Persona:
Pastor Vargas, Rafael

Foto de perfil
Dirección de correo electrónico
ORCID
0000-0002-4089-9538
Fecha de nacimiento
Proyectos de investigación
Unidades organizativas
Puesto de trabajo
Apellidos
Pastor Vargas
Nombre de pila
Rafael
Nombre

Filtros

20253
Restablecer filtros

Ajustes

Autor: García Merino, José Carlos ×

Resultados de la búsqueda

Mostrando 1 - 3 de 3
  • Miniatura
    Publicación
    Assessing Feature Selection Techniques for AI-based IoT Network Intrusion Detection
    (Springer, 2025-06) García Merino, José Carlos; Tobarra Abad, María de los Llanos; Robles Gómez, Antonio; Pastor Vargas, Rafael; Vidal Balboa, Pedro; Dionisio Rocha, André; Jardim Gonçalves, Ricardo
    The widespread adoption of Internet of Things (IoT) technology in rural areas has led to qualitative leaps in fields such as agriculture, livestock farming, and transportation, giving rise to the concept of Smart Rural. However, Smart Rural IoT ecosystems are often vulnerable to cyberattacks. Although Artificial Intelligence (AI) based intrusion detection systems offer an effective solution to protect these environments, IoT devices are typically constrained in terms of memory and computation capabilities, making it essential to optimise the computational burden of AI models. This work explores different feature selection techniques to develop compact and fast Random Forest models for anomaly detection in IoT environments. The obtained results demonstrate that appropriate feature selection can reduce model size and inference time by at least 45% and 8%, respectively, without compromising predictive performance.
  • Miniatura
    Publicación
    An Efficient Feature Selection Framework Using Genetic Algorithms for AI-Driven IDS in IoT Environments
    (Springer, 2025-12-01) García Merino, José Carlos; Tobarra Abad, María de los Llanos; Robles Gómez, Antonio; Pastor Vargas, Rafael; Vidal Balboa, Pedro
    The increasing concern over Internet of Things (IoT) cybersecurity, driven by the growing number of connected devices and their vulnerability to attacks, has intensified the demand for effective Intrusion Detection Systems (IDSs). In recent years Artificial Intelligence (AI) solutions has emerged as a common approach in modern cybersecurity systems, offering powerful tools for detecting complex patterns and threats. However, the limited computing capabilities of IoT environments require models that are not only accurate but also resource-efficient. Feature selection (FS) plays a key role in this context, but traditional techniques such as the Chi-2 test and mutual information focus only on predictive performance, overlooking important practical concerns like inference time and model size. In this work, we propose a novel FS approach based on a custom scoring function that combines accuracy with penalties for inference time and model size. This metric is integrated into a Genetic Algorithm framework to guide the search for optimal feature subsets. The proposed method is evaluated on the NF-ToN-IoT-v2 dataset against standard techniques. Results demonstrate that our approach achieves competitive predictive performance while significantly reducing inference time and model size, highlighting the relevance of considering deployment-oriented metrics in the FS process
  • Miniatura
    Publicación
    Automated IoT vulnerability classification using Deep Learning
    (2025-07-01) Enrique Fernández Morales,; García Merino, José Carlos; Tobarra Abad, María de los Llanos; Pastor Vargas, Rafael; Robles Gómez, Antonio; Sarraipa, Joao; Sernández Iglesias, Daniel
    Technological advancements in the development of low-power chips have enabled everyday objects to connect to the Internet, giving rise to the concept known as the Internet of Things (IoT). It is currently estimated that there are approximately 16 billion IoT connections worldwide, a figure expected to double by 2030. However, this rapid growth of the IoT ecosystem has introduced new vulnerabilities that could be exploited by malicious actors. Since many IoT devices handle personal and sensitive information, threats to these devices can have severe consequences. Moreover, a series of cybersecurity incidents could undermine public trust in IoT technology, potentially delaying its widespread adoption across various sectors.Common Vulnerabilities and Exposures records (also known by their acronym as CVEs) is a public cataloging system designed to identify and list known security vulnerabilities in software and hardware products. This system is developed and maintained by MITRE with the support of the cybersecurity community and sponsored by the U.S. Department of Homeland Security (DHS) through the Cybersecurity and Infrastructure Security Agency (CISA). CVE provides a reference database that enables security researchers, manufacturers, and organizational security managers to more effectively identify and address security issues.In our study, we have focused on CVEs exclusively oriented towards IoT systems, with the aim of analyzing the main vulnerabilities detected from 2010 to nowadays as a basis for detecting the main attack vectors in IoT systems. As part of this effort we have created the following dataset. CVEs records include various metrics such as: - Common Weakness Enumeration (CWE), mainly focused on technical classification of vulnerabilities. - Common Vulnerability Scoring System (CVSS), which reports about different metrics such as the attack vector, the severity of the vulnerability or the impact level of the exploitation of the vulnerability. This is one of the most informative metric. - Stakeholder-Specific Vulnerability Categorization (SSVC), oriented towards help cybersecurity team to handle properly the vulnerability. These metrics allow security teams on the one hand to prioritize, such vulnerabilities within their security program, evaluating efforts to mitigate them. But according to our analysis of our dataset, around the 14% of CVEs records do not contain any metric. Around the 83% of CVEs registries contain CWE metric (an ID or its textual description). This metric, as it is explained before, only reports about the type of vulnerability from a technic point of view. Only the 10% of CVEs registries contain SSVC metrics. And CVSS, in its different versions, appears only in the 40% of the studied CVEs registries. Additionally, most of studied records includes metrics a retrospectively, several weeks or months later the vulnerability is disclosed. Thus, cybersecurity teams must trust their previous knowledge in order to distinguish which vulnerabilities are relevant and which not.To tackled this situation, our proposal is focused in the application of Deep Learning techniques in order to classify the severity of CVE records from its textual description. Textual description is a mandatory field that is present in all CVEs records. To achieve this objective, we trained the BiLSTM algorithm using the CVE records with CVSS metrics and its description field; and performed a comparative study of different hyperparameter configurations to find the optimal configuration. The metrics for model evaluation that have been studied are accuracy, loss and F1-score.