Browsing by Subject "Cybersecurity"
Now showing 1 - 11 of 11
Results Per Page
Sort Options
- PublicationOpen AccessBehavioral fingerprinting to detect ransomware in resource-constrained devices(Elsevier, 2023-12) Sánchez Sánchez, Pedro Miguel; Von der Assen, Jan; Shushack, Dennis; Perales Gómez, Ángel Luis; Bovet, Gérôme; Martínez Pérez, Gregorio; Stiller, Burkhard; Huertas Celdrán, Alberto; Ingeniería y Tecnología de ComputadoresThe Internet of Things (IoT), a network of interconnected devices, has grown and gained traction over the last few years. This paradigm can impact our lives while also providing significant economic benefits. However, although resource-constrained IoT devices offer numerous advantages, they are also vulnerable to cyberattacks. As a result, ransomware severely threatens IoT devices managing sensitive and relevant information. Solutions based on Machine and Deep Learning (ML/DL) that consider behavioral data have been identified as promising. However, most detection solutions have been developed for Windows-based systems, which generally have more resources than IoT devices. As a result, these solutions are not suitable for resource-constrained components. In addition, no solution compares the pros and cons of different behavioral dimensions of resource-constrained devices. Thus, this work presents a framework that combines three different behavioral sources with supervised and unsupervised ML/DL algorithms to detect and classify heterogeneous ransomware impacting resource-constrained spectrum sensors. A pool of experiments has demonstrated the suitability of the proposed solution and compared its performance with a rule-based system. In conclusion, the usage of resources combined with local outlier factor and decision tree are the most promising combinations to detect anomalies and classify ransomware while consuming CPU, RAM, and time of devices in a reduced manner.
- PublicationOpen AccessBridging disinformation and cybersecurity in the social sciences: a scoping review(2026) Teresa García-Alcaraz; Aguado, Juan Miguel; Ruipérez Valiente, José Antonio; Departamento de Comunicación; Departamento de Ingeniería de la Información y las ComunicacionesThe spread of mis/disinformation, amplified and accelerated by the influence of digital technologies, along with the rapid development of Artificial Intelligence (AI) tools, poses a growing threat that impacts both cybersecurity and wider societal stability, thereby prompting the need for broad and genuinely interdisciplinary analysis. This Scoping Review (ScR) aims to systematically map the body of literature published up to the year 2024, with a specific focus on social science research that examines mis/disinformation at its intersection with cybersecurity. Applying the PRISMA ScR methodology, a total of 64 academic papers were reviewed in order to address four central questions: (1) how core terms such as misinformation and disinformation have been defined across the literature, (2) which are the main academic topics on mis/disinformation related to cybersecurity and how these topics are interconnected in the academic discussion, (3) what theoretical frameworks or social models have been applied to address mis/disinformation in this particular context, and (4) how the relationship between mis/disinformation and cybersecurity has been established, conceptualized, and evolved over time. The findings indicate that, despite the growing frequency of these terms, few studies offer explicit definitions. Mis/disinformation is increasingly understood as a cybersecurity challenge linked to hybrid warfare and cognitive threats. Literature underlines both geopolitical and psychological dimensions, with mitigation approaches largely centred on media literacy and AI. Over time, the focus has shifted from purely technical responses toward broader ethical, legal, and societal considerations, highlighting the phenomenon’s evolving complexity. Persistent research gaps remain, guiding future directions for study.
- PublicationOpen AccessCiberseguridad en la investigación en turismo y hotelería: temas de actualidad, tendencias y una agenda para futuras investigaciones(Servicio publicaciones. Universidad de Murcia, 2024) Alonso Almeida, María del Mar; Giglio, CarloThis paper compares two literature reviews on cybersecurity issues focused on the mature organisations, business and management field, and the embryonic tourism and hos-pitality area. Hence, we use the general study on the former as a benchmark for the narrower review on the latter, to map the current trends and identify the corresponding gaps. Findings suggest the following topic clusters for future research: (1) machine learning, artificial intel-ligence, blockchain, big data; (2) fraud and reputation; (3) phishing and social engineering; (4) human security and user education
- PublicationOpen AccessCyberprotection in IoT environments: a dynamic rule-based solution to defend smart devices(Elsevier, 2021-05-20) Nespoli, Pantaleone; Díaz López, Daniel; Gómez Mármol, Félix; Ingeniería de la Información y las ComunicacionesUndoubtedly, modern human digital lives are every day more and more connected, and the revolution of “everything connected” is already becoming a reality. Indeed, humans live in the age of the Internet of Things (IoT), and one of the most usual IoT contexts is a smart home. Unfortunately, such significant enhancement also means that common home devices, such as fridges, cameras, or even bulbs, are exposed to malevolent entities whose primary goal is to threaten the confidentiality, integrity, and availability of the automatically-exchanged information. Aiming at fine-tuning the protection of the smart devices, this paper proposes a novel dynamic rule management solution adaptable to the current status of the IoT environment, so to protect it against cyberattacks. Experiments demonstrated that a notable reduction in the CPU and RAM consumption was achieved when applying this novel scheme. Additionally, the number of packets processed per second increased substantially, inducing a meaningful enhancement also from a security perspective.
