Gutiérrez-Portela, Fernando; Almenares-Mendoza, Florina; Calderón-Benavides, Liliana Evaluation of the performance of unsupervised learning algorithms for intrusion detection in unbalanced data environments Proceedings Article In: IEEE, 2024, ISSN: 2169-3536. Abstract | Links | BibTeX | Tags: anomaly detection, compromise, intrusion detection system, machine learning, metrics, Qursa, unsupervised models Pérez-Díaz, Jaime; Almenares-Mendoza, Florina Authorisation models for IoT environments: A survey Journal Article In: www.elsevier.com/locate/iot, 2024, ISSN: 2542-6605. Abstract | Links | BibTeX | Tags: ABAC, compromise, DAC, I-Shaper, IoT, MAC, Models, Platforms, Qursa, RBAC, Security Blanco-Romero, Javier; Lorenzo, Vicente; Almenares, Florina; Díaz-Sánchez, Daniel; and Celeste Campo,; García-Rubio, Carlos Integrating Post-Quantum Cryptography into CoAP and MQTT-SN Protocols Conference 2024 IEEE Symposium on Computers and Communications (ISCC), IEEE, 2024, ISBN: 979-8-3503-5424-9. Abstract | Links | BibTeX | Tags: coap, compromise, cryptography, I-Shaper, IoT, MQTT-SN, Post-Quantum Cryptography, PQC, Protocols, Qursa Blanco-Romero, Javier; Lorenzo, Vicente; Almenares, Florina; Díaz-Sánchez, Daniel; García-Rubio, Carlos; Campo, Celeste; Marín, Andrés Evaluating integration methods of a quantum random number generator in OpenSSL for TLS Journal Article In: vol. 255, 2024, ISBN: 1389-1286. Abstract | Links | BibTeX | Tags: compromise, I-Shaper, Linux, OpenSSL, QRNGs, Quantum random number generators, Qursa, TLS Lorenzo, Vicente; Blanco-Romero, Javier; Almenares, Florina; Díaz-Sánchez, Daniel; García-Rubio, Carlos; Campo, Celeste; Marín, Andrés Comparing Pseudo, Classical True and Quantum Random Number Generators Using Standard Quality Assessments Conference XVIII Reunión Española sobre Criptología y Seguridad de la Información (RECSI 2024), León, 23 al 25 de Octubre, 2024., 2024. BibTeX | Tags: compromise, Qursa Pérez-Díaz, J.; Almenares, Florina Integración de un sistema de autenticación optimizado basado en PUF en OSCORE Conference XVIII Reunión Española sobre Criptología y Seguridad de la Información (RECSI 2024), León, 23 al 25 de Octubre, 2024., 2024. BibTeX | Tags: compromise, Qursa Callejo, Patricia; Gómez-Fernandez, Ignacio; Bagnulo, Marcelo “Animation” URL in NFT marketplaces considered harmful for privacy Journal Article In: International Journal of Information Security, 2024, ISSN: 1615-5270. Abstract | Links | BibTeX | Tags: Blockchain, I-Shaper, NFT, privacy Moure-Garrido, Marta; Das, Sajal; Campo, Celeste; García-Rubio, Carlos Real-Time Analysis of Encrypted DNS Traffic for Threat Detection Conference ICC 2024 - IEEE International Conference on Communications, IEEE, 2024, ISSN: 1550-3607. Abstract | Links | BibTeX | Tags: APT, compromise, dns tunnels, doh traffic, encrypted traffic, intrusion detection system, Qursa Moure-Garrido, Marta; Das, Sajal; Campo, Celeste; García-Rubio, Carlos Real-Time Analysis of Encrypted DNS Traffic for Threat Detection Conference ICC 2024 - IEEE International Conference on Communications, IEEE, 2024, ISSN: 1550-3607. Abstract | Links | BibTeX | Tags: APT, compromise, dns tunnels, doh traffic, encrypted traffic, intrusion detection system, Qursa Campo-Vázquez, Celeste; García-Rubio, Carlos; Jimenez-Berenguel, Andrea; Moure-Garrido, Marta; Almenares-Mendoza, Florina; Díaz-Sánchez, Daniel Inferring mobile applications usage from DNS traffic Proceedings Article In: Ad Hoc Networks, Elsevier B.V., 2024. Abstract | Links | BibTeX | Tags: compromise, dns traffic, I-Shaper, mobile applications identification, Qursa, user privacy Moure-Garrido, Marta; Campo, Celeste; García-Rubio, Carlos Análisis estadístico del tráfico DoH para la detección del uso malicioso de túneles Conference Investigación en Ciberseguridad Actas de las VII Jornadas Nacionales (7º.2022.Bilbao) , 2024, ISBN: 978-84-88734-13-6. Abstract | Links | BibTeX | Tags: analisis estadistico, compromise, cynamon, dns tunnels, DoH, malicious doh Blanco-Romero, Javier; Lorenzo, Vicente; Almenares-Mendoza, Florina; Díaz-Sánchez, Daniel; Serrano-Navarro, Adrián PQSec-DDS: Integrating Post-Quantum Cryptography into DDS Security for Robotic Applications Proceedings Article In: IX Jornadas Nacionales de Investigación en Ciberseguridad - JNIC 2024, pp. 396-403, Universidad de Sevilla , 2024, ISBN: 978-84-09-62140-8. Abstract | Links | BibTeX | Tags: compromise, DDS, I-Shaper, IIoT, PQ, qurs, Qursa, Robotic Systems, ROS2 Jimenez-Berenguel, Andrea; Moure-Garrido, Marta; García-Rubio, Carlos; Campo-Vázquez, Celeste Caracterización de aplicaciones móviles mediante el análisis del tráfico DNS Proceedings Article In: IX Jornadas Nacionales de Investigación en Ciberseguridad - JNIC 2024, pp. 506-507, Universidad de Sevilla, 2024, ISBN: 978-84-09-62140-8. Abstract | Links | BibTeX | Tags: aplicaciones moviles, compromise, privacidad, Qursa, trafico dns Moure-Garrido, Marta; García-Rubio, Carlos; Campo, Celeste Reducing DNS Traffic to Enhance Home IoT Device Privacy Journal Article In: Sensors , vol. 24, iss. 9, 2024. Abstract | Links | BibTeX | Tags: compromise, DNS, I-Shaper, IoT privacy, network traffic, Qursa Lorenzo, Vicente; Blanco, Francisco Javier Comparative Analysis of Quantum, Pseudo, and Hybrid Random Number Generation Conference XVII Jornadas CCN-STIC CCN-CERT / V Jornadas de Ciberdefensa ESPDEF-CERT, 2023. BibTeX | Tags: QRNGs, Qursa, rngs Jimenez-Berenguel, Andrea; Moure-Garrido, Marta; Campo-Vázquez, Carlos García-Rubio Celeste Characterizing Mobile Applications Through Analysis of DNS Traffic Conference PE-WASUN '23: Proceedings of the Int'l ACM Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor & Ubiquitous Networks., ACM, 2023, ISBN: N 979-8-4007-0370-6. Abstract | Links | BibTeX | Tags: android apps, compromise, dns traffic, encrypted dns, mobile apps characterization, Qursa, user privacy Moure-Garrido, Marta; Campo-Vázquez, Celeste; García-Rubio, Carlos Real time detection of malicious DoH traffic using statistical analysis Journal Article In: COMPUTER NETWORKS, vol. 234, iss. 109910, pp. 1-10, 2023, ISSN: 1389-1286. Abstract | Links | BibTeX | Tags: classification, compromise, computer science, cynamon, dns tunnels, doh traffic, intrusion detection system, malicious doh, Qursa, statistical analysis Gutierrez-Portela, Fernando; Arteaga-Arteaga, Harold-Brayan; Almenares-Mendoza, Florina; Calderon-Benavides, Liliana; Acosta-Mesa, Héctor-Gabriel; Tabares-Soto, Reinel Enhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI) Journal Article In: IEEE Access, vol. 11, pp. 70542 - 70559, 2023, ISSN: 2169-3536. Abstract | Links | BibTeX | Tags: compromise, intrusion detection system, IoT Chica, Sergio; Marín-López, Andrés; Arroyo, David; Almenares-Mendoza, Florina; Díaz-Sánchez, Daniel Enhancing the anonymity and auditability of whistleblowers protection Proceedings Article In: pp. 413 - 422, Springer International Publishing, 2023, ISBN: 978-3-031-21229-1. Abstract | Links | BibTeX | Tags: compromise Díaz-Sanchez, Daniel; Almenarez-Mendoza, Florina; Marín-López, Andres; Rojo-Rivas, Isabel A Hybrid Approach to Ephemeral PKI Credentials Validation and Auditing Proceedings Article In: Proceedings of the International Conference on Ubiquitous Computing & Ambient Intelligence (UCAmI 2022), pp. 1043 - 1054, Springer International Publishing, 2022, ISBN: 978-3-031-21332-8. Abstract | BibTeX | Tags: compromise, ricon Chica, Sergio; Marín, Andrés; Arroyo-Guardeño, David; Díaz, Jesús; Almenares, Florina; Díaz, Daniel Enhancing the anonymity and auditability of whistleblowers protection Conference 2022. Abstract | Links | BibTeX | Tags: anonymous whistleblowing, compromise, cynamon, ECDHE, group signatures, permissioned blockchain Perez-Diaz, Jaime; Almenares-Mendoza, Florina Integrating an optimised PUF-based authentication scheme in OSCORE Proceedings Article In: Ad Hoc Networks Journal, 2022, ISSN: 1570-8705. Abstract | Links | BibTeX | Tags: coap, compromise, cynamon, IoT, mqtt, protocol security García-Rubio, Carlos; Campo, Celeste; Moure-Garrido, Marta Synthetic Generation of Electrical Consumption Traces in Smart Homes Conference Lecture Notes in Networks and Systems, vol. 594, Springer International Publishing, 2022, ISBN: 978-3-031-21332-8. Abstract | Links | BibTeX | Tags: anomaly detection, compromise, cynamon, Electricity consumption, magos, Smart home, Synthetic dataset generation Moure-Garrido, Marta; Campo-Vázquez, Celeste; García-Rubio, Carlos Detecting Malicious Use of DoH Tunnels Using Statistical Traffic Analysis Conference PE-WASUN '22: Proceedings of the 19th ACM International Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks, ACM, 2022, ISBN: 978-1-4503-9483-3. Abstract | Links | BibTeX | Tags: classification, compromise, cynamon, dns tunnels, doh traffic, magos, malicious doh, statistical analysis Díaz-Sánchez, Daniel; Guerrero, Rosa Sánchez; López, Andrés Marín; Almenares, Florina; Arias, Patricia A H.264 SVC distributed content protection system with flexible key stream generation Proceedings Article In: 2012 IEEE Second International Conference on Consumer Electronics - Berlin (ICCE-Berlin), IEEE, 2022, ISSN: 2166-6814. Abstract | Links | BibTeX | Tags: Cloud computing, cryptography, multimedia, servicioseguridad Rojo-Rivas, MaríaIsabel; Díaz-Sánchez, Daniel; Almenarez, Florina; Marín-Lopez, Andrés Kriper: A blockchain network with permissioned storage Journal Article In: Future Generation Computer Systems, vol. 138, pp. 160-171, 2022, ISSN: 0167-739X. Abstract | Links | BibTeX | Tags: Access control, Blockchain, compromise, Confidentiality, cynamon, Distributed storage, Permissioned storage, privacy, ricon Moure-Garrido, Marta; Campo-Vázquez, Celeste; García-Rubio, Carlos Entropy-Based Anomaly Detection in HouseholdElectricity Consumption Journal Article In: Energies, vol. 15, 2022, ISSN: 1996-1073. Abstract | Links | BibTeX | Tags: anomaly detection, behavior pattern, compromise, cynamon, entropy, household electricity consumption, load forecasting, magos Pérez-Díaz, Jaime; Almenares, Florina A PUF-based Authentication Mechanism for OSCORE Conference PE-WASUN '21: Proceedings of the 18th ACM Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks, 2021. Abstract | Links | BibTeX | Tags: compromise Seoane-Merida, Victor; García-Rubio, Carlos; Almenares-Mendoza, Florina; Campo-Vázquez, Celeste Performance evaluation of CoAP and MQTT with security support for IoT environments Journal Article In: COMPUTER NETWORKS, vol. 197, iss. 108338, pp. 1-22, 2021, ISSN: 1389-1286. Abstract | Links | BibTeX | Tags: coap, cynamon, Internet of Things, magos, mqtt, Performance evaluation, Security Gutierrez-Portela, Fernando; Almenares-Mendoza, Florina; Calderon-Benavides, Liliana; Romero-Riaño, Efren Security perspective of wireless sensor networks = Prospectiva de seguridad de las redes de sensores inalámbricos Proceedings Article In: pp. 189-201, UIS-Ingeniería , 2021, ISSN: 1657-4583. Abstract | Links | BibTeX | Tags: inteligencia artificial, redes de sensores inalambricos, Security, tecnicas no supervisadas, tecnicas supervisadas, wsn Seoane-Merida, Victor; Almenares-Mendoza, Florina; Campo-Vázquez, Celeste; García-Rubio, Carlos Performance Evaluation of the CoAP Protocol with Security Support for IoT Environments Conference PE-WASUN '20: Proceedings of the 17th ACM Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks, ASSOCIATION FOR COMPUTING MACHINERY, INC , 2020, ISBN: 978-1-4503-8118-5. Abstract | Links | BibTeX | Tags: coap, cynamon, DTLS, IoT, magos, Performance evaluation Marín-López, Andrés; Chica-Manjarrez, Sergio; Arroyo, David; Almenares-Mendoza, Florina; Díaz-Sánchez, Daniel Security Information Sharing in Smart Grids: Persisting Security Audits to the Blockchain Journal Article In: Electronics, vol. 9, pp. 1865, 2020, ISSN: 2079-9292. Abstract | Links | BibTeX | Tags: cynamon, inteligenciafuentesabiertas, permissioned blockchain, scalability, security auditing, smart grid security Bernabé-Sánchez, Iván; Díaz-Sánchez, Daniel; Muñoz-Organero, Mario Specification and Unattended Deployment of Home Networks at the Edge of the Network Journal Article In: IEEE TRANSACTIONS ON CONSUMER ELECTRONICS, vol. 66, iss. 4, pp. 279 - 288, 2020, ISSN: 0098-3063. Abstract | Links | BibTeX | Tags: Cloud computing, connected consumer devices, edge computing, fog computing, joint digital transformation, orchestrator Diaz-Redondo, Rebeca; García-Rubio, Carlos; Campo-Vázquez, Ana Fernandez-Vilas Celeste; Rodriguez-Carrion, Alicia A hybrid analysis of LBSN data to early detect anomalies in crowd dynamics Journal Article In: Future generation computer systems, vol. 109, pp. 83-94, 2020, ISSN: 0167-739X. Abstract | Links | BibTeX | Tags: crowd dynamics, density-based clustering, emadrid, entropy analysis, instagram, location-based social network Chica-Manjarrez, Sergio; Marín-López, Andrés; Díaz-Sánchez, Daniel; Almenares-Mendoza, Florina On the Automation of Auditing in Power Grid Companies Proceedings Article In: Actas de congreso internacional, Citas Google 2, CORE C, pp. 331 - 340, 2020, ISBN: ISSN/ISBN) 978-1-4503-5988-7. Abstract | Links | BibTeX | Tags: auditing, containers, cynamon, inteligenciafuentesabiertas, privacy, scalability, Security Rubio-Drosdov, Eugenio; Díaz-Sánchez, Daniel; Marín-López, Andrés; Almenares-Mendoza, Florina A Framework for Microservice Migration and Performance Assessment Proceedings Article In: pp. 291 - 299, 2020, ISBN: 978-1-4503-5988-7. Abstract | Links | BibTeX | Tags: cynamon, inteligenciafuentesabiertas, IoT, microservices, smart grids, testing Moure-Garrido, Marta; Campo-Vázquez, Celeste; García-Rubio, Carlos Anomalies detection using entropy in household energy consumption data Conference Intelligent Environments 2020 Workshop Proceedings of the 16th International Conference on Intelligent Environments, 2020, ISBN: 978-1-64368-090-3. Abstract | Links | BibTeX | Tags: anomaly, cynamon, entropy, household energy consumption AGUILAR-IGARTUA, MÓNICA; ALMENARES-MENDOZA, FLORINA; DÍAZ-REDONDO, REBECA; MARTÍN-VICENTE, MANUELA; FORNÉ, JORDI; CAMPO, CELESTE; FERNÁNDEZ-VILAS, ANA; CRUZ-LLOPIS, LUIS; GARCÍA-RUBIO, CARLOS; MARÍN-LÓPEZ, ANDRÉS; MOHAMAD-MEZHER, AHMAD; DÍAZ-SÁNCHEZ, DANIEL; CEREZO-COSTAS, HÉCTOR; REBOLLO-MONEDERO, DAVID; ARIAS-CABARCOS, PATRICIA; RICO-NOVELLA, FRANCISCO JOSÉ INRISCO: INcident monitoRing in Smart COmmunities Journal Article In: IEEE Access, vol. 8, pp. 72435 - 72460, 2020, ISSN: 2169-3536. Abstract | Links | BibTeX | Tags: big data analysis, citizen sensor, early detection of incidents, inrisco, Smart Cities, social networks, vehicular communications Martí, Mónica; García-Rubio, Carlos; Campo-Vázquez, Celeste Performance Evaluation of CoAP and MQTT_SN in an IoT Environment Conference Proceedings of 13th International Conference on Ubiquitous Computing and Ambient Intelligence UCAmI 2019, MDPI AG , 2019. Abstract | Links | BibTeX | Tags: coap, Energy consumption, inrisco, IoT, magos, MQTT_SN, wsn Díaz-Sánchez, Daniel; Marín-Lopez, Andrés; Mendoza, Florina Almenárez; Cabarcos, Patricia Arias DNS/DANE Collision-Based Distributed and Dynamic Authentication for Microservices in IoT † Journal Article In: Sensors, vol. 19, iss. 15, pp. 1-23, 2019, ISSN: 1424-8220. Abstract | Links | BibTeX | Tags: authentication, chameleon signatures, cynamon, DANE, DNSSEC, Internet of Things, magos, microservices Simon-Sherratt, Robert; Janko, Balazs; Hui, Terence; S.