Ruben Rios

PostDoctoral Researcher


Edificio de Investigación Ada Byron
C/ Arquitecto Francisco Peñalosa, nº 18
Ampliación Campus de Teatinos. Universidad de Málaga
29071 Málaga (Spain)
Phone: +34-951-952939    Fax: +34-951-952749
E-mail: ruben@lcc.uma.es

Domain of interest and research

  • Privacy-Enhancing Technologies
  • Covert Communication Channels
  • Edge Computing Security

Education

  • PhD in Computer Science (University of Málaga, Spain, 2014)
  • MSC in Computer Science (University of Málaga, Spain, 2008)
  • BSc in Computer Science (University of Skövde, Sweden, 2007)

Relevant Publications

  • R. Roman, R. Rios, J. A. Onieva, and J. Lopez, "Immune System for the Internet of Things using Edge Technologies",
    IEEE Internet of Things Journal, IEEE Computer Society, In Press. DOI (I.F.: 5.863)More..

    Abstract

    The Internet of Things (IoT) and Edge Computing are starting to go hand in hand. By providing cloud services close to end-users, edge paradigms enhance the functionality of IoT deployments, and facilitate the creation of novel services such as augmented systems. Furthermore, the very nature of these paradigms also enables the creation of a proactive defense architecture, an immune system, which allows authorized immune cells (e.g., virtual machines) to traverse edge nodes and analyze the security and consistency of the underlying IoT infrastructure. In this article, we analyze the requirements for the development of an immune system for the IoT, and propose a security architecture that satisfies these requirements. We also describe how such a system can be instantiated in Edge Computing infrastructures using existing technologies. Finally, we explore the potential application of immune systems to other scenarios and purposes.

    Impact Factor: 5.863
    Journal Citation Reports® Science Edition (Thomson Reuters, 2017)

  • X. Wang, et al., "Location Proximity Attacks against Mobile Targets: Analytical Bounds and Attacker Strategies",
    23rd European Symposium on Research in Computer Security (ESORICS 2018), LNCS 11099, Springer, pp. 373-392, 2018. DOI More..

    Abstract

    Location privacy has mostly focused on scenarios where users remain static. However, investigating scenarios where the victims present a particular mobility pattern is more realistic. In this paper, we consider abstract attacks on services that provide location information on other users in the proximity. In that setting, we quantify the required effort of the attacker to localize a particular mobile victim. We prove upper and lower bounds for the effort of an optimal attacker. We experimentally show that a Linear Jump Strategy (LJS) practically achieves the upper bounds for almost uniform initial distributions of victims. To improve performance for less uniform distributions known to the attacker, we propose a Greedy Updating Attack Strategy (GUAS). Finally, we derive a realistic mobility model from a real-world dataset and discuss the performance of our strategies in that setting.

  • J. Lopez, R. Rios, F. Bao, and G. Wang, "Evolving privacy: From sensors to the Internet of Things",
    Future Generation Computer Systems, vol. 75, Elsevier, pp. 46–57, 10/2017. DOI (I.F.: 4.639)More..

    Abstract

    The Internet of Things (IoT) envisions a world covered with billions of smart, interacting things capable of offering all sorts of services to near and remote entities. The benefits and comfort that the IoT will bring about are undeniable, however, these may come at the cost of an unprecedented loss of privacy. In this paper we look at the privacy problems of one of the key enablers of the IoT, namely wireless sensor networks, and analyse how these problems may evolve with the development of this complex paradigm. We also identify further challenges which are not directly associated with already existing privacy risks but will certainly have a major impact in our lives if not taken into serious consideration. 

    Impact Factor: 4.639
    Journal Citation Reports® Science Edition (Thomson Reuters, 2017)

  • R. Rios, D. Nuñez, and J. Lopez, "Query Privacy in Sensing-as-a-Service Platforms",
    32nd International Conference on ICT Systems Security and Privacy Protection (IFIP SEC 2017), S. De Capitan di Vimercati, and F. Martinelli Eds., IFIP Advances in Information and Communication Technology (AICT) 502, Springer, pp. 141–154, 05/2017. DOI More..

    Abstract

    The Internet of Things (IoT) promises to revolutionize the way we interact with the physical world. Even though this paradigm is still far from being completely realized, there already exist Sensing-as-a-Service (S2aaS) platforms that allow users to query for IoT data. While this model offers tremendous benefits, it also entails increasingly challenging privacy issues. In this paper, we concentrate on the protection of user privacy when querying sensing devices through a semi-trusted S2aaS platform. In particular, we build on techniques inspired by proxy re-encryption and k-anonymity to tackle two intertwined problems, namely query privacy and query confidentiality. The feasibility of our solution is validated both analytically and empirically. 

  • R. Rios, J. Lopez, and J. Cuellar, "Location Privacy in Wireless Sensor Networks",
    CRC Series in Security, Privacy and Trust, Taylor & Francis, 2016. More..
  • R. Rios, J. Cuellar, and J. Lopez, "Robust Probabilistic Fake Packet Injection for Receiver-Location Privacy in WSN",
    17th European Symposium on Research in Computer Security (ESORICS 2012), S. Foresti, M. Yung, and F. Martinelli Eds., LNCS 7459, Springer, pp. 163-180, Sep 2012. DOI More..

    Abstract

    The singular communication model in wireless sensor networks (WSNs) originate pronounced traffic patterns that allow a local observer to deduce the location of the base station, which must be kept secret for both strategical and security reasons. In this work we present a new receiver-location privacy solution called HISP (Homogenous Injection for Sink Privacy). Our scheme is based on the idea of hiding the flow of real traffic by carefully injecting fake traffic to homogenize the transmissions from a node to its neighbors. This process is guided by a lightweight probabilistic approach ensuring that the adversary cannot decide with sufficient precision in which direction to move while maintaining a moderate amount of fake traffic. Our system is both validated analytically and experimentally through simulations.

You can find the full list here.

Attended courses and seminars

  • FOSAD 2013: 13th International School on Foundations of Security Analysis and Design. Bertinoro, Italy (2013)
  • Control Systems Security Models, Malaga, Spain (2010)
  • Service Protocol Verification, Malaga, Spain (2010)
  • IPICS 2009: Intensive Programme on Information and Communication Security. Viena, Austria (2010)
  • SWING 2009: 4th Bertinoro PhD School on Security of Wireless Networking. Bertinoro, Italy (2009)
  • Security and Privacy for wireless resource constrained devices, University of Malaga, Spain (2009)
  • SWING 2008: 3rd Bertinoro PhD School on Security of Wireless Networking. Bertinoro, Italy (2008)

Scientific Activities

Memberships

  • IEEE Member
  • CriptoRed