Filters








26 Hits in 0.98 sec

A Mood Analysis on Youtube Comments and a Method for Improved Social Spam Detection [chapter]

Enaitz Ezpeleta, Mikel Iturbe, Iñaki Garitano, Iñaki Velez de Mendizabal, Urko Zurutuza
2018 Lecture Notes in Computer Science  
In the same manner that Online Social Networks (OSN) usage increases, non-legitimate campaigns over these types of web services are growing. This is the reason why significant number of users are affected by social spam every day and therefore, their privacy is threatened. To deal with this issue in this study we focus on mood analysis, among all content-based analysis techniques. We demonstrate that using this technique social spam filtering results are improved. First, the best spam filtering
more » ... classifiers are identified using a labeled dataset consisting of Youtube comments, including spam. Then, a new dataset is created adding the mood feature to each comment, and the best classifiers are applied to it. A comparison between obtained results with and without mood information shows that this feature can help to improve social spam filtering results: the best accuracy is improved in two different datasets, and the number of false positives is reduced 13.76% and 11.41% on average. Moreover, the results are validated carrying out the same experiment but using a different dataset.
doi:10.1007/978-3-319-92639-1_43 fatcat:g4lc5ub4gncupdnziosx237w3i

A Novel Model for Vulnerability Analysis through Enhanced Directed Graphs and Quantitative Metrics [article]

Ángel Longueira-Romero, Rosa Iglesias, Jose Luis Flores, Iñaki Garitano
2021 arXiv   pre-print
Industrial components are of high importance because they control critical infrastructures that form the lifeline of modern societies. However, the rapid evolution of industrial components, together with the new paradigm of Industry 4.0, and the new connectivity features that will be introduced by the 5G technology, all increase the likelihood of security incidents. These incidents are caused by the vulnerabilities present in these devices. In addition, although international standards define
more » ... sks to assess vulnerabilities, they do not specify any particular method. Having a secure design is important, but is also complex, costly, and an extra factor to manage during the lifespan of the device. This paper presents a model to analyze the known vulnerabilities of industrial components over time. The proposed model is based on two main elements: a directed graph representation of the internal structure of the component, and a set of quantitative metrics that are based on international security standards; such as, the Common Vulnerability Scoring System (CVSS). This model is applied throughout the entire lifespan of a device to track vulnerabilities, identify new requirements, root causes, and test cases. The proposed model also helps to prioritize patching activities. To test its potential, the proposed model is applied to the OpenPLC project. The results show that most of the root causes of these vulnerabilities are related to memory buffer operations and are concentrated in the libssl library. Consequently, new requirements and test cases were generated from the obtained data.
arXiv:2112.06453v1 fatcat:uurz7rg3bfft5cxmb6qzivlj4e

How to Quantify the Security Level of Embedded Systems? A Taxonomy of Security Metrics [article]

Ángel Longueira-Romero, Rosa Iglesias, David Gonzalez, Iñaki Garitano
2021 arXiv   pre-print
Embedded Systems (ES) development has been historically focused on functionality rather than security, and today it still applies in many sectors and applications. However, there is an increasing number of security threats over ES, and a successful attack could have economical, physical or even human consequences, since many of them are used to control critical applications. A standardized and general accepted security testing framework is needed to provide guidance, common reporting forms, and
more » ... the possibility to compare the results along the time. This can be achieved by introducing security metrics into the evaluation or assessment process. If carefully designed and chosen, metrics could provide a quantitative, repeatable and reproducible value that would reflect the level of security protection of the ES. This paper analyzes the features that a good security metric should exhibit, introduces a taxonomy for classifying them, and finally, it carries out a literature survey on security metrics for the security evaluation of ES. In this review, more than 500 metrics were collected and analyzed. Then, they were reduced to 169 metrics that have the potential to be applied to ES security evaluation. As expected, the 77.5 % of them is related exclusively to software, and only the 0.6 % of them addresses exclusively hardware security. This work aims to lay the foundations for constructing a security evaluation methodology that uses metrics to quantify the security level of an ES.
arXiv:2112.05475v1 fatcat:bqsudvz2gff7vdkkenjxi5ma5q

A Novel Model for Vulnerability Analysis through Enhanced Directed Graphs and Quantitative Metrics

Ángel Longueira-Romero, Rosa Iglesias, Jose Luis Flores, Iñaki Garitano
2022 Sensors  
The rapid evolution of industrial components, the paradigm of Industry 4.0, and the new connectivity features introduced by 5G technology all increase the likelihood of cybersecurity incidents. Such incidents are caused by the vulnerabilities present in these components. Designing a secure system is critical, but it is also complex, costly, and an extra factor to manage during the lifespan of the component. This paper presents a model to analyze the known vulnerabilities of industrial
more » ... over time. The proposed Extended Dependency Graph (EDG) model is based on two main elements: a directed graph representation of the internal structure of the component, and a set of quantitative metrics based on the Common Vulnerability Scoring System (CVSS). The EDG model can be applied throughout the entire lifespan of a device to track vulnerabilities, identify new requirements, root causes, and test cases. It also helps prioritize patching activities. The model was validated by application to the OpenPLC project. The results reveal that most of the vulnerabilities associated with OpenPLC were related to memory buffer operations and were concentrated in the libssl library. The model was able to determine new requirements and generate test cases from the analysis.
doi:10.3390/s22062126 pmid:35336299 pmcid:PMC8952879 fatcat:gzxo74kfp5cjroqcizjhfgdtfm

