Publications - Pervasive Computing Laboratory

 Access control anotacionsemantica authentication Cloud computing coap compromise cryptography cynamon emadrid emrisco home network I-Shaper identity management inrisco inteligenciafuentesabiertas Internet of Things IoT magos Pervasive computing privacy Protocols Qursa raudo2 Security servicioseguridad Smart Card Trust management Ubisec VANETs 
Show all
2024
 Moure-Garrido, Marta;  Campo, Celeste;  García-Rubio, Carlos
Análisis estadístico del tráfico DoH para la detección del uso malicioso de túneles Conference 
Investigación en Ciberseguridad Actas de las VII Jornadas Nacionales (7º.2022.Bilbao) , 2024, ISBN: 978-84-88734-13-6.
Abstract | Links | BibTeX | Tags: analisis estadistico, compromise, cynamon, dns tunnels, DoH, malicious doh
@conference{marta002,

title = {Análisis estadístico del tráfico DoH para la detección del uso malicioso de túneles},

author = {Marta Moure-Garrido and Celeste Campo and Carlos García-Rubio},

url = {https://dialnet.unirioja.es/servlet/articulo?codigo=9206590},

isbn = {978-84-88734-13-6},

year  = {2024},

date = {2024-07-10},

urldate = {2024-07-10},

booktitle = {Investigación en Ciberseguridad Actas de las VII Jornadas Nacionales (7º.2022.Bilbao) },

pages = {38-41},

abstract = {Las primeras versiones de DNS presentaban ciertos problemas de seguridad: integridad, autenticidad y privacidad. Para solventarlos se definió DNSSEC, pero esta versión

seguía sin garantizar privacidad. Por ello, se definieron DNS sobre TLS (DoT) en 2016 y DNS sobre HTTPS (DoH) en 2018. En los ultimos años se ha empleado la tunelización DNS para encapsular trafico maligno. Las versiones DoT y DoH han complicado la detección de estos túneles dado que los datos van encriptados. En trabajos anteriores se emplean técnicas de aprendizaje automático para identificar túneles DoH, pero tienen limitaciones. En este trabajo realizamos un análisis estadístico para aprender el patrón del tráfico DoH y estudiar las diferencias entre el tráfico benigno y el tráfico creado con herramientas de tunelización. El análisis revela que ciertos parámetros estadísticos permiten diferenciar el trafico. El siguiente paso de la investigación es aplicar técnicas más elaboradas basándonos en el análisis realizado.},

keywords = {analisis estadistico, compromise, cynamon, dns tunnels, DoH, malicious doh},

pubstate = {published},

tppubtype = {conference}

}

Close
Las primeras versiones de DNS presentaban ciertos problemas de seguridad: integridad, autenticidad y privacidad. Para solventarlos se definió DNSSEC, pero esta versión

seguía sin garantizar privacidad. Por ello, se definieron DNS sobre TLS (DoT) en 2016 y DNS sobre HTTPS (DoH) en 2018. En los ultimos años se ha empleado la tunelización DNS para encapsular trafico maligno. Las versiones DoT y DoH han complicado la detección de estos túneles dado que los datos van encriptados. En trabajos anteriores se emplean técnicas de aprendizaje automático para identificar túneles DoH, pero tienen limitaciones. En este trabajo realizamos un análisis estadístico para aprender el patrón del tráfico DoH y estudiar las diferencias entre el tráfico benigno y el tráfico creado con herramientas de tunelización. El análisis revela que ciertos parámetros estadísticos permiten diferenciar el trafico. El siguiente paso de la investigación es aplicar técnicas más elaboradas basándonos en el análisis realizado.
Close
https://dialnet.unirioja.es/servlet/articulo?codigo=9206590
Close
2023
 Moure-Garrido, Marta;  Campo-Vázquez, Celeste;  García-Rubio, Carlos
Real time detection of malicious DoH traffic using statistical analysis  Journal Article 
In: COMPUTER NETWORKS, vol. 234, iss. 109910, pp. 1-10, 2023, ISSN: 1389-1286.
Abstract | Links | BibTeX | Tags: classification, compromise, computer science, cynamon, dns tunnels, doh traffic, intrusion detection system, malicious doh, Qursa, statistical analysis
@article{campo002,

title = {Real time detection of malicious DoH traffic using statistical analysis },

author = {Marta Moure-Garrido and Celeste Campo-Vázquez and Carlos García-Rubio},

url = {http://hdl.handle.net/10016/38151},

doi = {https://doi.org/10.1016/j.comnet.2023.109910},

issn = {1389-1286},

year  = {2023},

date = {2023-10-09},

urldate = {2023-10-09},

journal = {COMPUTER NETWORKS},

volume = {234},

issue = {109910},

pages = {1-10},

abstract = {The DNS protocol plays a fundamental role in the operation of ubiquitous networks. All devices connected to these networks need DNS to work, both for traditional domain name to IP address translation, and for more advanced services such as resource discovery. DNS over HTTPS (DoH) solves certain security problems present in the DNS protocol. However, malicious DNS tunnels, a covert way of encapsulating malicious traffic in a DNS connection, are difficult to detect because the encrypted data prevents performing an analysis of the content of the DNS traffic.



In this study, we introduce a real-time system for detecting malicious DoH tunnels, which is based on analyzing DoH traffic using statistical methods. Our research demonstrates that it is feasible to identify in real-time malicious traffic by analyzing specific parameters extracted from DoH traffic. In addition, we conducted statistical analysis to identify the most significant features that distinguish malicious traffic from benign traffic. Using the selected features, we achieved satisfactory results in classifying DoH traffic as either benign or malicious.},

keywords = {classification, compromise, computer science, cynamon, dns tunnels, doh traffic, intrusion detection system, malicious doh, Qursa, statistical analysis},

pubstate = {published},

tppubtype = {article}

}

Close
The DNS protocol plays a fundamental role in the operation of ubiquitous networks. All devices connected to these networks need DNS to work, both for traditional domain name to IP address translation, and for more advanced services such as resource discovery. DNS over HTTPS (DoH) solves certain security problems present in the DNS protocol. However, malicious DNS tunnels, a covert way of encapsulating malicious traffic in a DNS connection, are difficult to detect because the encrypted data prevents performing an analysis of the content of the DNS traffic.



