Antonio Lara

phd student

Edificio de Investigación Ada Byron
C/ Arquitecto Francisco Peñalosa, nº 18
Ampliación Campus de Teatinos. Universidad de Málaga
29071 Málaga (Spain)
Phone: +34 951 952 916
E-mail: alara@uma.es

Current research

AI Detection Systems: Development of AI-driven intrusion detection systems combining network flows and machine learning models to ensure verifiability and maintainability.
Malware Classification and Attribution: Development of AI models leveraging static and dynamic analysis to classify and attribute malware, integrating threat intelligence for proactive defense.
Honeypots and Proactive Defense Mechanisms: Design of AI-driven honeypots to collect attack data, extract Indicators of Compromise (IOCs), and strengthen cyber defense strategies.

Ph.D. research

My Ph.D. research focuses on AI-driven cyber threat detection, using GANs, malware classification, and proactive defenses. I develop verifiable detection models, enhance malware attribution with threat intelligence, and leverage honeypots for AI-driven security. My goal is to automate cyber defense against advanced attacks.

Education

MSc. in Big Data & Business Analytics, EOI Madrid (October 2024)
MSc. in Computer Science and Engineering, University of Málaga (July 2024)
BSc. in Computer Science, University of Málaga (July 2022)

Thesis

MSc. Thesis: Dynamic risk assessment and resilience in industrial environments through artificial intelligence:
This project aims to address challenges in risk management and resilience by integrating artificial intelligence into industrial control systems, with a strong focus on cybersecurity. Given the critical need for effective measures to ensure process continuity, the study begins with an analysis of current risk management models and industry best practices. It then proposes a proactive proof of concept that combines dynamic risk management and resilience in a simulated industrial environment. By leveraging AI for real-time data analysis, risk forecasting, and adaptive responses, the project seeks to enhance cyber risk management, offering a practical and effective approach to securing industrial operations.

BSc. Thesis: Traceability of control actions in electric vehicle charge stations through mobile application and blockchain:
This project focuses on developing a traceability ecosystem for control actions in maintenance companies or electric vehicle charging station management. It enables comprehensive tracking and processing of reports submitted by operational personnel using blockchain technology, allowing for more complex operations than conventional databases. A permissioned blockchain ensures an immutable, secure record of all reports within a single organization, protecting data integrity and preventing tampering. The system is accessed through two applications: a mobile app for Android, used by field operators to submit reports to the blockchain, and a web app for administrators to manage and visualize collected data efficiently.

Publications

Antonio Lara-Gutierrez, Carmen Fernandez-Gago, Jose A. Onieva

A Framework for Drift Detection and Adaptation in AI-driven Anomaly and Threat Detection Systems

In: International Journal of Information Security, vol. 24, no. 199, 2025, ISBN: 1615-5270.

Abstract | BibTeX | Links:

@article{Lara2025,

title = {A Framework for Drift Detection and Adaptation in AI-driven Anomaly and Threat Detection Systems},

author = {Antonio Lara-Gutierrez and Carmen Fernandez-Gago and Jose A. Onieva },

editor = {Massimiliano Albanese },

url = {/wp-content/papers/Lara2025.pdf},

doi = {10.1007/s10207-025-01118-9},

isbn = {1615-5270},

year  = {2025},

date = {2025-09-02},

urldate = {2025-09-02},

journal = {International Journal of Information Security},

volume = {24},

number = {199},

abstract = {The dynamic and evolving nature of cybersecurity threats presents signiﬁcant challenges to anomaly and threat detectionsystems, particularly those that rely on Artiﬁcial Intelligence (AI) as their detection engine. A key limitation of current AImodels is their inability to adapt to concept drift, feature drift, and adversarial attacks, which degrade performance over time.Although these phenomena arise from different underlying processes, they all share the effect of misaligning the operationaldata with the model’s training data. This study introduces the Hybrid Drift Detection and Adaptation Framework (HDDAF),which is a multi-layered AI system that is speciﬁcally designed to mitigate concept drift, feature drift, and adversarial attacksin cybersecurity. By framing all three challenges, HDDAF provides a uniﬁed approach that detects and responds to bothnatural evolution and malicious manipulation within a single adaptive pipeline. HDDAF integrates Hoeffding drift detection,feature selection, adversarial training, and incremental learning, allowing it to dynamically adapt through a Mixed-DriftHandling Module, which balances ﬁne-tuning and full retraining. On the CIC-IDS2017 dataset, HDDAF achieves a macroF1 score above 99% and in tests on related datasets, it consistently adapts to data shifts with minimal retraining. An ablationstudy conﬁrms that each module contributes to overall robustness, and real-time simulations demonstrate its ability to processhigh-velocity streams with stable latency and resource use. HDDAF’s hybrid design delivers both high accuracy and scalableperformance for real-world cybersecurity applications.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}