilities. Many server applications today are designed using microservice architectures where components are easier to update. Thus, IoT can benefit from deploying microservices in the fog as it offers the required flexibility for the main players of ubiquitous computing: nomadic users. In such deployments, IoT devices need the dynamic instantiation of microservices. IoT microservices require certificates so they can be accessed securely. Thus, every microservice instance may require a newly-created domain name and a certificate. The DNS-based Authentication of Named Entities (DANE) extension to Domain Name System Security Extensions (DNSSEC) allows linking a certificate to a given domain name. Thus, the combination of DNSSEC and DANE provides microservices’ clients with secure information regarding the domain name, IP address, and server certificate of a given microservice. However, IoT microservices may be short-lived since devices can move from one local fog to another, forcing DNSSEC servers to sign zones whenever new changes occur. Considering DNSSEC and DANE were designed to cope with static services, coping with IoT dynamic microservice instantiation can throttle the scalability in the fog. To overcome this limitation, this article proposes a solution that modifies the DNSSEC/DANE signature mechanism using chameleon signatures and defining a new soft delegation scheme. Chameleon signatures are signatures computed over a chameleon hash, which have a property: a secret trapdoor function can be used to compute collisions to the hash. Since the hash is maintained, the signature does not have to be computed again. In the soft delegation schema, DNS servers obtain a trapdoor that allows performing changes in a constrained zone without affecting normal DNS operation. In this way, a server can receive this soft delegation and modify the DNS zone to cope with frequent changes such as microservice dynamic instantiation. Changes in the soft delegated zone are much faster and do not require the intervention of the DNS primary servers of the zone.},

keywords = {authentication, chameleon signatures, cynamon, DANE, DNSSEC, Internet of Things, magos, microservices},

pubstate = {published},

tppubtype = {article}

}

@article{diazsanchez011,

title = {Task Scheduling to Constrain Peak Current Consumption in Wearable Healthcare Sensors},

author = {Robert Simon-Sherratt and Balazs Janko and Terence Hui and William S.-Harwin and Nilanjan Dey and Daniel Díaz-Sánchez and Jin Wang and Fuqian Shi},

url = {https://doi.org/10.3390/electronics8070789

https://www.mdpi.com/2079-9292/8/7/789

https://www.mdpi.com/2079-9292/8/7/789/pdf?version=1563172692},

doi = {https://doi.org/10.3390/electronics8070789},

issn = {2079-9292},

year  = {2019},

date = {2019-07-15},

urldate = {2019-07-15},

journal = {Electronics},

volume = {8},

pages = {789},

abstract = {Small embedded systems, in our case wearable healthcare devices, have significant engineering challenges to reduce their power consumption for longer battery life, while at the same time supporting ever-increasing processing requirements for more intelligent applications. Research has primarily focused on achieving lower power operation through hardware designs and intelligent methods of scheduling software tasks, all with the objective of minimizing the overall consumed electrical power. However, such an approach inevitably creates points in time where software tasks and peripherals coincide to draw large peaks of electrical current, creating short-term electrical stress for the battery and power regulators, and adding to electromagnetic interference emissions. This position paper proposes that the power profile of an embedded device using a real-time operating system (RTOS) will significantly benefit if the task scheduler is modified to be informed of the electrical current profile required for each task. This enables the task scheduler to schedule tasks that require large amounts of current to be spread over time, thus constraining the peak current that the system will draw. We propose a solution to inform the task scheduler of a tasks’ power profile, and we discuss our application scenario, which clearly benefited from the proposal.},

keywords = {embedded, health care, joint digital transformation, low-power, task scheduler, wearable},

pubstate = {published},

tppubtype = {article}

}

@article{8704893,

title = {TLS/PKI Challenges and Certificate Pinning Techniques for IoT and M2M Secure Communications},

author = {Daniel Díaz-Sánchez and Andrés Marín-López and Florina Almenárez-Mendoza and Patricia Arias-Cabarcos and R. Simon-Sherratt},

url = {https://doi.org/10.1109/COMST.2019.2914453

https://ieeexplore.ieee.org/document/8704893

https://phpmyadmin.pervasive.it.uc3m.es/download/TLC-PKI-challenges-certificate-pinning.pdf},

doi = {10.1109/COMST.2019.2914453},

issn = {1553-877X},

year  = {2019},

date = {2019-05-02},

urldate = {2019-05-02},

journal = {IEEE Communications Surveys and Tutorials},

volume = {21},

issue = {4},

pages = {3502-3531},

abstract = {Transport layer security (TLS) is becoming the de facto standard to provide end-to-end security in the current Internet. IoT and M2M scenarios are not an exception since TLS is also being adopted there. The ability of TLS for negotiating any security parameter, its flexibility and extensibility are responsible for its wide adoption but also for several attacks. Moreover, as it relies on public key infrastructure (PKI) for authentication, it is also affected by PKI problems. Considering the advent of IoT/M2M scenarios and their particularities, it is necessary to have a closer look at TLS history to evaluate the potential challenges of using TLS and PKI in these scenarios. According to this, this paper provides a deep revision of several security aspects of TLS and PKI, with a particular focus on current certificate pinning solutions in order to illustrate the potential problems that should be addressed.},