In this study, we introduce a real-time system for detecting malicious DoH tunnels, which is based on analyzing DoH traffic using statistical methods. Our research demonstrates that it is feasible to identify in real-time malicious traffic by analyzing specific parameters extracted from DoH traffic. In addition, we conducted statistical analysis to identify the most significant features that distinguish malicious traffic from benign traffic. Using the selected features, we achieved satisfactory results in classifying DoH traffic as either benign or malicious.
Close
http://hdl.handle.net/10016/38151
doi:https://doi.org/10.1016/j.comnet.2023.109910
Close
2022
 Chica, Sergio;  Marín, Andrés;  Arroyo-Guardeño, David;  Díaz, Jesús;  Almenares, Florina;  Díaz, Daniel
Enhancing the anonymity and auditability of whistleblowers protection Conference 
2022.
Abstract | Links | BibTeX | Tags: anonymous whistleblowing, compromise, cynamon, ECDHE, group signatures, permissioned blockchain
@conference{almenarez015,

title = {Enhancing the anonymity and auditability of whistleblowers protection},

author = {Sergio Chica and Andrés Marín and David Arroyo-Guardeño and Jesús Díaz and Florina Almenares and Daniel Díaz },

url = {http://hdl.handle.net/10261/275765},

doi = {https://doi.org/10.20350/digitalCSIC/14702},

year  = {2022},

date = {2022-11-30},

urldate = {2022-11-30},

abstract = { In our democracy a trade-off between checks and balances is mandatory. To play the role of balances, it is necessary to have information that is often only obtainable through channels that ensure the anonymity of the source. Here we present a work in progress of a system that provides anonymity to sources in a open and auditable system, oriented to audit systems of critical infrastructure and built on our previous work autoauditor.},

keywords = {anonymous whistleblowing, compromise, cynamon, ECDHE, group signatures, permissioned blockchain},

pubstate = {published},

tppubtype = {conference}

}

Close
 In our democracy a trade-off between checks and balances is mandatory. To play the role of balances, it is necessary to have information that is often only obtainable through channels that ensure the anonymity of the source. Here we present a work in progress of a system that provides anonymity to sources in a open and auditable system, oriented to audit systems of critical infrastructure and built on our previous work autoauditor.
Close
http://hdl.handle.net/10261/275765
doi:https://doi.org/10.20350/digitalCSIC/14702
Close
 Perez-Diaz, Jaime;  Almenares-Mendoza, Florina
Integrating an optimised PUF-based authentication scheme in OSCORE Proceedings Article 
In: Ad Hoc Networks  Journal, 2022, ISSN: 1570-8705.
Abstract | Links | BibTeX | Tags: coap, compromise, cynamon, IoT, mqtt, protocol security
@inproceedings{almenarez007,

title = {Integrating an optimised PUF-based authentication scheme in OSCORE},

author = {Jaime Perez-Diaz and Florina Almenares-Mendoza },

doi = {https://doi.org/10.1016/j.adhoc.2022.103038},

issn = {1570-8705},

year  = {2022},

date = {2022-11-23},

urldate = {2022-11-23},

volume = {140},

publisher = {Ad Hoc Networks  Journal},

abstract = {Due to the growth in the amount and type of connected devices, mainly IoT devices, new scalable, lightweight and security-aware protocols, e.g., CoAP and MQTT, have been defined. For the definition of these protocols, the axioms concerning security must cover all the needs regarding authentication, confidentiality, integrity and availability of both devices and servers.



CoAP specifies mainly protocol security based on the transport layer through DTLS. Nevertheless, OSCORE (Object Security for Constrained RESTful Environments) has been recently defined to support end-to-end protection of RESTful interactions over the CoAP protocol. It was designed for constrained devices and networks supporting a range of proxy operations, including translation between different transport protocols. The main challenge presents in OSCORE is the establishment and exchange of pre-shared keys required to protect data. For that, this paper defines how use an optimised version of SRAM-based PUF (Physical Unclonable Functions) for a secure authentication, key establishment and exchanging model. The proposal has been implemented and evaluated in a scenario including IoT devices.},

keywords = {coap, compromise, cynamon, IoT, mqtt, protocol security},

pubstate = {published},

tppubtype = {inproceedings}

}

Close
Due to the growth in the amount and type of connected devices, mainly IoT devices, new scalable, lightweight and security-aware protocols, e.g., CoAP and MQTT, have been defined. For the definition of these protocols, the axioms concerning security must cover all the needs regarding authentication, confidentiality, integrity and availability of both devices and servers.



CoAP specifies mainly protocol security based on the transport layer through DTLS. Nevertheless, OSCORE (Object Security for Constrained RESTful Environments) has been recently defined to support end-to-end protection of RESTful interactions over the CoAP protocol. It was designed for constrained devices and networks supporting a range of proxy operations, including translation between different transport protocols. The main challenge presents in OSCORE is the establishment and exchange of pre-shared keys required to protect data. For that, this paper defines how use an optimised version of SRAM-based PUF (Physical Unclonable Functions) for a secure authentication, key establishment and exchanging model. The proposal has been implemented and evaluated in a scenario including IoT devices.
Close
doi:https://doi.org/10.1016/j.adhoc.2022.103038
Close
 García-Rubio, Carlos;  Campo, Celeste;  Moure-Garrido, Marta
Synthetic Generation of Electrical Consumption Traces in Smart Homes Conference 
 Lecture Notes in Networks and Systems, vol. 594, Springer International Publishing, 2022, ISBN: 978-3-031-21332-8.
Abstract | Links | BibTeX | Tags: anomaly detection, compromise, cynamon, Electricity consumption, magos, Smart home, Synthetic dataset generation
@conference{garciarubio008,

title = {Synthetic Generation of Electrical Consumption Traces in Smart Homes},

author = {Carlos García-Rubio and Celeste Campo and Marta Moure-Garrido },

url = {https://link.springer.com/chapter/10.1007/978-3-031-21333-5_68},

doi = {https://doi.org/10.1007/978-3-031-21333-5_68},

isbn = {978-3-031-21332-8},

year  = {2022},

date = {2022-11-21},

urldate = {2022-11-21},

booktitle = { Lecture Notes in Networks and Systems},

volume = {594},

pages = {681-692},

publisher = {Springer International Publishing},

abstract = {With the introduction of the smart grid, smart meters and smart plugs, it is possible to know the energy consumption of a smart home, either per appliance or aggregate. Some recent works have used energy consumption traces to detect anomalies, either in the behavior of the inhabitants or in the operation of some device in the smart home. To train and test the algorithms that detect these anomalies, it is necessary to have extensive and well-annotated consumption traces. However, this type of traces is difficult to obtain. In this paper we describe a highly configurable synthetic electrical trace generator, with characteristics similar to real traces, that can be used in this type of study. In order to have a more realistic behavior, the traces are generated by adding the consumption of several simulated appliances, which precisely represent the consumption of different typical electrical devices. Following the behavior of the real traces, variations at different scales of time and anomalies are introduced to the aggregated smart home energy consumption.},

