Graphic summary
  • Show / hide key
  • Information


Scientific and technological production
  •  

1 to 50 of 71 results
  • Reconciling privacy and efficient utility management in smart cities

     Rebollo Monedero, David; Bartoli, Andrea; Hernández Serrano, Juan Bautista; Forné, Jordi; Soriano Ibáñez, Miguel
    European transactions on telecommunications
    Date of publication: 2014-01-01
    Journal article

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    A key aspect in the design of smart cities is, undoubtedly, a plan for the efficient management of utilities, enabled by technologies such as those entailing smart metering of the residential consumption of electricity, water or gas. While one cannot object to the appealing advantages of smart metering, the privacy risks posed by the submission of frequent, data-rich measurements cannot simply remain overlooked. The objective of this paper is to provide a general perspective on the contrasting issues of privacy and efficient utility management, by surveying the main requirements and tools, and by establishing exploitable connections. Copyright (c) 2013 John Wiley & Sons, Ltd.

    A key aspect in the design of smart cities is, undoubtedly, a plan for the efficient management of utilities, enabled by technologies such as those entailing smart metering of the residential consumption of electricity, water or gas. While one cannot object to the appealing advantages of smart metering, the privacy risks posed by the submission of frequent, data-rich measurements cannot simply remain overlooked. The objective of this paper is to provide a general perspective on the contrasting issues of privacy and efficient utility management, by surveying the main requirements and tools, and by establishing exploitable connections. Copyright (c) 2013 John Wiley & Sons, Ltd.

  • Security Protocols Suite for Machine-to-Machine Systems  Open access

     Bartoli, Andrea
    Defense's date: 2013-06-18
    Department of Telematics Engineering, Universitat Politècnica de Catalunya
    Theses

    Read the abstract Read the abstract Access to the full text Access to the full text Open in new window  Share Reference managers Reference managers Open in new window

    los que no tienen un conocimiento tecnol ógico especí?co, y por lo tanto, el fácil uso de nuevasaplicaciones está generando nuevas oportunidades de negocio y es además un factor clave parael aumento de la cohesión global entre todos los ciudadanos.Dentro de los actores de esta evolución tecnológica, las redes inalámbricas machine-tomachine (M2M) son cada vez demayor importancia. Estas redes inal ámbricas se componen dedispositivos interconectados de baja potencia que son capaces de proporcionar una gran variedadde servicios con poca o ninguna intervenci ón del usuario. Ejemplos de estos servicios puedenser la gestión de ?otas, de detección de incendios, el consumo de servicios públicos (distribuciónde agua, de energía, etc.) o la monitorización de los pacientes.Sin embargo, toda nueva tecnología conlleva un conjunto nuevo de amenazas de seguridadque deben ser atacadas y, por tanto, se necesita realizar un amplio estudio de estas amenazaspara asegurar adecuadamente las redes M2M. En este contexto, las principales amenazas est ánrelacionadas con los ataques a la disponibilidad de servicios y con la privacidad de los datostanto de los consumidores como de los proveedores de servicios. En el caso de M2M, estasamenazas son muchos mayores debido a las limitaciones de hardware presentes en muchos delos dispositivos, lo que conduce a un nuevo reto: garantizar los requisitos de disponibilidad delos servicios y de privacidad de los datos en el abanico de aplicaciones M2M minimizando eldesperdicio innecesario de recursos.Basándonos en las razones mencionadas anteriormente, esta tesis pretende proporcionarsoluciones efectivas de seguridad para redes inal ámbricas M2M que sean capaces de reducirel consumo de energía de la red sin prejuicio de una seguridad adecuada del sistema.Con este objetivo, en primer lugar proponemos una taxonomía coherente de las redes M2M que nos permita identi?car lostemas de seguridad que merecen especial atenci ón y qué entidadeso servicios especí?cos son particularmente amenazados. En segundo lugar, se de?ne en modoe?ciente, un esquema de agregación de datos seguro que es capaz de aumentar el tiempo de vidade la red mediante la optimización del consumo de energía de los dispositivos. En tercer lugar, sepropone un nuevo test de autenticaci ón a nivel físico que minimiza los costes de comunicaci ónen canales inalámbricos y que se enfrenta con éxito a los ataques de agotamiento de las bater ías.En cuarto lugar, se estudian los aspectos especí?cos de gestión de claves para proporcionar unnuevo protocolo que garantice la distribuci ón de claves secretas para cada protocolo criptográ?coutilizado en el sistema. En quinto lugar, se describe la colaboraci ón con el estándar WAVE2Men la de?nición de un formato de trama adecuado y capaz de suportar los servicios de seguridadnecesarios, incluidos los que se proponen en esta tesis; WAVE2M fue ?nanciado para promoverel uso global de una tecnología de comunicación inalámbrica emergente para servicios de ultrabajo consumo y de largoalcance. Y ?nalmente sexto, proporcionamos un preciso análisis de lassoluciones de privacidad que realmente se ajustan a los requisitos de las redes de servicios M2M.Todos los análisis a lo largo de esta tesis han sido corroborados por simulaci ón con?rmandomejoras signi?cativas en términos de e?ciencia.