- PublicationOpen AccessLas dimensiones de las ciberamenazas: inconsistencias de la regulación global.(Universidad de Murcia, Servicio de Publicaciones, 2023) Nascimento Heim, Tatiana; Wessel, Ramses ALa revolución de la información permite un acceso amplio y rápido a los datos, pero también permite o amplía la posibilidad de que terceros traten de dañar los sistemas y causar daños. A pesar de la creciente sofisticación de los ataques, el conocimiento técnico del usuario de hecho está disminuyendo. Eso puede explicarse por el hecho de que los scripts de ataque y los kits de herramientas están disponibles de manera asequible, con efectos devastadores para la sociedad. Cualquier ordenador con acceso a Internet, hoy en día es vulnerable a amenazas como virus, gusanos y otros ataques. Las amenazas a la ciberseguridad son difíciles de clasificar, ya que las diferentes categorías se superponen y las actividades pueden derivarse de un solo sujeto o de actores y grupos complejos y globales. Las amenazas cibernéticas se diferencian de los problemas de seguridad tradicionales, principalmente, en lo que respecta a la atribución de su jurisdicción, ya que un ataque cibernético se puede realizar desde cualquier lugar, sin que el actor tenga que salir de casa. En ese sentido, el enfoque principal del presente documento es revisar las diferentes dimensiones de las ciberamenazas y clasificarlas sobre la base de las definiciones y descripciones utilizadas en los instrumentos internacionales. Todo ello con el fin de establecer (in)coherencias entre las diversas normas. Nuestros hallazgos sugieren que, a pesar de los sistemas regulatorios bastante fragmentados en todo el mundo, existe un acuerdo general sobre las nociones y definiciones básicas. Esto ofrece un buen punto de partida para los debates en curso sobre una mayor armonización de las normas mundiales sobre ciberseguridad y la persecución del ciberdelito.
- PublicationOpen AccessDistributed real-time SlowDoS attacks detection over encrypted traffic using Artificial Intelligence(Elsevier, 2021) Garcia, Norberto; Alcaniz, Tomás; González Vidal, Aurora; Bernal Bernabé, Jorge; Rivera, Diego; Skarmeta Gómez, Antonio; Ingeniería de la Información y las Comunicaciones; Facultades de la UMU::Facultad de InformáticaSlowDoS attacks exploit slow transmissions on application-level protocols like HTTP to carry out denial of service against web-servers. These attacks are difficult to be detected with traditional signature-based intrusion detection approaches, even more when the HTTP traffic is encrypted. To cope with this challenge, this paper describes and AI-based anomaly detection system for real-time detection of SlowDoS attacks over application-level encrypted traffic. Our system monitors in real-time the network traffic, analyzing, processing and aggregating packets into conversation flows, getting valuable features and statistics that are dynamically analyzed in streaming for AI-based anomaly detection. The distributed AI model running in Apache Spark-streaming, combines clustering analysis for anomaly detection, along with deep learning techniques to increase detection accuracy in those cases where clustering obtains ambiguous probabilities. The proposal has been implemented and validated in a real testbed, showing its feasibility, performance and accuracy for detecting in real-time different kinds of SlowDoS attacks over encrypted traffic. The achieved results are close to the optimal precision value with a success rate 98%, while the false negative rate takes a value below 0.5%.
- PublicationOpen AccessLab: security in cyberphysical systems: trusted execution environments(2025-09-05) García Rodríguez, Jesús; Ingeniería de la Información y las ComunicacionesThe lab provides an introduction to cybersecurity in cyberphysical Internet of Things (IoT) scenarios, particularly in the context of secure execution. It is focused on Trusted Execution Environments (TEE), what they are, and how they can be used to improve security in the context of cyber-physical systems, including its relationship with the well-known IEC 62443 security standard. Particularly, it deals with the open-source solution OP-TEE, which provides TEE implementation following the ARM TrustZone architecture, which is fit for many IoT devices.