-Harwin, William; Dey, Nilanjan; Díaz-Sánchez, Daniel; Wang, Jin; Shi, Fuqian Task Scheduling to Constrain Peak Current Consumption in Wearable Healthcare Sensors Journal Article In: Electronics, vol. 8, pp. 789, 2019, ISSN: 2079-9292. Abstract | Links | BibTeX | Tags: embedded, health care, joint digital transformation, low-power, task scheduler, wearable Díaz-Sánchez, Daniel; Marín-López, Andrés; Almenárez-Mendoza, Florina; Arias-Cabarcos, Patricia; Simon-Sherratt, R. TLS/PKI Challenges and Certificate Pinning Techniques for IoT and M2M Secure Communications Journal Article In: IEEE Communications Surveys and Tutorials, vol. 21, iss. 4, pp. 3502-3531, 2019, ISSN: 1553-877X. Abstract | Links | BibTeX | Tags: authentication, certificate pinning, cynamon, DTLS, Internet of Things, Machine to Machine, magos, PKI, Protocols, TLS, Trusted Third Party, Tutorials Seiler-Hwang, Sunyoung; Arias-Cabarcos, Patricia; Marín, Andrés; Almenares, Florina; Díaz-Sánchez, Daniel; Becker, Christian I Don'T See Why I Would Ever Want to Use It: Analyzing the Usability of Popular Smartphone Password Managers Proceedings Article In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 1937–1953, The 26th ACM Conference on Computer and Communications Security ACM, London, United Kingdom, 2019, ISBN: 978-1-4503-6747-9. Abstract | Links | BibTeX | Tags: authentication, password managers, usable security, user study García-Rubio, Carlos; Diaz-Redondo, Rebeca; Campo-Vázquez, Celeste; Fernandez-Vilas, Ana Using entropy of social media location data for the detection of crowd dynamics anomalies Journal Article In: Electronics, vol. 7, iss. 12, pp. 380, 2018, ISSN: 2079-9292. Abstract | Links | BibTeX | Tags: anomaly detection, city behavior, data mining algorithms, location-based social network Almenarez, Florina; Alonso, Lucía; Marín, Andrés; Díaz-Sánchez, Daniel; Arias, Patricia Assessment of fitness tracker security: a case of study Proceedings Article In: 2018, ISSN: 2504-3900. Abstract | Links | BibTeX | Tags: fitness tracker, inteligenciafuentesabiertas, security vulnerabilities, wereable devices Díaz-Sánchez, Daniel; Marín-López, Andrés; Almenares-Mendoza, Florina; Arias-Cabarcos, Patricia DNS-Based Dynamic Authentication for Microservices in IoT Proceedings Article In: pp. 1-11, 2018, ISSN: 2504-3900. Abstract | Links | BibTeX | Tags: chameleon signatures, DANE, DNSSEC, inteligenciafuentesabiertas, IoT, microservices Rodriguez-Carrion, Alicia; Campo-Vázquez, Celeste; García-Rubio, Carlos Detecting and reducing biases in cellular-based mobility data sets Journal Article In: Entropy, vol. 20, iss. 10, 2018, ISSN: 1099-4300. Abstract | Links | BibTeX | Tags: cell-based location, human mobility, inrisco, mobility data sets entropy, mobility data sets predictability, ping-pong effect Alario-Hoyos, Carlos; Estevez-Ayres, Iria; Gallego-Romero, Jesus; Delgado-Kloss, Carlos; Fernandez-Panadero, Carmen; Crespo-Garcia, Raquel; Almenares-Mendoza, Florina; Ibañez-Espiga, Blanca; Villena-Roman, Julio; Ruiz-Magaña, Jorge; Blasco-Alis, Jorge In: JOURNAL OF UNIVERSAL COMPUTER SCIENCE , vol. 24, iss. 8, pp. 1015-1033, 2018, ISSN: 0948-695X. Abstract | Links | BibTeX | Tags: codeboard, emadrid, instructor-paced, Moocs, programming tools, self-paced Hinajeros, Francisca; Almenares-Mendoza, Florina; Gomila, Patricia Arias-Cabarcos Josep-Lluis Ferrer; Marín-López, Andrés RiskLaine: A Probabilistic Approach for Assessing Risk in Certificate-Based Security. Journal Article In: IEEE Transactions on Information Forensics and Security , vol. 13, iss. 8, pp. 1975-1988, 2018, ISSN: 1556-6013. Abstract | Links | BibTeX | Tags: certificate validation, mobile applications, risk assessment, trust validation Rubio-Drosdov, E; Díaz-Sánchez, D; Almenárez, F; Arias-Cabarcos, P; Marín, A Seamless human-device interaction in the internet of things Journal Article In: IEEE Transactions on Consumer Electronics, vol. 63, iss. 4, pp. 490-498, 2017, ISSN: 1558-4127. Abstract | Links | BibTeX | Tags: Human-Device Interaction, inrisco, Internet of Things, Natural Language Processing2024
@inproceedings{almenarez019,
title = {Evaluation of the performance of unsupervised learning algorithms for intrusion detection in unbalanced data environments},
author = {Fernando Gutiérrez-Portela and Florina Almenares-Mendoza and Liliana Calderón-Benavides},
url = {https://ieeexplore.ieee.org/document/10794744},
doi = {10.1109/ACCESS.2024.3516615},
issn = {2169-3536},
year = {2024},
date = {2024-12-12},
urldate = {2024-12-12},
publisher = {IEEE},
abstract = {In this study, the performance of different unsupervised machine learning algorithms used for intrusion detection within unbalanced data environments were analyzed; these algorithms included the K-means++ algorithm, density-based spatial clustering of applications with noise (DBSCAN), local outlier factor (LOF), and isolation forest (I-forest) using the BoT–IoT dataset. Performance metrics such as purity, homogeneity_score, completeness_score, v_measure_score, and adjusted_mutual_info_score were used to evaluate the effectiveness of algorithms in detecting various types of attacks such as distributed denial of service (DDoS), denial of service (DoS), and reconnaissance. Similarly, different methods were used for the automatic selection of the optimal number of clusters such as the elbow method, silhouette coefficient, Calinski–Harabasz index, and Davies–Bouldin index. Moreover, principal component analysis (PCA) was used to explain data variance and the influence of variables on intrusion detection. Results revealed that the K-means algorithm achieved 95% purity as well as 95% and 99% prediction accuracies for normal and abnormal data, respectively. The I-forest algorithm achieved 95% purity as well as 99% and 90% prediction accuracies for normal and abnormal data in a balanced dataset, respectively. These findings indicated that I-forest exhibited a low central processing unit (CPU) consumption rate of 10% on balanced data, outperforming DBSCAN, K-Means++, and LOF, with 16% consumption rates.},
keywords = {anomaly detection, compromise, intrusion detection system, machine learning, metrics, Qursa, unsupervised models},
pubstate = {published},
tppubtype = {inproceedings}
}
@article{almenarez018,
title = {Authorisation models for IoT environments: A survey},
author = {Jaime Pérez-Díaz and Florina Almenares-Mendoza},
url = {https://www.sciencedirect.com/science/article/pii/S2542660524003718?via%3Dihub#d1e3887},
doi = {https://doi.org/10.1016/j.iot.2024.101430},
issn = {2542-6605},
year = {2024},
date = {2024-11-23},
urldate = {2024-11-23},
journal = { www.elsevier.com/locate/iot},
abstract = {Authorization models are pivotal in the Internet of Things (IoT) ecosystem, ensuring secure management of data access and communication. These models function after authentication, determining the specific actions that a device is allowed to perform. This paper aims to provide a comprehensive and comparative analysis of authorization solutions within IoT contexts, based on the requirements identified from the existing literature. We critically assess the functionalities and capabilities of various authorization solutions, particularly those designed for IoT cloud platforms and distributed architectures. Our findings highlight the urgent need for further development of authorization models optimized for the unique demands of IoT environments. Consequently, we address both the persistent challenges and the gaps within this domain. As IoT continues to reshape the technological landscape, the refinement and adaptation of authorization models remain imperative ongoing pursuits.},
keywords = {ABAC, compromise, DAC, I-Shaper, IoT, MAC, Models, Platforms, Qursa, RBAC, Security},
pubstate = {published},
tppubtype = {article}
}
@conference{javierblanco002,
title = {Integrating Post-Quantum Cryptography into CoAP and MQTT-SN Protocols},
author = {Javier Blanco-Romero and Vicente Lorenzo and Florina Almenares and Daniel Díaz-Sánchez and and Celeste Campo and Carlos García-Rubio},
url = {https://ieeexplore.ieee.org/abstract/document/10733716/figures#figures},
doi = {https://doi.org/10.1109/ISCC61673.2024.10733716},
isbn = {979-8-3503-5424-9},
year = {2024},
date = {2024-10-31},
urldate = {2024-10-31},
booktitle = {2024 IEEE Symposium on Computers and Communications (ISCC)},
publisher = {IEEE},
abstract = {Post-Quantum Cryptography (PQC) is a practical and cost-effective solution to defend against emerging quantum computing threats. So, leading worldwide security agencies and standardization bodies strongly advocate for the proactive integration of PQ cryptography into underlying frameworks to support applications, protocols, and services. The current research predominantly addresses the incorporation of PQC in Internet communication protocols such as HTTP and DNS; nevertheless, the focus on embedded devices has been limited to evaluating PQC’s integration within TLS/DTLS in isolation. Hence, there is a notable gap in understanding how PQC impacts IoT-specific communication protocols. This paper presents the integration of PQC into two communication protocols specifically tailored for IoT devices, the Constrained Application Protocol (CoAP) and MQTT for Sensor Networks (MQTT-SN), via the wolfSSL library. These two integrations contribute to the understanding of PQC’s implications for IoT communication protocols.},
keywords = {coap, compromise, cryptography, I-Shaper, IoT, MQTT-SN, Post-Quantum Cryptography, PQC, Protocols, Qursa},
pubstate = {published},
tppubtype = {conference}
}
@article{javierblanco003,
title = {Evaluating integration methods of a quantum random number generator in OpenSSL for TLS},
author = {Javier Blanco-Romero and Vicente Lorenzo and Florina Almenares and Daniel Díaz-Sánchez and Carlos García-Rubio and Celeste Campo and Andrés Marín},
url = {https://www.sciencedirect.com/science/article/pii/S1389128624007096?via%3Dihub},
doi = {https://doi.org/10.1016/j.comnet.2024.110877},
isbn = {1389-1286},
year = {2024},
date = {2024-10-25},
urldate = {2024-10-25},
volume = {255},
publisher = {Computer Networks},
abstract = {The rapid advancement of quantum computing poses a significant threat to conventional cryptography. Whilst post-quantum cryptography (PQC) stands as the prevailing trend for fortifying the security of cryptographic systems, the coexistence of quantum and classical computing paradigms presents an opportunity to leverage the strengths of both technologies, for instance, nowadays the use of Quantum Random Number Generators (QRNGs) – considered as True Random Number Generators (TRNGs) – opens up the possibility of discussing hybrid systems. In this paper, we evaluate both aspects, on the one hand, we use hybrid TLS (Transport Layer Security) protocol that leverages the widely used secure protocol on the Internet and integrates PQC algorithms, and, on the other hand, we evaluate two approaches to integrate a QRNG, i.e., Quantis PCIe-240M, in OpenSSL 3.0 to be used by TLS. Both approaches are compared through a Nginx Web server, that uses OpenSSL’s implementation of TLS 1.3 for secure web communication. Our findings highlight the importance of optimizing such integration method, because while direct integration can lead to performance penalties specific to the method and hardware used, alternative methods demonstrate the potential for efficient QRNG deployment in cryptographic systems.},
keywords = {compromise, I-Shaper, Linux, OpenSSL, QRNGs, Quantum random number generators, Qursa, TLS},
pubstate = {published},
tppubtype = {article}
}
@conference{nokey,
title = {Comparing Pseudo, Classical True and Quantum Random Number Generators Using Standard Quality Assessments},
author = {Vicente Lorenzo and Javier Blanco-Romero and Florina Almenares and Daniel Díaz-Sánchez and Carlos García-Rubio and Celeste Campo and Andrés Marín},
