Santiago de Diego | University of Granada (original) (raw)
Papers by Santiago de Diego
Computer networks, Jul 1, 2024
This document presents a reference architecture for a Blockchain-based Threat Registry platform, ... more This document presents a reference architecture for a Blockchain-based Threat Registry platform, named BBTR, to share information about treats among different actors. The design of the BBTR guarantees integrity and availability of the data stored in it and is also compatible with privacy requirements, allowing different actors to participate as users of this shared BaaS (Blockchain as a Service). The paper also shows how this approach can be combined with AI techniques to extract valuable information from the threats directly from the Blockchain, empowering the final solution with a decision-making engine. It also includes its validation in a use case in the Health care domain.
Blockchain technology is currently being adopted in several domains and applications, including t... more Blockchain technology is currently being adopted in several domains and applications, including the energy domain and specifically in smart grids. One of the principal applications of blockchain technology is peer-to-peer energy trading among stakeholders of smart grids, providing trusted transactions without the need of third parties. Also, e-auctions are rapidly growing as a means of e-commerce that allows direct product bidding through the internet, but where mutual trust may otherwise be undermined by possible malicious sellers, buyers or third parties. This paper introduces a blockchain-based e-auction framework to offer a safe, trusted and privacy preserving energy exchange mechanism between EPES stakeholders of an islanded part of the grid. Furthermore, this framework utilises blockchain solutions for monitoring the security status of smart grid devices in order to confront any transactions involving malicious parties or parties with compromised equipment.
Communications in computer and information science, 2019
This paper proposes an extensible Blockchain-Based Industrial Anomaly Detection (BIAD) system for... more This paper proposes an extensible Blockchain-Based Industrial Anomaly Detection (BIAD) system for industrial scenarios. This approach is to use Blockchain to prevent a set of attacks at semi-real time by comparing logs. Besides, this solution regards attacker firmware modifications following the same comparison principle within the same infrastructure.
Blockchain has been widely known thanks to Bitcoin and the cryptocurrencies. In this chapter, we ... more Blockchain has been widely known thanks to Bitcoin and the cryptocurrencies. In this chapter, we analyze different aspects that relate to the application of blockchain with techniques commonly used in the field of cybersecurity. Beginning by introducing the use of blockchain technology as a secure infrastructure, the document delves into how blockchain can be useful to achieve several security requirements, common to most applications. The document has been focused on some specific cybersecurity disciplines to maintain simplicity: backup and recovery, threat intelligence and content delivery networks. As illustrated, some projects and initiatives are in the process of joining these two fields to provide solutions to existing problems.
International Journal of Computing and Digital Systems
This paper presents a protocol for Identity Management in Industrial IoT enabled devices, that is... more This paper presents a protocol for Identity Management in Industrial IoT enabled devices, that is based on the principles of Self-Sovereign Identity. The Industry 4.0 transformation has led to the Industry sector digitalization and one of its major challenges is to uniquely identify the Industrial Internet of Things unattended devices. The digital identity management must allow increasing the security and control, and it has been evolving towards a model where the device acquires the responsibility for managing its own data through Self-Sovereign Identity. This paper studies why the Self-Sovereign Identity approach is suitable for the industrial IoT particularities, properly justifying its use. Furthermore, it analyzes the actors and roles involved in an industrial identity environment, and it addresses a protocol that defines how data should be exchanged over an Hyperledger Indy public permissioned Distributed Ledger Technology network as Sovrin. The paper applies the proposal to a reference use case, filling the gaps that are not currently specified in the literature for a successful Industrial Internet of Things identity management operation.
Blockchain has been widely known thanks to Bitcoin and the cryptocurrencies. In this chapter, we ... more Blockchain has been widely known thanks to Bitcoin and the cryptocurrencies. In this chapter, we analyze different aspects that relate to the application of blockchain with techniques commonly used in the field of cybersecurity. Beginning by introducing the use of blockchain technology as a secure infrastructure, the document delves into how blockchain can be useful to achieve several security requirements, common to most applications. The document has been focused on some specific cybersecurity disciplines to maintain simplicity: backup and recovery, threat intelligence and content delivery networks. As illustrated, some projects and initiatives are in the process of joining these two fields to provide solutions to existing problems
Proceedings of the 19th International Conference on Security and Cryptography
Computer Security Threats [Working Title], 2019
Blockchain has been widely known thanks to Bitcoin and the cryptocurrencies. In this chapter, we ... more Blockchain has been widely known thanks to Bitcoin and the cryptocurrencies. In this chapter, we analyze different aspects that relate to the application of blockchain with techniques commonly used in the field of cybersecurity. Beginning by introducing the use of blockchain technology as a secure infrastructure, the document delves into how blockchain can be useful to achieve several security requirements, common to most applications. The document has been focused on some specific cybersecurity disciplines to maintain simplicity: backup and recovery, threat intelligence and content delivery networks. As illustrated, some projects and initiatives are in the process of joining these two fields to provide solutions to existing problems.