    Nowadays, the great diffusion of advanced devices, such as smart-phones, has shown that there is a growing trend to rely on new technologies to generate and/or support progress; the society is clearly ready to trust on next-generation communication systems to face today’s concerns on economic and social fields. The reason for this sociological change is represented by the fact that the technologies have been open to all users, even if the latter do not necessarily have a specific knowledge in this field, and therefore the introduction of new user-friendly applications has now appeared as a business opportunity and a key factor to increase the general cohesion among all citizens. Within the actors of this technological evolution, wireless machine-to-machine (M2M) networks are becoming of great importance. These wireless networks are made up of interconnected low-power devices that are able to provide a great variety of services with little or even no user intervention. Examples of these services can be fleet management, fire detection, utilities consumption (water and energy distribution, etc.) or patients monitoring. However, since any arising technology goes together with its security threats, which have to be faced, further studies are necessary to secure wireless M2M technology. In this context, main threats are those related to attacks to the services availability and to the privacy of both the subscribers’ and the services providers’ data. Taking into account the often limited resources of the M2M devices at the hardware level, ensuring the availability and privacy requirements in the range of M2M applications while minimizing the waste of valuable resources is even more challenging. Based on the above facts, this Ph. D. thesis is aimed at providing efficient security solutions for wireless M2M networks that effectively reduce energy consumption of the network while not affecting the overall security services of the system. With this goal, we first propose a coherent taxonomy of M2M network that allows us to identify which security topics deserve special attention and which entities or specific services are particularly threatened. Second, we define an efficient, secure-data aggregation scheme that is able to increase the network lifetime by optimizing the energy consumption of the devices. Third, we propose a novel physical authenticator or frame checker that minimizes the communication costs in wireless channels and that successfully faces exhaustion attacks. Fourth, we study specific aspects of typical key management schemes to provide a novel protocol which ensures the distribution of secret keys for all the cryptographic methods used in this system. Fifth, we describe the collaboration with the WAVE2M community in order to define a proper frame format actually able to support the necessary security services, including the ones that we have already proposed; WAVE2M was funded to promote the global use of an emerging wireless communication technology for ultra-low and long-range services. And finally sixth, we provide with an accurate analysis of privacy solutions that actually fit M2M-networks services’ requirements. All the analyses along this thesis are corroborated by simulations that confirm significant improvements in terms of efficiency while supporting the necessary security requirements for M2M networks.

  • WiMAX-based robust localization in the presence of misbehaving and/or malicious base stations

     Hernández Serrano, Juan Bautista; León Abarca, Olga; Soriano Ibáñez, Miguel
    Computers and electrical engineering
    Date of publication: 2013-10
    Journal article

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    The use of WiMAX cellular networks has arisen as a promising solution in order to provide broadband access over large, often shadowed, areas. As in other cellular networks, localization of users is extremely useful for many services and even essential for some civilian and/or military logistic operations. In a cellular WiMAX network, a node can obtain its position from beacons received by several cell base stations. Therefore, securing the localization method against potential false or erroneous feedback is of paramount importance in order to allow the nodes to get reliable position estimations. This fact implies not only making the localization method robust against erroneous or forged measurements, but also identifying which WiMAX base stations are providing such measurements. In this paper, we propose a robust localization method that can identify up to k malicious or misbehaving base stations and provide with an accurate estimation of the node position even in their presence. Simulation results prove that this proposal outperforms other existing detection techniques.

  • DocCloud: a document recommender system on cloud computing with plausible deniability

     Vera Del Campo, Juan Victoriano; Pegueroles Valles, Josep Rafel; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel
    Information sciences
    Date of publication: 2013-04-16
    Journal article

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    Recommender systems select the most interesting products for costumers based on their interests. The move of a recommender system to a cloud faces many challenges from the perspective of the protection of the participants. Little work has been done regarding secure recommender systems or how to cope with the legal liability of the cloud provider and any virtual machine inside the cloud. We propose DocCloud, a recommender system that focused on the protection of all participants against legal attacks. We present the architecture of DocCloud and analyze the security mechanisms that the system includes. Specifically, we study the properties of plausible deniability and anonymity of the recommenders and intermediate nodes. This way, nodes can recommend products to the customers while deny any knowledge about the product they are recommending or their participation in the recommendation process.