Software Defined Networking Opportunities for Intelligent Security Enhancement of Industrial Control Systems [chapter]

Markel Sainz, Mikel Iturbe, Iñaki Garitano, Urko Zurutuza
2017 Advances in Intelligent Systems and Computing  
In the last years, cyber security of Industrial Control Systems (ICSs) has become an important issue due to the discovery of sophisticated malware that by attacking Critical Infrastructures, could cause catastrophic safety results. Researches have been developing countermeasures to enhance cyber security for pre-Internet era systems, which are extremely vulnerable to threats. This paper presents the potential opportunities that Software Defined Networking (SDN) provides for the security
more » ... ent of Industrial Control Networks. SDN permits a high level of configuration of a network by the separation of control and data planes. In this work, we describe the affinities between SDN and ICSs and we discuss about implementation strategies.
doi:10.1007/978-3-319-67180-2_56 fatcat:4fkt7iwupjfa3n5pcjfi3gks5y

Towards Large-Scale, Heterogeneous Anomaly Detection Systems in Industrial Networks: A Survey of Current Trends

Mikel Iturbe, Iñaki Garitano, Urko Zurutuza, Roberto Uribeetxeberria
2017 Security and Communication Networks  
Industrial Networks (INs) are widespread environments where heterogeneous devices collaborate to control and monitor physical processes. Some of the controlled processes belong to Critical Infrastructures (CIs), and, as such, IN protection is an active research field. Among different types of security solutions, IN Anomaly Detection Systems (ADSs) have received wide attention from the scientific community. While INs have grown in size and in complexity, requiring the development of novel, Big
more » ... ta solutions for data processing, IN ADSs have not evolved at the same pace. In parallel, the development of Big Data frameworks such as Hadoop or Spark has led the way for applying Big Data Analytics to the field of cyber-security, mainly focusing on the Information Technology (IT) domain. However, due to the particularities of INs, it is not feasible to directly apply IT security mechanisms in INs, as IN ADSs face unique characteristics. In this work we introduce three main contributions. First, we survey the area of Big Data ADSs that could be applicable to INs and compare the surveyed works. Second, we develop a novel taxonomy to classify existing IN-based ADSs. And, finally, we present a discussion of open problems in the field of Big Data ADSs for INs that can lead to further development.
doi:10.1155/2017/9150965 fatcat:qkqgo6soyvhuze7kszpycdloz4

Short Messages Spam Filtering Combining Personality Recognition and Sentiment Analysis

Enaitz Ezpeleta, Iñaki Garitano, Urko Zurutuza, José María Gómez Hidalgo
2017 International Journal of Uncertainty Fuzziness and Knowledge-Based Systems  
Currently, short communication channels are growing up due to the huge increase in the number of smartphones and online social networks users. This growth attracts malicious campaigns, such as spam campaigns, that are a direct threat to the security and privacy of the users. While most researches are focused on automatic text classification, in this work we demonstrate the possibility of improving current short messages spam detection systems using a novel method. We combine personality
more » ... ion and sentiment analysis techniques to analyze Short Message Services (SMS) texts. We enrich a publicly available dataset adding these features, first separately and after in combination, of each message to the dataset, creating new datasets. We apply several combinations of the best SMS spam classifiers and filters to each dataset in order to compare the results of each one. Taking into account the experimental results we analyze the real influence of each feature and the combination of both. At the end, the best results are improved in terms of accuracy, reaching to a 99.01% and the number of false positive is reduced.
doi:10.1142/s0218488517400177 fatcat:y74fidki7vg7hlfrd24bgvlaza

A method to construct network traffic models for process control systems

Inaki Garitano, Christos Siaterlis, Bela Genge, Roberto Uribeetxeberria, Urko Zurutuza
2012 Proceedings of 2012 IEEE 17th International Conference on Emerging Technologies & Factory Automation (ETFA 2012)  
Acknowledgements Iñaki Garitano is supported by the grant BFI09.321 of the Department of Research, Education and Universities of the Basque Government.  ...  Garitano was a visiting scientist at the JRC.  ... 
doi:10.1109/etfa.2012.6489550 dblp:conf/etfa/GaritanoSGUZ12 fatcat:q34cq3w5lfdv3mkuno6wdgv7cu

Designing and Developing a Mobile Smartphone Application for Women with Gestational Diabetes Mellitus Followed-Up at Diabetes Outpatient Clinics in Norway

Lisa Garnweidner-Holme, Iren Borgen, Iñaki Garitano, Josef Noll, Mirjam Lukasse
2015 Healthcare  
Iñaki Garitano was mainly responsible for the technical solutions and the development of the app, wrote related sections in this article and participated in the expert groups.  ... 
doi:10.3390/healthcare3020310 pmid:27417764 pmcid:PMC4939538 fatcat:blx2caar4rh4lebpvtkfccg4aq