keywords = {anomaly detection, compromise, cynamon, Electricity consumption, magos, Smart home, Synthetic dataset generation},

pubstate = {published},

tppubtype = {conference}

}

Close
With the introduction of the smart grid, smart meters and smart plugs, it is possible to know the energy consumption of a smart home, either per appliance or aggregate. Some recent works have used energy consumption traces to detect anomalies, either in the behavior of the inhabitants or in the operation of some device in the smart home. To train and test the algorithms that detect these anomalies, it is necessary to have extensive and well-annotated consumption traces. However, this type of traces is difficult to obtain. In this paper we describe a highly configurable synthetic electrical trace generator, with characteristics similar to real traces, that can be used in this type of study. In order to have a more realistic behavior, the traces are generated by adding the consumption of several simulated appliances, which precisely represent the consumption of different typical electrical devices. Following the behavior of the real traces, variations at different scales of time and anomalies are introduced to the aggregated smart home energy consumption.
Close
https://link.springer.com/chapter/10.1007/978-3-031-21333-5_68
doi:https://doi.org/10.1007/978-3-031-21333-5_68
Close
 Moure-Garrido, Marta;  Campo-Vázquez, Celeste;  García-Rubio, Carlos
Detecting Malicious Use of DoH Tunnels Using Statistical Traffic Analysis Conference 
PE-WASUN '22: Proceedings of the 19th ACM International Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks, ACM, 2022, ISBN: 978-1-4503-9483-3.
Abstract | Links | BibTeX | Tags: classification, compromise, cynamon, dns tunnels, doh traffic, magos, malicious doh, statistical analysis
@conference{campo015,

title = {Detecting Malicious Use of DoH Tunnels Using Statistical Traffic Analysis},

author = {Marta Moure-Garrido and Celeste Campo-Vázquez and Carlos García-Rubio},

url = {https://dl.acm.org/doi/10.1145/3551663.3558605},

doi = {https://doi.org/10.1145/3551663.3558605},

isbn = {978-1-4503-9483-3},

year  = {2022},

date = {2022-10-24},

urldate = {2022-10-24},

booktitle = {PE-WASUN '22: Proceedings of the 19th ACM International Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks},

publisher = {ACM},

abstract = {DNS plays a fundamental role in the operation of ubiquitous networks. All devices connected to these networks need DNS to work, both for traditional domain name to IP address translation, and for more advanced services such as resource discovery. At first, the DNS communication protocol presented certain security problems: integrity, authenticity and confidentiality. DNSSEC provides security but still does not guarantee confidentiality. To solve this problem, DNS over TLS (DoT) and DNS over HTTPS (DoH) were defined. In recent years, DNS tunneling, a covert form of encapsulating data transmission, has been used to encapsulate malicious traffic in a DNS connection. DoT and DoH versions complicate the detection of these tunnels because the encrypted data prevents performing an analysis of the content of the DNS traffic. Previous work has used machine learning techniques to identify DoH tunnels, but these have limitations. In this study, we identify the most significant features that singularize malicious traffic from benign traffic by statistical analysis. Based on the selected features, we obtain satisfactory results in the classification between benign and malicious DoH traffic. The study reveals that it is possible to differentiate traffic based on certain statistical parameters.},

keywords = {classification, compromise, cynamon, dns tunnels, doh traffic, magos, malicious doh, statistical analysis},

pubstate = {published},

tppubtype = {conference}

}

Close
DNS plays a fundamental role in the operation of ubiquitous networks. All devices connected to these networks need DNS to work, both for traditional domain name to IP address translation, and for more advanced services such as resource discovery. At first, the DNS communication protocol presented certain security problems: integrity, authenticity and confidentiality. DNSSEC provides security but still does not guarantee confidentiality. To solve this problem, DNS over TLS (DoT) and DNS over HTTPS (DoH) were defined. In recent years, DNS tunneling, a covert form of encapsulating data transmission, has been used to encapsulate malicious traffic in a DNS connection. DoT and DoH versions complicate the detection of these tunnels because the encrypted data prevents performing an analysis of the content of the DNS traffic. Previous work has used machine learning techniques to identify DoH tunnels, but these have limitations. In this study, we identify the most significant features that singularize malicious traffic from benign traffic by statistical analysis. Based on the selected features, we obtain satisfactory results in the classification between benign and malicious DoH traffic. The study reveals that it is possible to differentiate traffic based on certain statistical parameters.
Close
https://dl.acm.org/doi/10.1145/3551663.3558605
doi:https://doi.org/10.1145/3551663.3558605
Close
 Rojo-Rivas, MaríaIsabel;  Díaz-Sánchez, Daniel;  Almenarez, Florina;  Marín-Lopez, Andrés
Kriper: A blockchain network with permissioned storage Journal Article 
In: Future Generation Computer Systems, vol. 138, pp. 160-171, 2022, ISSN: 0167-739X.
Abstract | Links | BibTeX | Tags: Access control, Blockchain, compromise, Confidentiality, cynamon, Distributed storage, Permissioned storage, privacy, ricon
@article{diazsanchez010,

title = {Kriper: A blockchain network with permissioned storage},

author = {MaríaIsabel Rojo-Rivas and Daniel Díaz-Sánchez and Florina Almenarez and Andrés Marín-Lopez},

