Dynamic changes in mitochondrial <scp>DNA</scp>, distribution and activity within cat oocytes during folliculogenesis

The Internet of Things (IoT) paradigm has revolutionized several industries (e.g., manufacturing, health, transport, education, among others) by allowing objects to connect to the Internet and, thus, enabling a variety of novel applications. In this sense, IoT devices have become an essential component of smart cities, allowing many novel and useful services, but, at the same time, bringing numerous cybersecurity threats. The paper at hand proposes BlockSIEM, a blockchain-based and distributed Security Information and Event Management (SIEM) solution framework for the protection of the aforementioned smart city services. The proposed SIEM relies on blockchain technology to securely store and access security events. Such security events are generated by IoT sentinels that are in charge of shielding groups of IoT devices. The IoT sentinels may be deployed in smart city scenarios, such as smart hospitals, smart transport systems, smart airports, among others, ensuring a satisfactory level of protection. The blockchain guarantees the non-repudiation and traceability of the registry of security events due to its features. To demonstrate the feasibility of the proposed approach, our proposal is implemented using Ethereum and validated through different use cases and experiments.

show abstract

C3-Sex: A Conversational Agent to Detect Online Sex Offenders

Rodríguez

Durán

Díaz-López

et al. 2020

Electronics

View full text Add to dashboard Cite

Prevention of cybercrime is one of the missions of Law Enforcement Agencies (LEA) aiming to protect and guarantee sovereignty in the cyberspace. In this regard, online sex crimes are among the principal ones to prevent, especially those where a child is abused. The paper at hand proposes C3-Sex, a smart chatbot that uses Natural Language Processing (NLP) to interact with suspects in order to profile their interest regarding online child sexual abuse. This solution is based on our Artificial Conversational Entity (ACE) that connects to different online chat services to start a conversation. The ACE is designed using generative and rule-based models in charge of generating the posts and replies that constitute the conversation from the chatbot side. The proposed solution also includes a module to analyze the conversations performed by the chatbot and calculate a set of 25 features that describes the suspect’s behavior. After 50 days of experiments, the chatbot generated a dataset with 7199 profiling vectors with the features associated to each suspect. Afterward, we applied an unsupervised method to describe the results that differentiate three groups, which we categorize as indifferent, interested, and pervert. Exhaustive analysis is conducted to validate the applicability and advantages of our solution.

show abstract

Cyberprotection in IoT environments: A dynamic rule-based solution to defend smart devices

Nespoli

Díaz-López

Mármol

2021

Journal of Information Security and Applications

View full text Add to dashboard Cite

Managing XACML systems in distributed environments through Meta-Policies

Díaz-López

Dólera-Tormo

Mármol³

et al. 2015

Computers & Security

View full text Add to dashboard Cite

Building malware classificators usable by State security agencies

Useche-Peláez¹,

Díaz-López²,

Sepúlveda-Alzate³

et al. 2018

ITECKNE

View full text Add to dashboard Cite

Sandboxing has been used regularly to analyze software samples and determine if these contain suspicious properties or behaviors. Even if sandboxing is a powerful technique to perform malware analysis, it requires that a malware analyst performs a rigorous analysis of the results to determine the nature of the sample: goodware or malware. This paper proposes two machine learning models able to classify samples based on signatures and permissions obtained through Cuckoo sandbox, Androguard and VirusTotal. The developed models are also tested obtaining an acceptable percentage of correctly classified samples, being in this way useful tools for a malware analyst. A proposal of architecture for an IoT sentinel that uses one of the developed machine learning model is also showed. Finally, different approaches, perspectives, and challenges about the use of sandboxing and machine learning by security teams in State security agencies are also shared.

show abstract

On the Way to Automatic Exploitation of Vulnerabilities and Validation of Systems Security through Security Chaos Engineering

Chavarro

Nespoli

Díaz-López

et al. 2022

BDCC

View full text Add to dashboard Cite

Software is behind the technological solutions that deliver many services to our society, which means that software security should not be considered a desirable feature anymore but more of a necessity. Protection of software is an endless labor that includes the improvement of security controls but also the understanding of the sources that induce incidents, which in many cases are due to bad implementation or assumptions of controls. As traditional methods may not be efficient in detecting those security assumptions, novel alternatives must be attempted. In this sense, Security Chaos Engineering (SCE) becomes an innovative methodology based on the definition of a steady state, a hypothesis, experiments, and metrics, which allow to identify failing components and ultimately protect assets under cyber risk scenarios. As an extension of a previous work, this paper presents ChaosXploit, an SCE-powered framework that employs a knowledge database, composed of attack trees, to expose vulnerabilities that exist in a software solution that has been previously defined as a target. The use of ChaosXploit may be part of a defensive security strategy to detect and correct software misconfigurations at an early stage. Finally, different experiments are described and executed to validate the feasibility of ChaosXploit in terms of auditing the security of cloud-managed services, i.e., Amazon buckets, which may be prone to misconfigurations and, consequently, targeted by potential cyberattacks.

show abstract

MalSEIRS: Forecasting Malware Spread Based on Compartmental Models in Epidemiology

et al. 2021

View full text Add to dashboard Cite

Over the last few decades, the Internet has brought about a myriad of benefits to almost every aspect of our daily lives. However, malware attacks have also widely proliferated, mainly aiming at legitimate network users, resulting in millions of dollars in damages if proper protection and response measures are not settled and enforced. In this context, the paper at hand proposes MalSEIRS, a novel dynamic model, to predict malware distribution in a network based on the SEIRS epidemiological model. As a result, the time-dependent rates of infection, recovery, and loss of immunity enable us to capture the complex dynamism of malware spreading behavior, which is influenced by a variety of external circumstances. In addition, we describe both offensive and defensive techniques, based on the proposed MalSEIRS model, through extensive experimentation, as well as disclosing real-life malware campaigns that can be better understood by using the suggested model.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Daniel Díaz-López

Dynamic counter-measures for risk-based access control systems: An evolutive approach

BlockSIEM: Protecting Smart City Services through a Blockchain-based and Distributed SIEM

C3-Sex: A Conversational Agent to Detect Online Sex Offenders

Cyberprotection in IoT environments: A dynamic rule-based solution to defend smart devices

Managing XACML systems in distributed environments through Meta-Policies

Building malware classificators usable by State security agencies

On the Way to Automatic Exploitation of Vulnerabilities and Validation of Systems Security through Security Chaos Engineering

MalSEIRS: Forecasting Malware Spread Based on Compartmental Models in Epidemiology

Contact Info

Product

Resources

About