    Recommender systems select the most interesting products for costumers based on their interests. The move of a recommender system to a cloud faces many challenges from the perspective of the protection of the participants. Little work has been done regarding secure recommender systems or how to cope with the legal liability of the cloud provider and any virtual machine inside the cloud. We propose DocCloud, a recommender system that focused on the protection of all participants against legal attacks. We present the architecture of DocCloud and analyze the security mechanisms that the system includes. Specifically, we study the properties of plausible deniability and anonymity of the recommenders and intermediate nodes. This way, nodes can recommend products to the customers while deny any knowledge about the product they are recommending or their participation in the recommendation process.

  • COACH: COllaborative certificate stAtus CHecking mechanism for VANETs

     Hernández Gañan, Carlos; Muñoz Tapia, Jose Luis; Esparza Martin, Oscar; Mata Diaz, Jorge; Hernández Serrano, Juan Bautista; Alins Delgado, Juan Jose
    Journal of network and computer applications
    Date of publication: 2013-09
    Journal article

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    Vehicular Ad Hoc Networks (VANETs) require mechanisms to authenticate messages, identify valid vehicles, and remove misbehaving vehicles. A public key infrastructure (PKI) can be used to provide these functionalities using digital certificates. However, if a vehicle is no longer trusted, its certificates have to be revoked and this status information has to be made available to other vehicles as soon as possible. In this paper, we propose a collaborative certificate status checking mechanism called COACH to efficiently distribute certificate revocation information in VANETs. In COACH, we embed a hash tree in each standard Certificate Revocation List (CRL). This dual structure is called extended-CRL. A node possessing an extended-CRL can respond to certificate status requests without having to send the complete CRL. Instead, the node can send a short response (less than 1 kB) that fits in a single UDP message. Obviously, the substructures included in the short responses are authenticated. This means that any node possessing an extended-CRL can produce short responses that can be authenticated (including Road Side Units or intermediate vehicles). We also propose an extension to the COACH mechanism called EvCOACH that is more efficient than COACH in scenarios with relatively low revocation rates per CRL validity period. To build EvCOACH, we embed an additional hash chain in the extended-CRL. Finally, by conducting a detailed performance evaluation, COACH and EvCOACH are proved to be reliable, efficient, and scalable.

  • Energy-efficient physical layer packet authenticator for machine-to-machine networks

     Bartoli, Andrea; Hernández Serrano, Juan Bautista; León Abarca, Olga; Kountouris, Apostolous; Barthel, Dominique
    Transactions on Emerging Telecommunications Technologies
    Date of publication: 2013-06
    Journal article

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    Machine-to-machine networks are spreading over every sector of our society due to their self-organisation capabilities. In these networks, thousands of devices are left unattended for years of operation without the possibility of human intervention. In this sense, every step forward into avoiding early exhaustion of the network nodes is of paramount importance. We have introduced a novel authentication scheme that is able to discard non-intended and/or non-legitimate packets just after the reception of the physical preamble. This proposal was shown to yield enormous energy saving with regard to both node exhaustion attacks and normal network operation. In this paper, we extend that work with a novel synchronisation protocol that addresses previous desynchronisation issues. Besides, we analyse and propose the more appropriate deployment parameters that maximise the overall energy savings. We also detail the necessary key generation and key updating processes required to manage the in use keying material. Moreover, we show how to fit the proposed mechanism into the IEEE 802.15.4e amendment to the IEEE 802.15.4-2006 standard, as many companies have decide to go for this technology for the development of machine-to-machine networks

    Machine-to-machine networks are spreading over every sector of our society due to their self-organisation capabilities. In these networks, thousands of devices are left unattended for years of operation without the possibility of human intervention. In this sense, every step forward into avoiding early exhaustion of the network nodes is of paramount importance. We have introduced a novel authentication scheme that is able to discard non-intended and/or non-legitimate packets just after the reception of the physical preamble. This proposal was shown to yield enormous energy saving with regard to both node exhaustion attacks and normal network operation. In this paper, we extend that work with a novel synchronisation protocol that addresses previous desynchronisation issues. Besides, we analyse and propose the more appropriate deployment parameters that maximise the overall energy savings. We also detail the necessary key generation and key updating processes required to manage the in use keying material. Moreover, we show how to fit the proposed mechanism into the IEEE 802.15.4e amendment to the IEEE 802.15.4-2006 standard, as many companies have decide to go for this technology for the development of machine-to-machine networks

  • The TAMESIS project: enabling technologies for the health status monitoring and secure exchange of clinical record

