Gerardo Fdez.

Domain of interest and research

As part of the SEGUR@ project team, I'm working actively in the design of an intrusion detection solution based on mobile agents that uses Intel VPRO technology for protecting and reacting to attacks in a compromised network. Moreover, I've been involved in the design of a new architecture for antivirus systems that also employs Intel VPRO technology, mainly Intel AMT, for protecting the communication between elements of the antivirus solution while also isolating a compromised system in realtime. Besides this, I'm also researching in the application of IDS to Critical Infrastructure Protection scenarios where mobile autonomous agents are being used.

Another research topic I'm actually involved in, is the integration of Shibboleth with Service Bus Systems under the SPIKE project.

On the other hand, as part of PROTECT-IC objectives, I'm working in the definition of a forensic methodology for Critical Infrastructure Protection, specifically for the Energy sector.

Other research topics that I'm actually interested in are the analysis of vulnerabilities in software and communication protocols and security in virtualized environments.

Current research

• Intrusion Detection Systems in Critical Infrastructures

Education

• M.Sc. in Computer Science, University of Malaga, Spain.

Publications

• C. Alcaraz, G. Fernandez, and F. Carvajal, "Security Aspects of SCADA and DCS Environments", In Critical Infrastructure Protection: Information Infrastructure Models, Analysis, and Defense, J. Lopez, S. Wolthunsen, and R. Setola Eds., vol. 7130 , Springer-Verlag, pp. 120-149, 2012.
• C. Alcaraz, et al., "Adaptive Dispatching of Incidences Based on Reputation for SCADA Systems", In 6th International Conference on Trust, Privacy and Security in Digital Business (TrustBus'09), Springer-Verlag, pp. 86-94, September, 2009.
• C. Alcaraz, et al., "Secure Management of SCADA Networks", In Novática, vol. 9, no. 6, pp. 22-28, December, 2008.

Attended courses and seminars

• 1st CIIP International Meeting "Cybersecurity and Protection of Critical Infrastructures" 2010
• Student at IPICS 2009 (http://www.ipics-school.eu/)
• Seminar titled "Security and Privacy for wireless resource constrained devices" by Roberto di Pietro
• 13th European Symposium on Research in Computer Security (ESSORICS 2008)
• 2nd International Workshop on Information Security Theory and Practices (WISTP 2008)
• 2nd International Workshop on Critical Information Infrastructures Security (CRITIS'07)
• EuroPKI 2007

Scientific Activities

• Program committee member:
  • International Conference on Internet Monitoring and Protection (ICIMP 2009 & 2010)

Memberships

• Committee Member of AENOR AEN/CTN 196/SC 1