year = {2024},
date = {2024-10-25},
urldate = {2024-10-25},
booktitle = {XVIII Reunión Española sobre Criptología y Seguridad de la Información (RECSI 2024), León, 23 al 25 de Octubre, 2024.},
keywords = {compromise, Qursa},
pubstate = {published},
tppubtype = {conference}
}
@conference{nokey,
title = { Integración de un sistema de autenticación optimizado basado en PUF en OSCORE},
author = {J. Pérez-Díaz and Florina Almenares },
year = {2024},
date = {2024-10-25},
urldate = {2024-10-25},
booktitle = {XVIII Reunión Española sobre Criptología y Seguridad de la Información (RECSI 2024), León, 23 al 25 de Octubre, 2024.},
keywords = {compromise, Qursa},
pubstate = {published},
tppubtype = {conference}
}
@article{marcelo001,
title = {“Animation” URL in NFT marketplaces considered harmful for privacy},
author = {Patricia Callejo and Ignacio Gómez-Fernandez and Marcelo Bagnulo},
doi = {https://doi.org/10.1007/s10207-024-00908-x},
issn = {1615-5270},
year = {2024},
date = {2024-09-17},
journal = {International Journal of Information Security},
abstract = {Non-Fungible Tokens (NFTs) are becoming increasingly popular as a way to represent and own digital property. However, the usage of NFTs also prompts questions about privacy. In this work, we show that it is possible to use NFTs to retrieve enough information to fingerprint users. By doing so, we can uniquely associate users with blockchain accounts. This would allow linking several blockchain accounts to the same user. This work focuses on the vulnerabilities presented by some popular NFT marketplaces. Since NFTs may have HTML files embedded, they allow the use of fingerprinting techniques if not handled carefully. Finally, we provide recommendations and countermeasures for the different actors in this ecosystem to avoid these kinds of tracking methods and, in doing so, safeguard user privacy.},
keywords = {Blockchain, I-Shaper, NFT, privacy},
pubstate = {published},
tppubtype = {article}
}
@conference{marta003,
title = {Real-Time Analysis of Encrypted DNS Traffic for Threat Detection},
author = {Marta Moure-Garrido and Sajal Das and Celeste Campo and Carlos García-Rubio},
url = {https://ieeexplore.ieee.org/document/10622347},
doi = {https://doi.org/10.1109/ICC51166.2024.10622347},
issn = {1550-3607},
year = {2024},
date = {2024-08-20},
booktitle = {ICC 2024 - IEEE International Conference on Communications},
pages = {3292-3297},
publisher = {IEEE},
abstract = {Domain Name System (DNS) tunneling is a well-known cyber-attack that allows data exfiltration - the attackers exploit this tunnel to extract sensitive information from the system. Advanced Persistent Threat (APT) attackers encapsulate malicious traffic in a DNS connection to elude security mechanisms such as Intrusion Detection System (IDS). Although different techniques have been implemented to detect these targeted attacks, their rise induces a threat to Cyber-Physical Systems (CPS). The DNS over HTTPS (DoH) tunnel detection is a challenge because the encrypted data prevents an analysis of DNS traffic content. In this paper, we present a novel detection system that identifies malicious DoH tunnels in real time. We study the normal traffic pattern and based on that, we define a profile. The objective of this system is to detect malicious activity on the system as early as possible through a lightweight packet by packet analysis based on a real-time IDS classifier. This system is evaluated on three available data sets and the results obtained are compared with a machine learning technique. We demonstrate that the identification of anomalous activity, in particular DoH tunnels, is possible by analyzing different traffic features.},
keywords = {APT, compromise, dns tunnels, doh traffic, encrypted traffic, intrusion detection system, Qursa},
pubstate = {published},
tppubtype = {conference}
}
@conference{marta003b,
title = {Real-Time Analysis of Encrypted DNS Traffic for Threat Detection},
author = {Marta Moure-Garrido and Sajal Das and Celeste Campo and Carlos García-Rubio},
url = {https://ieeexplore.ieee.org/document/10622347},
doi = {https://doi.org/10.1109/ICC51166.2024.10622347},
issn = {1550-3607},
year = {2024},
date = {2024-08-20},
booktitle = {ICC 2024 - IEEE International Conference on Communications},
pages = {3292-3297},
publisher = {IEEE},
abstract = {Domain Name System (DNS) tunneling is a well-known cyber-attack that allows data exfiltration - the attackers exploit this tunnel to extract sensitive information from the system. Advanced Persistent Threat (APT) attackers encapsulate malicious traffic in a DNS connection to elude security mechanisms such as Intrusion Detection System (IDS). Although different techniques have been implemented to detect these targeted attacks, their rise induces a threat to Cyber-Physical Systems (CPS). The DNS over HTTPS (DoH) tunnel detection is a challenge because the encrypted data prevents an analysis of DNS traffic content. In this paper, we present a novel detection system that identifies malicious DoH tunnels in real time. We study the normal traffic pattern and based on that, we define a profile. The objective of this system is to detect malicious activity on the system as early as possible through a lightweight packet by packet analysis based on a real-time IDS classifier. This system is evaluated on three available data sets and the results obtained are compared with a machine learning technique. We demonstrate that the identification of anomalous activity, in particular DoH tunnels, is possible by analyzing different traffic features.},
keywords = {APT, compromise, dns tunnels, doh traffic, encrypted traffic, intrusion detection system, Qursa},
pubstate = {published},
tppubtype = {conference}
}
@inproceedings{campo012,
title = {Inferring mobile applications usage from DNS traffic},
author = {Celeste Campo-Vázquez and Carlos García-Rubio and Andrea Jimenez-Berenguel and Marta Moure-Garrido and Florina Almenares-Mendoza and Daniel Díaz-Sánchez },
url = {https://www.sciencedirect.com/science/article/pii/S1570870524002129#d1e710},
doi = {https://doi.org/10.1016/j.adhoc.2024.103601},
year = {2024},
date = {2024-07-19},
urldate = {2024-07-19},
booktitle = {Ad Hoc Networks},
publisher = {Elsevier B.V.},
abstract = {In the digital era, our lives are intrinsically linked to the daily use of mobile applications. As a consequence, we generate and transmit a large amount of personal data that puts our privacy in danger. Despite having encrypted communications, the DNS traffic is usually not encrypted, and it is possible to extract valuable information from the traffic generated by mobile applications. This study focuses on the analysis of the DNS traffic behavior found in mobile application traces, developing a methodology capable of identifying mobile applications based on the domains they query. With this methodology, we were able to identify apps with 98% accuracy. Furthermore, we have validated the effectiveness of the characterization obtained with one dataset by identifying traces from other independent datasets. The evaluation showed that the methodology provides successful results in identifying mobile applications.},
keywords = {compromise, dns traffic, I-Shaper, mobile applications identification, Qursa, user privacy},
pubstate = {published},
tppubtype = {inproceedings}
}
@conference{marta002,
title = {Análisis estadístico del tráfico DoH para la detección del uso malicioso de túneles},
author = {Marta Moure-Garrido and Celeste Campo and Carlos García-Rubio},
url = {https://dialnet.unirioja.es/servlet/articulo?codigo=9206590},
isbn = {978-84-88734-13-6},
year = {2024},
date = {2024-07-10},
urldate = {2024-07-10},
booktitle = {Investigación en Ciberseguridad Actas de las VII Jornadas Nacionales (7º.2022.Bilbao) },
pages = {38-41},
abstract = {Las primeras versiones de DNS presentaban ciertos problemas de seguridad: integridad, autenticidad y privacidad. Para solventarlos se definió DNSSEC, pero esta versión
seguía sin garantizar privacidad. Por ello, se definieron DNS sobre TLS (DoT) en 2016 y DNS sobre HTTPS (DoH) en 2018. En los ultimos años se ha empleado la tunelización DNS para encapsular trafico maligno. Las versiones DoT y DoH han complicado la detección de estos túneles dado que los datos van encriptados. En trabajos anteriores se emplean técnicas de aprendizaje automático para identificar túneles DoH, pero tienen limitaciones. En este trabajo realizamos un análisis estadístico para aprender el patrón del tráfico DoH y estudiar las diferencias entre el tráfico benigno y el tráfico creado con herramientas de tunelización. El análisis revela que ciertos parámetros estadísticos permiten diferenciar el trafico. El siguiente paso de la investigación es aplicar técnicas más elaboradas basándonos en el análisis realizado.},
keywords = {analisis estadistico, compromise, cynamon, dns tunnels, DoH, malicious doh},
pubstate = {published},
tppubtype = {conference}
}
seguía sin garantizar privacidad. Por ello, se definieron DNS sobre TLS (DoT) en 2016 y DNS sobre HTTPS (DoH) en 2018. En los ultimos años se ha empleado la tunelización DNS para encapsular trafico maligno. Las versiones DoT y DoH han complicado la detección de estos túneles dado que los datos van encriptados. En trabajos anteriores se emplean técnicas de aprendizaje automático para identificar túneles DoH, pero tienen limitaciones. En este trabajo realizamos un análisis estadístico para aprender el patrón del tráfico DoH y estudiar las diferencias entre el tráfico benigno y el tráfico creado con herramientas de tunelización. El análisis revela que ciertos parámetros estadísticos permiten diferenciar el trafico. El siguiente paso de la investigación es aplicar técnicas más elaboradas basándonos en el análisis realizado.@inproceedings{javierblanco001,
title = {PQSec-DDS: Integrating Post-Quantum Cryptography into DDS Security for Robotic Applications},
author = {Javier Blanco-Romero and Vicente Lorenzo and Florina Almenares-Mendoza and Daniel Díaz-Sánchez and Adrián Serrano-Navarro},
url = {https://hdl.handle.net/11441/159179
https://idus.us.es/handle/11441/159179
https://idus.us.es/bitstream/handle/11441/159179/ActasJNIC24%20%282%20ed%29.pdf?sequence=4&isAllowed=y},
isbn = {978-84-09-62140-8},
year = {2024},
date = {2024-05-28},
urldate = {2024-05-28},
booktitle = {IX Jornadas Nacionales de Investigación en Ciberseguridad - JNIC 2024},
pages = {396-403},
publisher = {Universidad de Sevilla },
abstract = {Leading cybersecurity agencies and standardization bodies have globally emphasized the critical need to transition towards Post-Quantum Cryptography (PQC) to defend against
emerging quantum computing threats. They advocate PQC as a practical and cost-effective solution for security systems nowadays. Nevertheless, emerging technologies such as industrial systems, e.g., autonomous vehicles, air traffic management, diagnostic imaging machines, etc., and robotics systems, e.g., ROS2 (Robotic Operating System), have not started their evolution to enhance crypto-agility and security robustness. Some of these emerging technologies use the Data Distribution Service (DDS)
standard as the underlying communication middleware protocol. DDS is a distributed publish-subscribe system that allows sending and receiving data by publishing and subscribing to topics across a network of connected nodes. However, DDS’s security is based on traditional symmetric and asymmetric cryptography, which is vulnerable to quantum computing attacks. To address this issue, we propose the integration of PQC into DDS, through the development of a C/C++ library, called pqsec-dds, which can be integrated across different DDS implementations such as CycloneDDS or OpenDDS. A proof-of-concept demonstrates the viability of our approach in enhancing the security and cryptoagility of DDS-based systems.},
keywords = {compromise, DDS, I-Shaper, IIoT, PQ, qurs, Qursa, Robotic Systems, ROS2},
pubstate = {published},
tppubtype = {inproceedings}
}
emerging quantum computing threats. They advocate PQC as a practical and cost-effective solution for security systems nowadays. Nevertheless, emerging technologies such as industrial systems, e.g., autonomous vehicles, air traffic management, diagnostic imaging machines, etc., and robotics systems, e.g., ROS2 (Robotic Operating System), have not started their evolution to enhance crypto-agility and security robustness. Some of these emerging technologies use the Data Distribution Service (DDS)
standard as the underlying communication middleware protocol. DDS is a distributed publish-subscribe system that allows sending and receiving data by publishing and subscribing to topics across a network of connected nodes. However, DDS’s security is based on traditional symmetric and asymmetric cryptography, which is vulnerable to quantum computing attacks. To address this issue, we propose the integration of PQC into DDS, through the development of a C/C++ library, called pqsec-dds, which can be integrated across different DDS implementations such as CycloneDDS or OpenDDS. A proof-of-concept demonstrates the viability of our approach in enhancing the security and cryptoagility of DDS-based systems.@inproceedings{andrea001,
title = {Caracterización de aplicaciones móviles mediante el análisis del tráfico DNS},
author = {Andrea Jimenez-Berenguel and Marta Moure-Garrido and Carlos García-Rubio and Celeste Campo-Vázquez},
url = {https://idus.us.es/handle/11441/159179
https://dialnet.unirioja.es/servlet/articulo?codigo=9633499
https://idus.us.es/bitstream/handle/11441/159179/ActasJNIC24%20%282%20ed%29.pdf?sequence=4&isAllowed=y},