     Pegueroles Valles, Josep Rafel; Cruz Llopis, Luis Javier de La; Vera Del Campo, Juan Victoriano; Hernández Serrano, Juan Bautista; León Abarca, Olga
    International Conference on Complex, Intelligent and Software Intensive Systems
    Presentation's date: 2013-07
    Presentation of work at congresses

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    Personal Health Systems (PHS) allow to move the point of care from hospitals to the patient's home. Moreover, a PHS usually handles much more information and provides more appropriate diagnostic and personalized treatments to individuals. In this paper, we present the objectives, structure and expected innovations of the TAMESIS project. TAMESIS aims to contribute in advancing the state of the art of some of the technologies needed for the development of Personal Health Systems. Specifically, we propose techniques for preventing denial of service, sensor node malfunctioning and traffic injection. In addition, we explore a protocol that makes use of mobile agents for the exchange of medical records between networked databases. As a novel aspect, the protocol will not only support bilateral agreements, already existing in the literature, but multilateral agreements. In reference to clinical data, is critical to preserve the privacy and intimacy of patients. Thus, the data, at the time of being collected as for when it is exchanged, should be processed so as to avoid leakage of information that is not strictly necessary for the parties to fulfill their task correctly. A privacy metric suitable for PHS, and the incorporation of mechanisms needed for privacy and intimacy are also key objectives of this project. Finally, usability aspects of all the system interfaces will be considered.

  • Contributions to the Security of Cognitive Radio Networks

     León Abarca, Olga
    Defense's date: 2012-01-31
    Department of Telematics Engineering, Universitat Politècnica de Catalunya
    Theses

     Share Reference managers Reference managers Open in new window

  • Design of a P2P content recommendation system using affinity networks

     Vera Del Campo, Juan Victoriano; Pegueroles Valles, Josep Rafel; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel
    Computer communications
    Date of publication: 2012-08
    Journal article

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    The success and intensive use of social networks makes strategies for efficient document location a hot topic of research. In this paper, we propose a common vector space to describe documents and users to create a social network based on affinities, and explore epidemic routing to recommend documents according to the user’s interests. Furthermore, we propose the creation of a SoftDHT structure to improve the recommendation results. Using these mechanisms, an efficient document recommender system with a fast organization of clusters of users based on their affinity can be provided, preventing the creation of unlinked communities. We show through simulations that the proposed system has a short convergence time and presents a high recall ratio.

  • Cooperative detection of primary user emulation attacks in CRNs

     León Abarca, Olga; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel
    Computer networks
    Date of publication: 2012
    Journal article

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    Cognitive radio networks (CRNs) can improve the utilization of the spectrum by making use of licensed spectrum in an opportunistic manner. With such purpose, coexistence mechanisms among CRN nodes or secondary users and legitimate users of the spectrum or primary users are defined. However, due to the particular features of CRNs, new security threats arise, such as the primary user emulation (PUE) attack, which is the most challenging among all. With the aim of detecting such kind of attacks, in this paper we propose a cooperative localization method specifically suited to CRNs which relies on TDoA measurements and Taylor-series estimations. Simulations results show the goodness of the proposed method and its suitability to typical CRN scenarios.

  • A modeling of certificate revocation and its application to synthesis of revocation traces

     Hernández Gañan, Carlos; Mata Diaz, Jorge; Muñoz Tapia, Jose Luis; Hernández Serrano, Juan Bautista; Esparza Martin, Oscar; Alins Delgado, Juan Jose
    IEEE transactions on information forensics and security
    Date of publication: 2012-12
    Journal article

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    One of the hardest tasks of a public key infrastructure (PKI) is to manage revocation. New communication paradigms push the revocation system to the limit and an accurate resource assessment is necessary before implementing a particular revocation distribution system. In this context, a precise modeling of certificate revocation is necessary. In this article, we analyze empirical data from real CAs to develop an accurate and rigorous model for certificate revocation. One of the key findings of our analysis is that the certificate revocation process is statistically self-similar. The proposed model is based on an autoregressive fractionally integrated moving average (ARFIMA) process. Then, using this model, we show how to build a synthetic revocation generator that can be used in simulations for resource assessment. Finally, we also show that our model produces synthetic revocation traces that are indistinguishable for practical purposes from those corresponding to actual revocations.

    Postprint (author’s final draft)

  • Low-cost group rekeying for unattended wireless sensor networks

     Hernández Serrano, Juan Bautista; Vera Del Campo, Juan Victoriano; Pegueroles Valles, Josep Rafel; Hernández Gañan, Carlos
    Wireless networks
    Date of publication: 2012
    Journal article

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    Wireless sensor networks (WSNs) are made up of large groups of nodes that perform distributed monitoring services. Since sensor measurements are often sensitive data acquired in hostile environments, securing WSN becomes mandatory. However, WSNs consists of low-end devices and frequently preclude the presence of a centralized security manager. Therefore, achieving security is even more challenging. State-of-the-art proposals rely on: (1) attended and centralized security systems; or (2) establishing initial keys without taking into account how to efficiently manage rekeying. In this paper we present a scalable group key management proposal for unattended WSNs that is designed to reduce the rekeying cost when the group membership changes.