This document describes the architecture, design and implementation of the component: "Block... more This document describes the architecture, design and implementation of the component: "Blockchain-Based Threat Registry" or BBTR, in the SPHINX project. This document goes deep into the BBTR component, first of all presenting the state of the art and the justification of the use of a Blockchain technology for implementing such component, and then describing the different steps to enable this component in the SPHINX Framework. Interfaces, which are the connection points with other components of the ecosystem are also presented in the document. Besides, as the component is related to three of the SPHINX use cases, these use cases are enumerated and it is also explained how this component interacts with these use cases.
IEEE Access
The IoT-as-a-Service (IoTaaS) business model has already been identified by some people from both... more The IoT-as-a-Service (IoTaaS) business model has already been identified by some people from both industry and academia, but has not been formally defined. IoTaaS offers IoT devices on demand, with considerable cost savings and resource optimization. In addition, it enables different applications to reuse the existing devices. However, this business model is associated with different technological challenges that need to be addressed, one of which is the identity problem. Focusing on this, self-sovereign identity (SSI) schemes have proven to provide better privacy and scalability than traditional identity paradigms, which is especially important in the IoT owing to its characteristics. In this paper, we formally analyze an IoTaaS business model, identifying and detailing its main technological challenges. In addition, we tackle the identity problem of this business model and propose an SSI-based identity management system, which is compliant with the existing standards from the W3C, and include a performance evaluation. INDEX TERMS IoT, as-a-service, IoTaaS, identity management, SSI. From 2011 to 2017, she was a Researcher at the University of the Basque Country, on issues related to digital signal processing, wireless communications, and mobile communications. From 2017 to 2018, she continued her research work at the Innovalia Association, with a deep focus on industrial communications, industry 4.0, the IoT, fog, and cloud computing. Her cybersecurity experience was later completed at Ikerlan (2018-2019) taking part in the cybersecure IoT and cybersecurity on digital platforms teams. In December 2019, she joined the Cybersecurity and Blockchain Team, Tecnalia, where she is currently a Senior Researcher, with a focus on cybersecurity solutions and blockchain-based systems. GABRIEL MACIÁ-FERNÁNDEZ received the M.S. degree in telecommunications engineering from the University of Seville, Spain, and the Ph.D. degree in telecommunications engineering from the University of Granada. He is currently an Associate Professor with the
2021 Fifth World Conference on Smart Trends in Systems Security and Sustainability (WorldS4)
Information Processing & Management
Communications in Computer and Information Science
Enseñanza y Aprendizaje de Ingeniería de Computadores
2019 IEEE 10th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON)
This document presents a reference architecture for a Blockchain-based Threat Registry platform, ... more This document presents a reference architecture for a Blockchain-based Threat Registry platform, named BBTR, to share information about treats among different actors. The design of the BBTR guarantees integrity and availability of the data stored in it and is also compatible with privacy requirements, allowing different actors to participate as users of this shared BaaS (Blockchain as a Service). The paper also shows how this approach can be combined with AI techniques to extract valuable information from the threats directly from the Blockchain, empowering the final solution with a decision-making engine. It also includes its validation in a use case in the Health care domain.
In this project we are about to deploy several honeypots in two Raspberry PI devices in order to ... more In this project we are about to deploy several honeypots in two Raspberry PI devices in order to analyze attacks directed to the UGR network. We present here a brief resume of the results of the experiment. On the one hand, we have results from a Kippo honeypot related to brute force attacks from several IP directions, most of them coming from Asia. In addition we show the results of a malware analysis of samples obtained from Kippo. On the other hand, we will obtain several results related to web attacks with another low/medium interaction honeypot, Glastopf. In this particular project, the main purpose is to identify and classify several samples of malware as well as to show to the reader a general method to achieve this goal.