isbn = {978-84-09-62140-8},
year = {2024},
date = {2024-05-28},
urldate = {2024-05-28},
booktitle = {IX Jornadas Nacionales de Investigación en Ciberseguridad - JNIC 2024},
pages = {506-507},
publisher = {Universidad de Sevilla},
abstract = {La privacidad del usuario sigue siendo vulnerable cuando se utilizan protocolos de comunicación cifrados, como HTTPS, cuando las consultas DNS se envían en texto claro a través del puerto UDP 53 (Do53). En este estudio, demostramos la posibilidad de caracterizar una aplicación móvil que utiliza un usuario basándonos en su tráfico Do53. Mediante el análisis de un conjunto de datos de tráfico, formado por 80 aplicaciones móviles Android, podemos identificar la aplicación que se está utilizando basándonos en sus consultas DNS con una precisión del 88,75 %. Aunque los sistemas operativos modernos, incluido Android desde la versión 9.0, admiten el tráfico DNS cifrado, esta función no está activada por defecto y depende del soporte del proveedor de DNS. Además, incluso cuando el tráfico DNS está cifrado, el proveedor de servicios DNS sigue teniendo acceso a nuestras consultas y podría extraer información de ellas.},
keywords = {aplicaciones moviles, compromise, privacidad, Qursa, trafico dns},
pubstate = {published},
tppubtype = {inproceedings}
}
@article{marta001,
title = {Reducing DNS Traffic to Enhance Home IoT Device Privacy},
author = {Marta Moure-Garrido and Carlos García-Rubio and Celeste Campo},
url = {https://www.mdpi.com/1424-8220/24/9/2690/pdf?version=1713941333},
doi = {https://doi.org/10.3390/s24092690},
year = {2024},
date = {2024-04-24},
urldate = {2024-04-24},
journal = {Sensors },
volume = {24},
issue = {9},
publisher = {Sensors 2024},
abstract = {The deployment of Internet of Things (IoT) devices is widespread in different environments, including homes. Although security is incorporated, homes can become targets for cyberattacks because of their vulnerabilities. IoT devices generate Domain Name Server (DNS) traffic primarily for communication with Internet servers. In this paper, we present a detailed analysis of DNS traffic from IoT devices. The queried domains are highly distinctive, enabling attackers to easily identify the IoT device. In addition, we observed an unexpectedly high volume of queries. The analysis reveals that the same domains are repeatedly queried, DNS queries are transmitted in plain text over User Datagram Protocol (UDP) port 53 (Do53), and the excessive generation of traffic poses a security risk by amplifying an attacker’s ability to identify IoT devices and execute more precise, targeted attacks, consequently escalating the potential compromise of the entire IoT ecosystem. We propose a simple measure that can be taken to reduce DNS traffic generated by IoT devices, thus preventing it from being used as a vector to identify the types of devices present in the network. This measure is based on the implementation of the DNS cache in the devices; caching few resources increases privacy considerably.},
keywords = {compromise, DNS, I-Shaper, IoT privacy, network traffic, Qursa},
pubstate = {published},
tppubtype = {article}
}
2023
@conference{vicente001,
title = {Comparative Analysis of Quantum, Pseudo, and Hybrid Random Number Generation},
author = {Vicente Lorenzo and Francisco Javier Blanco},
year = {2023},
date = {2023-11-29},
urldate = {2023-11-29},
booktitle = {XVII Jornadas CCN-STIC CCN-CERT / V Jornadas de Ciberdefensa ESPDEF-CERT},
keywords = {QRNGs, Qursa, rngs},
pubstate = {published},
tppubtype = {conference}
}
@conference{campo013,
title = {Characterizing Mobile Applications Through Analysis of DNS Traffic},
author = {Andrea Jimenez-Berenguel and Marta Moure-Garrido and Carlos García-Rubio Celeste Campo-Vázquez},
doi = {https://doi.org/10.1145/3616394.3618268},
isbn = {N 979-8-4007-0370-6},
year = {2023},
date = {2023-10-30},
urldate = {2023-10-30},
booktitle = {PE-WASUN '23: Proceedings of the Int'l ACM Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor & Ubiquitous Networks.},
pages = {69-76},
publisher = {ACM},
abstract = {User privacy may remain vulnerable when using encrypted communication protocols, such as HTTPS, if DNS queries are sent in cleartext over UDP port 53 (Do53). In this study, we demonstrate the possibility of characterizing the mobile application a user is using based on its Do53 traffic. By analyzing a dataset of traffic captured from 80 Android mobile apps, we can identify the app being used based on its DNS queries with an accuracy of 88.75%. While modern operating systems, including Android since version 9.0, support encrypted DNS traffic, this feature is not enabled by default and relies on the DNS provider's support. Moreover, even when DNS traffic is encrypted, the DNS service provider still has access to our queries and could potentially extract information from them.},
keywords = {android apps, compromise, dns traffic, encrypted dns, mobile apps characterization, Qursa, user privacy},
pubstate = {published},
tppubtype = {conference}
}
@article{campo002,
title = {Real time detection of malicious DoH traffic using statistical analysis },
author = {Marta Moure-Garrido and Celeste Campo-Vázquez and Carlos García-Rubio},
url = {http://hdl.handle.net/10016/38151},
doi = {https://doi.org/10.1016/j.comnet.2023.109910},
issn = {1389-1286},
year = {2023},
date = {2023-10-09},
urldate = {2023-10-09},
journal = {COMPUTER NETWORKS},
volume = {234},
issue = {109910},
pages = {1-10},
abstract = {The DNS protocol plays a fundamental role in the operation of ubiquitous networks. All devices connected to these networks need DNS to work, both for traditional domain name to IP address translation, and for more advanced services such as resource discovery. DNS over HTTPS (DoH) solves certain security problems present in the DNS protocol. However, malicious DNS tunnels, a covert way of encapsulating malicious traffic in a DNS connection, are difficult to detect because the encrypted data prevents performing an analysis of the content of the DNS traffic.
In this study, we introduce a real-time system for detecting malicious DoH tunnels, which is based on analyzing DoH traffic using statistical methods. Our research demonstrates that it is feasible to identify in real-time malicious traffic by analyzing specific parameters extracted from DoH traffic. In addition, we conducted statistical analysis to identify the most significant features that distinguish malicious traffic from benign traffic. Using the selected features, we achieved satisfactory results in classifying DoH traffic as either benign or malicious.},
keywords = {classification, compromise, computer science, cynamon, dns tunnels, doh traffic, intrusion detection system, malicious doh, Qursa, statistical analysis},
pubstate = {published},
tppubtype = {article}
}
In this study, we introduce a real-time system for detecting malicious DoH tunnels, which is based on analyzing DoH traffic using statistical methods. Our research demonstrates that it is feasible to identify in real-time malicious traffic by analyzing specific parameters extracted from DoH traffic. In addition, we conducted statistical analysis to identify the most significant features that distinguish malicious traffic from benign traffic. Using the selected features, we achieved satisfactory results in classifying DoH traffic as either benign or malicious.@article{almenarez017,
title = {Enhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI)},
author = {Fernando Gutierrez-Portela and Harold-Brayan Arteaga-Arteaga and Florina Almenares-Mendoza and Liliana Calderon-Benavides and Héctor-Gabriel Acosta-Mesa and Reinel Tabares-Soto},
url = {https://ieeexplore.ieee.org/document/10172186},
doi = {https://doi.org/10.1109/ACCESS.2023.3292267},
issn = {2169-3536},
year = {2023},
date = {2023-07-04},
urldate = {2023-07-04},
journal = {IEEE Access},
volume = {11},
pages = {70542 - 70559},
abstract = {One of the fields where Artificial Intelligence (AI) must continue to innovate is computer security. The integration of Wireless Sensor Networks (WSN) with the Internet of Things (IoT) creates ecosystems of attractive surfaces for security intrusions, being vulnerable to multiple and simultaneous attacks. This research evaluates the performance of supervised ML techniques for detecting intrusions based on network traffic captures. This work presents a new balanced dataset (IDSAI) with intrusions generated in attack environments in a real scenario. This new dataset has been provided in order to contrast model generalization from different datasets. The results show that for the detection of intruders, the best supervised algorithms are XGBoost, Gradient Boosting, Decision Tree, Random Forest, and Extra Trees, which can generate predictions when trained and predicted with ten specific intrusions (such as ARP spoofing, ICMP echo request Flood, TCP Null, and others), both of binary form (intrusion and non-intrusion) with up to 94% of accuracy, as multiclass form (ten different intrusions and non-intrusion) with up to 92% of accuracy. In contrast, up to 90% of accuracy is achieved for prediction on the Bot-IoT dataset using models trained with the IDSAI dataset.},
keywords = {compromise, intrusion detection system, IoT},
pubstate = {published},
tppubtype = {article}
}
@inproceedings{pa057,
title = {Enhancing the anonymity and auditability of whistleblowers protection},
author = {Sergio Chica and Andrés Marín-López and David Arroyo and Florina Almenares-Mendoza and Daniel Díaz-Sánchez},
doi = {https://doi.org/10.1007/978-3-031-21229-1_38},
isbn = {978-3-031-21229-1},
year = {2023},
date = {2023-01-08},
pages = {413 - 422},
publisher = {Springer International Publishing},
abstract = {In our democracy a trade-off between checks and balances is mandatory. To play the role of balances, it is necessary to have information that is often only obtainable through channels that ensure the anonymity of the source. Here we present a work in progress of a system that provides anonymity to sources in a open and auditable system, oriented to audit systems of critical infrastructure and built on our previous work autoauditor.},
keywords = {compromise},
pubstate = {published},
tppubtype = {inproceedings}
}
2022
@inproceedings{pa056,
title = {A Hybrid Approach to Ephemeral PKI Credentials Validation and Auditing},
author = {Daniel Díaz-Sanchez and Florina Almenarez-Mendoza and Andres Marín-López and Isabel Rojo-Rivas },
isbn = {978-3-031-21332-8},
year = {2022},
date = {2022-12-20},
urldate = {2022-12-20},
booktitle = {Proceedings of the International Conference on Ubiquitous Computing & Ambient Intelligence (UCAmI 2022)},
pages = {1043 - 1054},
publisher = {Springer International Publishing},
abstract = {IoT/M2M solutions are expected to rely on near computing infrastructures for deployment of services, frequently ephemeral, that will need adequate protection. Communication protocols in IoT services have widely adopted TLS/PKI as the de facto security standard despite PKI was not designed for issuing short lived credentials. Moreover, after several Certificate Authorities were compromised, some Certificate Pinning proposal were developed to give an additional verification to PKI certificates. Some Certificate Pinning solutions, as Certificate Transparency, provide long term auditing information for PKI certificates issued by renowned Certificate Authorities only, whereas others, as DANE, are able to verify self-issued certificates and give support for security islands that would benefit the development of IoT/M2M micro services but cannot provide long term auditing information. This article describe DANEAudits, a novel service with the objective of complementing DANE with long term auditing information without the need of new Trusted Third Parties different from the information owner.},
keywords = {compromise, ricon},
pubstate = {published},
tppubtype = {inproceedings}
}
@conference{almenarez015,
title = {Enhancing the anonymity and auditability of whistleblowers protection},
author = {Sergio Chica and Andrés Marín and David Arroyo-Guardeño and Jesús Díaz and Florina Almenares and Daniel Díaz },
url = {http://hdl.handle.net/10261/275765},
doi = {https://doi.org/10.20350/digitalCSIC/14702},
year = {2022},
date = {2022-11-30},
urldate = {2022-11-30},
abstract = { In our democracy a trade-off between checks and balances is mandatory. To play the role of balances, it is necessary to have information that is often only obtainable through channels that ensure the anonymity of the source. Here we present a work in progress of a system that provides anonymity to sources in a open and auditable system, oriented to audit systems of critical infrastructure and built on our previous work autoauditor.},
keywords = {anonymous whistleblowing, compromise, cynamon, ECDHE, group signatures, permissioned blockchain},
pubstate = {published},
tppubtype = {conference}
}
@inproceedings{almenarez007,
title = {Integrating an optimised PUF-based authentication scheme in OSCORE},
author = {Jaime Perez-Diaz and Florina Almenares-Mendoza },
doi = {https://doi.org/10.1016/j.adhoc.2022.103038},
issn = {1570-8705},
year = {2022},
date = {2022-11-23},
urldate = {2022-11-23},
volume = {140},
publisher = {Ad Hoc Networks Journal},
abstract = {Due to the growth in the amount and type of connected devices, mainly IoT devices, new scalable, lightweight and security-aware protocols, e.g., CoAP and MQTT, have been defined. For the definition of these protocols, the axioms concerning security must cover all the needs regarding authentication, confidentiality, integrity and availability of both devices and servers.
