Jorge Blasco

Royal Holloway, University of London | RHUL · Department of Information Security

Biometric systems designed on wearable technology have substantial differences from traditional biometric systems. Due to their wearable nature, they generally capture noisier signals and can only be trained with signals belonging to the device user (biometric verification). In this article, we assess the feasibility of using low-cost wearable sens...

Bluetooth Low Energy (BLE) is a fast-growing wireless technology with a large number of potential use cases, particularly in the IoT domain. With many of these use cases, the BLE device stores sensitive user data or critical device controls, which may be accessed by an augmentative Android or iOS application. Uncontrolled access to such data could...

Bluetooth Low Energy is a ubiquitous technology, with applications in the fitness, healthcare and smart home sectors, to name but a few. In this paper, we present an open-source Profiler for classifying the protection level of data residing on a BLE device. Preliminary results obtained by executing the tool against several devices show that some BL...

Many MOOCs are being designed replicating traditional passive teaching approaches but using video lectures as the means of transmitting information. However, it is well known that learning-by-doing increases retention rates and, thus, allows achieving a more effective learning. To this end, it is worth exploring which tools fit best in the context...

Malware has been a major problem in desktop computing for decades. With the recent trend towards mobile computing, malware is moving rapidly to smartphone platforms. “Total mobile malware has grown 151% over the past year”, according to McAfee®’s quarterly treat report in September 2016. By design, AndroidTM is “open” to download apps from differen...

Android is designed with a number of built-in security features such as app sandboxing and permission-based access controls. Android supports multiple communication methods for apps to cooperate. This creates a security risk of app collusion. For instance, a sandboxed app with permission to access sensitive data might leak that data to another sand...

Colluding apps bypass the security measures enforced by sandboxed operating systems such as Android. App collusion can be a real threat in cloud environments as well. Research in detecting and protecting against app collusion requires a variety of colluding apps for experimentation. Presently the number of (real or manually crafted) apps available...

Mobile devices, such as smartphones, have become an important part of modern lives. However, as these devices have tremendously become popular they are attracting a range of attacks. Malware is one of the serious threats posed to smartphones by the attackers. Due to the limited resources of mobile devices malware detection on these devices remains...

Mobile operating systems support multiple communication methods between apps. Unfortunately, these handy inter-app communication mechanisms also make it possible to carry out harmful actions in a collaborative fashion. Two or more mobile apps, viewed independently, may not appear to be malicious. Together, however, they could become harmful by exch...

The growing popularity of wearable devices is leading to new ways to interact with the environment, with other smart devices, and with other people. Wearables equipped with an array of sensors are able to capture the owner's physiological and behavioural traits, thus are well suited for biometric authentication to control other devices or access di...

Android OS supports multiple communication methods between apps. This opens the possibility to carry out threats in a collaborative fashion, c.f. the Soundcomber example from 2011. In this paper we provide a concise definition of collusion and report on a number of automated detection approaches, developed in co-operation with Intel Security.

Android OS supports multiple communication methods between apps. This opens the possibility to carry out threats in a collaborative fashion, c.f. the Soundcomber example from 2011. In this paper we provide a concise definition of collusion and report on a number of automated detection approaches, developed in co-operation with Intel Security.

We describe, analyze and demonstrate how a set of Android apps can, when working together, circumvent the current Android security model. The problem is that a set of colluding apps may be able to perform actions beyond the limitations set by the OS. These capabilities can easily go unnoticed because only individual app's permissions are shown. We...

Data theft is a major threat for modern organizations with potentially large economic consequences. Although these attacks may well originate outside an organization’s information systems, the attacker—or else an insider—must eventually make contact with the system where the information resides and extract it. In this work, we propose a scheme that...

Deduplication is a widely used technique in storage services, since it affords a very efficient usage of resources-being especially effective for consumer-grade storage services (e.g. Dropbox). Deduplication has been shown to suffer from several security weaknesses, the most severe ones enabling a malicious user to obtain possession of a file it is...

This article is an overview of intrusion detection systems (IDSs). Intrusion detection is an essential layer in a defend-in-depth strategy to protect enterprise networks. Traditional IDSs passively monitor activities in hosts and network traffic for signs of attacks. The core intelligence uses a detection algorithm using signatures or anomaly detec...

The security and privacy issues of vehicular ad-hoc networks (VANETs) must be addressed before they are implemented. For this purpose, several academic and industrial proposals have been developed. Given that several of them are intended to co-exist, it is necessary that they consider compatible security models. This paper presents a survey o...

Vehicular ad hoc networks (VANETs) are a new communication scenario in which vehicles take an active part. Real-time reporting of misbehaving vehicles by surrounding ones is enabled by in-vehicle sensors and VANETs. Thus, sensors allow detecting the misbehavior whereas VANETs allow sending the report to the authority. Nevertheless, these reports sh...

There are traffic situations (e.g. incorrect speeding tickets) in which a given vehicle’s driving behavior at some point in time has to be proved to a third party. Vehicle-mounted sensorial devices are not suitable for this matter since they can be maliciously manipulated. However, surrounding vehicles may give their vision on another one’s behavio...

The rapid proliferation of smartphones over the last few years has come hand in hand with and impressive growth in the number and sophistication of malicious apps targetting smartphone users. The availability of reuse-oriented develop-ment methodologies and automated malware production tools makes exceed-ingly easy to produce new specimens. As a re...

Insider threats are an increasing concern for most modern organizations. Information leakage is one of the most important insider threats, particularly according to its potential financial impact. Data Leakage Protection (DLP) systems have been developed to tackle this issue and they constitute the main solution to protect information systems again...

Steganographic techniques allow users to covertly transmit information, hiding the existence of the communication itself. These can be used in several scenarios ranging from evading censorship to discreetly extracting sensitive information from an organization. In this paper, we consider the problem of using steganography through a widely used netw...

Network Intrusion Detection Systems (NIDS) play a fundamental role on security policy deployment and help organizations in protecting their assets from network attacks. Signature-based NIDS rely on a set of known patterns to match malicious traffic. Accordingly, they are unable to detect a specific attack until a specific signature for the correspo...

The cross-site scripting (XSS) has become a common vulnerability of many web sites and web applications. XSS consists in the exploitation of input validation flaws, with the purpose of injecting arbitrary script code which is later executed at the web browser of the victim. One interesting possibility to prevent this type of vulnerability is the us...

One of the central areas in network intrusion detection is how to build effective systems that are able to distinguish normal from intrusive traffic. In this paper we explore the use of Genetic Programming (GP) for such a purpose. Although GP has already been studied for this task, the inner features of network intrusion detection have been systema...

Hydan is a steganographic tool which can be used to hide any kind of information inside executable files. In this work, we present an efficient distinguisher for it: We have developed a system that is able to detect executable files with embedded information through Hydan. Our system uses statistical analysis of instruction set distribution to dist...

The widespread adoption of autonomous intrusion detection technology is overwhelming current frameworks for network security management. Modern intrusion detection systems (IDSs) and intelligent agents are the most mentioned in literature and news, although other risks such as broad attacks (e.g. very widely spread in a distributed fashion like bo...

Cryptographic software has suffered in many ocassions from export restrictions. Governments might claim that cryptographic algorithms are equivalent to military equipment to justify and maintain these restrictions. Sometimes, these laws are approved under dictatorial rules or even by democratric goverments which exploit and overstimate a terrorist...

Cryptographic software has suffered in many ocassions from export restrictions. Governments might claim that cryptographic algorithms are equivalent to military equipment to justify and maintain these restrictions. Sometimes, these laws are approved under dictatorial rules or even by democratric goverments which exploit and overstimate a terrorist...