doi = {https://doi.org/10.1016/j.future.2022.08.006},

issn = {0167-739X},

year  = {2022},

date = {2022-08-17},

urldate = {2022-08-17},

journal = {Future Generation Computer Systems},

volume = {138},

pages = {160-171},

abstract = {Blockchain has been a revolution in the past few years. Beyond the new currencies that were created around different incarnations of the blockchain concept, there are many other contributions that provide interesting services as a data linked structure using a decentralized network that provide a high level of security. Companies have developed many projects to incorporate blockchain into their business logic pursuing to incorporate other related services as persistence of large volumes of data, privacy or anonymity of transactions, distributed data processing, security (confidentiality, integrity, and availability), document management or micro messages in real time. Nevertheless, as it will be discussed in this article, current blockchains do not meet the needs of companies in many aspects, leading to a scarce or superficial adoption. This article introduces Kriper, a blockchain that aims at meeting corporate world needs by responding with a community-based, open blockchain that may also be segregated and private for certain uses whereas it provides a permissioned distributed storage and micro message lightweight services.},

keywords = {Access control, Blockchain, compromise, Confidentiality, cynamon, Distributed storage, Permissioned storage, privacy, ricon},

pubstate = {published},

tppubtype = {article}

}

Close
Blockchain has been a revolution in the past few years. Beyond the new currencies that were created around different incarnations of the blockchain concept, there are many other contributions that provide interesting services as a data linked structure using a decentralized network that provide a high level of security. Companies have developed many projects to incorporate blockchain into their business logic pursuing to incorporate other related services as persistence of large volumes of data, privacy or anonymity of transactions, distributed data processing, security (confidentiality, integrity, and availability), document management or micro messages in real time. Nevertheless, as it will be discussed in this article, current blockchains do not meet the needs of companies in many aspects, leading to a scarce or superficial adoption. This article introduces Kriper, a blockchain that aims at meeting corporate world needs by responding with a community-based, open blockchain that may also be segregated and private for certain uses whereas it provides a permissioned distributed storage and micro message lightweight services.
Close
doi:https://doi.org/10.1016/j.future.2022.08.006
Close
 Moure-Garrido, Marta;  Campo-Vázquez, Celeste;  García-Rubio, Carlos
Entropy-Based Anomaly Detection in HouseholdElectricity Consumption Journal Article 
In: Energies, vol. 15, 2022, ISSN: 1996-1073.
Abstract | Links | BibTeX | Tags: anomaly detection, behavior pattern, compromise, cynamon, entropy, household electricity consumption, load forecasting, magos
@article{campo003,

title = {Entropy-Based Anomaly Detection in HouseholdElectricity Consumption},

author = {Marta Moure-Garrido and Celeste Campo-Vázquez and Carlos García-Rubio},

doi = {https://doi.org/10.3390/en15051837},

issn = {1996-1073},

year  = {2022},

date = {2022-03-02},

urldate = {2022-03-02},

journal = {Energies},

volume = {15},

abstract = {Energy efficiency is one of the most important current challenges, and its impact at a global level is considerable. To solve current challenges, it is critical that consumers are able to control their energy consumption. In this paper, we propose using a time series of window-based entropy to detect anomalies in the electricity consumption of a household when the pattern of consumption behavior exhibits a change. We compare the accuracy of this approach with two machine learning approaches, random forest and neural networks, and with a statistical approach, the ARIMA model. We study whether these approaches detect the same anomalous periods. These different techniques have been evaluated using a real dataset obtained from different households with different consumption profiles from the Madrid Region. The entropy-based algorithm detects more days classified as anomalous according to context information compared to the other algorithms. This approach has the advantages that it does not require a training period and that it adapts dynamically to changes, except in vacation periods when consumption drops drastically and requires some time for adapting to the new situation.},

keywords = {anomaly detection, behavior pattern, compromise, cynamon, entropy, household electricity consumption, load forecasting, magos},

pubstate = {published},

tppubtype = {article}

}

Close
Energy efficiency is one of the most important current challenges, and its impact at a global level is considerable. To solve current challenges, it is critical that consumers are able to control their energy consumption. In this paper, we propose using a time series of window-based entropy to detect anomalies in the electricity consumption of a household when the pattern of consumption behavior exhibits a change. We compare the accuracy of this approach with two machine learning approaches, random forest and neural networks, and with a statistical approach, the ARIMA model. We study whether these approaches detect the same anomalous periods. These different techniques have been evaluated using a real dataset obtained from different households with different consumption profiles from the Madrid Region. The entropy-based algorithm detects more days classified as anomalous according to context information compared to the other algorithms. This approach has the advantages that it does not require a training period and that it adapts dynamically to changes, except in vacation periods when consumption drops drastically and requires some time for adapting to the new situation.
Close
doi:https://doi.org/10.3390/en15051837
Close
2021
 Seoane-Merida, Victor;  García-Rubio, Carlos;  Almenares-Mendoza, Florina;  Campo-Vázquez, Celeste
Performance evaluation of CoAP and MQTT with security support for IoT environments Journal Article 
In: COMPUTER NETWORKS, vol. 197, iss. 108338, pp. 1-22, 2021, ISSN: 1389-1286.
Abstract | Links | BibTeX | Tags: coap, cynamon, Internet of Things, magos, mqtt, Performance evaluation, Security
@article{campos004,

title = {Performance evaluation of CoAP and MQTT with security support for IoT environments},

author = {Victor Seoane-Merida and Carlos García-Rubio and Florina Almenares-Mendoza and Celeste Campo-Vázquez},

url = {http://hdl.handle.net/10016/33795},

doi = {https://doi.org/10.1016/j.comnet.2021.108338},

issn = {1389-1286},

year  = {2021},

date = {2021-10-04},

urldate = {2021-10-04},

journal = {COMPUTER NETWORKS},

volume = {197},

issue = {108338},

pages = {1-22},

abstract = {World is living an overwhelming explosion of smart devices: electronic gadgets, appliances, meters, cars, sensors, camera and even traffic lights, that are connected to the Internet to extend their capabilities, constituting what is known as Internet of Things (IoT). In these environments, the application layer is decisive for the quality of the connection, which has dependencies to the transport layer, mainly when secure communications are used. This paper analyses the performance offered by these two most popular protocols for the application layer: Constrained Application Protocol (CoAP) and Message Queue Telemetry Transport (MQTT). This analysis aims to examine the features and capabilities of the two protocols and to determine their feasibility to operate under constrained devices taking into account security support and diverse network conditions, unlike the previous works. Since IoT devices typically show battery constraints, the analysis is focused on bandwidth and CPU use, using realistic network scenarios, since this use translates to power consumption.},

keywords = {coap, cynamon, Internet of Things, magos, mqtt, Performance evaluation, Security},