CoAP specifies mainly protocol security based on the transport layer through DTLS. Nevertheless, OSCORE (Object Security for Constrained RESTful Environments) has been recently defined to support end-to-end protection of RESTful interactions over the CoAP protocol. It was designed for constrained devices and networks supporting a range of proxy operations, including translation between different transport protocols. The main challenge presents in OSCORE is the establishment and exchange of pre-shared keys required to protect data. For that, this paper defines how use an optimised version of SRAM-based PUF (Physical Unclonable Functions) for a secure authentication, key establishment and exchanging model. The proposal has been implemented and evaluated in a scenario including IoT devices.},
keywords = {coap, compromise, cynamon, IoT, mqtt, protocol security},
pubstate = {published},
tppubtype = {inproceedings}
}
CoAP specifies mainly protocol security based on the transport layer through DTLS. Nevertheless, OSCORE (Object Security for Constrained RESTful Environments) has been recently defined to support end-to-end protection of RESTful interactions over the CoAP protocol. It was designed for constrained devices and networks supporting a range of proxy operations, including translation between different transport protocols. The main challenge presents in OSCORE is the establishment and exchange of pre-shared keys required to protect data. For that, this paper defines how use an optimised version of SRAM-based PUF (Physical Unclonable Functions) for a secure authentication, key establishment and exchanging model. The proposal has been implemented and evaluated in a scenario including IoT devices.@conference{garciarubio008,
title = {Synthetic Generation of Electrical Consumption Traces in Smart Homes},
author = {Carlos García-Rubio and Celeste Campo and Marta Moure-Garrido },
url = {https://link.springer.com/chapter/10.1007/978-3-031-21333-5_68},
doi = {https://doi.org/10.1007/978-3-031-21333-5_68},
isbn = {978-3-031-21332-8},
year = {2022},
date = {2022-11-21},
urldate = {2022-11-21},
booktitle = { Lecture Notes in Networks and Systems},
volume = {594},
pages = {681-692},
publisher = {Springer International Publishing},
abstract = {With the introduction of the smart grid, smart meters and smart plugs, it is possible to know the energy consumption of a smart home, either per appliance or aggregate. Some recent works have used energy consumption traces to detect anomalies, either in the behavior of the inhabitants or in the operation of some device in the smart home. To train and test the algorithms that detect these anomalies, it is necessary to have extensive and well-annotated consumption traces. However, this type of traces is difficult to obtain. In this paper we describe a highly configurable synthetic electrical trace generator, with characteristics similar to real traces, that can be used in this type of study. In order to have a more realistic behavior, the traces are generated by adding the consumption of several simulated appliances, which precisely represent the consumption of different typical electrical devices. Following the behavior of the real traces, variations at different scales of time and anomalies are introduced to the aggregated smart home energy consumption.},
keywords = {anomaly detection, compromise, cynamon, Electricity consumption, magos, Smart home, Synthetic dataset generation},
pubstate = {published},
tppubtype = {conference}
}
@conference{campo015,
title = {Detecting Malicious Use of DoH Tunnels Using Statistical Traffic Analysis},
author = {Marta Moure-Garrido and Celeste Campo-Vázquez and Carlos García-Rubio},
url = {https://dl.acm.org/doi/10.1145/3551663.3558605},
doi = {https://doi.org/10.1145/3551663.3558605},
isbn = {978-1-4503-9483-3},
year = {2022},
date = {2022-10-24},
urldate = {2022-10-24},
booktitle = {PE-WASUN '22: Proceedings of the 19th ACM International Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks},
publisher = {ACM},
abstract = {DNS plays a fundamental role in the operation of ubiquitous networks. All devices connected to these networks need DNS to work, both for traditional domain name to IP address translation, and for more advanced services such as resource discovery. At first, the DNS communication protocol presented certain security problems: integrity, authenticity and confidentiality. DNSSEC provides security but still does not guarantee confidentiality. To solve this problem, DNS over TLS (DoT) and DNS over HTTPS (DoH) were defined. In recent years, DNS tunneling, a covert form of encapsulating data transmission, has been used to encapsulate malicious traffic in a DNS connection. DoT and DoH versions complicate the detection of these tunnels because the encrypted data prevents performing an analysis of the content of the DNS traffic. Previous work has used machine learning techniques to identify DoH tunnels, but these have limitations. In this study, we identify the most significant features that singularize malicious traffic from benign traffic by statistical analysis. Based on the selected features, we obtain satisfactory results in the classification between benign and malicious DoH traffic. The study reveals that it is possible to differentiate traffic based on certain statistical parameters.},
keywords = {classification, compromise, cynamon, dns tunnels, doh traffic, magos, malicious doh, statistical analysis},
pubstate = {published},
tppubtype = {conference}
}
@inproceedings{PA012,
title = {A H.264 SVC distributed content protection system with flexible key stream generation},
author = {Daniel Díaz-Sánchez and Rosa Sánchez Guerrero and Andrés Marín López and Florina Almenares and Patricia Arias},
url = {https://ieeexplore.ieee.org/document/6336520},
doi = {https://doi.org/10.1109/ICCE-Berlin.2012.6336520},
issn = {2166-6814},
year = {2022},
date = {2022-10-22},
urldate = {2022-10-22},
booktitle = {2012 IEEE Second International Conference on Consumer Electronics - Berlin (ICCE-Berlin)},
publisher = {IEEE},
abstract = {Modern scalable coding techniques, as H264 SVC, are adequate to save processing power and bandwidth. Moreover, if the enhancements of a SVC encoded content are protected, it is possible to enable pay-per-quality systems. Transcoding and protection entail huge doses of processing power at provider side and should be distributed. Moreover, processing key streams to decrypt enhancements that were encrypted separately can increase the complexity at receiver side. This abstract describes a distributed system for content encoding and protection that generates a flexible key stream that simplifies the receiver.},
keywords = {Cloud computing, cryptography, multimedia, servicioseguridad},
pubstate = {published},
tppubtype = {inproceedings}
}
@article{diazsanchez010,
title = {Kriper: A blockchain network with permissioned storage},
author = {MaríaIsabel Rojo-Rivas and Daniel Díaz-Sánchez and Florina Almenarez and Andrés Marín-Lopez},
doi = {https://doi.org/10.1016/j.future.2022.08.006},
issn = {0167-739X},
year = {2022},
date = {2022-08-17},
urldate = {2022-08-17},
journal = {Future Generation Computer Systems},
volume = {138},
pages = {160-171},
abstract = {Blockchain has been a revolution in the past few years. Beyond the new currencies that were created around different incarnations of the blockchain concept, there are many other contributions that provide interesting services as a data linked structure using a decentralized network that provide a high level of security. Companies have developed many projects to incorporate blockchain into their business logic pursuing to incorporate other related services as persistence of large volumes of data, privacy or anonymity of transactions, distributed data processing, security (confidentiality, integrity, and availability), document management or micro messages in real time. Nevertheless, as it will be discussed in this article, current blockchains do not meet the needs of companies in many aspects, leading to a scarce or superficial adoption. This article introduces Kriper, a blockchain that aims at meeting corporate world needs by responding with a community-based, open blockchain that may also be segregated and private for certain uses whereas it provides a permissioned distributed storage and micro message lightweight services.},
keywords = {Access control, Blockchain, compromise, Confidentiality, cynamon, Distributed storage, Permissioned storage, privacy, ricon},
pubstate = {published},
tppubtype = {article}
}
@article{campo003,
title = {Entropy-Based Anomaly Detection in HouseholdElectricity Consumption},
author = {Marta Moure-Garrido and Celeste Campo-Vázquez and Carlos García-Rubio},
doi = {https://doi.org/10.3390/en15051837},
issn = {1996-1073},
year = {2022},
date = {2022-03-02},
urldate = {2022-03-02},
journal = {Energies},
volume = {15},
abstract = {Energy efficiency is one of the most important current challenges, and its impact at a global level is considerable. To solve current challenges, it is critical that consumers are able to control their energy consumption. In this paper, we propose using a time series of window-based entropy to detect anomalies in the electricity consumption of a household when the pattern of consumption behavior exhibits a change. We compare the accuracy of this approach with two machine learning approaches, random forest and neural networks, and with a statistical approach, the ARIMA model. We study whether these approaches detect the same anomalous periods. These different techniques have been evaluated using a real dataset obtained from different households with different consumption profiles from the Madrid Region. The entropy-based algorithm detects more days classified as anomalous according to context information compared to the other algorithms. This approach has the advantages that it does not require a training period and that it adapts dynamically to changes, except in vacation periods when consumption drops drastically and requires some time for adapting to the new situation.},
keywords = {anomaly detection, behavior pattern, compromise, cynamon, entropy, household electricity consumption, load forecasting, magos},
pubstate = {published},
tppubtype = {article}
}
2021
@conference{almenarez016,
title = {A PUF-based Authentication Mechanism for OSCORE},
author = {Jaime Pérez-Díaz and Florina Almenares},
url = {https://dl.acm.org/doi/10.1145/3479240.3488526},
doi = {https://doi.org/10.1145/3479240.3488526},
year = {2021},
date = {2021-11-22},
urldate = {2021-11-22},
booktitle = {PE-WASUN '21: Proceedings of the 18th ACM Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks},
pages = {65-72},
abstract = {Within environment generated when deploying Internet of Things (IoT) solutions, there is a need to do it securely. Authentication of the devices against the applications deployed on the servers, which receive or send data to the IoT devices must be carried out. Standard IoT protocols, such as CoAP or MQTT, define secure communica- tions through protocols on transport, network or application layers. Nevertheless, a shortcoming when protocols using secret keys are used lies in the management of such keys, which is out of scope of the specifications. For this reason, this article presents an authenti- cation solution for OSCORE (Object Security for Constrained RESTful Environments) based on PUFs (Physical Unclonable Functions) that makes it possible to establish a secure mechanism for the exchange and management of keys. The performance of this proposal has been evaluated, showing its viability.},
keywords = {compromise},
pubstate = {published},
tppubtype = {conference}
}
@article{campos004,
title = {Performance evaluation of CoAP and MQTT with security support for IoT environments},
author = {Victor Seoane-Merida and Carlos García-Rubio and Florina Almenares-Mendoza and Celeste Campo-Vázquez},
url = {http://hdl.handle.net/10016/33795},
doi = {https://doi.org/10.1016/j.comnet.2021.108338},
issn = {1389-1286},
year = {2021},
date = {2021-10-04},
urldate = {2021-10-04},
journal = {COMPUTER NETWORKS},
volume = {197},
issue = {108338},
pages = {1-22},
abstract = {World is living an overwhelming explosion of smart devices: electronic gadgets, appliances, meters, cars, sensors, camera and even traffic lights, that are connected to the Internet to extend their capabilities, constituting what is known as Internet of Things (IoT). In these environments, the application layer is decisive for the quality of the connection, which has dependencies to the transport layer, mainly when secure communications are used. This paper analyses the performance offered by these two most popular protocols for the application layer: Constrained Application Protocol (CoAP) and Message Queue Telemetry Transport (MQTT). This analysis aims to examine the features and capabilities of the two protocols and to determine their feasibility to operate under constrained devices taking into account security support and diverse network conditions, unlike the previous works. Since IoT devices typically show battery constraints, the analysis is focused on bandwidth and CPU use, using realistic network scenarios, since this use translates to power consumption.},
keywords = {coap, cynamon, Internet of Things, magos, mqtt, Performance evaluation, Security},
pubstate = {published},
tppubtype = {article}
}
@inproceedings{almenarez008,
title = {Security perspective of wireless sensor networks = Prospectiva de seguridad de las redes de sensores inalámbricos},
author = {Fernando Gutierrez-Portela and Florina Almenares-Mendoza and Liliana Calderon-Benavides and Efren Romero-Riaño},
url = {http://hdl.handle.net/10016/37285},
doi = {https://doi.org/10.18273/revuin.v20n3-2021014},
issn = {1657-4583},
year = {2021},
date = {2021-06-07},
urldate = {2021-06-07},
volume = {21},
issue = {3},
pages = {189-201},
publisher = {UIS-Ingeniería },
abstract = {En las Redes de Sensores Inalámbricos (WSN), los nodos son vulnerables a los ataques de seguridad porque están instalados en un entorno difícil, con energía y memoria limitadas, baja capacidad de procesamiento y transmisión de difusión media; por lo tanto, identificar las amenazas, los retos y las soluciones de seguridad y privacidad es un tema candente hoy en día. En este artículo se analizan los trabajos de investigación que se han realizado sobre los mecanismos de seguridad para la protección de las WSN frente a amenazas y ataques, así como las tendencias que surgen en otros países junto con futuras líneas de investigación. Desde el punto de vista metodológico, este análisis se muestra a través de la visualización y estudio de trabajos indexados en bases de datos como IEEE, ACM, Scopus y Springer, con un rango de 7 años como ventana de observación, desde 2013 hasta 2019. Se obtuvieron un total de 4.728 publicaciones, con un alto índice de colaboración entre China e India. La investigación planteó desarrollos, como avances en los principios de seguridad y mecanismos de defensa, que han llevado al diseño de contramedidas en la detección de intrusiones. Por último, los resultados muestran el interés de la comunidad científica y empresarial por el uso de la inteligencia artificial y el aprendizaje automático (ML) para optimizar las medidas de rendimiento.},
keywords = {inteligencia artificial, redes de sensores inalambricos, Security, tecnicas no supervisadas, tecnicas supervisadas, wsn},
pubstate = {published},
tppubtype = {inproceedings}
}
2020
@conference{campo016b,
title = {Performance Evaluation of the CoAP Protocol with Security Support for IoT Environments},
author = {Victor Seoane-Merida and Florina Almenares-Mendoza and Celeste Campo-Vázquez and Carlos García-Rubio},
doi = {https://doi.org/10.1145/3416011.3424754},
isbn = {978-1-4503-8118-5},
year = {2020},
date = {2020-11-09},
urldate = {2020-11-09},
booktitle = {PE-WASUN '20: Proceedings of the 17th ACM Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks},
pages = {41-48},
publisher = {ASSOCIATION FOR COMPUTING MACHINERY, INC },
abstract = {Internet of Things (IoT) can be defined as the interconnection through Internet of an unprecedented number of devices with the purpose of exchanging data. It stands as one of the most popular technologies for the following years and it is requiring substantial changes in the Internet protocols to meet its requirements. As the application layer is decisive for the quality of the connection, this paper analyzes the performance offered by one of the most popular protocols for the application layer in IoT: the Constrained Application Protocol (CoAP). This analysis aims to examine the features and capabilities of this protocol and to determine its feasibility to operate under constrained devices using security support. For this, a realistic network scenario is deployed to run the simulations and to measure bandwidth, consumption of resources (i.e., CPU cycles and bandwidth usage) and communication latency. Additionally, the trade-off between security and performance is discussed measuring the bandwidth overhead and the consumption increase associated to secure the communications. Different ciphering and authentication algorithms are tested, following the recommendations made by the Internet Engineering Task Force (IETF).},
keywords = {coap, cynamon, DTLS, IoT, magos, Performance evaluation},
pubstate = {published},
tppubtype = {conference}
}
@article{marin002,
title = {Security Information Sharing in Smart Grids: Persisting Security Audits to the Blockchain},
author = {Andrés Marín-López and Sergio Chica-Manjarrez and David Arroyo and Florina Almenares-Mendoza and Daniel Díaz-Sánchez },
url = {https://www.mdpi.com/2079-9292/9/11/1865
},
doi = {https://doi.org/10.3390/electronics9111865},
issn = {2079-9292},
year = {2020},
date = {2020-11-06},
urldate = {2020-11-06},
journal = {Electronics},
volume = {9},
pages = {1865},
abstract = {With the transformation in smart grids, power grid companies are becoming increasingly
dependent on data networks. Data networks are used to transport information and commands for
optimizing power grid operations: Planning, generation, transportation, and distribution. Performing
periodic security audits is one of the required tasks for securing networks, and we proposed in a
previous work AUTOAUDITOR, a system to achieve automatic auditing. It was designed according
to the specific requirements of power grid companies, such as scaling with the huge number of
heterogeneous equipment in power grid companies. Though pentesting and security audits are
required for continuous monitoring, collaboration is of utmost importance to fight cyber threats.
