Felix Gomez Marmol

University of Murcia | UM · Department of Information and Communication Engineering

Distributed and coordinated attacks in computer networks are causing considerable economic losses worldwide in recent years. This is mainly due to the transition of attackers’ operational patterns towards a more sophisticated and more global behavior. This fact is leading current intrusion detection systems to be more likely to generate false alarm...

OpenID is an open standard providing a decentralised authentication mechanism to end users. It is based on a unique URL (Uniform Resource Locator) or XRI (Extensible Resource Identifier) as identifier of the user. This fact of using a single identifier confers this approach an interesting added-value when users want to get access to different servi...

SUMMARY Cloud computing is no longer the future but the present. Every day, more and more companies and service providers transfer their businesses and operations to the cloud, benefiting from its multiple advantages. Moreover, the flexibility offered by many cloud services allows to easily build sophisticated services by just composing simpler one...

Healthcare systems are moving to decentralized scenarios, forming a mesh of mobile services and care providers. A rapidly growing number of users aren't shy about using new services on their home computers, mobile phones, and laptops. Identity management solutions, deployed for ease of use, control the data that users provide to individual healthca...

Social network users can report other users' content as inappropriate by arguing that it encroaches on their privacy rights. Blindly accepting such reports as real evidence of something offensive poses substantial risks; malicious users might report harmless content just to compromise that material. The large number of users who flag content as off...

The rapid technological evolution of the last years has motivated students to develop capabilities that will prepare them for an unknown future in the 21st century. In this context, many teachers intend to optimise the learning process, making it more dynamic and exciting through the introduction of gamification. Thus, this paper focuses on a data-...

We collected and computed various data and statistics from a sample of Flickr users who uploaded photos to the platform in December 2021 and their photos, obtaining a final number of 27,516 users and 2,647,928 photos. Having the total number of photos uploaded and the number of photos uploaded in December by each user, we selected a representative...

In our generation, there is an undoubted rise in the use of social media and specifically photo and video sharing platforms. These sites have proved their ability to yield rich data sets through the users' interaction which can be used to perform a data-driven evaluation of capabilities. Nevertheless, this study reveals the lack of suitable data se...

The irreplaceable key to the triumph of Question & Answer (Q & A) platforms is their users providing high-quality answers to the challenging questions posted across various topics of interest. From more than a decade, the expert finding problem attracted much attention in information retrieval research. Based on the encountered gaps in the expert i...

This study analyzes the availability of Tor onion services over time, as they have a limited lifetime and can be activated and deactivated intermittently. Various onion services use different protocols, which are analyzed, including 15 in total. The presence of tor links in online resources for advertising is also characterized. Having collected 54...

Social networks were designed to connect people online but have also been exploited to launch influence operations for manipulating society. The deployment of social bots has proven to be one of the most effective enablers to polarize and destabilize platforms. While automatic tools have been developed for their detection, the way to characterize t...

In the twentyfirst-century society, several soft skills are fundamental, such as stress management, which is considered one of the key ones due to its strong relationship with health and well-being. However, this skill is hard to measure and master without external support. This paper tackles stress detection through artificial intelligence (AI) mo...

Despite their numerous advantages, social networks may be unfortunately employed for hate promotion or violence instigation. Thus, law enforcement agencies must pay close attention to these platforms to preserve public safety and detect threatening trends. To this extent, the article at hand discusses the role of social networks in today’s social m...

The rapid evolution of technology directly impacts the skills and jobs needed in the next decade. Users can, intentionally or unintentionally, develop different skills by creating, interacting with, and consuming the content from online environments and portals where informal learning can emerge. These environments generate large amounts of data; t...

Over the last few decades, the Internet has brought about a myriad of benefits to almost every aspect of our daily lives. However, malware attacks have also widely proliferated, mainly aiming at legitimate network users, resulting in millions of dollars in damages if proper protection and response measures are not settled and enforced. In this cont...

Among the myriad of applications of natural language processing (NLP), assisting law enforcement agencies (LEA) in detecting and preventing cybercrimes is one of the most recent and promising ones. The promotion of violence or hate by digital means is considered a cybercrime as it leverages the cyberspace to support illegal activities in the real w...