  • TAMESIS: Tecnologías de Apoyo a la Monitorización del Estado de Salud e Intercambio Seguro de datos médicos

     Pegueroles Valles, Josep Rafel; León Abarca, Olga; Hernández Serrano, Juan Bautista; Cruz Llopis, Luis Javier de La
    Participation in a competitive project

     Share

  • DICOMA-Disaster Control Management

     Hernández Serrano, Juan Bautista
    Participation in a competitive project

     Share

  • Tecnologías de apoyo para la monitorización del estado de salud e intercambio seguro de registros médicos

     Cruz Llopis, Luis Javier de La; León Abarca, Olga; Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel
    Participation in a competitive project

     Share

  • Optimizing energy-efficiency of PHY-layer authentication in machine-to-machine networks

     Bartoli, Andrea; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel; Dohler, Mischa; Kountouris, Apostolous; Barthel, Dominique
    IEEE Global Communications Conference
    Presentation's date: 2012-12
    Presentation of work at congresses

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    Security issues are gaining in importance for machine-to-machine (M2M) networks, mainly because thousands of devices are left unattended for years of operation without the possibility of human intervention. One of the most critical security issues is the prevention of denial of service (DoS) attacks, given the limited capabilities of the M2M devices and the wireless communication settings. To this end, we had earlier introduced a novel recursive PHY-Layer security scheme which was shown to yield enormous benefits with regards to DoS attacks [1]. Recognizing the importance of the thus required synchronization window and the possibility of desynchronization because of poor channel conditions, we introduce a novel synchronization process...

  • Access to the full text
    Secure lossless aggregation over fading and shadowing channels for smart grid M2M networks  Open access

     Bartoli, Andrea; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel; Dohler, Mischa; Kountouris, Apostolous; Barthel, Dominique
    IEEE Transactions on Smart Grid
    Date of publication: 2011-12
    Journal article

    Read the abstract Read the abstract Access to the full text Access to the full text Open in new window  Share Reference managers Reference managers Open in new window

    Whilst security is generally perceived as an important constituent of communication systems, this paper offers a viable security-communication-tradeoff particularly tailored to Advanced Metering Infrastructures (AMIs) in Smart Grid systems. These systems, often composed of embedded nodes with highly constrained resources, require e.g. metering data to be delivered efficiently whilst neither jeopardizing communication nor security. Data aggregation is a natural choice in such settings, where the challenge is to facilitate per-hop as well as end-to-end security. The prime contribution of this paper is to propose a secure aggregation protocol that meets the requirements of Smart Grids, and to analyze its efficiency considering various system configurations as well as the impact of the wireless channel through packet error rates. Relying on analysis and corroborative simulations, unprecedented design guidelines are derived which determine the operational point beyond which aggregation is useful as well quantifying the superiority of our protocol w.r.t. non-aggregated solutions.

  • Access to the full text
    Modeling the lion attack in cognitive radio networks  Open access

     Hernández Serrano, Juan Bautista; León Abarca, Olga; Soriano Ibáñez, Miguel
    Eurasip journal on wireless communication and networking
    Date of publication: 2011
    Journal article

    Read the abstract Read the abstract Access to the full text Access to the full text Open in new window  Share Reference managers Reference managers Open in new window

    Cognitive radio is a promising technology aiming to improve the utilization of the radio electromagnetic spectrum. A cognitive radio is a smart device which runs radio applications software to perform signal processing. The use of this software enables the device to sense and understand its environment and actively change itsmode of operation based on its observations. Unfortunately, this solution entails new security challenges. In this paper, we present a cross-layer attack to TCP connections in cognitive radio networks, analyze its impact on TCP throughput via analytical model and simulation, and propose potential countermeasures to mitigate it.