In this paper we work on the accountability of audit results and explore how the list of audit result
records can be included in a blockchain, since blockchains are by design resistant to data modification.
Moreover, blockchains endowed with smart contracts functionality boost the automation of both
digital evidence gathering, audit, and controlled information exchange. To our knowledge, no such
system exists. We perform throughput evaluation to assess the feasibility of the system and show
that the system is viable for adaptation to the inventory systems of electrical companies.},
keywords = {cynamon, inteligenciafuentesabiertas, permissioned blockchain, scalability, security auditing, smart grid security},
pubstate = {published},
tppubtype = {article}
}
dependent on data networks. Data networks are used to transport information and commands for
optimizing power grid operations: Planning, generation, transportation, and distribution. Performing
periodic security audits is one of the required tasks for securing networks, and we proposed in a
previous work AUTOAUDITOR, a system to achieve automatic auditing. It was designed according
to the specific requirements of power grid companies, such as scaling with the huge number of
heterogeneous equipment in power grid companies. Though pentesting and security audits are
required for continuous monitoring, collaboration is of utmost importance to fight cyber threats.
In this paper we work on the accountability of audit results and explore how the list of audit result
records can be included in a blockchain, since blockchains are by design resistant to data modification.
Moreover, blockchains endowed with smart contracts functionality boost the automation of both
digital evidence gathering, audit, and controlled information exchange. To our knowledge, no such
system exists. We perform throughput evaluation to assess the feasibility of the system and show
that the system is viable for adaptation to the inventory systems of electrical companies.@article{diazsanchez009,
title = {Specification and Unattended Deployment of Home Networks at the Edge of the Network},
author = {Iván Bernabé-Sánchez and Daniel Díaz-Sánchez and Mario Muñoz-Organero},
url = {https://ieeexplore.ieee.org/document/9173527},
doi = {10.1109/TCE.2020.3018543},
issn = {0098-3063},
year = {2020},
date = {2020-08-21},
urldate = {2020-08-21},
journal = {IEEE TRANSACTIONS ON CONSUMER ELECTRONICS},
volume = {66},
issue = {4},
pages = {279 - 288},
abstract = {Consumer devices continue to expand their capabilities by connecting to digital services and other devices to form information-sharing ecosystems. This is complex and requires meeting connection requirements and minimal processing capabilities to ensure communication. The emergence of new services, and the evolution of current technologies, constantly redefine the rules of the game by opening up new possibilities and increasing competition among service providers. Paradigms such as edge computing, softwarization of physical devices, self-configuration mechanisms, definition of software as a code and interoperability between devices, define design principles to be taken into account in future service infrastructures. This work analyzes these principles and presents a programmable architecture in which services and virtual devices are instantiated in any computing infrastructure, as cloud or edge computing, upon request according to the needs specified by service providers or users. Considering that the target computing infrastructures are heterogeneous, the solution defines network elements and provides network templates to ensure it can be deployed on different infrastructures irrespectively of the vendor. A prototype has been developed and tested on a virtualized cloud-based home network relying on open source solutions.},
keywords = {Cloud computing, connected consumer devices, edge computing, fog computing, joint digital transformation, orchestrator},
pubstate = {published},
tppubtype = {article}
}
@article{campo005,
title = {A hybrid analysis of LBSN data to early detect anomalies in crowd dynamics},
author = {Rebeca Diaz-Redondo and Carlos García-Rubio and Ana Fernandez-Vilas Celeste Campo-Vázquez and Alicia Rodriguez-Carrion},
url = {http://hdl.handle.net/10016/33771},
doi = {https://doi.org/10.1016/j.future.2020.03.038},
issn = {0167-739X},
year = {2020},
date = {2020-08-10},
urldate = {2020-08-10},
journal = {Future generation computer systems},
volume = {109},
pages = {83-94},
abstract = {Undoubtedly, Location-based Social Networks (LBSNs) provide an interesting source of geo-located data that we have previously used to obtain patterns of the dynamics of crowds throughout urban areas. According to our previous results, activity in LBSNs reflects the real activity in the city. Therefore, unexpected behaviors in the social media activity are a trustful evidence of unexpected changes of the activity in the city. In this paper we introduce a hybrid solution to early detect these changes based on applying a combination of two approaches, the use of entropy analysis and clustering techniques, on the data gathered from LBSNs. In particular, we have performed our experiments over a data set collected from Instagram for seven months in New York City, obtaining promising results.},
keywords = {crowd dynamics, density-based clustering, emadrid, entropy analysis, instagram, location-based social network},
pubstate = {published},
tppubtype = {article}
}
@inproceedings{pa054,
title = {On the Automation of Auditing in Power Grid Companies},
author = {Sergio Chica-Manjarrez and Andrés Marín-López and Daniel Díaz-Sánchez and Florina Almenares-Mendoza},
doi = {10.3233/AISE200057},
isbn = {ISSN/ISBN) 978-1-4503-5988-7},
year = {2020},
date = {2020-07-23},
urldate = {2020-07-23},
booktitle = {Actas de congreso internacional, Citas Google 2, CORE C},
pages = {331 - 340},
abstract = {Auditing is a common task required to secure networks. This becomes of utter importance in power grid companies, the authorities of electricity supply. An increasing number of connected devices makes the use of semi automatic or fully automated auditing imperative. The inventory system has to incorporate the auditing results and subsequently integrate them in the security assessment of the company. The risk metrics incorporate the severity of exposures and facilitate the selection of vulnerabilities that have to be mitigated, according to the risk appetite of the company. This automatic approach has to address scale and privacy issues of large companies. In addition, connections from foreign domains that carry out the auditing involve additional risks that must be considered to effectively test the likelihood and depth of the found vulnerabilities.
In this paper we discuss the requirements of an automatic auditing system and present AUTOAUDITOR, a highly configurable module which allow companies to automatically perform pentesting in specific assets.},
keywords = {auditing, containers, cynamon, inteligenciafuentesabiertas, privacy, scalability, Security},
pubstate = {published},
tppubtype = {inproceedings}
}
In this paper we discuss the requirements of an automatic auditing system and present AUTOAUDITOR, a highly configurable module which allow companies to automatically perform pentesting in specific assets.@inproceedings{pa059,
title = {A Framework for Microservice Migration and Performance Assessment},
author = {Eugenio Rubio-Drosdov and Daniel Díaz-Sánchez and Andrés Marín-López and Florina Almenares-Mendoza},
doi = {doi:10.3233/AISE200053},
isbn = {978-1-4503-5988-7},
year = {2020},
date = {2020-06-25},
urldate = {2020-06-25},
pages = {291 - 299},
abstract = {In a large Smart Grid, smart meters produce tremendous amount of data that are hard to process, analyze and store. Fog computing is an environment that offers a place for collecting, computing and storing smart meter data before transmitting them to the cloud. Due to the distributed, heterogeneous and resource constrained nature of the fog computing nodes, fog applications need to be developed as a collection of interdependent, lightweight modules. Since this concept aligns with the goals of microservices architecture (MSA), efficient placement of microservices-based Smart Grid applications within fog environments has the potential to fully leverage capabilities of fog devices. Microservice architecture is an emerging software architectural style. It is based on microservices to provide several advantages over a monolithic solution, such as autonomy, composability, scalability, and fault-tolerance. However, optimizing the migration of microservices from one fog environment to other while assuring certain quality is still a big issue that needs to be addressed. In this paper, we propose an approach for assisting the migration of microservices in MSA-based Smart Grid systems, based on the analysis of their performance within the possible candidate destinations. Developers create microservices that will be eventually deployed at a given infrastructure. Either the developer, cosidering the design, or the entity deploying the service have a good knowledge of the quality required by the microservice. Due to that, they can create tests that determine if a destination meets the requirements of a given microservice and embed these tests as part of the microservice. Our goal is to automate the execution of performance tests by attaching a specification that contains the test parameters to each microservice.},
keywords = {cynamon, inteligenciafuentesabiertas, IoT, microservices, smart grids, testing},
pubstate = {published},
tppubtype = {inproceedings}
}
@conference{campo016,
title = {Anomalies detection using entropy in household energy consumption data },
author = {Marta Moure-Garrido and Celeste Campo-Vázquez and Carlos García-Rubio},
url = {https://ebooks.iospress.nl/publication/54775},
doi = {10.3233/AISE200055},
isbn = {978-1-64368-090-3},
year = {2020},
date = {2020-05-04},
urldate = {2020-05-04},
booktitle = {Intelligent Environments 2020 Workshop Proceedings of the 16th International Conference on Intelligent Environments},
pages = {311-320},
abstract = {The growing boom in smart grids and home automation makes possible
to obtain information of household energy consumption. In this work, we study if
entropy is a good mechanism to detect anomalies in household energy consumption traces. We propose an entropy algorithm based on windowing the temporal
series of energy consumption. We select a trace with a duration of 3 months from
the REFIT project household energy consumption data set, available open access.
Entropy can adapt to changes in consumption in this trace, by learning and forgetting patterns dynamically. Although entropy is a promising technique and it has
many advantages, as the traces in this data set are not sufficiently labeled to check
the correct functioning of the algorithms, we propose to further validate the results
using synthetic traces.},
keywords = {anomaly, cynamon, entropy, household energy consumption},
pubstate = {published},
tppubtype = {conference}
}
to obtain information of household energy consumption. In this work, we study if
entropy is a good mechanism to detect anomalies in household energy consumption traces. We propose an entropy algorithm based on windowing the temporal
series of energy consumption. We select a trace with a duration of 3 months from
the REFIT project household energy consumption data set, available open access.
