Alejandro Guerra-Manzanares

Alejandro Guerra-Manzanares
University of Nottingham | Notts

Doctor of Philosophy

About

27
Publications
10,925
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
427
Citations
Introduction
Post-doctoral associate at the Center of Interacting Urban Networks (CITIES) at New York University Abu Dhabi (NYUAD). Working on Privacy-preserving Machine Learning for Healthcare in the Clinical AI Lab NYUAD (PI Prof. Farah Shamout). Project collaboration with Prof. Michalis Maniatakos as co-PI (Center for Cybersecurity NYUAD). My (Ph.D.-related) research interests are also on the application of ML algorithms to cybersecurity issues such as malware detection in mobile and IoT networks
Additional affiliations
January 2023 - October 2024
New York University Abu Dhabi
Position
  • PostDoc Position
Description
  • Research on privacy-preserving machine learning for healthcare. Member of the Center for Interacting Urban Networks (CITIES), the Clinical AI lab and the Center for Cyber security.
September 2018 - January 2023
Tallinn University of Technology
Position
  • Researcher
Description
  • My research interests are on the application of Machine Learning techniques to Cyber Security issues, focusing on Malware detection in Android OS Mobile Phones and IoT Botnet detection Member of the Centre for Digital Forensics and Cyber Security.
Education
September 2018 - June 2022
September 2017 - June 2018
Tallinn University of Technology
Field of study
  • Cyber Security
September 2013 - June 2017
Polytechnic University of Catalonia
Field of study
  • ICT Systems Engineering

