Persona:
Robles Gómez, Antonio

Foto de perfil
Dirección de correo electrónico
ORCID
0000-0002-5181-0199
Fecha de nacimiento
Proyectos de investigación
Unidades organizativas
Puesto de trabajo
Apellidos
Robles Gómez
Nombre de pila
Antonio
Nombre

Filtros

2020 - 202515
Restablecer filtros

Ajustes

Autor: Tobarra Abad, María de los Llanos × Fecha de inicio: 2020 ×

Resultados de la búsqueda

Mostrando 1 - 10 de 15
  • Miniatura
    Publicación
    A Cloud Game-based Educative Platform Architecture: the CyberScratch Project
    (MDPI, 2021) Utrilla, Alejandro; Tobarra Abad, María de los Llanos; Robles Gómez, Antonio; Pastor Vargas, Rafael; Hernández Berlinches, Roberto
    The employment of modern technologies is widespread in our society, so the inclusion of practical activities for education has become essential and useful at the same time. These activities are more noticeable in Engineering, in areas such as cybersecurity, data science, artificial intelligence, etc. Additionally, these activities acquire even more relevance with a distance education methodology, as our case is. The inclusion of these practical activities has clear advantages , such as (1) promoting critical thinking and (2) improving students’ abilities and skills for their professional careers. There are several options, such as the use of remote and virtual laboratories, virtual reality and gamebased platforms, among others. This work addresses the development of a new cloud game-based educational platform, which defines a modular and flexible architecture (using light containers). This architecture provides interactive and monitoring services and data storage in a transparent way. The platform uses gamification to integrate the game as part of the instructional process. The CyberScratch project is a particular implementation of this architecture focused on cybersecurity game-based activities. The data privacy management is a critical issue for these kinds of platforms, so the architecture is designed with this feature integrated in the platform components. To achieve this goal, we first focus on all the privacy aspects for the data generated by our cloud game-based platform, by considering the European legal context for data privacy following GDPR and ISO/IEC TR 20748-1:2016 recommendations for Learning Analytics (LA). Our second objective is to provide implementation guidelines for efficient data privacy management for our cloud game-based educative platform. All these contributions are not found in current related works. The CyberScratch project, which was approved by UNED for the year 2020, considers using the xAPI standard for data handling and services for the game editor, game engine and game monitor modules of CyberScratch. Therefore, apart from considering GDPR privacy and LA recommendations, our cloud game-based architecture covers all phases from game creation to the final users’ interactions with the game.
  • Miniatura
    Publicación
    Smart Contracts for Managing the Chain-of-Custody of Digital Evidence: A Practical Case of Study
    (MDPI, 2023) Santamaría, Pablo; Tobarra Abad, María de los Llanos; Pastor Vargas, Rafael; Robles Gómez, Antonio
    The digital revolution is renewing many aspects of our lives, which is also a challenge in judicial processes, such as the Chain-of-Custody (CoC) process of any electronic evidence. A CoC management system must be designed to guarantee them to maintain its integrity in court. This issue is essential for digital evidence’s admissibility and probative value. This work has built and validated a real prototype to manage the CoC process of any digital evidence. Our technological solution follows a process model that separates the evidence registry and any evidence itself for scalability purposes. It includes the development of an open-source smart contract under Quorum, a version of Ethereum oriented to private business environments. The significant findings of our analysis have been: (1) Blockchain networks can become a solution, where integrity, privacy and traceability must be guaranteed between untrustworthy parties; and (2) the necessity of promoting the standardization of CoC smart contracts with a secure, simple process logic. Consequently, these contracts should be deployed in consortium environments, where reliable, independent third parties validate the transactions without having to know their content.
  • Miniatura
    Publicación
    Dataset Generation and Study of Deepfake Techniques
    (Springer, 2023) Falcón López, Sergio Adrián; Robles Gómez, Antonio; Tobarra Abad, María de los Llanos; Pastor Vargas, Rafael
    The consumption of multimedia content on the Internet has nowadays been expanded exponentially. These trends have contributed to fake news can become a very high influence in the current society. The latest techniques to influence the spread of digital false information are based on methods of generating images and videos, known as Deepfakes. This way, our research work analyzes the most widely used Deepfake content generation methods, as well as explore different conventional and advanced tools for Deepfake detection. A specific dataset has also been built that includes both fake and real multimedia contents. This dataset will allow us to verify whether the used image and video forgery detection techniques can detect manipulated multimedia content.