- PublicationOpen AccessSafeMan: a unified framework to manage cybersecurity and safety in manufacturing industry(Wiley, 2020-08-06) Perales Gómez, Ángel Luis; Fernández Maimó, Lorenzo; García Clemente, Félix Jesús; Gil Pérez, Manuel; Martínez Pérez, Gregorio; Huertas Celdrán, Alberto; Ingeniería y Tecnología de ComputadoresIndustrial control systems (ICS) are considered cyber-physical systems that join both cyber and physical worlds. Due to their tight interaction, where humans and robots co-work and co-inhabit in the same workspaces and production lines, cyber-attacks targeting ICS can alter production processes and even bypass safety procedures. As an example, these cyber-attacks could interrupt physical industrial processes and cause potential injuries to workers. In this article, we present SafeMan, a unified management framework based on the Edge Computing paradigm that provides high-performance applications for the detection and mitigation of both cyber-attacks and safety threats in industrial scenarios. Three use cases show specific threats in manufacturing as well as the SafeMan actions carried out to detect and mitigate them. In order to validate our proposal, a pool of experiments was performed with Electra, an industrial dataset with normal network traffic and different cyber-attacks by using a given number of Modbus TCP and S7Comm devices. The experiments measured the runtime performance of anomaly detection techniques based on machine learning and deep learning to detect cyber-attacks in control networks. The experimental results show that Neural Networks report the best performance, being able to examine 217 feature vectors per second over Electra, and therefore demonstrating that it can be used as detection model for SafeMan in real scenarios.
- PublicationOpen AccessLa seguridad en el ciberespacio desde una perspectiva sociocultural(Universidad Rey Juan Carlos de Madrid, 2022-10-31) Sánchez Vera, Fulgencio; Téllez Infantes, Anastasia; Martínez Guirao, Javier Eloy; Ciencia Política, Antropología Social y Hacienda PúblicaEn este artículo presentamos una aproximación al problema de la seguridad en el ciberespacio desde una perspectiva sociocultural. Comenzamos caracterizando el nuevo espacio a través de un modelo estratificado que da relevancia a las personas como agentes que utilizan y dan sentido a la infraestructura tecnológica. Mostramos cómo la expansión del ciberespacio ha generado de manera paralela un aumento de la cibercriminalidad, en sus distintas formas ‒ciberdelito, ciberterrorismo, ciberguerra, entre otros. Sin obviar la importancia de la tecnología subyacente, nos centramos en el papel del factor humano analizando las principales ciberamenazas a las que estamos expuestos y los actores que intervienen. Finalmente, apuntamos cómo el rápido avance del ciberespacio en extensión y profundidad dará soluciones asombrosas a ciertas necesidades humanas, pero a la vez aumentará la vulnerabilidad abriendo un escenario de alto riesgo que la sociedad tendrá que enfrentar para establecer la confianza necesaria que garantice la seguridad y la libertad en el nuevo entorno. Concluimos defendiendo que las ciencias sociales tienen un papel esencial pues los problemas que atañen a la seguridad y los derechos no pueden abordarse como una cuestión meramente técnica.
- PublicationOpen AccessTackling cyberattacks through AI-based reactive systems: a holistic review and future vision(IEEE Xplore, 2025-06-25) Nespoli, Pantaleone; Bernardez Molina, Sergio; Beltrán-López, Pedro; Gómez Mármol, Félix; Ingeniería de la Información y las ComunicacionesThere is no denying that the use of Information Technology (IT) is undergoing exponential growth in today’s world. This digital transformation has also given rise to a multitude of security challenges, notably in the realm of cybercrime. In response to these growing threats, public and private sectors have prioritized the strengthening of IT security measures. In light of the growing security concern, Artificial Intelligence (AI) has gained prominence within the cybersecurity landscape. This paper presents a comprehensive survey of recent advancements in AI-driven threat response systems. To the best of our knowledge, the most recent survey covering the AI reaction domain was conducted in 2017. Since then, considerable literature has been published, and therefore, it is worth reviewing it. In this comprehensive survey of the state of the art reaction systems, five key features with multiple values have been identified, facilitating a homogeneous comparison between the different works. In addition, through a meticulous methodology of article collection, the 22 most relevant publications in the field have been selected. Then each of these publications has been subjected to a detailed analysis using the features identified, which has allowed for the generation of a comprehensive overview revealing significant relationships between the papers. These relationships are further elaborated in the paper, along with the identification of potential gaps in the literature, which may guide future contributions. A total of seven research challenges have been identified, pointing out these potential gaps and suggesting possible areas of development through concrete proposals.
- PublicationOpen AccessThe not yet exploited goldmine of OSINT: opportunities, open challenges and future trends(IEEE, 2020-01-09) Pastor Galindo, Javier; Nespoli, Pantaleone; Gómez Mármol, Félix; Martínez Pérez, Gregorio; Ingeniería de la Información y las Comunicaciones