  • Procédé de traitement d'un paquet de données à l'émission, procédé de traitement d'un paquet de données à la réception, dispositifs et équipements n¿uds associés

     Kountouris, Apostolous; Barthel, Dominique; Dohler, Mischa; Bartoli, Andrea; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel
    Date of request: 2011-06-17
    Invention patent

     Share Reference managers Reference managers Open in new window

  • Access to the full text
    Robust detection of primary user emulation attacks in IEEE 802.22 networks  Open access

     León Abarca, Olga; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel
    International Conference on Cognitive Radio and Advanced Spectrum Management
    Presentation's date: 2011-10-27
    Presentation of work at congresses

    Read the abstract Read the abstract Access to the full text Access to the full text Open in new window  Share Reference managers Reference managers Open in new window

    Cognitive Radio (CR) technology constitutes a new paradigm where wireless devices can access the spectrum left unused by licensed or primary users in an opportunistic way. This feature opens the door to a main new threat: the Primary User Emulation (PUE) attack, in which a malicious user transmits a fake primary signal preventing a Cognitive Radio Network (CRN) from using the available spectrum. Cooperative location of a primary source can be a valuable tool for distinguishing between a legitimate transmission and a PUE attack whenever the position of primary users is known, as it is the case of TV towers in the IEEE 802.22 standard. However, the location process can be undermined due to false data provided by malicious or faulty nodes. In this paper, we analyze the effect of forged reports on the location process of a given emitter and provide a set of countermeasures in order to make it robust to undesired behaviors.

  • Towards a cooperative intrusion detection system for cognitive radio networks

     León Abarca, Olga; Román, Rodrigo; Hernández Serrano, Juan Bautista
    International Conferences on Networking
    Presentation's date: 2011-05-13
    Presentation of work at congresses

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    Cognitive Radio Networks (CRNs) arise as a promising solution to the scarcity of spectrum. By means of cooperation and smart decisions influenced by previous knowledge, CRNs are able to detect and profit from the best spectrum opportunities without interfering primary licensed users. However, besides the well-known attacks to wireless networks, new attacks threat this type of networks. In this paper we analyze these threats and propose a set of intrusion detection modules targeted to detect them. Provided method will allow a CRN to identify attack sources and types of attacks, and to properly react against them.

  • Low-power low-rate goes long-range: the case for secure and cooperative machine-to-machine communications

     Bartoli, Andrea; Dohler, Mischa; Hernández Serrano, Juan Bautista; Kountouris, Apostolous; Barthel, Dominique
    International Conferences on Networking
    Presentation's date: 2011-05-13
    Presentation of work at congresses

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    The vision of connecting a large amount of objects on this planet to improve well-being and safety is slowly taking shape. Preceded by a decade-long era of research on low-power low-rate short-range wireless sensor networks, first proprietary and later standards-compliant embedded technologies have successfully been put forward. Cellular machine-to-machine (M2M) is taking this technology to a next step where communication ranges are significantly extended by relying on cellular infrastructure. This position paper discusses these emerging paradigms and highlights how cooperative as well as security requirements are core to their designs

  • Distributed group security for wireless sensor networks

     Hernández Serrano, Juan Bautista; Vera Del Campo, Juan Victoriano; Pegueroles Valles, Josep Rafel; Soriano Ibáñez, Miguel
    Date of publication: 2010
    Book chapter

    View View Open in new window  Share Reference managers Reference managers Open in new window

  • Securing cognitive radio networks

     León Abarca, Olga; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel
    International journal of communication systems
    Date of publication: 2010-05
    Journal article

    View View Open in new window  Share Reference managers Reference managers Open in new window

  • TELEVOTE

     Hernández Serrano, Juan Bautista; Esparza Martin, Oscar; Yufera Gomez, Jose Manuel; Soriano Ibáñez, Miguel
    Participation in a competitive project

     Share

  • Comparación de afinidades privada mediante isomorfismo de grafos

     Vera Del Campo, Juan Victoriano; Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel
    Reunión Española sobre Criptología y Seguridad de la Información
    Presentation's date: 2010-09-08
    Presentation of work at congresses

    View View Open in new window  Share Reference managers Reference managers Open in new window

  • Access to the full text
    Secure lossless aggregation for Smart Grid M2M networks  Open access

     Bartoli, Andrea; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel; Dohler, Mischa; Kountouris, Apostolous; Barthel, Dominique
    IEEE International Conference on Smart Grid Communications
    Presentation's date: 2010-10
    Presentation of work at congresses

    Read the abstract Read the abstract Access to the full text Access to the full text Open in new window  Share Reference managers Reference managers Open in new window

    Whilst security is generally perceived as an important constituent of communication systems, this paper offers a viable security-communication-tradeoff particularly tailored to Advanced Metering Infrastructures (AMIs) in Smart Grid systems. These systems, often composed of embedded nodes with highly constrained resources, require e.g. metering data to be delivered efficiently whilst neither jeopardizing communication nor security. Data aggregation is a natural choice in such settings, where the challenge is to facilitate per-hop as well as end-to-end security. The prime contribution of this paper is to propose a secure aggregation protocol that meets the requirements of Smart Grids, and to analyze its efficiency considering various system configurations as well as the impact of the wireless channel through packet error rates. Relying on analysis and corroborative simulations, unprecedented design guidelines are derived which determine the operational point beyond which aggregation is useful as well quantifying the superiority of our protocol w.r.t. non-aggregated solutions.