pubstate = {published},

tppubtype = {article}

}

Close
World is living an overwhelming explosion of smart devices: electronic gadgets, appliances, meters, cars, sensors, camera and even traffic lights, that are connected to the Internet to extend their capabilities, constituting what is known as Internet of Things (IoT). In these environments, the application layer is decisive for the quality of the connection, which has dependencies to the transport layer, mainly when secure communications are used. This paper analyses the performance offered by these two most popular protocols for the application layer: Constrained Application Protocol (CoAP) and Message Queue Telemetry Transport (MQTT). This analysis aims to examine the features and capabilities of the two protocols and to determine their feasibility to operate under constrained devices taking into account security support and diverse network conditions, unlike the previous works. Since IoT devices typically show battery constraints, the analysis is focused on bandwidth and CPU use, using realistic network scenarios, since this use translates to power consumption.
Close
http://hdl.handle.net/10016/33795
doi:https://doi.org/10.1016/j.comnet.2021.108338
Close
2020
 Seoane-Merida, Victor;  Almenares-Mendoza, Florina;  Campo-Vázquez, Celeste;  García-Rubio, Carlos
Performance Evaluation of the CoAP Protocol with Security Support for IoT Environments Conference 
PE-WASUN '20: Proceedings of the 17th ACM Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks, ASSOCIATION FOR COMPUTING MACHINERY, INC , 2020, ISBN: 978-1-4503-8118-5.
Abstract | Links | BibTeX | Tags: coap, cynamon, DTLS, IoT, magos, Performance evaluation
@conference{campo016b,

title = {Performance Evaluation of the CoAP Protocol with Security Support for IoT Environments},

author = {Victor Seoane-Merida and Florina Almenares-Mendoza and Celeste Campo-Vázquez and Carlos García-Rubio},

doi = {https://doi.org/10.1145/3416011.3424754},

isbn = {978-1-4503-8118-5},

year  = {2020},

date = {2020-11-09},

urldate = {2020-11-09},

booktitle = {PE-WASUN '20: Proceedings of the 17th ACM Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks},

pages = {41-48},

publisher = {ASSOCIATION FOR COMPUTING MACHINERY, INC },

abstract = {Internet of Things (IoT) can be defined as the interconnection through Internet of an unprecedented number of devices with the purpose of exchanging data. It stands as one of the most popular technologies for the following years and it is requiring substantial changes in the Internet protocols to meet its requirements. As the application layer is decisive for the quality of the connection, this paper analyzes the performance offered by one of the most popular protocols for the application layer in IoT: the Constrained Application Protocol (CoAP). This analysis aims to examine the features and capabilities of this protocol and to determine its feasibility to operate under constrained devices using security support. For this, a realistic network scenario is deployed to run the simulations and to measure bandwidth, consumption of resources (i.e., CPU cycles and bandwidth usage) and communication latency. Additionally, the trade-off between security and performance is discussed measuring the bandwidth overhead and the consumption increase associated to secure the communications. Different ciphering and authentication algorithms are tested, following the recommendations made by the Internet Engineering Task Force (IETF).},

keywords = {coap, cynamon, DTLS, IoT, magos, Performance evaluation},

pubstate = {published},

tppubtype = {conference}

}

Close
Internet of Things (IoT) can be defined as the interconnection through Internet of an unprecedented number of devices with the purpose of exchanging data. It stands as one of the most popular technologies for the following years and it is requiring substantial changes in the Internet protocols to meet its requirements. As the application layer is decisive for the quality of the connection, this paper analyzes the performance offered by one of the most popular protocols for the application layer in IoT: the Constrained Application Protocol (CoAP). This analysis aims to examine the features and capabilities of this protocol and to determine its feasibility to operate under constrained devices using security support. For this, a realistic network scenario is deployed to run the simulations and to measure bandwidth, consumption of resources (i.e., CPU cycles and bandwidth usage) and communication latency. Additionally, the trade-off between security and performance is discussed measuring the bandwidth overhead and the consumption increase associated to secure the communications. Different ciphering and authentication algorithms are tested, following the recommendations made by the Internet Engineering Task Force (IETF).
Close
doi:https://doi.org/10.1145/3416011.3424754
Close
 Marín-López, Andrés;  Chica-Manjarrez, Sergio;  Arroyo, David;  Almenares-Mendoza, Florina;  Díaz-Sánchez, Daniel
Security Information Sharing in Smart Grids: Persisting Security Audits to the Blockchain Journal Article 
In: Electronics, vol. 9, pp. 1865, 2020, ISSN: 2079-9292.
Abstract | Links | BibTeX | Tags: cynamon, inteligenciafuentesabiertas, permissioned blockchain, scalability, security auditing, smart grid security
@article{marin002,

title = {Security Information Sharing in Smart Grids: Persisting Security Audits to the Blockchain},

author = {Andrés Marín-López and Sergio Chica-Manjarrez and David Arroyo and Florina Almenares-Mendoza and Daniel Díaz-Sánchez },

url = {https://www.mdpi.com/2079-9292/9/11/1865

},

doi = {https://doi.org/10.3390/electronics9111865},

issn = {2079-9292},

year  = {2020},

date = {2020-11-06},

urldate = {2020-11-06},

journal = {Electronics},

volume = {9},

pages = {1865},

abstract = {With the transformation in smart grids, power grid companies are becoming increasingly

dependent on data networks. Data networks are used to transport information and commands for

optimizing power grid operations: Planning, generation, transportation, and distribution. Performing

periodic security audits is one of the required tasks for securing networks, and we proposed in a

previous work AUTOAUDITOR, a system to achieve automatic auditing. It was designed according

to the specific requirements of power grid companies, such as scaling with the huge number of

heterogeneous equipment in power grid companies. Though pentesting and security audits are

required for continuous monitoring, collaboration is of utmost importance to fight cyber threats.

In this paper we work on the accountability of audit results and explore how the list of audit result

records can be included in a blockchain, since blockchains are by design resistant to data modification.