  • Miniatura
    Publicación
    Automated IoT vulnerability classification using Deep Learning
    (2025-07) Sernández Iglesias, Daniel; Enrique Fernández Morales,; Garcia Merino, Jose Carlos; Tobarra Abad, María de los Llanos; Pastor Vargas, Rafael; Robles Gómez, Antonio; Sarraipa, Joao
    Technological advancements in the development of low-power chips have enabled everyday objects to connect to the Internet, giving rise to the concept known as the Internet of Things (IoT). It is currently estimated that there are approximately 16 billion IoT connections worldwide, a figure expected to double by 2030. However, this rapid growth of the IoT ecosystem has introduced new vulnerabilities that could be exploited by malicious actors. Since many IoT devices handle personal and sensitive information, threats to these devices can have severe consequences. Moreover, a series of cybersecurity incidents could undermine public trust in IoT technology, potentially delaying its widespread adoption across various sectors.Common Vulnerabilities and Exposures records (also known by their acronym as CVEs) is a public cataloging system designed to identify and list known security vulnerabilities in software and hardware products. This system is developed and maintained by MITRE with the support of the cybersecurity community and sponsored by the U.S. Department of Homeland Security (DHS) through the Cybersecurity and Infrastructure Security Agency (CISA). CVE provides a reference database that enables security researchers, manufacturers, and organizational security managers to more effectively identify and address security issues.In our study, we have focused on CVEs exclusively oriented towards IoT systems, with the aim of analyzing the main vulnerabilities detected from 2010 to nowadays as a basis for detecting the main attack vectors in IoT systems. As part of this effort we have created the following dataset. CVEs records include various metrics such as: - Common Weakness Enumeration (CWE), mainly focused on technical classification of vulnerabilities. - Common Vulnerability Scoring System (CVSS), which reports about different metrics such as the attack vector, the severity of the vulnerability or the impact level of the exploitation of the vulnerability. This is one of the most informative metric. - Stakeholder-Specific Vulnerability Categorization (SSVC), oriented towards help cybersecurity team to handle properly the vulnerability. These metrics allow security teams on the one hand to prioritize, such vulnerabilities within their security program, evaluating efforts to mitigate them. But according to our analysis of our dataset, around the 14% of CVEs records do not contain any metric. Around the 83% of CVEs registries contain CWE metric (an ID or its textual description). This metric, as it is explained before, only reports about the type of vulnerability from a technic point of view. Only the 10% of CVEs registries contain SSVC metrics. And CVSS, in its different versions, appears only in the 40% of the studied CVEs registries. Additionally, most of studied records includes metrics a retrospectively, several weeks or months later the vulnerability is disclosed. Thus, cybersecurity teams must trust their previous knowledge in order to distinguish which vulnerabilities are relevant and which not.To tackled this situation, our proposal is focused in the application of Deep Learning techniques in order to classify the severity of CVE records from its textual description. Textual description is a mandatory field that is present in all CVEs records. To achieve this objective, we trained the BiLSTM algorithm using the CVE records with CVSS metrics and its description field; and performed a comparative study of different hyperparameter configurations to find the optimal configuration. The metrics for model evaluation that have been studied are accuracy, loss and F1-score.
  • Miniatura
    Publicación
    Machine learning models and dimensionality reduction for improving the Android malware detection
    (PeerJ, 2024-12-23) Moran, Pablo; Robles Gómez, Antonio; Duque Fernández, Andrés; Tobarra Abad, María de los Llanos; Pastor Vargas, Rafael
