Security in Network and Systems
Malware is defined as any computer software explicitly designed to damage computers or networks. Their major motivation has evolved to malicious economic considerations. The anti-malware software or intrusion prevention systems are highly dependent on a signature database. A signature is a sequence of bits that is present within malicious executables and in the files already infected. Another features that can be used to face obfuscated and previously unseen malware are techniques based on dynamically extracted characteristics. Dynamic analysis executes the inspected specimen in a controlled environment called ‘sandbox’. The main advantages of static techniques are that they are safer because they do not execute malware, they are able to analyse all the execution paths of the executable, and the analysis and detection is usually fast.
The RAAP group has started this research line recently, significant advances have been done and published in conferences, and Ph. D candidate students have been incorporated to this research field.
Topics:
-
- Malware detection based on machine learning and semi-supervised learning
-
- Malware obfuscation technique to avoid anti-malware software
-
- Intrusion Detection System for IoT infraestructure
-
- Reversing engineering
-
- Forensic malware
Relevant Publications:
-
- José Roldán, Juan Boubeta-Puig, José Luis Martínez and Guadalupe Ortiz, “Integrating Complex Event Processing and Machine Learning: an Intelligent Architecture for Detecting IoT Security Attacks”, Expert Systems With Applications, ISSN: 0957-4174, Vol. 149(113251), July, 2020.
Impact: 4,292. Position: 7/84 (1st quarter) - J. Carrillo-Mondéjar, J.L. Martínez and G. Suarez-Tangil, Characterizing Linux-based malware: Findings and recent trends”, Future Generation Computer Systems , ISSN: 0167-739X, Vol. 110, pp 267-281, September, 2020.
Impact: 5,678. Position: 8/105 (1st quarter) - Javier Carrillo-Mondejar, Juan Manuel Castelo Gomez, Carlos Núñez-Gómez, Jose Roldán Gómez and José Luis Martínez, Automatic Analysis Architecture of IoT Malware Samples», Security and Communication Networks”, Hindawi Security and Communication Networks, ISSN: 1939-0114, Vol. 2020, Article ID 8810708, 12 pages, October, 2020.
- Juan Manuel Castelo Gomez, Javier Carrillo-Mondejar, Jose Roldán Gómez and José Luis Martínez, A context-centered methodology for IoT forensic investigations»”, International Journal of Information Security , ISSN: 1615-5270, November, 2020.
- J. Carrillo-Mondéjar, J.M. Castelo-Gómez, J. Roldán-Gómez and J.L Martinez, An instrumentation based algorithm for stack overflow detection”, Journal of Computer Virology and Hacking Techniques , ISSN: 2263-8733, Vol. 16, pp. 245–256, September, 2020.
- José Roldán, Juan Boubeta-Puig, José Luis Martínez and Guadalupe Ortiz, “Integrating Complex Event Processing and Machine Learning: an Intelligent Architecture for Detecting IoT Security Attacks”, Expert Systems With Applications, ISSN: 0957-4174, Vol. 149(113251), July, 2020.
People:
 |
José Luis Martínez, PhD Associate Professor Phone number: +34 967 592 00 – Ext. 2294 Email: joseluis.martinez@uclm.es   |
 |
Javier Carrillo Mondejar PhD student Phone number: +34 967 599 200 – Ext. 2696 Email: Javier.Carrillo@alu.uclm.es |
 |
Juan Manuel Castelo Gómez PhD student Phone number: +34 967 599 200 – Ext. 2696 Email: JuanManuel.Castelo@alu.uclm.es |
 |
José Roldán Gómez PhD student Email: jose.roldan@uclm.es Research: Security in Network and Systems |