25th European Symposium on Research in Computer Security (ESORICS 2020), In Press.
18th International Conference on Applied Cryptography and Network Security (ACNS’20), In Press.
Journal of Parallel and Distributed Computing, vol. 144, Elsevier, pp. 124-135, 06/2020. (I.F.: 2.296)
IEEE Transactions on Industrial Informatics, vol. 16, issue 10, no. 6575-6583, IEEE, 10/2020. DOI (I.F.: 9.112)
In Industrial Internet of Things (IIoT) scenarios, where a plethora of IoT technologies coexist with consolidated industrial infrastructures, the integration of security mechanisms that provide protection against cyber-security attacks becomes a critical challenge. Due to the stealthy and persistent nature of some of these attacks, such as Advanced Persistent Threats, it is crucial to go beyond traditional Intrusion Detection Systems for the traceability of these attacks. In this sense, Opinion Dynamics poses a novel approach for the correlation of anomalies, which has been successfully applied to other network security domains. In this paper, we aim to analyze its applicability in the IIoT from a technical point of view, by studying its deployment over different IIoT architectures and defining a common framework for the acquisition of data considering the computational constraints involved. The result is a beneficial insight that demonstrates the feasibility of this approach when applied to upcoming IIoT infrastructures.
Computers & Security Journal, vol. 87, Elsevier, 11/2019. DOI (I.F.: 3.579)
Advanced Persistent Threats (APTs) have become a serious hazard for any critical infrastructure, as a single solution to protect all industrial assets from these complex attacks does not exist. It is then essential to understand what are the defense mechanisms that can be used as a first line of defense. For this purpose, this article will firstly study the spectrum of attack vectors that APTs can use against existing and novel elements of an industrial ecosystem. Afterwards, this article will provide an analysis of the evolution and applicability of Intrusion Detection Systems (IDS) that have been proposed in both the industry and academia.
European Symposium on Research in Computer Security (ESORICS2019), vol. 11736, pp. 263-280, 09/2019. DOI
14th International Conference on Critical Information Infrastructures Security (CRITIS 2019), vol. 11777, Springer, Cham, pp. 169-175, 12/2019. DOI
In recent years, the Smart Grid has increasingly integrated cutting-edge technologies that generate several benefits for all the stakeholders involved, such as a more accurate billing system and enhanced Demand Response procedures. However, this modernization also brings with it diverse cyber security and privacy issues, which sets the necessity for developing a security platform specifically tailored to this scenario. In this paper, we present SealedGRID, which proposes a flexible architecture that provides security services at all levels by implementing Trusted Execution Environments on their devices, together with advanced authentication and authorization mechanisms, as well as privacy preserving techniques. These technologies are presented in depth and a final security analysis is conducted, which highlights the contributions of this project.
Journal of Computer Security, vol. 27, issue 5, Elsevier, pp. 521-546, 09/2019. (I.F.: 3.579)
Computer Networks, vol. 134, Elsevier, pp. 46 - 54, 2018. DOI (I.F.: 3.03)
9th IFIP International Conference on New Technologies, Mobility & Security, 2018.
The 12th International Conference on Critical Information Infrastructures Security, vol. Lecture Notes in Computer Science, vol 10707, Springer, pp. 119-130, 08/2018.
IEEE Transactions on Industrial Informatics, vol. 14, issue 8, IEEE, pp. 3745-3753, 08/2019, 2018. DOI (I.F.: 7.377)
The Smart Grid offers many benefits due to the bidirectional communication between the users and the utility company, which makes it possible to perform a fine-grain consumption metering. This can be used for Demand Response purposes with the generation and delivery of electricity in real time. It is essential to rapidly anticipate high peaks of demand or potential attacks, so as to avoid power outages and denial of service, while effectively supplying consumption areas. In this paper, we propose a novel architecture where cloud computing resources are leveraged (and tested in practice) to enable, on the one hand, the consumption prediction through time series forecasting, as well as load balancing to uniformly distribute the demand over a set of available generators. On the other and, it also allows the detection of connectivity losses and intrusions within the control network by using controllability concepts.
European Symposium on Research in Computer Security (ESORICS 2018), vol. 11098, Springer, pp. 555-574, 08/2018. DOI
Advanced persistent threats pose a serious issue for modern industrial environments, due to their targeted and complex attack vectors that are difficult to detect. This is especially severe in critical infrastructures that are accelerating the integration of IT technologies. It is then essential to further develop effective monitoring and response systems that ensure the continuity of business to face the arising set of cyber-security threats. In this paper, we study the practical applicability of a novel technique based on opinion dynamics, that permits to trace the attack throughout all its stages along the network by correlating different anomalies measured over time, thereby taking the persistence of threats and the criticality of resources into consideration. The resulting information is of essential importance to monitor the overall health of the control system and correspondingly deploy accurate response procedures.
14th International Conference on Security and Cryptography (SECRYPT 2017), vol. 6, SciTePress, pp. 116-128, 2017. DOI
III Jornadas Nacionales de Investigación en Ciberseguridad (JNIC 2017), 2017.
Debido a la necesidad de proteger los sistemas industriales ante amenazas, se hace necesario comprender cual es el verdadero alcance de los mecanismos capaces de detectar potenciales anomalías e intrusiones. Es por tanto el objetivo de este artículo analizar el estado y la evolución, tanto académica como industrial, de los mecanismos de detección de intrusiones en este campo, así como estudiar su aplicabilidad actual y futura.
European Symposium on Research in Computer Security, vol. 10493, 22nd European Symposium on Research in Computer Security (ESORICS 2017), pp. 402-418, 09/2017.
European CIIP Newsletter, vol. 11, issue 26, no. 1, European CIIP Newsletter, pp. 27-29, 03/2017.
Pervasive and Mobile Computing, vol. 41, Pervasive and Mobile Computing, pp. 205-218, 10/2017. (I.F.: 2.974)
Nowadays, Smart Grid is envisaged to provide several benefits to both customers and grid operators. However, Smart Meters introduce many privacy issues if consumption data is analysed. In this paper we analyse the main techniques that address privacy when collecting electricity readings. In addition to privacy, it is equally important to preserve efficiency to carry on with monitoring operations, so further control requirements and communication protocols are also studied. Our aim is to provide guidance to installers who intend to integrate such mechanisms on the grid, presenting an expert system to recommend an appropriate deployment strategy.
The 11th International Conference on Critical Information Infrastructures Security, vol. 10242, pp. 176-188, 2017.
The introduction of the Smart Grid brings with it several benefits to society, because its bi-directional communication allows both users and utilities to have better control over energy usage. However, it also has some privacy issues with respect to the privacy of the customers when analysing their consumption data. In this paper we review the main privacy-preserving techniques that have been proposed and compare their efficiency, to accurately select the most appropriate ones for undertaking control operations. Both privacy and performance are essential for the rapid adoption of Smart Grid technologies.