Moreover, blockchains endowed with smart contracts functionality boost the automation of both

digital evidence gathering, audit, and controlled information exchange. To our knowledge, no such

system exists. We perform throughput evaluation to assess the feasibility of the system and show

that the system is viable for adaptation to the inventory systems of electrical companies.},

keywords = {cynamon, inteligenciafuentesabiertas, permissioned blockchain, scalability, security auditing, smart grid security},

pubstate = {published},

tppubtype = {article}

}

Close
With the transformation in smart grids, power grid companies are becoming increasingly

dependent on data networks. Data networks are used to transport information and commands for

optimizing power grid operations: Planning, generation, transportation, and distribution. Performing

periodic security audits is one of the required tasks for securing networks, and we proposed in a

previous work AUTOAUDITOR, a system to achieve automatic auditing. It was designed according

to the specific requirements of power grid companies, such as scaling with the huge number of

heterogeneous equipment in power grid companies. Though pentesting and security audits are

required for continuous monitoring, collaboration is of utmost importance to fight cyber threats.

In this paper we work on the accountability of audit results and explore how the list of audit result

records can be included in a blockchain, since blockchains are by design resistant to data modification.

Moreover, blockchains endowed with smart contracts functionality boost the automation of both

digital evidence gathering, audit, and controlled information exchange. To our knowledge, no such

system exists. We perform throughput evaluation to assess the feasibility of the system and show

that the system is viable for adaptation to the inventory systems of electrical companies.
Close
https://www.mdpi.com/2079-9292/9/11/1865
doi:https://doi.org/10.3390/electronics9111865
Close
 Chica-Manjarrez, Sergio;  Marín-López, Andrés;  Díaz-Sánchez, Daniel;  Almenares-Mendoza, Florina
On the Automation of Auditing in Power Grid Companies Proceedings Article 
In: Actas de congreso internacional, Citas Google 2, CORE C, pp. 331 - 340, 2020, ISBN: ISSN/ISBN) 978-1-4503-5988-7.
Abstract | Links | BibTeX | Tags: auditing, containers, cynamon, inteligenciafuentesabiertas, privacy, scalability, Security
@inproceedings{pa054,

title = {On the Automation of Auditing in Power Grid Companies},

author = {Sergio Chica-Manjarrez and Andrés Marín-López and Daniel Díaz-Sánchez and Florina Almenares-Mendoza},

doi = {10.3233/AISE200057},

isbn = {ISSN/ISBN) 978-1-4503-5988-7},

year  = {2020},

date = {2020-07-23},

urldate = {2020-07-23},

booktitle = {Actas de congreso internacional, Citas Google 2, CORE C},

pages = {331 - 340},

abstract = {Auditing is a common task required to secure networks. This becomes of utter importance in power grid companies, the authorities of electricity supply. An increasing number of connected devices makes the use of semi automatic or fully automated auditing imperative. The inventory system has to incorporate the auditing results and subsequently integrate them in the security assessment of the company. The risk metrics incorporate the severity of exposures and facilitate the selection of vulnerabilities that have to be mitigated, according to the risk appetite of the company. This automatic approach has to address scale and privacy issues of large companies. In addition, connections from foreign domains that carry out the auditing involve additional risks that must be considered to effectively test the likelihood and depth of the found vulnerabilities.



In this paper we discuss the requirements of an automatic auditing system and present AUTOAUDITOR, a highly configurable module which allow companies to automatically perform pentesting in specific assets.},

keywords = {auditing, containers, cynamon, inteligenciafuentesabiertas, privacy, scalability, Security},

pubstate = {published},

tppubtype = {inproceedings}

}

Close
Auditing is a common task required to secure networks. This becomes of utter importance in power grid companies, the authorities of electricity supply. An increasing number of connected devices makes the use of semi automatic or fully automated auditing imperative. The inventory system has to incorporate the auditing results and subsequently integrate them in the security assessment of the company. The risk metrics incorporate the severity of exposures and facilitate the selection of vulnerabilities that have to be mitigated, according to the risk appetite of the company. This automatic approach has to address scale and privacy issues of large companies. In addition, connections from foreign domains that carry out the auditing involve additional risks that must be considered to effectively test the likelihood and depth of the found vulnerabilities.



In this paper we discuss the requirements of an automatic auditing system and present AUTOAUDITOR, a highly configurable module which allow companies to automatically perform pentesting in specific assets.
Close
doi:10.3233/AISE200057
Close
 Rubio-Drosdov, Eugenio;  Díaz-Sánchez, Daniel;  Marín-López, Andrés;  Almenares-Mendoza, Florina
A Framework for Microservice Migration and Performance Assessment Proceedings Article 
In: pp. 291 - 299, 2020, ISBN: 978-1-4503-5988-7.
Abstract | Links | BibTeX | Tags: cynamon, inteligenciafuentesabiertas, IoT, microservices, smart grids, testing
@inproceedings{pa059,

title = {A Framework for Microservice Migration and Performance Assessment},

author = {Eugenio Rubio-Drosdov and Daniel Díaz-Sánchez and Andrés Marín-López and Florina Almenares-Mendoza},

doi = {doi:10.3233/AISE200053},

isbn = {978-1-4503-5988-7},

year  = {2020},

date = {2020-06-25},

urldate = {2020-06-25},

pages = {291 - 299},

abstract = {In a large Smart Grid, smart meters produce tremendous amount of data that are hard to process, analyze and store. Fog computing is an environment that offers a place for collecting, computing and storing smart meter data before transmitting them to the cloud. Due to the distributed, heterogeneous and resource constrained nature of the fog computing nodes, fog applications need to be developed as a collection of interdependent, lightweight modules. Since this concept aligns with the goals of microservices architecture (MSA), efficient placement of microservices-based Smart Grid applications within fog environments has the potential to fully leverage capabilities of fog devices. Microservice architecture is an emerging software architectural style. It is based on microservices to provide several advantages over a monolithic solution, such as autonomy, composability, scalability, and fault-tolerance. However, optimizing the migration of microservices from one fog environment to other while assuring certain quality is still a big issue that needs to be addressed. In this paper, we propose an approach for assisting the migration of microservices in MSA-based Smart Grid systems, based on the analysis of their performance within the possible candidate destinations. Developers create microservices that will be eventually deployed at a given infrastructure. Either the developer, cosidering the design, or the entity deploying the service have a good knowledge of the quality required by the microservice. Due to that, they can create tests that determine if a destination meets the requirements of a given microservice and embed these tests as part of the microservice. Our goal is to automate the execution of performance tests by attaching a specification that contains the test parameters to each microservice.},

keywords = {cynamon, inteligenciafuentesabiertas, IoT, microservices, smart grids, testing},

