Security in Network and Systems

Captura de pantalla 2016-07-26 a las 12.30.33 Malware is defined as any computer software explicitly designed to damage computers or networks. Their major motivation has evolved to malicious economic considerations. The anti-malware software or intrusion prevention systems are highly dependent on a signature database. A signature is a sequence of bits that is present within malicious executables and in the files already infected. Another features that can be used to face obfuscated and previously unseen malware are techniques based on dynamically extracted characteristics. Dynamic analysis executes the inspected specimen in a controlled environment called ‘sandbox’. The main advantages of static techniques are that they are safer because they do not execute malware, they are able to analyse all the execution paths of the executable, and the analysis and detection is usually fast.

The RAAP group has started this research line recently, significant advances have been done and published in conferences, and Ph. D candidate students have been incorporated to this research field.

Topics:

- Malware detection based on machine learning and semi-supervised learning

- Malware obfuscation technique to avoid anti-malware software

- Intrusion Detection System for IoT infraestructure

- Reversing engineering

- Forensic malware

Relevant Publications:

- José Roldán, Juan Boubeta-Puig, Gabriela Pachacama-Castillo, Guadalupe Ortiz and José Luis Martínez, “Detecting Security Attacks in Cyber-Physical Systems: A Comparison of Mule and WSO2 Intelligent IoT Architectures” Aceptado en PeerJ Computer Science, ISSN: 2376-5992, November, 2021
  Impact: 1,392. Position: 64/110 (3rd quarter)
- Juan Manuel Castelo Gomez, Javier Carrillo-Mondejar, Jose Roldán Gómez and José Luis Martínez, “Developing an IoT Forensic Methodology. A Practical Concept Proposal”, Forensic Science International: Digital Investigation, ISSN: 2666-281, Volume 36 – Supplemen – 301114, April, 2021.
  Impact: 2,192. Position: 104/162 (3rd quarter)

- José Roldán, Juan Boubeta-Puig, José Luis Martínez and Guadalupe Ortiz, “Integrating Complex Event Processing and Machine Learning: an Intelligent Architecture for Detecting IoT Security Attacks”, Expert Systems With Applications, ISSN: 0957-4174, Vol. 149(113251), July, 2020.
  Impact: 4,292. Position: 7/84 (1st quarter)
- J. Carrillo-Mondéjar, J.L. Martínez and G. Suarez-Tangil, Characterizing Linux-based malware: Findings and recent trends”, Future Generation Computer Systems , ISSN: 0167-739X, Vol. 110, pp 267-281, September, 2020.
  Impact: 5,678. Position: 8/105 (1st quarter)
- Javier Carrillo-Mondejar, Juan Manuel Castelo Gomez, Carlos Núñez-Gómez, Jose Roldán Gómez and José Luis Martínez, Automatic Analysis Architecture of IoT Malware Samples», Security and Communication Networks”, Hindawi Security and Communication Networks, ISSN: 1939-0114, Vol. 2020, Article ID 8810708, 12 pages, October, 2020.
- Juan Manuel Castelo Gomez, Javier Carrillo-Mondejar, Jose Roldán Gómez and José Luis Martínez, A context-centered methodology for IoT forensic investigations»”, International Journal of Information Security , ISSN: 1615-5270, November, 2020.

People:

	José Luis Martínez, PhD Full Professor Phone number: +34 967 592 00 – Ext. 2294 Email: joseluis.martinez@uclm.es
	Javier Carrillo Mondejar PhD student Phone number: +34 967 599 200 – Ext. 2696 Email: Javier.Carrillo@alu.uclm.es
	Juan Manuel Castelo Gómez PostDoctoral Fellow Phone number: +34 967 599 200 – Ext. 2696 Email: JuanManuel.Castelo@alu.uclm.es
	José Roldán Gómez PhD studentPhone number: +34 967 599 200 – Ext. 2696 Email: jose.roldan@uclm.es
	Sergio Ruiz Villafranca PhD studentPhone number: +34 967 599 200 – Ext. 2696 Email: sergio.rvillafranca@uclm.es