The rapid technological evolution of the last years motivated students to develop competencies and capabilities that will prepare them for an unknown future of the 21st century. In this context, teachers intend to optimise the process of learning and make it more dynamic and exciting by introducing gamification. Thus, this paper focuses on a data-d...

The evolution of integrated clinical environments (ICE) and the future generations of mobile networks brings to reality the hospitals of the future and their innovative clinical scenarios. The mobile edge computing paradigm together with network function virtualization techniques and the software-defined networking paradigm enable self-management,...

Undoubtedly, modern human digital lives are every day more and more connected, and the revolution of “everything connected” is already becoming a reality. Indeed, humans live in the age of the Internet of Things (IoT), and one of the most usual IoT contexts is a smart home. Unfortunately, such significant enhancement also means that common home dev...

Social networks have triumphed in communicating people online, but they have also been exploited to launch influence operations for manipulating society. The deployment of software-controlled accounts (e.g., social bots) has proven to be one of the most effective enablers for that purpose, and tools for their detection have been developed and widel...

People's online activity continuously dumps personally identifiable information on the web. Alarmingly, this public information becomes a dangerous cyberweapon in the era of finely-targeted cyberattacks. This article explores todays cyberthreats around open data, from traditional ones to AI empowering, thus unveiling a range of vulnerabilities to w...

Social media interactions represent one of the primary methods to connect and interact with others, and people rely on them as a primary source of news and information in general. Despite considering these contents as trustworthy knowledge, social media manipulation has been demonstrated as one of the most significant problems of the 21st century....

Nowadays, Information and Communication Technology (ICT) infrastructures play a crucial role for human beings, providing essential services at astonishing speed. Nevertheless, such a centrality of those infrastructures attracts the interest of ill-motivated actors that target such infrastructures with cyberattacks that are every day more sophistica...

Cyberattacks targeting ICT systems are becoming every day more sophisticated and disruptive. Such malevolent actions are performed by ill-motivated entities (governments, states, administrations, etc.), often featuring almost unlimited resources, but also by skilled individuals due to the accessibility of the attacks source code. In this alarming s...

Since the first reported case in Wuhan in late 2019, COVID-19 has rapidly spread worldwide, dramatically impacting the lives of millions of citizens. To deal with the severe crisis resulting from the pandemic, worldwide institutions have been forced to make decisions that 1 affect the socio-economic realm. In this sense, researchers from diverse kn...

Una formación en ciberdefensa de alta calidad que permita adquirir competencias que luego sean aplicables en escenarios reales es altamente compleja. A pesar de que la mayoría de las organizaciones y cuerpos involucrados en este área están de acuerdo en afirmar que generar mecanismos para el desarrollo de estas capacidades es prioritario, aún exist...

During the last years, the constant cybersecurity breaches being reported are remarking the necessity of raising the number of cybersecurity experts that can tackle such threats. In this sense, educational technology environments can help to generate more immersive and realistic environments, and within this context, cyber range systems are one of...

Prevention of cybercrime is one of the missions of Law Enforcement Agencies (LEA) aiming to protect and guarantee sovereignty in the cyberspace. In this regard, online sex crimes are among the principal ones to prevent, especially those where a child is abused. The paper at hand proposes C3-Sex, a smart chatbot that uses Natural Language Processing...

While social media has been proved as an exceptionally useful tool to interact with other people and massively and quickly spread helpful information, its great potential has been ill-intentionally leveraged as well to distort political elections and manipulate constituents. In the paper at hand, we analyzed the presence and behavior of social bots...

The Internet of Things (IoT) paradigm has revolutionized several industries (e.g., manufacturing, health, transport, education, among others) by allowing objects to connect to the Internet and, thus, enabling a variety of novel applications. In this sense, IoT devices have become an essential component of smart cities, allowing many novel and usefu...

The term social bots refer to software-controlled accounts that actively participate in the social platforms to influence public opinion toward desired directions. To this extent, this data descriptor presents a Twitter dataset collected from October 4th to November 11th, 2019, within the context of the Spanish general election. Starting from 46 ha...

While social media has been proved as an exceptionally useful tool to interact with other people and massively and quickly spread helpful information, its great potential has been ill-intentionally leveraged as well to distort political elections and manipulate constituents. In the paper at hand, we analyzed the presence and behavior of social bots...