Entropy can adapt to changes in consumption in this trace, by learning and forgetting patterns dynamically. Although entropy is a promising technique and it has
many advantages, as the traces in this data set are not sufficiently labeled to check
the correct functioning of the algorithms, we propose to further validate the results
using synthetic traces.@article{almenarez006,
title = {INRISCO: INcident monitoRing in Smart COmmunities},
author = {MÓNICA AGUILAR-IGARTUA AND FLORINA ALMENARES-MENDOZA AND REBECA DÍAZ-REDONDO AND MANUELA MARTÍN-VICENTE AND JORDI FORNÉ AND CELESTE CAMPO AND ANA FERNÁNDEZ-VILAS AND LUIS CRUZ-LLOPIS AND CARLOS GARCÍA-RUBIO AND ANDRÉS MARÍN-LÓPEZ AND AHMAD MOHAMAD-MEZHER AND DANIEL DÍAZ-SÁNCHEZ AND HÉCTOR CEREZO-COSTAS AND DAVID REBOLLO-MONEDERO AND PATRICIA ARIAS-CABARCOS AND FRANCISCO JOSÉ RICO-NOVELLA
},
url = {https://ieeexplore.ieee.org/document/9064504
https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=9064504},
doi = {https://doi.org/10.1109/ACCESS.2020.2987483},
issn = {2169-3536},
year = {2020},
date = {2020-04-13},
urldate = {2020-04-13},
journal = {IEEE Access},
volume = {8},
pages = {72435 - 72460},
abstract = {Major advances in information and communication technologies (ICTs) make citizens to be considered as sensors in motion. Carrying their mobile devices, moving in their connected vehicles or actively participating in social networks, citizens provide a wealth of information that, after properly processing, can support numerous applications for the benefit of the community. In the context of smart communities, the INRISCO [1] proposal intends for (i) the early detection of abnormal situations in cities (i.e., incidents), (ii) the analysis of whether, according to their impact, those incidents are really adverse for the community; and (iii) the automatic actuation by dissemination of appropriate information to citizens and authorities. Thus, INRISCO will identify and report on incidents in traffic (jam, accident) or public infrastructure (e.g., works, street cut), the occurrence of specific events that affect other citizens' life (e.g., demonstrations, concerts), or environmental problems (e.g., pollution, bad weather). It is of particular interest to this proposal the identification of incidents with a social and economic impact, which affects the quality of life of citizens.},
keywords = {big data analysis, citizen sensor, early detection of incidents, inrisco, Smart Cities, social networks, vehicular communications},
pubstate = {published},
tppubtype = {article}
}
2019
@conference{campo017,
title = {Performance Evaluation of CoAP and MQTT_SN in an IoT Environment},
author = {Mónica Martí and Carlos García-Rubio and Celeste Campo-Vázquez },
doi = {https://doi.org/10.3390/proceedings2019031049},
year = {2019},
date = {2019-11-20},
urldate = {2019-11-20},
booktitle = {Proceedings of 13th International Conference on Ubiquitous Computing and Ambient Intelligence UCAmI 2019},
publisher = {MDPI AG },
abstract = {The fast growth of the Internet of Things (IoT) has made this technology one of the most promising paradigms of recent years. Wireless Sensor Networks (WSNs) are one of the most important challenges of the Internet of things. These networks are made up of devices with limited processing power, memory, and energy. The constrained nature of WSNs makes it necessary to have specific restricted protocols to work in these environments. In this paper, we present an energy consumption and network traffic study of the main IoT application layer protocols, the Constrained Application Protocol (CoAP), and the version of Message Queue Telemetry Transport (MQTT) for sensor networks (MQTT_SN). The simulations presented evaluate the performance of these protocols with different network configurations.},
keywords = {coap, Energy consumption, inrisco, IoT, magos, MQTT_SN, wsn},
pubstate = {published},
tppubtype = {conference}
}
@article{Diaz_Sanchez_2019,
title = {DNS/DANE Collision-Based Distributed and Dynamic Authentication for Microservices in IoT †},
author = {Daniel Díaz-Sánchez and Andrés Marín-Lopez and Florina Almenárez Mendoza and Patricia Arias Cabarcos},
url = {http://dx.doi.org/10.3390/s19153292
/download/DNS_DANE_Collision-Based_Distributed_and_Dynamic_Authentication_for_Microservices_in_IoT.pdf},
doi = {https://doi.org/10.3390/s19153292},
issn = {1424-8220},
year = {2019},
date = {2019-07-26},
urldate = {2019-07-26},
journal = {Sensors},
volume = {19},
issue = {15},
pages = {1-23},
publisher = {MDPI AG},
abstract = {IoT devices provide real-time data to a rich ecosystem of services and applications. The volume of data and the involved subscribe/notify signaling will likely become a challenge also for access and core networks. To alleviate the core of the network, other technologies like fog computing can be used. On the security side, designers of IoT low-cost devices and applications often reuse old versions of development frameworks and software components that contain vulnerabilities. Many server applications today are designed using microservice architectures where components are easier to update. Thus, IoT can benefit from deploying microservices in the fog as it offers the required flexibility for the main players of ubiquitous computing: nomadic users. In such deployments, IoT devices need the dynamic instantiation of microservices. IoT microservices require certificates so they can be accessed securely. Thus, every microservice instance may require a newly-created domain name and a certificate. The DNS-based Authentication of Named Entities (DANE) extension to Domain Name System Security Extensions (DNSSEC) allows linking a certificate to a given domain name. Thus, the combination of DNSSEC and DANE provides microservices’ clients with secure information regarding the domain name, IP address, and server certificate of a given microservice. However, IoT microservices may be short-lived since devices can move from one local fog to another, forcing DNSSEC servers to sign zones whenever new changes occur. Considering DNSSEC and DANE were designed to cope with static services, coping with IoT dynamic microservice instantiation can throttle the scalability in the fog. To overcome this limitation, this article proposes a solution that modifies the DNSSEC/DANE signature mechanism using chameleon signatures and defining a new soft delegation scheme. Chameleon signatures are signatures computed over a chameleon hash, which have a property: a secret trapdoor function can be used to compute collisions to the hash. Since the hash is maintained, the signature does not have to be computed again. In the soft delegation schema, DNS servers obtain a trapdoor that allows performing changes in a constrained zone without affecting normal DNS operation. In this way, a server can receive this soft delegation and modify the DNS zone to cope with frequent changes such as microservice dynamic instantiation. Changes in the soft delegated zone are much faster and do not require the intervention of the DNS primary servers of the zone.},
keywords = {authentication, chameleon signatures, cynamon, DANE, DNSSEC, Internet of Things, magos, microservices},
pubstate = {published},
tppubtype = {article}
}
@article{diazsanchez011,
title = {Task Scheduling to Constrain Peak Current Consumption in Wearable Healthcare Sensors},
author = {Robert Simon-Sherratt and Balazs Janko and Terence Hui and William S.-Harwin and Nilanjan Dey and Daniel Díaz-Sánchez and Jin Wang and Fuqian Shi},
url = {https://doi.org/10.3390/electronics8070789
https://www.mdpi.com/2079-9292/8/7/789
https://www.mdpi.com/2079-9292/8/7/789/pdf?version=1563172692},
doi = {https://doi.org/10.3390/electronics8070789},
issn = {2079-9292},
year = {2019},
date = {2019-07-15},
urldate = {2019-07-15},
journal = {Electronics},
volume = {8},
pages = {789},
abstract = {Small embedded systems, in our case wearable healthcare devices, have significant engineering challenges to reduce their power consumption for longer battery life, while at the same time supporting ever-increasing processing requirements for more intelligent applications. Research has primarily focused on achieving lower power operation through hardware designs and intelligent methods of scheduling software tasks, all with the objective of minimizing the overall consumed electrical power. However, such an approach inevitably creates points in time where software tasks and peripherals coincide to draw large peaks of electrical current, creating short-term electrical stress for the battery and power regulators, and adding to electromagnetic interference emissions. This position paper proposes that the power profile of an embedded device using a real-time operating system (RTOS) will significantly benefit if the task scheduler is modified to be informed of the electrical current profile required for each task. This enables the task scheduler to schedule tasks that require large amounts of current to be spread over time, thus constraining the peak current that the system will draw. We propose a solution to inform the task scheduler of a tasks’ power profile, and we discuss our application scenario, which clearly benefited from the proposal.},
keywords = {embedded, health care, joint digital transformation, low-power, task scheduler, wearable},
pubstate = {published},
tppubtype = {article}
}
@article{8704893,
title = {TLS/PKI Challenges and Certificate Pinning Techniques for IoT and M2M Secure Communications},
author = {Daniel Díaz-Sánchez and Andrés Marín-López and Florina Almenárez-Mendoza and Patricia Arias-Cabarcos and R. Simon-Sherratt},
url = {https://doi.org/10.1109/COMST.2019.2914453
https://ieeexplore.ieee.org/document/8704893
https://phpmyadmin.pervasive.it.uc3m.es/download/TLC-PKI-challenges-certificate-pinning.pdf},
doi = {10.1109/COMST.2019.2914453},
issn = {1553-877X},
year = {2019},
date = {2019-05-02},
urldate = {2019-05-02},
journal = {IEEE Communications Surveys and Tutorials},
volume = {21},
issue = {4},
pages = {3502-3531},
abstract = {Transport layer security (TLS) is becoming the de facto standard to provide end-to-end security in the current Internet. IoT and M2M scenarios are not an exception since TLS is also being adopted there. The ability of TLS for negotiating any security parameter, its flexibility and extensibility are responsible for its wide adoption but also for several attacks. Moreover, as it relies on public key infrastructure (PKI) for authentication, it is also affected by PKI problems. Considering the advent of IoT/M2M scenarios and their particularities, it is necessary to have a closer look at TLS history to evaluate the potential challenges of using TLS and PKI in these scenarios. According to this, this paper provides a deep revision of several security aspects of TLS and PKI, with a particular focus on current certificate pinning solutions in order to illustrate the potential problems that should be addressed.},
keywords = {authentication, certificate pinning, cynamon, DTLS, Internet of Things, Machine to Machine, magos, PKI, Protocols, TLS, Trusted Third Party, Tutorials},
pubstate = {published},
tppubtype = {article}
}
@inproceedings{Seiler-Hwang:2019:DSW:3319535.3354192,
title = {I Don'T See Why I Would Ever Want to Use It: Analyzing the Usability of Popular Smartphone Password Managers},
author = {Sunyoung Seiler-Hwang and Patricia Arias-Cabarcos and Andrés Marín and Florina Almenares and Daniel Díaz-Sánchez and Christian Becker},
url = {http://doi.acm.org/10.1145/3319535.3354192},
doi = {10.1145/3319535.3354192},
isbn = {978-1-4503-6747-9},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
booktitle = {Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security},
pages = {1937--1953},
publisher = {ACM},
address = {London, United Kingdom},
organization = {The 26th ACM Conference on Computer and Communications Security},
series = {CCS '19},
abstract = {Passwords are an often unavoidable authentication mechanism, despite the availability of additional alternative means. In the case of smartphones, usability problems are aggravated because interaction happens through small screens and multilayer keyboards. While password managers (PMs) can improve this situation and contribute to hardening security, their adoption is far from widespread. To understand the underlying reasons, we conducted the first empirical usability study of mobile PMs, covering both quantitative and qualitative evaluations. Our findings show that popular PMs are barely acceptable according to the standard System Usability Scale, and that there are three key areas for improvement: integration with external applications, security, and user guidance and interaction. We build on the collected evidence to suggest recommendations that can fill this gap.},
keywords = {authentication, password managers, usable security, user study},
pubstate = {published},
tppubtype = {inproceedings}
}
2018
@article{campo006,
title = {Using entropy of social media location data for the detection of crowd dynamics anomalies},
author = {Carlos García-Rubio and Rebeca Diaz-Redondo and Celeste Campo-Vázquez and Ana Fernandez-Vilas },
url = {http://hdl.handle.net/10016/33760},
doi = {https://doi.org/10.3390/electronics7120380},
issn = {2079-9292},
year = {2018},
date = {2018-12-03},
urldate = {2018-12-03},
journal = {Electronics},
volume = {7},
issue = {12},
pages = {380},
abstract = {Evidence of something unusual happening in urban areas can be collected from different data sources, such as police officers, cameras, or specialized physical infrastructures. In this paper, we propose using geotagged posts on location-based social networks (LBSNs) to detect crowd dynamics anomalies automatically as evidence of a potential unusual event. To this end, we use the Instagram API media/search endpoint to collect the location of the pictures posted by Instagram users in a given area periodically. The collected locations are summarized by their centroid. The novelty of our work relies on using the entropy of the sequence of centroid locations in order to detect abnormal patterns in the city. The proposal is tested on a data set collected from Instagram during seven months in New York City and validated with another data set from Manchester. The results have also been compared with an alternative approach, a training phase plus a ranking of outliers. The main conclusion is that the entropy algorithm succeeds inn finding abnormal events without the need for a training phase, being able to dynamically adapt to changes in crowd behavior.},
keywords = {anomaly detection, city behavior, data mining algorithms, location-based social network},
pubstate = {published},
tppubtype = {article}
}
@inproceedings{pa058,
title = {Assessment of fitness tracker security: a case of study},
author = {Florina Almenarez and Lucía Alonso and Andrés Marín and Daniel Díaz-Sánchez and Patricia Arias},
url = {https://www.mdpi.com/2504-3900/2/19/1235},
doi = {https://doi.org/10.3390/proceedings2191235},
issn = {2504-3900},
year = {2018},
date = {2018-10-26},
abstract = {The wearable industry has experienced a notable growth over the last decade, especially in fitness or e-health trackers. These trackers bring new functionalities that require collecting a great amount of sensitive information about the user. This fact has made fitness trackers the target of deliberate attacks, e.g., eavesdropping, unauthorized account access, fake firmware update, and so on. For this reason, this paper describes a vulnerability study on one of the most popular fitness trackers in 2017, together with the mobile application associated to the tracker. The study results show what vulnerabilities of the communications among agents (i.e., wearable device, mobile application and server) could put at risk users sensitive information and privacy.},
keywords = {fitness tracker, inteligenciafuentesabiertas, security vulnerabilities, wereable devices},
pubstate = {published},
tppubtype = {inproceedings}
}
@inproceedings{pa055,
title = {DNS-Based Dynamic Authentication for Microservices in IoT},
author = {Daniel Díaz-Sánchez and Andrés Marín-López and Florina Almenares-Mendoza and Patricia Arias-Cabarcos},
url = {https://www.mdpi.com/2504-3900/2/19/1233},
doi = {https://doi.org/10.3390/proceedings2191233},
issn = {2504-3900},
year = {2018},
date = {2018-10-25},
pages = {1-11},
abstract = {IoT devices provide with real-time data to a rich ecosystems of services and applications that will be of uttermost importance for ubiquitous computing. The volume of data and the involved subscribe/notify signaling will likely become a challenge also for access and core netkworks. Designers may opt for microservice architectures and fog computing to address this challenge while offering the required flexibility for the main players of ubiquitous computing: nomadic users. Microservices require strong security support for Fog computing, to rely on nodes in the boundary of the network for secure data collection and processing. IoT low cost devices face outdated certificates and security support, due to the elapsed time from manufacture to deployment. In this paper we propose a solution based on microservice architectures and DNSSEC, DANE and chameleon signatures to overcome these difficulties. We will show how trap doors included in the certificates allow a secure and flexible delegation for off-loading data collection and processing to the fog. The main result is showing this requires minimal manufacture device configuration, thanks to DNSSEC support.},