  • Profile-based searches on P2P social networks

     Vera Del Campo, Juan Victoriano; Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel
    International Conference on Networks
    Presentation's date: 2010-04-13
    Presentation of work at congresses

     Share Reference managers Reference managers Open in new window

  • A new cross-layer attack to TCP in cognitive radio networks

     León Abarca, Olga; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel
    International workshop on cross-layer design
    Presentation's date: 2009-06
    Presentation of work at congresses

    View View Open in new window  Share Reference managers Reference managers Open in new window

  • GRUP SEGURETAT DE LA INFORMACIÓ (ISG)

     Fernandez Muñoz, Marcel; León Abarca, Olga; Forné, Jordi; Pegueroles Valles, Josep Rafel; Hernández Serrano, Juan Bautista; Pallares Segarra, Esteve; Esparza Martin, Oscar; Muñoz Tapia, Jose Luis; Parra Arnau, Javier; Soriano Ibáñez, Miguel
    Participation in a competitive project

     Share

  • PROVISION SEGURA DE SERVICIOS SOBRE EL P2P (P2PSEC)

     Pegueroles Valles, Josep Rafel; Fernandez Muñoz, Marcel; Martin Faus, Isabel Victoria; Esparza Martin, Oscar; Forga Alberich, Jordi; Hernández Serrano, Juan Bautista; León Abarca, Olga; Rico Novella, Francisco Jose; Alins Delgado, Juan Jose; Cruz Llopis, Luis Javier de La; Mata Diaz, Jorge; Muñoz Tapia, Jose Luis; Soriano Ibáñez, Miguel
    Participation in a competitive project

     Share

  • SBV SECURE BIOMETRIC VOTING: SISTEMA BIOMETRICO PARA PROCESOS ELECTORALES SEGUROS

     Esparza Martin, Oscar; Hernández Serrano, Juan Bautista; Muñoz Tapia, Jose Luis; Soriano Ibáñez, Miguel
    Participation in a competitive project

     Share

  • Un nuevo ataque a TCP para redes de radios cognitivas

     León Abarca, Olga; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel
    Jornadas de Ingeniería Telemática1
    Presentation's date: 2009-09-15
    Presentation of work at congresses

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    Los dispositivos de radios cognitivas emergen como una prometedora tecnología que ha de permitir un mejor uso del espectro electro-magnético. Estos dispositivos se caracterizan por ser capaces de observar y entender su entorno, y cambiar consecuentemente su modo de operación. Sin embargo, estas propiedades “cognitivas” conllevan nuevos retos de seguridad. En este artículo se presenta un nuevo ataque a las conexiones TCP en redes de radios cognitivas, se proponen soluciones para mitigarlo y se evalúa el impacto del mismo con y sin contramedidas.

  • Shared self-organized GKM protocol for MANETs

     Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel; Soriano Ibáñez, Miguel
    Journal of information science and engineering
    Date of publication: 2008-11
    Journal article

    View View Open in new window  Share Reference managers Reference managers Open in new window

  • Contribución a la seguridad de grupo en redes inalámbricas avanzadas

     Hernández Serrano, Juan Bautista
    Defense's date: 2008-06-26
    Department of Telematics Engineering, Universitat Politècnica de Catalunya
    Theses

     Share Reference managers Reference managers Open in new window

  • ELefANTC E-Learning for Acquiring New Types of Skills - Continued.

     Silvestre Berges, Santiago; Soriano Ibáñez, Miguel; Hernández Serrano, Juan Bautista
    Participation in a competitive project

     Share

  • SCFS: towards design and implementation of a secure distributed filesystem

     Vera Del Campo, Juan Victoriano; Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel
    International Conference on Security and Cryptography
    Presentation's date: 2008-07
    Presentation of work at congresses

    View View Open in new window  Share Reference managers Reference managers Open in new window

  • Análisis de seguridad de un sistema de archivos distribuido

     Vera Del Campo, Juan Victoriano; Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel
    Reunión Española sobre Criptología y Seguridad de la Información
    Presentation's date: 2008-09-04
    Presentation of work at congresses

    View View Open in new window  Share Reference managers Reference managers Open in new window

  • Mantenimiento autónomo y distribuido de la Group Key Management sobre Wireless Sensor Networks

     Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel; Soriano Ibáñez, Miguel
    Jornadas de Ingeniería Telemática
    Presentation's date: 2007-09
    Presentation of work at congresses

