Filtros

Restablecer filtros

Ajustes

Autor: 1061695713 × Tiene archivos: No ×

Resultados de la búsqueda

Mostrando1 - 10 de 19
  • Miniatura
    Ítem
    Solo Metadatos
    Data Science Applied in Cybersecurity
    (2017-01-01) Díaz López, Daniel Orlando; Blanco Uribe,María Alejandra; Cerón Sánchez,Edwin Alexánder; Gómez Solano,Nicolás Gómez
    Entidades del estado deben cumplir con cierta normativa, OSSIM Permite Descubrir activos – NMAP, Evaluar vulnerabilidades (VA) – OpenVAS, Realizar detección de intrusos (NIDS/HIDS) – OSSEC y Suricata, Monitoreo de integridad de archivos (FIM) –OSSEC, SIEM – OSSIM, Open Source Security Information Management, Licencia GNU/GPL, Correlación de eventos, OPT – Open Threat Exchange.
  • Miniatura
    Ítem
    Solo Metadatos
    Dynamic Counter-measures for Risk-based Access Control Systems: An Evolutive Approach
    (2016-02-01) Díaz López, Daniel Orlando; Dólera-Tormo, Ginés; Gómez-Mármol, Félix; Martínez-Pérez, Gregorio
    Risk-based access control systems are a new element in access control categories, incorporating risk analysis as part of the inputs to consider when taking an authorization decision. A risk analysis over a resource leads generally to temporal allocation of the resource in a risk level (e.g. high, medium, low). Ideally, for each risk level and kind of resource, the access control system should take an authorization decision (expressed like a permit or deny) and the system administrator should also trigger specific counter-measures to protect resources according to their risk level. In a small access control system with few resources it is possible for an administrator to follow the risk level changes and react promptly with counter-measures; but in medium/large access control systems it is almost unfeasible to react in a customized way to thousands of risk level emergencies asking for attention. In this paper we propose the adoption of dynamic counter-measures (which can be integrated within access control policies) changing along time to face variations in the risk level of every resource, bringing two main benefits, namely: (i) a suitable resource protection according to the risk level (not under or over estimated) and (ii) an access control system granting/denying access depending on the fulfillment of a set of security controls applicable in an authorization access request. To define the most appropriate set of counter-measures applicable for a specific situation we define a method based on genetic algorithms, which allows to find a solution in a reasonable time frame satisfying different required conditions. Finally, the conducted experiments show the applicability of our proposal in a real scenario.
  • Miniatura
    Ítem
    Solo Metadatos
    Live Digital, Remember Digital: State of the Art and Research Challenges
    (2014-01-01) Díaz López, Daniel Orlando; Dólera Tormo,Ginés; Mármol Gómez, Félix; Alcaraz Calero, Jose M.; Martínez Pérez, Gregorio
    The so called trend “live digital, remember digital” is acquiring higher relevance within the international research community, due to its several appealing challenges in a multitude of different fields within the Information and Communication Technologies. Today, many people live daily connected to the Internet through their mobile phones, laptops, tablets, etc. and the need to audit or log every single digital interaction emerges in many environments. By seamlessly recording those digital interactions and storing them in a privacy-preserving fashion, a number of benefits are brought to end users, like the provision of user-tailored services, amongst many others. In this paper we will particularly focus on the study of the security and privacy challenges within this field, as well as on the analysis of the currently existing solutions addressing these issues and we will propose an architecture for the so called live digital systems.
  • Miniatura
    Ítem
    Solo Metadatos
    Shielding IoT against cyber-attacks: An event-based approach using SIEM
    (2018-10-25) Díaz López, Daniel Orlando; Blanco Uribe, María; Santiago Cely, Claudia; Vega Torres, Andrés; Moreno Guataquira, Nicolás; Morón Castro, Stefany; Nespoli, Pantaleone; Gómez Mármol, Félix
    Due to the growth of IoT (Internet of Tings) devices in diferent industries and markets in recent years and considering the currently insufcient protection for these devices, a security solution safeguarding IoT architectures are highly desirable. An interesting perspective for the development of security solutions is the use of an event management approach, knowing that an event may become an incident when an information asset is afected under certain circumstances. Te paper at hand proposes a security solution based on the management of security events within IoT scenarios in order to accurately identify suspicious activities. To this end, diferent vulnerabilities found in IoT devices are described, as well as unique features that make these devices an appealing target for attacks. Finally, three IoT attack scenarios are presented, describing exploited vulnerabilities, security events generated by the attack, and accurate responses that could be launched to help decreasing the impact of the attack on IoT devices. Our analysis demonstrates that the proposed approach is suitable for protecting the IoT ecosystem, giving an adequate protection level to the IoT devices.
