RESUMEN
Small and medium enterprises are significantly hampered by cyber-threats as they have inherently limited skills and financial capacities to anticipate, prevent, and handle security incidents. The EU-funded PALANTIR project aims at facilitating the outsourcing of the security supervision to external providers to relieve SMEs/MEs from this burden. However, good practices for the operation of SME/ME assets involve avoiding their exposure to external parties, which requires a tightly defined and timely enforced security policy when resources span across the cloud continuum and need interactions. This paper proposes an innovative architecture extending Network Function Virtualisation to externalise and automate threat mitigation and remediation in cloud, edge, and on-premises environments. Our contributions include an ontology for the decision-making process, a Fault-and-Breach-Management-based remediation policy model, a framework conducting remediation actions, and a set of deployment models adapted to the constraints of cloud, edge, and on-premises environment(s). Finally, we also detail an implementation prototype of the framework serving as evaluation material.
RESUMEN
Continuous authentication was introduced to propose novel mechanisms to validate users' identity and address the problems and limitations exposed by traditional techniques. However, this methodology poses several challenges that remain unsolved. In this paper, we present a novel framework, PALOT, that leverages IoT to provide context-aware, continuous and non-intrusive authentication and authorization services. To this end, we propose a formal information system model based on ontologies, representing the main source of knowledge of our framework. Furthermore, to recognize users' behavioral patterns within the IoT ecosystem, we introduced a new module called "confidence manager". The module is then integrated into an extended version of our early framework architecture, IoTCAF, which is consequently adapted to include the above-mentioned component. Exhaustive experiments demonstrated the efficacy, feasibility and scalability of the proposed solution.
RESUMEN
OBJECTIVE: Despite current standardization actions towards the unification between European Union (EU) countries, there is still much work to do. In this context, this paper aims to offer a comprehensive analysis of the limitations of the EU concerning emergency situations, specifically in cross-border, cross-hierarchical, and cross-sectorial emergencies, as well as the analysis of emergent opportunities for improvement. The final goal of this analysis is to serve as an initial step for pre-standardizing these opportunities. MATERIALS AND METHODS: This work, performed in the context of the EU H2020 VALKYRIES project, first analyzed existing gaps from three dimensions: technological, procedural, collaboration, and training. Each gap was obtained from the literature, professional experience within VALKYRIES, or a consultation process on EU emergency agencies. This research subsequently obtained a list of opportunities from these limitations, aggregating those opportunities with similarities to ease their study. Then, this work prioritized the opportunities based on their feasibility and positive impact, performing an additional consultation process to EU emergencies for validation. Finally, this investigation provided a roadmap for pre-standardization for the five top-ranked opportunities per dimension. RESULTS: This paper presents a set of 303 gaps and 255 opportunities across technological, procedural, collaboration, and training dimensions. After clustering the opportunities, this work provides a final set of 82 meta opportunities for improving emergency actions in the EU, prioritized based on their feasibility for adoption and positive impact. Finally, this work documents the roadmaps for three top-ranked opportunities for conciseness. CONCLUSION: This publication highlights the limitations and opportunities in the EU concerning emergency agencies and, more specifically, those existing in cross-border and multi-casualty incidents. This work concludes that there is still room for improvement despite the current measures toward harmonization and standardization.
Asunto(s)
Urgencias Médicas , Humanos , Unión Europea , Estándares de ReferenciaRESUMEN
In computer security, botnets still represent a significant cyber threat. Concealing techniques such as the dynamic addressing and the domain generation algorithms (DGAs) require an improved and more effective detection process. To this extent, this data descriptor presents a collection of over 30 million manually-labeled algorithmically generated domain names decorated with a feature set ready-to-use for machine learning (ML) analysis. This proposed dataset has been co-submitted with the research article "UMUDGA: a dataset for profiling DGA-based botnet" [1], and it aims to enable researchers to move forward the data collection, organization, and pre-processing phases, eventually enabling them to focus on the analysis and the production of ML-powered solutions for network intrusion detection. In this research, we selected 50 among the most notorious malware variants to be as exhaustive as possible. Inhere, each family is available both as a list of domains (generated by executing the malware DGAs in a controlled environment with fixed parameters) and as a collection of features (generated by extracting a combination of statistical and natural language processing metrics).
RESUMEN
This article details the methodology and the approach used to extract and decode the data obtained from the Controller Area Network (CAN) buses in two personal vehicles and three commercial trucks for a total of 36 million data frames. The dataset is composed of two complementary parts, namely the raw data and the decoded ones. Along with the description of the data, this article also reports both hardware and software requirements to first extract the data from the vehicles and secondly decode the binary data frames to obtain the actual sensors' data. Finally, to enable analysis reproducibility and future researches, the code snippets that have been described in pseudo-code will be publicly available in a code repository. Motivated enough actors may intercept, interact, and recognize the vehicle data with consumer-grade technology, ultimately refuting, once-again, the security-through-obscurity paradigm used by the automotive manufacturer as a primary defensive countermeasure.
RESUMEN
The term social bots refer to software-controlled accounts that actively participate in the social platforms to influence public opinion toward desired directions. To this extent, this data descriptor presents a Twitter dataset collected from October 4th to November 11th, 2019, within the context of the Spanish general election. Starting from 46 hashtags, the collection contains almost eight hundred thousand users involved in political discussions, with a total of 5.8 million tweets. The proposed data descriptor is related to the research article available at [1]. Its main objectives are: i) to enable worldwide researchers to improve the data gathering, organization, and preprocessing phases; ii) to test machine-learning-powered proposals; and, finally, iii) to improve state-of-the-art solutions on social bots detection, analysis, and classification. Note that the data are anonymized to preserve the privacy of the users. Throughout our analysis, we enriched the collected data with meaningful features in addition to the ones provided by Twitter. In particular, the tweets collection presents the tweets' topic mentions and keywords (in the form of political bag-of-words), and the sentiment score. The users' collection includes one field indicating the likelihood of one account being a bot. Furthermore, for those accounts classified as bots, it also includes a score that indicates the affinity to a political party and the followers/followings list.
RESUMEN
This paper details the methodology and approach conducted to monitor the behaviour of twelve users interacting with their computers for fifty-five consecutive days without preestablished indications or restrictions. The generated dataset, called BEHACOM, contains for each user a set of features that models, in one-minute time windows, the usage of computer resources such as CPU or memory, as well as the activities registered by applications, mouse and keyboard. It has to be stated that the collected data have been treated in a privacy-preserving way during each phase of the collection and analysis. Together with the features and their explanation, we also detail the software used to gather and process the data. Finally, this article describes the data distribution of the BEHACOM dataset.