ITASEC20 presentation of the article Zago, Mattia, et al. "Screening Out Social Bots Interference: Are There Any Silver Bullets?." IEEE Communications Magazine 57.8 (2019): 98-104.

The amount of data generated by the current interconnected world is immeasurable, and a large part of such data is publicly available, which means that it is accessible by any user, at any time, from anywhere in the Internet. In this respect, Open Source Intelligence (OSINT) is a type of intelligence that actually benefits from that open natureby c...

This special issue focuses on the current and novel issue known as Industry 4.0 (Fourth Industrial Revolution). It contains very interesting and original works that deal with smart manufacturing. They are listed below: Pranab K. Muhuri, Amit K. Shukla, Ajith Abraham, Industry 4.0: A bibliometric analysis and detailed overview, Engineering Applicat...

Social networks are a primary source of news and information that can be steered, distorted, and influenced. Recent scandals such as the one involving Cambridge Analytics proved that social media users are prone to such direct manipulation. Among the weapons available to perform these anti-democracy attacks, Social Bots are beyond question the most...

The paper at hand proposes \(\mathcal {B}\)SIEM-IoT, a Security Information and Event Management solution (SIEM) for the Internet of Things (IoT) relying on blockchain to store and access security events. The security events included in the blockchain are contributed by a number of IoT sentinels in charge of protecting a group of IoT devices. A key...

Continuous authentication was introduced to propose novel mechanisms to validate users’ identity and address the problems and limitations exposed by traditional techniques. However, this methodology poses several challenges that remain unsolved. In this paper, we present a novel framework, PALOT, that leverages IoT to provide context-aware, continu...

Phenomenons like Social Networks, Cloud Computing or Internet of Thing are unknowingly generating unimaginable quantities of data. In this context, Open Source Intelligence (OSINT) exploits such information to extract knowledge that is not easily appreciable beforehand by the human eye. Apart from the political, economic or social applications OSIN...

The Internet of Things (IoT) became established during the last decade as an emerging technology with considerable potentialities and applicability. Its paradigm of everything connected together penetrated the real world, with smart devices located in several daily appliances. Such intelligent objects are able to communicate autonomously through al...

Intrusion detection systems (IDSs) are essential elements when it comes to the protection of an ICT infrastructure. Misuse IDSs a stable method that can achieve high attack detection rates (ADR), while keeping false alarm rates under acceptable levels. However, misuse IDSs suffer from the lack of agility, as they are unqualified to adapt to new and...

Undoubtedly, the adoption of the Internet of Things (IoT) paradigm has impacted on our every-day life, surrounding us with smart objects. Thus, the potentialities of this new market attracted the industry, so that many enterprises developed their own IoT platforms aiming at helping IoT services’ developers. In the multitude of possible platforms, s...

Due to the growth of IoT (Internet of Things) devices in different industries and markets in the recent years, and considering the currently insufficient protection for these devices, a security solution safeguarding IoT architectures is highly desirable. An interesting perspective for the development of security solutions is the use of an event ma...

Modern authentication systems still suffer of some limitations that threaten users’ data protection. To strengthen the overall security of authentication processes, the continuous authentication paradigm has been increasingly employed. Nonetheless, this fresh methodology still poses a number of challenges that remain unsolved. In this paper, we pre...

The Internet of Things (IoT) is considered as an emerging technology with considerable potentialities. Its paradigm of everything connected together invaded the real world, with smart objects located in several daily appliances able to communicate autonomously through already existing network infrastructures. On the downside, the great advance carr...

The paper at hand presents a relevant summary of the work conducted in [1]. It shows how a wireless Intrusion Detection System (IDS) successfully reports malicious activities to a Security Information and Event Management (SIEM) system. By doing so, a variety of IoT devices are protected from potential cyber-attacks. Leveraging the capabilities of...

It is without doubt that today the volume and sophistication of cyber attacks keeps consistently growing, militating an endless arm race between attackers and defenders. In this context, full-fledged frameworks, methodologies, or strategies that are able to offer optimal or near-optimal reaction in terms of countermeasure selection, preferably in a...

These proceedings contain papers selected for presentation at the 5th International Symposium on Security in Computing and Communications (SSCC’17). SSCC aims to provide the most relevant opportunity to bring together researchers and practitioners from both academia and industry to exchange their knowledge and discuss their research findings. The s...