  • Miniatura
    Ítem
    Solo Metadatos
    Cuckoo + ML
    (2018-01-01) Díaz López, Daniel Orlando; Useche, David Esteban; Sepúlveda, Daniela
    Cuckoo Sandbox isan open source sandbox that automates the task of analyzing any malicious file.Cuckoo allows analysis of samples and urls. Itbrings scores and signatures that can be useful to suspect about the sample or url given. Sandboxing basically means having test environments. (Isolated environment)A Sandbox is useful in environments with one or more simultaneously operative systems.
  • Miniatura
    Ítem
    Solo Metadatos
    TRIS: A Three-Rings IoT Sentinel to Protect against Cyber-Threats
    (2018-01-01) Useche, David; Díaz López, Daniel Orlando; Nespoli, Pantaleone; Gomez, Felix.
    La gestión de tareas paralelas y datos distribuidos es la esencia de la programación paralela en multiprocesadores de memoria distribuida y puede expresarse explícitamente en el lenguaje de programación o proporcionarse implícitamente a través de alguna combinación de soporte de lenguaje y tiempo de ejecución. Los lenguajes funcionales están diseñados para proporcionar soporte implícito tanto para la gestión de tareas como de datos, pero a menudo son menos eficientes que los enfoques explícitos. Ésta es la tensión clásica entre rendimiento y facilidad de programación. Este documento proporciona un estudio inicial que intenta cuantificar esta compensación. Si bien nuestros resultados cuantitativos son precisos para capturar las escalas del esfuerzo de programación y la eficiencia de estos métodos de programación, nuestros resultados se basan en dos pequeños programas paralelos y deben sopesarse en consecuencia
  • Miniatura
    Ítem
    Solo Metadatos
    Open Source Search Analytics - Elasticsearch
    (2018-01-01) Díaz López, Daniel Orlando
    “Centralize, Transform & Stash Your Data”, Logstash is an open source, server-side data processing pipeline that ,ingests data from a multitude of sources simultaneously, transforms it, and then sends it to your favorite “storage” (Ours is Elasticsearch,naturally, but there are more options), “The Heart of the Elastic Stack”, ?Search server based on Lucene (API - Free and open-source information retrieval software library), Written in Java with Apache license, Elasticsearch is a distributed, RESTful search and analytics engine capable of solving a growing number of use cases. As the heart of the Elastic Stack, it centrally stores your data so “you can discover the expected and uncover the unexpected”.
  • Miniatura
    Ítem
    Solo Metadatos
    C3-Sex: a Chatbot to Chase Cyber Perverts
    (2019-01-01) Murcia Triviño, Jossie; Moreno Rodriguez, Sebastián; Gómez Mármol, Felix; Díaz López, Daniel Orlando
    Entre la gran cantidad de aplicaciones del procesamiento del lenguaje natural (NLP), ayudar a las agencias de aplicación de la ley (LEA) en la persecución de los ciberdelincuentes es una de las más recientes y prometedoras. El documento que nos ocupa propone C 3 -Sex, un chatbot inteligente para interactuar con sospechosos con el fin de perfilar su interés en un tema determinado. Esta solución se basa en nuestra Entidad Conversacional Artificial (ACE) que se conecta a diferentes servicios de chat online para iniciar una conversación sobre un tema específico, en nuestro caso la pornografía infantil, ya que se trata de un delito sexual sensible que requiere de esfuerzos y aportes especiales para ser abordado. . El ACE fue diseñado utilizando modelos generativos y basados ??en reglas encargados de generar las publicaciones y respuestas que constituyen la conversación desde el lado del chatbot. La solución propuesta también incluye un módulo para analizar las conversaciones realizadas por el chatbot y clasificar a los sospechosos en tres perfiles diferentes (indiferente, interesado y pervertido) según las respuestas que brinden en la conversación. 3 -Sex-Sex como 26 indiferentes, 4 interesados ??y 5 pervertidos.
  • Miniatura
    Ítem
    Solo Metadatos
    Radare for reversing
    (2018-01-01) Díaz López, Daniel Orlando
    Is the process of deconstruction of an object made by man to reveal his designs, architecture or extract knowledge of the object. The method is named like that because it moves in the opposite direction to the usual engineering tasks. “When malware is discovered on their systems, they want to know what it might have done, if the threat is still ongoing, and what they might have lost to the infection” Functionality And Utility Of The Reversing Engineering, With reverse engineering we can discover IOCs and create Yara ?s rule,Discover that a file is a malware,Hacking,Discover C&C,Find traces of attackers,Discover vulnerabilities in our code.
  • Miniatura
    Ítem
    Solo Metadatos
    The Owasp Enterprise Security Api (ESAPI): Security Control Library
    (2017-01-01) Díaz López, Daniel Orlando
    OWASP - SeraphimDroid se desarrolló inicialmente con el fin de analizar el bucle de la Arquitectura de seguridad de Android , se centró en asegurar que el usuario no pierda dinero y brindar una documentación de permisos de las aplicaciones que usa el dispositivo.OWASP –SeraphimDroid nacío como un proyecto de Google Summer of Code 2014. El alcance de este proyecto estuvo orientado a enseñarle a los usuarios sobre que aplicaciones maliciosas requieren permisos excesivos sobre el sistema operativo.