keywords = {authentication, certificate pinning, cynamon, DTLS, Internet of Things, Machine to Machine, magos, PKI, Protocols, TLS, Trusted Third Party, Tutorials},

pubstate = {published},

tppubtype = {article}

}

@article{campo006,

title = {Using entropy of social media location data for the detection of crowd dynamics anomalies},

author = {Carlos García-Rubio and Rebeca Diaz-Redondo and Celeste Campo-Vázquez and Ana Fernandez-Vilas },

url = {http://hdl.handle.net/10016/33760},

doi = {https://doi.org/10.3390/electronics7120380},

issn = {2079-9292},

year  = {2018},

date = {2018-12-03},

urldate = {2018-12-03},

journal = {Electronics},

volume = {7},

issue = {12},

pages = {380},

abstract = {Evidence of something unusual happening in urban areas can be collected from different data sources, such as police officers, cameras, or specialized physical infrastructures. In this paper, we propose using geotagged posts on location-based social networks (LBSNs) to detect crowd dynamics anomalies automatically as evidence of a potential unusual event. To this end, we use the Instagram API media/search endpoint to collect the location of the pictures posted by Instagram users in a given area periodically. The collected locations are summarized by their centroid. The novelty of our work relies on using the entropy of the sequence of centroid locations in order to detect abnormal patterns in the city. The proposal is tested on a data set collected from Instagram during seven months in New York City and validated with another data set from Manchester. The results have also been compared with an alternative approach, a training phase plus a ranking of outliers. The main conclusion is that the entropy algorithm succeeds inn finding abnormal events without the need for a training phase, being able to dynamically adapt to changes in crowd behavior.},

keywords = {anomaly detection, city behavior, data mining algorithms, location-based social network},

pubstate = {published},

tppubtype = {article}

}

@article{campo007,

title = {Detecting and reducing biases in cellular-based mobility data sets},

author = {Alicia Rodriguez-Carrion and Celeste Campo-Vázquez and Carlos García-Rubio},

url = {http://hdl.handle.net/10016/28004},

doi = {https://doi.org/10.3390/e20100736},

issn = {1099-4300},

year  = {2018},

date = {2018-09-25},

urldate = {2018-09-25},

journal = {Entropy},

volume = {20},

issue = {10},

abstract = {Correctly estimating the features characterizing human mobility from mobile phone traces is a key factor to improve the performance of mobile networks, as well as for mobility model design and urban planning. Most related works found their conclusions on location data based on the cells where each user sends or receives calls or messages, data known as Call Detail Records (CDRs). In this work, we test if such data sets provide enough detail on users’ movements so as to accurately estimate some of the most studied mobility features. We perform the analysis using two different data sets, comparing CDRs with respect to an alternative data collection approach. Furthermore, we propose three filtering techniques to reduce the biases detected in the fraction of visits per cell, entropy and entropy rate distributions, and predictability. The analysis highlights the need for contextualizing mobility results with respect to the data used, since the conclusions are biased by the mobile phone traces collection approach.},

keywords = {cell-based location, human mobility, inrisco, mobility data sets entropy, mobility data sets predictability, ping-pong effect},

pubstate = {published},

tppubtype = {article}

}

@article{almenarez009,

title = {A study of learning-by-doing in MOOCs through the integration of third-party external tools: comparison of synchronous and asynchronous running modes },

author = {Carlos Alario-Hoyos and Iria Estevez-Ayres and Jesus Gallego-Romero and Carlos Delgado-Kloss and Carmen Fernandez-Panadero and Raquel Crespo-Garcia and Florina Almenares-Mendoza and Blanca Ibañez-Espiga and Julio Villena-Roman and Jorge Ruiz-Magaña and Jorge Blasco-Alis},

url = {http://hdl.handle.net/10016/29864},

doi = {https://doi.org/10.3217/jucs-024-08-1015},

issn = {0948-695X},

year  = {2018},

date = {2018-08-28},

urldate = {2018-08-28},

journal = {JOURNAL OF UNIVERSAL COMPUTER SCIENCE },

volume = {24},

issue = {8},

pages = {1015-1033},

abstract = {Many MOOCs are being designed replicating traditional passive teaching approaches but using video lectures as the means of transmitting information. However, it is well known that learning-by-doing increases retention rates and, thus, allows achieving a more effective learning. To this end, it is worth exploring which tools fit best in the context of each MOOC to enrich learners' experience, including built-in tools already available in the MOOC platform, and third-party external tools which can be integrated in the MOOC platform. This paper presents an example of the integration of a software development tool, called Codeboard, in three MOOCs which serve as an introduction to programming with Java. We analyze the effect this tool has on learners' interaction and engagement when running the MOOCs in synchronous (instructor-paced) or asynchronous (self-paced) modes. Results show that the overall use of the tool is similar, regardless of the course running mode, although in the case of the synchronous mode the use of the tool is concentrated in a shorter period of time. Results also show that in the synchronous mode there is a higher percentage of accesses to the tool from registered learners (who can save their advances and continue the work later); this finding suggests that learners in the synchronous running mode are more engaged with the MOOC.},