    Today, a great number of attack opportunities for cybercriminals arise in Android, since it is one of the most used operating systems for many mobile applications. Hence, it is very important to anticipate these situations. To minimize this problem, the analysis of malware search applications is based on machine learning algorithms. Our work uses as a starting point the features proposed by the DREBIN project, which today constitutes a key reference in the literature, being the largest public Android malware dataset with labeled families. The authors only employ the support vector machine to determine whether a sample is malware or not. This work first proposes a new efficient dimensionality reduction of features, as well as the application of several supervised machine learning algorithms for prediction purposes. Predictive models based on Random Forest are found to achieve the most promising results. They can detect an average of 91.72% malware samples, with a very low false positive rate of 0.13%, and using only 5,000 features. This is just over 9% of the total number of features of DREBIN. It achieves an accuracy of 99.52%, a total precision of 96.91%, as well as a macro average F1-score of 96.99%.
  • Miniatura
    Publicación
    Forensic Analysis Laboratory for Sport Devices: A Practical Case of Use
    (MDPI, 2023) Donaire Calleja, Pablo; Robles Gómez, Antonio; Tobarra Abad, María de los Llanos; Pastor Vargas, Rafael
    At present, the mobile device sector is experiencing significant growth. In particular, wear- 1 able devices have become a common element in society. This fact implies that users unconsciously 2 accept the constant dynamic collection of private data about their habits and behaviours. Therefore, 3 this work focuses on highlighting and analyzing some of the main issues that forensic analysts face 4 in this sector, such as the lack of standard procedures for analysis and the common use of private 5 protocols for data communication. Thus, it is almost impossible for a digital forensic specialist to 6 fully specialize in the context of wearables, such as smartwatches for sports activities. With the aim 7 of highlighting these problems, a complete forensic analysis laboratory for such sports devices is 8 described in this paper. We selected a smartwatch belonging to the Garmin Forerunner Series, due to 9 its great popularity. Through an analysis, its strengths and weaknesses in terms of data protection 10 are described. We also analyze how companies are increasingly taking personal data privacy into 11 consideration, in order to minimize unwanted information leaks. Finally, a set of initial security 12 recommendations for the use of these kinds of devices are provided to the reader.
  • Miniatura
    Publicación
    Privacy Analysis in Mobile Apps and Social Networks Using AI Techniques
    (IEEE - Institute of Electrical and Electronics Engineers, 2024-09-17) Blanco Aza, Daniel; Robles Gómez, Antonio; Pastor Vargas, Rafael; Tobarra Abad, María de los Llanos; Vidal Balboa, Pedro; Méndez Suárez, Mariano
    In the current landscape of mobile applications and social networks, privacy concerns have become paramount due to the extensive collection and processing of personal data. Therefore, this paper presents a comprehensive review of the state-of-the-art on automated privacy risk analysis in mobile applications and social networks. This review includes various methodologies, tools and frameworks that use ML and NLP systems to assess and ensure compliance with privacy regulations, such as the GDPR. Through a careful application of the PRISMA methodology, key studies have been systematically analyzed. Our findings reveal significant progress in the integration of automated techniques for assessing privacy risks.
  • Miniatura
    Publicación
    Emulating and Evaluating Virtual Remote Laboratories for Cybersecurity
    (MDPI, 2020) Cano, Jesús; Robles Gómez, Antonio; Tobarra Abad, María de los Llanos; Pastor Vargas, Rafael; Hernández Berlinches, Roberto
    Our society is nowadays evolving towards a digital era, due to the extensive use of computer technologies and their interconnection mechanisms, i.e., social networks, Internet resources, IoT services, etc. This way, new threats and vulnerabilities appear. Therefore, there is an urgent necessity of training students in the topic of cybersecurity, in which practical skills have to be acquired. In distance education, the inclusion of on-line resources for hands-on activities in its curricula is a key step in meeting that need. This work presents several contributions. First, the fundamentals of a virtual remote laboratory hosted in the cloud are detailed. This laboratory is a step forward since the laboratory combines both virtualization and cloud paradigms to dynamically create emulated environments. Second, this laboratory has also been integrated into the practical curricula of a cybersecurity subject, as an additional on-line resource. Third, the students’ traceability, in terms of their interactions with the laboratory, is also analyzed. Psychological TAM/UTAUT factors (perceived usefulness, estimated effort, social influence, attitude, ease of access) that may affect the intention of using the laboratory are analyzed. Fourth, the degree of satisfaction is analyzed with a great impact, since the mean values of these factors are most of them higher than 4 points out of 5. In addition to this, the students’ acceptance of the presented technology is exhaustively studied. Two structural equation models have been hypothesized and validated. Finally, the acceptance of the technology can be concluded as very good in order to be used in @? other Engineering contexts. In this sense, the calculated statistical values for the improved proposed model are within the expected ranges of reliability (X2 = 0.6, X2/DF = 0.3, GFI = 0.985, CIF = 0.985, RMSEA = 0) by considering the literature