Computer networks, Jul 1, 2024
This document presents a reference architecture for a Blockchain-based Threat Registry platform, ... more This document presents a reference architecture for a Blockchain-based Threat Registry platform, named BBTR, to share information about treats among different actors. The design of the BBTR guarantees integrity and availability of the data stored in it and is also compatible with privacy requirements, allowing different actors to participate as users of this shared BaaS (Blockchain as a Service). The paper also shows how this approach can be combined with AI techniques to extract valuable information from the threats directly from the Blockchain, empowering the final solution with a decision-making engine. It also includes its validation in a use case in the Health care domain.
Blockchain technology is currently being adopted in several domains and applications, including t... more Blockchain technology is currently being adopted in several domains and applications, including the energy domain and specifically in smart grids. One of the principal applications of blockchain technology is peer-to-peer energy trading among stakeholders of smart grids, providing trusted transactions without the need of third parties. Also, e-auctions are rapidly growing as a means of e-commerce that allows direct product bidding through the internet, but where mutual trust may otherwise be undermined by possible malicious sellers, buyers or third parties. This paper introduces a blockchain-based e-auction framework to offer a safe, trusted and privacy preserving energy exchange mechanism between EPES stakeholders of an islanded part of the grid. Furthermore, this framework utilises blockchain solutions for monitoring the security status of smart grid devices in order to confront any transactions involving malicious parties or parties with compromised equipment.
Communications in computer and information science, 2019
This paper proposes an extensible Blockchain-Based Industrial Anomaly Detection (BIAD) system for... more This paper proposes an extensible Blockchain-Based Industrial Anomaly Detection (BIAD) system for industrial scenarios. This approach is to use Blockchain to prevent a set of attacks at semi-real time by comparing logs. Besides, this solution regards attacker firmware modifications following the same comparison principle within the same infrastructure.
Blockchain has been widely known thanks to Bitcoin and the cryptocurrencies. In this chapter, we ... more Blockchain has been widely known thanks to Bitcoin and the cryptocurrencies. In this chapter, we analyze different aspects that relate to the application of blockchain with techniques commonly used in the field of cybersecurity. Beginning by introducing the use of blockchain technology as a secure infrastructure, the document delves into how blockchain can be useful to achieve several security requirements, common to most applications. The document has been focused on some specific cybersecurity disciplines to maintain simplicity: backup and recovery, threat intelligence and content delivery networks. As illustrated, some projects and initiatives are in the process of joining these two fields to provide solutions to existing problems.
International Journal of Computing and Digital Systems
This paper presents a protocol for Identity Management in Industrial IoT enabled devices, that is... more This paper presents a protocol for Identity Management in Industrial IoT enabled devices, that is based on the principles of Self-Sovereign Identity. The Industry 4.0 transformation has led to the Industry sector digitalization and one of its major challenges is to uniquely identify the Industrial Internet of Things unattended devices. The digital identity management must allow increasing the security and control, and it has been evolving towards a model where the device acquires the responsibility for managing its own data through Self-Sovereign Identity. This paper studies why the Self-Sovereign Identity approach is suitable for the industrial IoT particularities, properly justifying its use. Furthermore, it analyzes the actors and roles involved in an industrial identity environment, and it addresses a protocol that defines how data should be exchanged over an Hyperledger Indy public permissioned Distributed Ledger Technology network as Sovrin. The paper applies the proposal to a reference use case, filling the gaps that are not currently specified in the literature for a successful Industrial Internet of Things identity management operation.
Blockchain has been widely known thanks to Bitcoin and the cryptocurrencies. In this chapter, we ... more Blockchain has been widely known thanks to Bitcoin and the cryptocurrencies. In this chapter, we analyze different aspects that relate to the application of blockchain with techniques commonly used in the field of cybersecurity. Beginning by introducing the use of blockchain technology as a secure infrastructure, the document delves into how blockchain can be useful to achieve several security requirements, common to most applications. The document has been focused on some specific cybersecurity disciplines to maintain simplicity: backup and recovery, threat intelligence and content delivery networks. As illustrated, some projects and initiatives are in the process of joining these two fields to provide solutions to existing problems
Proceedings of the 19th International Conference on Security and Cryptography
Computer Security Threats [Working Title], 2019
Blockchain has been widely known thanks to Bitcoin and the cryptocurrencies. In this chapter, we ... more Blockchain has been widely known thanks to Bitcoin and the cryptocurrencies. In this chapter, we analyze different aspects that relate to the application of blockchain with techniques commonly used in the field of cybersecurity. Beginning by introducing the use of blockchain technology as a secure infrastructure, the document delves into how blockchain can be useful to achieve several security requirements, common to most applications. The document has been focused on some specific cybersecurity disciplines to maintain simplicity: backup and recovery, threat intelligence and content delivery networks. As illustrated, some projects and initiatives are in the process of joining these two fields to provide solutions to existing problems.