keywords = {codeboard, emadrid, instructor-paced, Moocs, programming tools, self-paced},

pubstate = {published},

tppubtype = {article}

}

@article{almenarez009b,

title = {RiskLaine: A Probabilistic Approach for Assessing Risk in Certificate-Based Security. },

author = {Francisca Hinajeros and Florina Almenares-Mendoza and Patricia Arias-Cabarcos Josep-Lluis Ferrer Gomila and Andrés Marín-López},

doi = {https://doi.org/10.1109/tifs.2018.2807788},

issn = {1556-6013},

year  = {2018},

date = {2018-02-19},

urldate = {2018-02-19},

journal = {IEEE Transactions on Information Forensics and Security },

volume = {13},

issue = {8},

pages = {1975-1988},

abstract = {Digital certificates, based on X.509 PKI standard, are located at the core of many security mechanisms implemented in services and applications. However, the usage of certificates has revealed flaws in the certificate validation process (e.g., possibility of unavailable or non-updated data). This fact implies security risks that are not assessed. In order to address these issues that such flaws entail, we propose a novel probabilistic approach for quantitative risk assessment in X.509 PKI, together with trust management when there is uncertainty. We have evaluated our risk assessment approach and demonstrated its usage, considering as a use case the secure installation of mobile applications. The results show that our approach provides more granularity, appropriate values according to the impact, and relevant information in the risk calculation than other approaches.},

keywords = {certificate validation, mobile applications, risk assessment, trust validation},

pubstate = {published},

tppubtype = {article}

}

@article{8246828,

title = {Seamless human-device interaction in the internet of things},

author = {E Rubio-Drosdov and D Díaz-Sánchez and F Almenárez and P Arias-Cabarcos and A Marín},

url = {/download/Seamless_Human-Device_Interaction_in_the_Internet_of_Things.pdf

https://ieeexplore.ieee.org/document/8246828},

doi = {10.1109/TCE.2017.015076},

issn = {1558-4127},

year  = {2017},

date = {2017-11-01},

urldate = {2017-11-01},

journal = {IEEE Transactions on Consumer Electronics},

volume = {63},

issue = {4},

pages = {490-498},

abstract = {The Internet of Things will bring a scenario in which interaction between humans and devices will be critical to allow people to use, monitor or configure Internet of Things devices. Interactions in such applications are based on traditional graphical interfaces. Devices that accept interaction based on Natural Language, e.g., through voice commands, can understand basic human orders or answering questions whenever user expressions fit into a known language pattern. Some devices can understand natural language voice commands but require sophisticated voice assistants located in the cloud, which raises significant privacy concerns. Others devices which handle voice-processing locally can perform a very limited local recognition system, requiring users to be familiar with words the system can process. The purpose of this work is to diminish the complexity of Natural Language processing in the context of IoT. The solution posited in this article allows Internet of Things devices to offload Natural Language processing to a system that improves the use of Natural Language and alleviates the need to learn or remember specific words or terms intended for triggering device actions. We have evaluated the feasibility of the design with a proof-of-concept implemented in a home environment and it was tested by real users.},

keywords = {Human-Device Interaction, inrisco, Internet of Things, Natural Language Processing},

pubstate = {published},

tppubtype = {article}

}

@article{8003467,

title = {Collaborative eHealth Meets Security: Privacy-Enhancing Patient Profile Management},

author = {Rosa Sánchez-Guerrero and Florina Almenárez-Mendoza and Daniel Díaz-Sánchez and Patricia Arias-Cabarcos and Andrés Marín-López},

url = {/download/Collaborative_eHealth_meets_Security_Privacy-Enhancing_Patient_Profile_Management.pdf

https://ieeexplore.ieee.org/document/8003467},

doi = {10.1109/JBHI.2017.2655419},

issn = {2168-2194 },

year  = {2017},

date = {2017-11-01},

urldate = {2017-11-01},

journal = {IEEE Journal of Biomedical and Health Informatics},

volume = {21},

issue = {6},

pages = {1741-1749},

abstract = {Collaborative healthcare environments offer potential benefits, including enhancing the healthcare quality delivered to patients and reducing costs. As a direct consequence, sharing of electronic health records (EHRs) among healthcare providers has experienced a noteworthy growth in the last years, since it enables physicians to remotely monitor patients' health and enables individuals to manage their own health data more easily. However, these scenarios face significant challenges regarding security and privacy of the extremely sensitive information contained in EHRs. Thus, a flexible, efficient, and standards-based solution is indispensable to guarantee selective identity information disclosure and preserve patient's privacy. We propose a privacy-aware profile management approach that empowers the patient role, enabling him to bring together various healthcare providers as well as user-generated claims into an unique credential. User profiles are represented through an adaptive Merkle Tree, for which we formalize the underlying mathematical model. Furthermore, performance of the proposed solution is empirically validated through simulation experiments.},

keywords = {EHR, emadrid2, Merkle Tree, Minimal Disclosure, privacy, Profile Management},

pubstate = {published},

tppubtype = {article}

}