pubstate = {published},

tppubtype = {inproceedings}

}

Close
In a large Smart Grid, smart meters produce tremendous amount of data that are hard to process, analyze and store. Fog computing is an environment that offers a place for collecting, computing and storing smart meter data before transmitting them to the cloud. Due to the distributed, heterogeneous and resource constrained nature of the fog computing nodes, fog applications need to be developed as a collection of interdependent, lightweight modules. Since this concept aligns with the goals of microservices architecture (MSA), efficient placement of microservices-based Smart Grid applications within fog environments has the potential to fully leverage capabilities of fog devices. Microservice architecture is an emerging software architectural style. It is based on microservices to provide several advantages over a monolithic solution, such as autonomy, composability, scalability, and fault-tolerance. However, optimizing the migration of microservices from one fog environment to other while assuring certain quality is still a big issue that needs to be addressed. In this paper, we propose an approach for assisting the migration of microservices in MSA-based Smart Grid systems, based on the analysis of their performance within the possible candidate destinations. Developers create microservices that will be eventually deployed at a given infrastructure. Either the developer, cosidering the design, or the entity deploying the service have a good knowledge of the quality required by the microservice. Due to that, they can create tests that determine if a destination meets the requirements of a given microservice and embed these tests as part of the microservice. Our goal is to automate the execution of performance tests by attaching a specification that contains the test parameters to each microservice.
Close
doi:doi:10.3233/AISE200053
Close
 Moure-Garrido, Marta;  Campo-Vázquez, Celeste;  García-Rubio, Carlos
Anomalies detection using entropy in household energy consumption data  Conference 
Intelligent Environments 2020 Workshop Proceedings of the 16th International Conference on Intelligent Environments, 2020, ISBN: 978-1-64368-090-3.
Abstract | Links | BibTeX | Tags: anomaly, cynamon, entropy, household energy consumption
@conference{campo016,

title = {Anomalies detection using entropy in household energy consumption data },

author = {Marta Moure-Garrido and Celeste Campo-Vázquez and Carlos García-Rubio},

url = {https://ebooks.iospress.nl/publication/54775},

doi = {10.3233/AISE200055},

isbn = {978-1-64368-090-3},

year  = {2020},

date = {2020-05-04},

urldate = {2020-05-04},

booktitle = {Intelligent Environments 2020 Workshop Proceedings of the 16th International Conference on Intelligent Environments},

pages = {311-320},

abstract = {The growing boom in smart grids and home automation makes possible

to obtain information of household energy consumption. In this work, we study if

entropy is a good mechanism to detect anomalies in household energy consumption traces. We propose an entropy algorithm based on windowing the temporal

series of energy consumption. We select a trace with a duration of 3 months from

the REFIT project household energy consumption data set, available open access.

Entropy can adapt to changes in consumption in this trace, by learning and forgetting patterns dynamically. Although entropy is a promising technique and it has

many advantages, as the traces in this data set are not sufficiently labeled to check

the correct functioning of the algorithms, we propose to further validate the results

using synthetic traces.},

keywords = {anomaly, cynamon, entropy, household energy consumption},

pubstate = {published},

tppubtype = {conference}

}

Close
The growing boom in smart grids and home automation makes possible

to obtain information of household energy consumption. In this work, we study if

entropy is a good mechanism to detect anomalies in household energy consumption traces. We propose an entropy algorithm based on windowing the temporal

series of energy consumption. We select a trace with a duration of 3 months from

the REFIT project household energy consumption data set, available open access.

Entropy can adapt to changes in consumption in this trace, by learning and forgetting patterns dynamically. Although entropy is a promising technique and it has

many advantages, as the traces in this data set are not sufficiently labeled to check

the correct functioning of the algorithms, we propose to further validate the results

using synthetic traces.
Close
https://ebooks.iospress.nl/publication/54775
doi:10.3233/AISE200055
Close
2019
 Díaz-Sánchez, Daniel;  Marín-Lopez, Andrés;  Mendoza, Florina Almenárez;  Cabarcos, Patricia Arias
DNS/DANE Collision-Based Distributed and Dynamic Authentication for Microservices in IoT † Journal Article 
In: Sensors, vol. 19, iss. 15, pp. 1-23, 2019, ISSN: 1424-8220.
Abstract | Links | BibTeX | Tags: authentication, chameleon signatures, cynamon, DANE, DNSSEC, Internet of Things, magos, microservices
@article{Diaz_Sanchez_2019,

title = {DNS/DANE Collision-Based Distributed and Dynamic Authentication for Microservices in IoT †},

author = {Daniel Díaz-Sánchez and Andrés Marín-Lopez and Florina Almenárez Mendoza and Patricia Arias Cabarcos},

url = {http://dx.doi.org/10.3390/s19153292

/download/DNS_DANE_Collision-Based_Distributed_and_Dynamic_Authentication_for_Microservices_in_IoT.pdf},

doi = {https://doi.org/10.3390/s19153292},

issn = {1424-8220},

year  = {2019},

date = {2019-07-26},

urldate = {2019-07-26},

journal = {Sensors},

volume = {19},

issue = {15},

pages = {1-23},

publisher = {MDPI AG},

abstract = {IoT devices provide real-time data to a rich ecosystem of services and applications. The volume of data and the involved subscribe/notify signaling will likely become a challenge also for access and core networks. To alleviate the core of the network, other technologies like fog computing can be used. On the security side, designers of IoT low-cost devices and applications often reuse old versions of development frameworks and software components that contain vulnerabilities. Many server applications today are designed using microservice architectures where components are easier to update. Thus, IoT can benefit from deploying microservices in the fog as it offers the required flexibility for the main players of ubiquitous computing: nomadic users. In such deployments, IoT devices need the dynamic instantiation of microservices. IoT microservices require certificates so they can be accessed securely. Thus, every microservice instance may require a newly-created domain name and a certificate. The DNS-based Authentication of Named Entities (DANE) extension to Domain Name System Security Extensions (DNSSEC) allows linking a certificate to a given domain name. Thus, the combination of DNSSEC and DANE provides microservices’ clients with secure information regarding the domain name, IP address, and server certificate of a given microservice. However, IoT microservices may be short-lived since devices can move from one local fog to another, forcing DNSSEC servers to sign zones whenever new changes occur. Considering DNSSEC and DANE were designed to cope with static services, coping with IoT dynamic microservice instantiation can throttle the scalability in the fog. To overcome this limitation, this article proposes a solution that modifies the DNSSEC/DANE signature mechanism using chameleon signatures and defining a new soft delegation scheme. Chameleon signatures are signatures computed over a chameleon hash, which have a property: a secret trapdoor function can be used to compute collisions to the hash. Since the hash is maintained, the signature does not have to be computed again. In the soft delegation schema, DNS servers obtain a trapdoor that allows performing changes in a constrained zone without affecting normal DNS operation. In this way, a server can receive this soft delegation and modify the DNS zone to cope with frequent changes such as microservice dynamic instantiation. Changes in the soft delegated zone are much faster and do not require the intervention of the DNS primary servers of the zone.},

