@inproceedings {1706, title = {Definici{\'o}n de procedimientos para fabricar honeypots IoT basados en criterios de b{\'u}squeda}, booktitle = {XV Reuni{\'o}n Espa{\~n}ola sobre Criptolog{\'\i}a y Seguridad de la Informaci{\'o}n}, year = {2018}, month = {10/2018}, address = {Granada (Espa{\~n}a)}, abstract = {

Con la revoluci{\'o}n tecnol{\'o}gica que ha supuesto la Internet de las Cosas (Internet of Things, IoT) se han presentado escenarios donde la preocupaci{\'o}n por la seguridad en dicho entorno es cada vez m{\'a}s relevante. Est{\'a}n comenzando a surgir vulnerabilidades en varios dispositivos, y los sistemas trampa son una excelente manera de lidiar con este problema. En este trabajo se analizan soluciones para honeypots en el entorno IoT (y en otros que se puedan adaptar) para sentar las bases de una metodolog{\'\i}a que permita el despliegue de honeypots IoT.

}, isbn = {978-84-09-02463-6}, author = {Antonio Acien and Ana Nieto and Gerardo Fernandez and Javier Lopez} } @inproceedings {1654, title = {Digital Witness and Privacy in IoT: Anonymous Witnessing Approach}, booktitle = {16th IEEE International Conference On Trust, Security And Privacy In Computing And Communications (TrustCom 2017)}, year = {2017}, month = {08/2017}, pages = {642-649}, publisher = {IEEE}, organization = {IEEE}, address = {Sydney (Australia)}, abstract = {

The digital witness approach defines the collaboration between IoT devices - from wearables to vehicles - to provide digital evidence through a Digital Chain of Custody to an authorised entity. As one of the cores of the digital witness, binding credentials unequivocally identify the user behind the digital witness. The objective of this article is to perform a critical analysis of the digital witness approach from the perspective of privacy, and to propose solutions that help include some notions of privacy in the scheme (for those cases where it is possible). In addition, digital anonymous witnessing as a tradeoff mechanism between the original approach and privacy requirements is proposed. This is a clear challenge in this context given the restriction that the identities of the links in the digital chain of custody should be known.\ 

}, keywords = {Forensics, IEC Standards, ISO Standards, privacy}, isbn = {978-1-5090-4906-6}, issn = {2324-9013}, doi = {10.1109/Trustcom/BigDataSE/ICESS.2017.295}, author = {Ana Nieto and Ruben Rios and Javier Lopez} } @article {NietNLS15, title = {Dynamic Knowledge-based Analysis in non-Secure 5G Green Environments using Contextual Data}, journal = {IEEE Systems Journal}, volume = {11}, number = {99}, year = {2017}, month = {12/2017}, pages = {2479-2489}, publisher = {IEEE}, abstract = {

The growing number of parameters in heteroge- neous networks, as is the case of the fifth generation (5G) Green networks, greatly complicates the analysis of the Security and Quality of Service Tradeoff (SQT). However, studying these types of relationships is crucial in Future Internet scenarios to prevent potential points of failure and to enhance the use of limited resources, increasing the user{\textquoteright}s experience. Therefore, it is fundamental to provide tools and models for training, so that the users understand these dependencies and solve them prior to deploying new solutions. In this paper, a Recommendation System for SQT (SQT-RS) is deployed in 5G Green systems, considering the particular case of relay networks and the impact of eavesdropping and jamming contexts on the models generated by the user, aided by SQT-RS. With this goal in mind, we provide a component for the user to automatically select specific contexts based on 5G Green capabilities.\ 

}, keywords = {cellular networks, Communication system security, Context, Green design, Knowledge-based systems}, issn = {1932-8184}, doi = {10.1109/JSYST.2015.2477782}, author = {Ana Nieto and Nikolaos Nomikos and Javier Lopez and Charalambos Skianis} } @article {ercim-nrl16, title = {Digital Witness: Digital Evidence Management Framework for the Internet of Things}, journal = {ERCIM News}, number = {106}, year = {2016}, month = {07/2016}, pages = {9-9}, publisher = {ERCIM EEIG}, issn = {0926-4981}, url = {http://ercim-news.ercim.eu/images/stories/EN106/EN106-web.pdf}, author = {Ana Nieto and Rodrigo Roman and Javier Lopez} } @article {ieeenet16-nrl, title = {Digital Witness: Safeguarding Digital Evidence by using Secure Architectures in Personal Devices}, journal = {IEEE Network}, year = {2016}, pages = {12-19}, publisher = {IEEE Communications Society}, abstract = {

Personal devices contain electronic evidence associated with the behaviour of their owners and other devices in their environment, which can help clarify the facts of a cyber-crime scene. These devices are usually analysed as containers of proof. However, it is possible to harness the boom of personal devices to define the concept of digital witnesses, where personal devices are able to actively acquire, store, and transmit digital evidence to an authorised entity, reliably and securely. This article introduces this novel concept, providing a preliminary analysis on the management of digital evidence and the technologies that can be used to implement it with security guarantees in IoT environments. Moreover, the basic building blocks of a digital witness are defined.

}, keywords = {Digital Evidence, Identity Delegation, IoT-Forensics, Secure Element}, issn = {0890-8044}, doi = {10.1109/MNET.2016.1600087NM}, url = {http://ieeexplore.ieee.org/document/7764297/$\#$full-text-section}, author = {Ana Nieto and Rodrigo Roman and Javier Lopez} }