     Share Reference managers Reference managers Open in new window

  • Ares. team for Advanced REsearch on information Security and privacy

     Soriano Ibáñez, Miguel; Domingo Ferrer, Josep; Muñoz Tapia, Jose Luis; Forné, Jordi; Pegueroles Valles, Josep Rafel; Hernández Serrano, Juan Bautista; Pallares Segarra, Esteve; Fernandez Muñoz, Marcel
    Participation in a competitive project

     Share

  • Supporting Mobility in GKM over Ad-Hoc Network Using a Decentralized and Spontaneous Algorithm

     Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel; Soriano Ibáñez, Miguel
    Lecture notes in computer science
    Date of publication: 2007-08
    Journal article

    View View Open in new window  Share Reference managers Reference managers Open in new window

  • Building a virtual hierarchy to simplify certification path discovery in mobile ad-hoc networks

     Satizabal, C; Hernández Serrano, Juan Bautista; Forné, Jordi; Pegueroles Valles, Josep Rafel
    Computer communications
    Date of publication: 2007-05
    Journal article

     Share Reference managers Reference managers Open in new window

  • Premio al mejor artículo de las VI Jornadas de Ingeniería Telemática - JITEL 2007

     Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel; Soriano, Miguel
    Award or recognition

     Share

  • Supporting mobility in GKM over ad-hoc network using a decentralized and spontaneous algorithm

     Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel; Soriano Ibáñez, Miguel
    International Conference on Computational Science and its Applications
    Presentation's date: 2007
    Presentation of work at congresses

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    Recently there have been a noticeable growth of ad-hoc environments with peer-to-peer relations. Such environments decentralize the services in order to share their cost between their members. As a result, a decentralized security scheme for the group members must be also provided. Group Key Management (GKM) deals with the responsibility of providing privacy and group authentication in group communications, but until now it is based either in centralized solutions, useless for peer-to-peer groups, or in contributory key schemes, that require a known group size. We propose a GKM algorithm targeted to ad-hoc environments that it is decentralized and allows members to only know their one-hop neighbors. Moreover our presented algorithm can deal with the potential mobility of the ad-hoc devices.

  • Algoritmo escalable y descentralizado de gestión de claves de grupo en entornos ad-hoc

     Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel; Soriano Ibáñez, Miguel
    IX Reunion Española sobre Criptologia y Seguridad de la Informacion
    Presentation of work at congresses

     Share Reference managers Reference managers Open in new window

  • Decentralized and Scalable Group Key Management Algorithm for Large Ad-Hoc Groups

     Pegueroles Valles, Josep Rafel; Hernández Serrano, Juan Bautista; Soriano Ibáñez, Miguel
    Mobile Computing and Wireless Communication International Conference, 2006
    Presentation of work at congresses

     Share Reference managers Reference managers Open in new window

  • Adapting GKM to many-to-many communications over MANET

     Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel; Soriano Ibáñez, Miguel
    Lecture notes in computer science
    Date of publication: 2006-05
    Journal article

     Share Reference managers Reference managers Open in new window

  • Building Hierarchical Public Key Infrastructures in Mobile Ad-Hoc Networks

     Satizábal, Cristina; Hernández Serrano, Juan Bautista; Forné, Jordi; Pegueroles Valles, Josep Rafel
    Lecture notes in computer science
    Date of publication: 2006-12
    Journal article

    View View Open in new window  Share Reference managers Reference managers Open in new window

  • Building hierarchical public key infrastructures in mobile ad-hoc networks

     Satizábal Echavarría, Isabel Cristina; Forné, Jordi; Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel
    Mobile Ad-hoc and Sensor Networks
    Presentation's date: 2006-12
    Presentation of work at congresses

    Read the abstract Read the abstract View View Open in new window  Share Reference managers Reference managers Open in new window

    Dynamism of mobile ad-hoc networks implies changing trust relationships among their nodes that can be established using peer-to-peer PKIs. Here, certification paths can be built although part of the infrastructure is temporarily unreachable because there can be multiple paths between two entities but certification path discovery is difficult since all the options do not lead to the target entity. On the contrary, in hierarchical PKIs, there is only one path between two entities and certification paths are easy to find. For that reason, we propose a protocol that establishes a virtual hierarchy in a peer-to-peer PKI. The results show that this protocol can be executed in a short time. In addition, our protocol does not require to issue new certificates among PKI entities, facilitates the certification path discovery process and the maximum path length can be adapted to the characteristics of users with limited processing and storage capacity.

  • Ataques de man-in-the-middle sobre tecnología inalámbrica

     Hernández Serrano, Juan Bautista; Pegueroles Valles, Josep Rafel; Soriano Ibáñez, Miguel
    III Simposio Español de Comercio Electrónico
    Presentation's date: 2005-06-09
    Presentation of work at congresses

     Share Reference managers Reference managers Open in new window