Intrusion detection systems (IDSs) are essential entities in a network topology aiming to safeguard the integrity and availability of sensitive assets in the protected systems. In misuse detection systems, which is the topic of the paper at hand, the detection process relies on specific attack signatures (rules) in an effort to distinguish between...

Despite the several advantages commonly attributed to social networks such as easiness and immediacy to communicate with acquaintances and friends, significant privacy threats provoked by unexperienced or even irresponsible users recklessly publishing sensitive material are also noticeable. Yet, a different, but equally significant privacy risk mig...

Can we trust ICT (Information & Communication Technology) systems? Every single day a handful of previously unknown security vulnerabilities on these environments are published, dangerously feeding the lack of trust feeling that many end users already exhibit with respect to ICT. In order to disrupt and even invert such a perilous tendency (hinderi...

Due to the numerous advantages in terms of cost reduction, usability, and flexibility, today we are witnessing the adoption of solutions where individuals and enterprises prefer to outsource (part of) their private information or assets for processing to third parties. Yet, such adoption will not become a complete success unless outsourced data sto...

Social network users take advantage of anonymity to share rumors or gossip about others, making it important to provide means to report offensive conduct. This article presents a proposal to automatically manage these reports. We consider not only the users’ public behavior, but also private messages between users. The automatic approach is based,...

Cyber security has become a major challenge when detecting and preventing attacks on any self-organizing network. Defining a trust and reputation mechanism is a required feature in these networks to assess whether the alerts shared by their Intrusion Detection Systems (IDS) actually report a true incident. This paper presents a way of measuring the...

Method for supporting a reputation mechanism in a network including one or more domains with one or more users being connected to the domains, one or more Identity Providers that manage identity information, and at least one entity that functions as Web Service Consumer for the users. When a user requests a Web Service Consumer of one of the domain...

Recent advances in wireless communication technologies along with a proliferation of mobile devices have enabled a new, and expanded level of ubiquitous access to data and communications. Reliable, secure, and private communications are as essential in these product offerings as network availability, especially as the Internet presents enhanced opp...

Risk-based access control systems are a new element in access control categories, incorporating risk analysis as part of the inputs to consider when taking an authorization decision. A risk analysis over a resource leads generally to temporal allocation of the resource in a risk level (e.g. high, medium, low). Ideally, for each risk level and kind...

Policy-based authorization systems have been largely deployed nowadays to control different privileges over a big amount of resources within a security domain. With policies it is possible to reach a fine-grained level of expressiveness to state proper responses of a system against multiple access control requests. In this context, XACML has achiev...

Hybrid Broadcast Broadband TV (HbbTV) is an industry standard aimed to provide a platform combining TV services with Internet services, using connected TVs and set-top boxes. It enables the possibility for vendors to offer applications directly to the users, introducing new entertainment services such as streaming of video on demand, games, social...

Method for operating a smart grid including a plurality of smart meters configured to monitor at least one physical measured quantity and to provide measurement results of the at least one physical measured quantity to a central entity, includes the following steps: partitioning the smart grid into groups of smart meters, such that each of the sma...

Smart AppStore offers five important features for today's smartphone users: biometric authentication, multilevel authorization, gesture recognition and navigation, user-tailored reputation scores, and identity management. The Web extra at http://youtu.be/15KPOUp5H_A is a video demonstration of Smart AppStore, which offers five important features fo...

Current trust and reputation management approaches usually offer rigid and inflexible mechanisms to compute reputation scores, which hinder their dynamic adaptation to the current circumstances in the system where they are deployed. At most, they provide certain parameters which are configurable or tunable. Yet, this is not enough for such heteroge...

OpenID is a standard decentralized initiative aimed at allowing Internet users to use the same personal account to access different services. Since it does not rely on any central authority, it is hard for such users or other entities to validate the trust level of each entity deployed in the system. Some research has been conducted to handle this...

Identity Management systems cannot be centralized anymore. Nowadays, users have multiple accounts, profiles and personal data distributed throughout the web and hosted by different providers. However, the online world is currently divided into identity silos forcing users to deal with repetitive authentication and registration processes and hinderi...

As a cutting edge technology, Machine to Machine (M2M) communications are gaining ground for managing and controlling M2M devices. Since these objects have intelligence, communication capabilities and ability to work with their environment, they are ...