keywords = {authentication, chameleon signatures, cynamon, DANE, DNSSEC, Internet of Things, magos, microservices},

pubstate = {published},

tppubtype = {article}

}

Close
IoT devices provide real-time data to a rich ecosystem of services and applications. The volume of data and the involved subscribe/notify signaling will likely become a challenge also for access and core networks. To alleviate the core of the network, other technologies like fog computing can be used. On the security side, designers of IoT low-cost devices and applications often reuse old versions of development frameworks and software components that contain vulnerabilities. Many server applications today are designed using microservice architectures where components are easier to update. Thus, IoT can benefit from deploying microservices in the fog as it offers the required flexibility for the main players of ubiquitous computing: nomadic users. In such deployments, IoT devices need the dynamic instantiation of microservices. IoT microservices require certificates so they can be accessed securely. Thus, every microservice instance may require a newly-created domain name and a certificate. The DNS-based Authentication of Named Entities (DANE) extension to Domain Name System Security Extensions (DNSSEC) allows linking a certificate to a given domain name. Thus, the combination of DNSSEC and DANE provides microservices’ clients with secure information regarding the domain name, IP address, and server certificate of a given microservice. However, IoT microservices may be short-lived since devices can move from one local fog to another, forcing DNSSEC servers to sign zones whenever new changes occur. Considering DNSSEC and DANE were designed to cope with static services, coping with IoT dynamic microservice instantiation can throttle the scalability in the fog. To overcome this limitation, this article proposes a solution that modifies the DNSSEC/DANE signature mechanism using chameleon signatures and defining a new soft delegation scheme. Chameleon signatures are signatures computed over a chameleon hash, which have a property: a secret trapdoor function can be used to compute collisions to the hash. Since the hash is maintained, the signature does not have to be computed again. In the soft delegation schema, DNS servers obtain a trapdoor that allows performing changes in a constrained zone without affecting normal DNS operation. In this way, a server can receive this soft delegation and modify the DNS zone to cope with frequent changes such as microservice dynamic instantiation. Changes in the soft delegated zone are much faster and do not require the intervention of the DNS primary servers of the zone.
Close
http://dx.doi.org/10.3390/s19153292
/download/DNS_DANE_Collision-Based_Distributed_and_Dynamic_Authentication_for_Mi[...]
doi:https://doi.org/10.3390/s19153292
Close
 Díaz-Sánchez, Daniel;  Marín-López, Andrés;  Almenárez-Mendoza, Florina;  Arias-Cabarcos, Patricia;  Simon-Sherratt, R.
TLS/PKI Challenges and Certificate Pinning Techniques for IoT and M2M Secure Communications Journal Article 
In: IEEE Communications Surveys and Tutorials, vol. 21, iss. 4, pp. 3502-3531, 2019, ISSN: 1553-877X.
Abstract | Links | BibTeX | Tags: authentication, certificate pinning, cynamon, DTLS, Internet of Things, Machine to Machine, magos, PKI, Protocols, TLS, Trusted Third Party, Tutorials
@article{8704893,

title = {TLS/PKI Challenges and Certificate Pinning Techniques for IoT and M2M Secure Communications},

author = {Daniel Díaz-Sánchez and Andrés Marín-López and Florina Almenárez-Mendoza and Patricia Arias-Cabarcos and R. Simon-Sherratt},

url = {https://doi.org/10.1109/COMST.2019.2914453

https://ieeexplore.ieee.org/document/8704893

https://phpmyadmin.pervasive.it.uc3m.es/download/TLC-PKI-challenges-certificate-pinning.pdf},

doi = {10.1109/COMST.2019.2914453},

issn = {1553-877X},

year  = {2019},

date = {2019-05-02},

urldate = {2019-05-02},

journal = {IEEE Communications Surveys and Tutorials},

volume = {21},

issue = {4},

pages = {3502-3531},

abstract = {Transport layer security (TLS) is becoming the de facto standard to provide end-to-end security in the current Internet. IoT and M2M scenarios are not an exception since TLS is also being adopted there. The ability of TLS for negotiating any security parameter, its flexibility and extensibility are responsible for its wide adoption but also for several attacks. Moreover, as it relies on public key infrastructure (PKI) for authentication, it is also affected by PKI problems. Considering the advent of IoT/M2M scenarios and their particularities, it is necessary to have a closer look at TLS history to evaluate the potential challenges of using TLS and PKI in these scenarios. According to this, this paper provides a deep revision of several security aspects of TLS and PKI, with a particular focus on current certificate pinning solutions in order to illustrate the potential problems that should be addressed.},

keywords = {authentication, certificate pinning, cynamon, DTLS, Internet of Things, Machine to Machine, magos, PKI, Protocols, TLS, Trusted Third Party, Tutorials},

pubstate = {published},

tppubtype = {article}

}

Close
Transport layer security (TLS) is becoming the de facto standard to provide end-to-end security in the current Internet. IoT and M2M scenarios are not an exception since TLS is also being adopted there. The ability of TLS for negotiating any security parameter, its flexibility and extensibility are responsible for its wide adoption but also for several attacks. Moreover, as it relies on public key infrastructure (PKI) for authentication, it is also affected by PKI problems. Considering the advent of IoT/M2M scenarios and their particularities, it is necessary to have a closer look at TLS history to evaluate the potential challenges of using TLS and PKI in these scenarios. According to this, this paper provides a deep revision of several security aspects of TLS and PKI, with a particular focus on current certificate pinning solutions in order to illustrate the potential problems that should be addressed.
Close
https://doi.org/10.1109/COMST.2019.2914453
https://ieeexplore.ieee.org/document/8704893
https://phpmyadmin.pervasive.it.uc3m.es/download/TLC-PKI-challenges-certificate-[...]
doi:10.1109/COMST.2019.2914453
Close