Publications

Publications (27)
Preprint
Full-text available
Multimodal fusion leverages information across modalities to learn better feature representations with the goal of improving performance in fusion-based tasks. However, multimodal datasets, especially in medical settings, are typically smaller than their unimodal counterparts, which can impede the performance of multimodal models. Additionally, the...
Article
Full-text available
Multimodal fusion leverages information across modalities to learn better feature representations with the goal of improving performance in fusion-based tasks. However, multimodal datasets, especially in medical settings, are typically smaller than their unimodal counterparts, which can impede the performance of multimodal models. Additionally, the...
Article
Full-text available
The continuous evolution of cyber threats imposes a critical challenge to malware detection systems, so operational detection solutions in real-world settings must keep up-to-date malware knowledge databases. Machine learning-based solutions are not exempt from this requirement as handling concept drift constitutes the primary building block for ke...
Article
Full-text available
Self-supervised learning methods for medical images primarily rely on the imaging modality during pretraining. Although such approaches deliver promising results, they do not take advantage of the associated patient or scan information collected within Electronic Health Records (EHR). This study aims to develop a multimodal pretraining approach for...
Article
Full-text available
Stroke is a life-threatening medical condition that could lead to mortality or significant sensorimotor deficits. Various machine learning techniques have been successfully used to detect and predict stroke-related outcomes. Considering the diversity in the type of clinical modalities involved during management of patients with stroke, such as medi...
Preprint
Full-text available
Self-supervised learning methods for medical images primarily rely on the imaging modality during pretraining. While such approaches deliver promising results, they do not leverage associated patient or scan information collected within Electronic Health Records (EHR). Here, we propose to incorporate EHR data during self-supervised pretraining with...
Article
Full-text available
The extensive research in machine learning based Android malware detection showcases high-performance metrics through a wide range of proposed solutions. Consequently, this fosters the (mis)conception of being a solved problem, diminishing its appeal for further research. However, after surveying and scrutinizing the related literature, this decept...
Article
A Network Intrusion Detection System (NIDS) is a widely used security monitoring technology for detecting attacks against network services, beaconing activity of infected end user nodes, malware propagation, and other types of malicious network traffic. Unfortunately, NIDS technologies are known to generate a large number of alerts, with a signific...
Chapter
Machine Learning (ML) has recently shown tremendous success in modeling various healthcare prediction tasks, ranging from disease diagnosis and prognosis to patient treatment. Due to the sensitive nature of medical data, privacy must be considered along the entire ML pipeline, from model training to inference. In this paper, we conduct a review of...
Chapter
Mobile malware detection remains a significant challenge in the rapidly evolving cyber threat landscape. Although the research about the application of machine learning methods to this problem has provided promising results, still, maintaining continued success at detecting malware in operational environments depends on holistically solving challen...
Preprint
Full-text available
Machine Learning (ML) has recently shown tremendous success in modeling various healthcare prediction tasks, ranging from disease diagnosis and prognosis to patient treatment. Due to the sensitive nature of medical data, privacy must be considered along the entire ML pipeline, from model training to inference. In this paper, we conduct a review of...
Article
The active learning approach for machine learning can greatly benefit those environments where a wealth of unlabeled data is available, and the labeling cost of the data can be restrictive. In this regard, Security operating centers (SOCs) can take advantage of the human expertise available to improve machine learning-based detection models using t...
Article
Full-text available
Android security permissions are built-in security features that constrain what an app can do and access on the system, that is, its privileges. Permissions have been widely used for Android malware detection, mostly in combination with other relevant app attributes. The available set of permissions is dynamic, refined in every new Android OS versi...
Article
The vast body of research in Android malware detection domain has demonstrated that machine learning can provide high performance for mobile malware detection. However, the learning models have been usually evaluated with data sets encompassing short time-frames, creating questions about the feasibility of these models in operational settings that...
Article
Most of the proposed solutions using dynamic features for Android malware detection collect and test their systems using a single and particular data collection device, either a real device or an emulator. The results obtained using these particular devices are then generalized to any Android platform. This extensive generalization is based on the...
Article
The large body of Android malware research has demonstrated that machine learning methods can provide high performance for detecting Android malware. However, the vast majority of studies underestimate the evolving nature of the threat landscape, which requires the creation of a model life-cycle to ensure effective continuous detection in real-worl...
Article
The majority of Android malware detection solutions have focused on the achievement of high performance in old and short snapshots of historical data, which makes them prone to lack the generalization and adaptation capabilities needed to discriminate effectively new malware trends in an extended time span. These approaches analyze the phenomenon f...
Chapter
Full-text available
The exponential increase in the adoption of the Internet of Things (IoT) technology combined with the usual lack of security measures carried by such devices have brought up new risks and security challenges to networks. IoT devices are prone to be easily compromised and used as magnification platforms for record-breaking cyber-attacks (i.e., Distr...
Article
Android malware evolution has been neglected by the available data sets, thus providing a static snapshot of a non-stationary phenomenon. The impact of the time variable has not had the deserved attention by the Android malware research, omitting its degenerative impact on the performance of machine learning- based classifiers (i.e., concept drift)...
Conference Paper
Full-text available
The exponential growth of the Internet of Things in conjunction with the traditional lack of security mechanisms and resource constraints associated with these devices have posed new risks and challenges to security in networks. IoT devices are compromised and used as amplification platforms by cyber-attackers, such as DDoS attacks. Machine learnin...
Conference Paper
Full-text available
The analysis of the interplay between the feature selection and the post-hoc local interpretation steps in a machine learning workflow followed for IoT botnet detection constitutesthe research scope of the present paper. While the application of machine learning-based techniques has become a trend in cyber security, the main focus has been almost o...
Conference Paper
Full-text available
Dynamic features are frequently used in the machine learning based approaches to detect malicious applications on Android devices. These features are constructed by collecting the system calls observed during a certain period of time. In spite of the popularity of this approach, very little attention has been paid to the analysis of the length of t...
Conference Paper
Full-text available
Behavioral data extracted from emulators or real devices, such as system calls, are utilized in research studies where machine learning models have been employed for mobile malware detection. However, these studies do not explore whether the selection of data source may have an impact on the performance of the models, assuming that both data source...
Conference Paper
Full-text available
Timely detection of intrusions is essential in IoT networks, considering the massive attacks launched by the huge-sized botnets which are composed of insecure devices. Machine learning methods have demonstrated promising results for the detection of such attacks. However, the effectiveness of such methods may greatly benefit from the reduction of f...
Conference Paper
Full-text available
New malware detection techniques are highly needed due to the increasing threat posed by mobile malware. Machine learning techniques have provided promising results in this problem domain. However, feature selection, which is an essential instrument to overcome the curse of dimensionality, presenting higher interpretable results and optimizing the...

Network

Cited By