This document describes the architecture, design and implementation of the component: "Block... more This document describes the architecture, design and implementation of the component: "Blockchain-Based Threat Registry" or BBTR, in the SPHINX project. This document goes deep into the BBTR component, first of all presenting the state of the art and the justification of the use of a Blockchain technology for implementing such component, and then describing the different steps to enable this component in the SPHINX Framework. Interfaces, which are the connection points with other components of the ecosystem are also presented in the document. Besides, as the component is related to three of the SPHINX use cases, these use cases are enumerated and it is also explained how this component interacts with these use cases.
IEEE Access
The IoT-as-a-Service (IoTaaS) business model has already been identified by some people from both... more The IoT-as-a-Service (IoTaaS) business model has already been identified by some people from both industry and academia, but has not been formally defined. IoTaaS offers IoT devices on demand, with considerable cost savings and resource optimization. In addition, it enables different applications to reuse the existing devices. However, this business model is associated with different technological challenges that need to be addressed, one of which is the identity problem. Focusing on this, self-sovereign identity (SSI) schemes have proven to provide better privacy and scalability than traditional identity paradigms, which is especially important in the IoT owing to its characteristics. In this paper, we formally analyze an IoTaaS business model, identifying and detailing its main technological challenges. In addition, we tackle the identity problem of this business model and propose an SSI-based identity management system, which is compliant with the existing standards from the W3C, and include a performance evaluation. INDEX TERMS IoT, as-a-service, IoTaaS, identity management, SSI. From 2011 to 2017, she was a Researcher at the University of the Basque Country, on issues related to digital signal processing, wireless communications, and mobile communications. From 2017 to 2018, she continued her research work at the Innovalia Association, with a deep focus on industrial communications, industry 4.0, the IoT, fog, and cloud computing. Her cybersecurity experience was later completed at Ikerlan (2018-2019) taking part in the cybersecure IoT and cybersecurity on digital platforms teams. In December 2019, she joined the Cybersecurity and Blockchain Team, Tecnalia, where she is currently a Senior Researcher, with a focus on cybersecurity solutions and blockchain-based systems. GABRIEL MACIÁ-FERNÁNDEZ received the M.S. degree in telecommunications engineering from the University of Seville, Spain, and the Ph.D. degree in telecommunications engineering from the University of Granada. He is currently an Associate Professor with the
2021 Fifth World Conference on Smart Trends in Systems Security and Sustainability (WorldS4)
Information Processing & Management
Communications in Computer and Information Science
Enseñanza y Aprendizaje de Ingeniería de Computadores
2019 IEEE 10th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON)
This document presents a reference architecture for a Blockchain-based Threat Registry platform, ... more This document presents a reference architecture for a Blockchain-based Threat Registry platform, named BBTR, to share information about treats among different actors. The design of the BBTR guarantees integrity and availability of the data stored in it and is also compatible with privacy requirements, allowing different actors to participate as users of this shared BaaS (Blockchain as a Service). The paper also shows how this approach can be combined with AI techniques to extract valuable information from the threats directly from the Blockchain, empowering the final solution with a decision-making engine. It also includes its validation in a use case in the Health care domain.
In this project we are about to deploy several honeypots in two Raspberry PI devices in order to ... more In this project we are about to deploy several honeypots in two Raspberry PI devices in order to analyze attacks directed to the UGR network. We present here a brief resume of the results of the experiment. On the one hand, we have results from a Kippo honeypot related to brute force attacks from several IP directions, most of them coming from Asia. In addition we show the results of a malware analysis of samples obtained from Kippo. On the other hand, we will obtain several results related to web attacks with another low/medium interaction honeypot, Glastopf. In this particular project, the main purpose is to identify and classify several samples of malware as well as to show to the reader a general method to achieve this goal.