keywords = {chameleon signatures, DANE, DNSSEC, inteligenciafuentesabiertas, IoT, microservices},
pubstate = {published},
tppubtype = {inproceedings}
}
@article{campo007,
title = {Detecting and reducing biases in cellular-based mobility data sets},
author = {Alicia Rodriguez-Carrion and Celeste Campo-Vázquez and Carlos García-Rubio},
url = {http://hdl.handle.net/10016/28004},
doi = {https://doi.org/10.3390/e20100736},
issn = {1099-4300},
year = {2018},
date = {2018-09-25},
urldate = {2018-09-25},
journal = {Entropy},
volume = {20},
issue = {10},
abstract = {Correctly estimating the features characterizing human mobility from mobile phone traces is a key factor to improve the performance of mobile networks, as well as for mobility model design and urban planning. Most related works found their conclusions on location data based on the cells where each user sends or receives calls or messages, data known as Call Detail Records (CDRs). In this work, we test if such data sets provide enough detail on users’ movements so as to accurately estimate some of the most studied mobility features. We perform the analysis using two different data sets, comparing CDRs with respect to an alternative data collection approach. Furthermore, we propose three filtering techniques to reduce the biases detected in the fraction of visits per cell, entropy and entropy rate distributions, and predictability. The analysis highlights the need for contextualizing mobility results with respect to the data used, since the conclusions are biased by the mobile phone traces collection approach.},
keywords = {cell-based location, human mobility, inrisco, mobility data sets entropy, mobility data sets predictability, ping-pong effect},
pubstate = {published},
tppubtype = {article}
}
@article{almenarez009,
title = {A study of learning-by-doing in MOOCs through the integration of third-party external tools: comparison of synchronous and asynchronous running modes },
author = {Carlos Alario-Hoyos and Iria Estevez-Ayres and Jesus Gallego-Romero and Carlos Delgado-Kloss and Carmen Fernandez-Panadero and Raquel Crespo-Garcia and Florina Almenares-Mendoza and Blanca Ibañez-Espiga and Julio Villena-Roman and Jorge Ruiz-Magaña and Jorge Blasco-Alis},
url = {http://hdl.handle.net/10016/29864},
doi = {https://doi.org/10.3217/jucs-024-08-1015},
issn = {0948-695X},
year = {2018},
date = {2018-08-28},
urldate = {2018-08-28},
journal = {JOURNAL OF UNIVERSAL COMPUTER SCIENCE },
volume = {24},
issue = {8},
pages = {1015-1033},
abstract = {Many MOOCs are being designed replicating traditional passive teaching approaches but using video lectures as the means of transmitting information. However, it is well known that learning-by-doing increases retention rates and, thus, allows achieving a more effective learning. To this end, it is worth exploring which tools fit best in the context of each MOOC to enrich learners' experience, including built-in tools already available in the MOOC platform, and third-party external tools which can be integrated in the MOOC platform. This paper presents an example of the integration of a software development tool, called Codeboard, in three MOOCs which serve as an introduction to programming with Java. We analyze the effect this tool has on learners' interaction and engagement when running the MOOCs in synchronous (instructor-paced) or asynchronous (self-paced) modes. Results show that the overall use of the tool is similar, regardless of the course running mode, although in the case of the synchronous mode the use of the tool is concentrated in a shorter period of time. Results also show that in the synchronous mode there is a higher percentage of accesses to the tool from registered learners (who can save their advances and continue the work later); this finding suggests that learners in the synchronous running mode are more engaged with the MOOC.},
keywords = {codeboard, emadrid, instructor-paced, Moocs, programming tools, self-paced},
pubstate = {published},
tppubtype = {article}
}
@article{almenarez009b,
title = {RiskLaine: A Probabilistic Approach for Assessing Risk in Certificate-Based Security. },
author = {Francisca Hinajeros and Florina Almenares-Mendoza and Patricia Arias-Cabarcos Josep-Lluis Ferrer Gomila and Andrés Marín-López},
doi = {https://doi.org/10.1109/tifs.2018.2807788},
issn = {1556-6013},
year = {2018},
date = {2018-02-19},
urldate = {2018-02-19},
journal = {IEEE Transactions on Information Forensics and Security },
volume = {13},
issue = {8},
pages = {1975-1988},
abstract = {Digital certificates, based on X.509 PKI standard, are located at the core of many security mechanisms implemented in services and applications. However, the usage of certificates has revealed flaws in the certificate validation process (e.g., possibility of unavailable or non-updated data). This fact implies security risks that are not assessed. In order to address these issues that such flaws entail, we propose a novel probabilistic approach for quantitative risk assessment in X.509 PKI, together with trust management when there is uncertainty. We have evaluated our risk assessment approach and demonstrated its usage, considering as a use case the secure installation of mobile applications. The results show that our approach provides more granularity, appropriate values according to the impact, and relevant information in the risk calculation than other approaches.},
keywords = {certificate validation, mobile applications, risk assessment, trust validation},
pubstate = {published},
tppubtype = {article}
}
2017
@article{8246828,
title = {Seamless human-device interaction in the internet of things},
author = {E Rubio-Drosdov and D Díaz-Sánchez and F Almenárez and P Arias-Cabarcos and A Marín},
url = {/download/Seamless_Human-Device_Interaction_in_the_Internet_of_Things.pdf
https://ieeexplore.ieee.org/document/8246828},
doi = {10.1109/TCE.2017.015076},
issn = {1558-4127},
year = {2017},
date = {2017-11-01},
urldate = {2017-11-01},
journal = {IEEE Transactions on Consumer Electronics},
volume = {63},
issue = {4},
pages = {490-498},
abstract = {The Internet of Things will bring a scenario in which interaction between humans and devices will be critical to allow people to use, monitor or configure Internet of Things devices. Interactions in such applications are based on traditional graphical interfaces. Devices that accept interaction based on Natural Language, e.g., through voice commands, can understand basic human orders or answering questions whenever user expressions fit into a known language pattern. Some devices can understand natural language voice commands but require sophisticated voice assistants located in the cloud, which raises significant privacy concerns. Others devices which handle voice-processing locally can perform a very limited local recognition system, requiring users to be familiar with words the system can process. The purpose of this work is to diminish the complexity of Natural Language processing in the context of IoT. The solution posited in this article allows Internet of Things devices to offload Natural Language processing to a system that improves the use of Natural Language and alleviates the need to learn or remember specific words or terms intended for triggering device actions. We have evaluated the feasibility of the design with a proof-of-concept implemented in a home environment and it was tested by real users.},
keywords = {Human-Device Interaction, inrisco, Internet of Things, Natural Language Processing},
pubstate = {published},
tppubtype = {article}
}
Publications
Evaluation of the performance of unsupervised learning algorithms for intrusion detection in unbalanced data environments Proceedings Article In: IEEE, 2024, ISSN: 2169-3536. Authorisation models for IoT environments: A survey Journal Article In: www.elsevier.com/locate/iot, 2024, ISSN: 2542-6605. Integrating Post-Quantum Cryptography into CoAP and MQTT-SN Protocols Conference 2024 IEEE Symposium on Computers and Communications (ISCC), IEEE, 2024, ISBN: 979-8-3503-5424-9. Evaluating integration methods of a quantum random number generator in OpenSSL for TLS Journal Article In: vol. 255, 2024, ISBN: 1389-1286. Comparing Pseudo, Classical True and Quantum Random Number Generators Using Standard Quality Assessments Conference XVIII Reunión Española sobre Criptología y Seguridad de la Información (RECSI 2024), León, 23 al 25 de Octubre, 2024., 2024. Integración de un sistema de autenticación optimizado basado en PUF en OSCORE Conference XVIII Reunión Española sobre Criptología y Seguridad de la Información (RECSI 2024), León, 23 al 25 de Octubre, 2024., 2024. “Animation” URL in NFT marketplaces considered harmful for privacy Journal Article In: International Journal of Information Security, 2024, ISSN: 1615-5270. Real-Time Analysis of Encrypted DNS Traffic for Threat Detection Conference ICC 2024 - IEEE International Conference on Communications, IEEE, 2024, ISSN: 1550-3607. Real-Time Analysis of Encrypted DNS Traffic for Threat Detection Conference ICC 2024 - IEEE International Conference on Communications, IEEE, 2024, ISSN: 1550-3607. Inferring mobile applications usage from DNS traffic Proceedings Article In: Ad Hoc Networks, Elsevier B.V., 2024. Análisis estadístico del tráfico DoH para la detección del uso malicioso de túneles Conference Investigación en Ciberseguridad Actas de las VII Jornadas Nacionales (7º.2022.Bilbao) , 2024, ISBN: 978-84-88734-13-6. PQSec-DDS: Integrating Post-Quantum Cryptography into DDS Security for Robotic Applications Proceedings Article In: IX Jornadas Nacionales de Investigación en Ciberseguridad - JNIC 2024, pp. 396-403, Universidad de Sevilla , 2024, ISBN: 978-84-09-62140-8. Caracterización de aplicaciones móviles mediante el análisis del tráfico DNS Proceedings Article In: IX Jornadas Nacionales de Investigación en Ciberseguridad - JNIC 2024, pp. 506-507, Universidad de Sevilla, 2024, ISBN: 978-84-09-62140-8. Reducing DNS Traffic to Enhance Home IoT Device Privacy Journal Article In: Sensors , vol. 24, iss. 9, 2024. Comparative Analysis of Quantum, Pseudo, and Hybrid Random Number Generation Conference XVII Jornadas CCN-STIC CCN-CERT / V Jornadas de Ciberdefensa ESPDEF-CERT, 2023. Characterizing Mobile Applications Through Analysis of DNS Traffic Conference PE-WASUN '23: Proceedings of the Int'l ACM Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor & Ubiquitous Networks., ACM, 2023, ISBN: N 979-8-4007-0370-6. Real time detection of malicious DoH traffic using statistical analysis Journal Article In: COMPUTER NETWORKS, vol. 234, iss. 109910, pp. 1-10, 2023, ISSN: 1389-1286. Enhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI) Journal Article In: IEEE Access, vol. 11, pp. 70542 - 70559, 2023, ISSN: 2169-3536. Enhancing the anonymity and auditability of whistleblowers protection Proceedings Article In: pp. 413 - 422, Springer International Publishing, 2023, ISBN: 978-3-031-21229-1. A Hybrid Approach to Ephemeral PKI Credentials Validation and Auditing Proceedings Article In: Proceedings of the International Conference on Ubiquitous Computing & Ambient Intelligence (UCAmI 2022), pp. 1043 - 1054, Springer International Publishing, 2022, ISBN: 978-3-031-21332-8. Integrating an optimised PUF-based authentication scheme in OSCORE Proceedings Article In: Ad Hoc Networks Journal, 2022, ISSN: 1570-8705. Synthetic Generation of Electrical Consumption Traces in Smart Homes Conference Lecture Notes in Networks and Systems, vol. 594, Springer International Publishing, 2022, ISBN: 978-3-031-21332-8. Detecting Malicious Use of DoH Tunnels Using Statistical Traffic Analysis Conference PE-WASUN '22: Proceedings of the 19th ACM International Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks, ACM, 2022, ISBN: 978-1-4503-9483-3. A H.264 SVC distributed content protection system with flexible key stream generation Proceedings Article In: 2012 IEEE Second International Conference on Consumer Electronics - Berlin (ICCE-Berlin), IEEE, 2022, ISSN: 2166-6814. Kriper: A blockchain network with permissioned storage Journal Article In: Future Generation Computer Systems, vol. 138, pp. 160-171, 2022, ISSN: 0167-739X. Entropy-Based Anomaly Detection in HouseholdElectricity Consumption Journal Article In: Energies, vol. 15, 2022, ISSN: 1996-1073. A PUF-based Authentication Mechanism for OSCORE Conference PE-WASUN '21: Proceedings of the 18th ACM Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks, 2021. Performance evaluation of CoAP and MQTT with security support for IoT environments Journal Article In: COMPUTER NETWORKS, vol. 197, iss. 108338, pp. 1-22, 2021, ISSN: 1389-1286. Security perspective of wireless sensor networks = Prospectiva de seguridad de las redes de sensores inalámbricos Proceedings Article In: pp. 189-201, UIS-Ingeniería , 2021, ISSN: 1657-4583. Performance Evaluation of the CoAP Protocol with Security Support for IoT Environments Conference PE-WASUN '20: Proceedings of the 17th ACM Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks, ASSOCIATION FOR COMPUTING MACHINERY, INC , 2020, ISBN: 978-1-4503-8118-5. Security Information Sharing in Smart Grids: Persisting Security Audits to the Blockchain Journal Article In: Electronics, vol. 9, pp. 1865, 2020, ISSN: 2079-9292. Specification and Unattended Deployment of Home Networks at the Edge of the Network Journal Article In: IEEE TRANSACTIONS ON CONSUMER ELECTRONICS, vol. 66, iss. 4, pp. 279 - 288, 2020, ISSN: 0098-3063. A hybrid analysis of LBSN data to early detect anomalies in crowd dynamics Journal Article In: Future generation computer systems, vol. 109, pp. 83-94, 2020, ISSN: 0167-739X. On the Automation of Auditing in Power Grid Companies Proceedings Article In: Actas de congreso internacional, Citas Google 2, CORE C, pp. 331 - 340, 2020, ISBN: ISSN/ISBN) 978-1-4503-5988-7. A Framework for Microservice Migration and Performance Assessment Proceedings Article In: pp. 291 - 299, 2020, ISBN: 978-1-4503-5988-7. Anomalies detection using entropy in household energy consumption data Conference Intelligent Environments 2020 Workshop Proceedings of the 16th International Conference on Intelligent Environments, 2020, ISBN: 978-1-64368-090-3. INRISCO: INcident monitoRing in Smart COmmunities Journal Article In: IEEE Access, vol. 8, pp. 72435 - 72460, 2020, ISSN: 2169-3536. Performance Evaluation of CoAP and MQTT_SN in an IoT Environment Conference Proceedings of 13th International Conference on Ubiquitous Computing and Ambient Intelligence UCAmI 2019, MDPI AG , 2019. DNS/DANE Collision-Based Distributed and Dynamic Authentication for Microservices in IoT † Journal Article In: Sensors, vol. 19, iss. 15, pp. 1-23, 2019, ISSN: 1424-8220. Task Scheduling to Constrain Peak Current Consumption in Wearable Healthcare Sensors Journal Article In: Electronics, vol. 8, pp. 789, 2019, ISSN: 2079-9292. TLS/PKI Challenges and Certificate Pinning Techniques for IoT and M2M Secure Communications Journal Article In: IEEE Communications Surveys and Tutorials, vol. 21, iss. 4, pp. 3502-3531, 2019, ISSN: 1553-877X. I Don'T See Why I Would Ever Want to Use It: Analyzing the Usability of Popular Smartphone Password Managers Proceedings Article In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 1937–1953, The 26th ACM Conference on Computer and Communications Security ACM, London, United Kingdom, 2019, ISBN: 978-1-4503-6747-9. Using entropy of social media location data for the detection of crowd dynamics anomalies Journal Article In: Electronics, vol. 7, iss. 12, pp. 380, 2018, ISSN: 2079-9292. Assessment of fitness tracker security: a case of study Proceedings Article In: 2018, ISSN: 2504-3900. DNS-Based Dynamic Authentication for Microservices in IoT Proceedings Article In: pp. 1-11, 2018, ISSN: 2504-3900. Detecting and reducing biases in cellular-based mobility data sets Journal Article In: Entropy, vol. 20, iss. 10, 2018, ISSN: 1099-4300. In: JOURNAL OF UNIVERSAL COMPUTER SCIENCE , vol. 24, iss. 8, pp. 1015-1033, 2018, ISSN: 0948-695X. RiskLaine: A Probabilistic Approach for Assessing Risk in Certificate-Based Security. Journal Article In: IEEE Transactions on Information Forensics and Security , vol. 13, iss. 8, pp. 1975-1988, 2018, ISSN: 1556-6013. Seamless human-device interaction in the internet of things Journal Article In: IEEE Transactions on Consumer Electronics, vol. 63, iss. 4, pp. 490-498, 2017, ISSN: 1558-4127.2024
2023
2022
2021
2020
2019
2018
2017