  • Miniatura
    Publicación
    Renewable Energy Remote Online Laboratories in Jordan Universities: Tools for Training Students in Jordan
    (Elsevier, 2020-04) Cano, Jesús; Hammad, Bashar; Al Zoubi, Abdullah; Pastor Vargas, Rafael; Tobarra Abad, María de los Llanos; Robles Gómez, Antonio; Hernández Berlinches, Roberto; Pancorbo Castro, Manuel
    The use of the concept of technology-enhanced learning is a design already applied in developed countries and incorporated as an active part of their educational models and curricular development. This is even more relevant in the case of eLearning, where these technologies correspond to remote / virtual laboratories. They are very useful in the fields of Science and Engineering. According to this, the current work shows the incorporation of this type of technology to traditional curricular schemes, with the aim of improving the effectiveness of learning. Another objective is to build reusable infrastructures among Universities, supported with public and private government resources. Specifically, this paper shows the development, implementation, and integration of remote renewable energy laboratories in Jordan, and how they have been used within the director plan of the Jordanian government for the promotion of renewable energies in that country. This plan includes not only the design of remote laboratories but also their integration into a curricular model. This integration is done at the level of online learning courses and pilot experiences in the development of these types of learning technologies. In a distance methodology environment, the instructors must design the course structure keeping in mind that students are online, but not face-to-face in the classroom. Additionally, they have to propose adapted resources (remote laboratories, guidelines, etc.) and content. The paper focuses on the incorporation of remote/virtual laboratories, showing how these labs were developed/integrated into online courses. To validate the incorporation of this type of resources in an environment usually not online, a set of surveys was designed to support a technology evaluation methodology (TAM, Technology Acceptance Model). This evaluation allows knowing the degree of satisfaction of the technology (remote and virtual laboratories as resources) using a structured experimental method (SEM, Structural Equation Models). As a result of the application of this experimental method, the calculated statistical data indicate that the use of remote and virtual laboratories improves the perception and use of virtual environments at a distance. Also, it can be indicated that these laboratories are presented as an essential resource to improve the quality of online teaching in engineering courses.
  • Miniatura
    Publicación
    A WoT Platform for Supporting Full-Cycle IoT Solutions from Edge to Cloud Infrastructures: A Practical Case
    (MDPI, 2020-07-05) Pastor Vargas, Rafael; Tobarra Abad, María de los Llanos; Robles Gómez, Antonio; Martín Gutiérrez, Sergio; Hernández Berlinches, Roberto; Cano, Jesús; MDPI; https://orcid.org/0000-0001-6926-1311
    Internet of Things (IoT) learning involves the acquisition of transversal skills ranging from the development based on IoT devices and sensors (edge computing) to the connection of the devices themselves to management environments that allow the storage and processing (cloud computing) of data generated by sensors. The usual development cycle for IoT applications consists of the following three stages: stage 1 corresponds to the description of the devices and basic interaction with sensors. In stage 2, data acquired by the devices/sensors are employed by communication models from the origin edge to the management middleware in the cloud. Finally, stage 3 focuses on processing and presentation models. These models present the most relevant indicators for IoT devices and sensors. Students must acquire all the necessary skills and abilities to understand and develop these types of applications, so lecturers need an infrastructure to enable the learning of development of full IoT applications. AWeb of Things (WoT) platform named Labs of Things at UNED (LoT@UNED) has been used for this goal. This paper shows the fundamentals and features of this infrastructure, and how the different phases of the full development cycle of solutions in IoT environments are implemented using LoT@UNED. The proposed system has been tested in several computer science subjects. Students can perform remote experimentation with a collaborativeWoT learning environment in the cloud, including the possibility to analyze the generated data by IoT sensors.