Continuing experience and research on a home telemonitoring intervention of chronic-pluripathological patients, "TELBIL-A project"

Iñaki Martín Lesende, Elizabete Recalde Polo, Jesús Larrañaga Garitano, María Carmen Cairo Rojas, María Isabel Romo Soler, José Asua Batarrita
2013 International Journal of Integrated Care  
2.Project TELBIL-A is funded by the Research Center in Chronicity (Kronikgune), exp. KRONIK11/004. Available from: http://kronikgune.org/ Presentation available at: http://www.kingsfund.org.uk/events/third-annual-international-congresstelehealth-and-telecare
doi:10.5334/ijic.1410 fatcat:cn53r5hodfalpk5u7lrvliq6yu

Telemonitoring patients with chronic diseases in primary care. Three and six-month follow-up results of a randomized controlled trial (TELBIL study)

Iñaki Martín Lesende, Estibalitz Orruño Aguado, Carmen Cairo Rojas, Eva Reviriego Rodrigo, Juan Carlos Bayón Yusta, Amaia Bilbao González, María Isabel Romo Soler, Itziar Vergara Micheltorena, Roberto Abad García, José Asua Batarrita, Jesús Larrañaga Garitano
2011 International Journal of Integrated Care  
To address the increasing prevalence of chronic diseases, in an environment with limited healthcare resources, we propose a new realistic approach to provide healthcare services at the patient's home. Objective: To describe the effect of a telemonitoring program for patients with heart failure (HF) and or chronic lung disease (CLD) regarding clinical efficacy, medical services use and quality of life (QoL), at 3-6 months of inclusion.
doi:10.5334/ijic.711 fatcat:h7arul2mrbga3jsghhutbryf4e

On the Feasibility of Distinguishing Between Process Disturbances and Intrusions in Process Control Systems Using Multivariate Statistical Process Control

Mikel Iturbe, Jose Camacho, Inaki Garitano, Urko Zurutuza, Roberto Uribeetxeberria
2016 2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshop (DSN-W)  
Process Control Systems (PCSs) are the operating core of Critical Infrastructures (CIs). As such, anomaly detection has been an active research field to ensure CI normal operation. Previous approaches have leveraged network level data for anomaly detection, or have disregarded the existence of process disturbances, thus opening the possibility of mislabelling disturbances as attacks and vice versa. In this paper we present an anomaly detection and diagnostic system based on Multivariate
more » ... cal Process Control (MSPC), that aims to distinguish between attacks and disturbances. For this end, we expand traditional MSPC to monitor process level and controller level data. We evaluate our approach using the Tennessee-Eastman process. Results show that our approach can be used to distinguish disturbances from intrusions to a certain extent and we conclude that the proposed approach can be extended with other sources of data for improving results.
doi:10.1109/dsn-w.2016.32 dblp:conf/dsn/IturbeCGZU16 fatcat:7hif674qyrco7opcctdatw2kaa

Basic Internet Access: Capacity and Traffic Shaping

Elin Boysen, Iñaki Garitano, Josef Noll
unpublished
This paper analyzes economical and technological aspects for service provisioning on varying networks. Though mobile networks are continuously evolving, the use of mobile broadband is and will be limited. Availability and affordability are two aspects, which are addressed in this paper through the introduction of basic information and low capacity (LC) services. The paper addresses how information provisioning and network-aware applications work together to achieve a digital society including
more » ... eryone, rather than enhancing the digital gap. Initiatives like Facebook's Free Basic and the Basic Internet Foundation and their approaches on LC-service and information provisioning are addressed. The second focus is on a pro-active approach for mobile applications (apps), adjusting to the network capacity and bandwidth limitations. The main results are recommendations towards a low-capacity Internet for everyone, supported by examples of LC-service provisioning, as well as network-aware apps.
fatcat:usqtsfbrejdonkioovm7hjyiuy

Basic Internet: Mobile Content Delivery to Everyone

George Suciu, Alin Geaba, Nicusor, Iñaki Garitano, Josef Noll
unpublished
The Basic Internet Foundation aims at optimized content delivery for capacity-limited networks, and thus provides free access to basic information to everyone. In this paper we describe the main technological challenges of the content delivery, being the concept of information, the remote administration of access points and the inclusion of Internet of Things (IoT) information. Basic Internet aims at offering free access to information on low capacity Internet lines to people lacking Internet
more » ... verage or the ability to pay for mobile data. The main contributions of this paper are solutions that the foundation as well as other programs or companies have addressed encouraging digital development and inclusion.
fatcat:trfnmojy3nbrvc3uozbtam4oxm

Acknowledgement to Reviewers of Algorithms in 2017

2018 Algorithms  
García Díaz, Pilar García Gonzalo, Mª Esperanza Garg, Harish Garitano, Iñaki Genge, Béla Georgoulas, George Giannakopoulos, George Girdzijauskas, Sarunas Glantz, Roland Glowacz, Adam Goltz, Douglas M.  ... 
doi:10.3390/a11010011 fatcat:c24jr5pnjrcxhdjnnm4fynkwea
« Previous Showing results 1 — 15 out of 26 results