Ponències/Comunicacions de congressos
http://hdl.handle.net/2117/1936
2024-03-28T19:33:23Z
-
Generación sintética de trayectorias mediante aprendizaje profundo con garantías de privacidad diferencial
http://hdl.handle.net/2117/404829
Generación sintética de trayectorias mediante aprendizaje profundo con garantías de privacidad diferencial
Rubio Jornet, Víctor; Parra Arnau, Javier; Forné Muñoz, Jorge
La generación sintética de trayectorias es cru- cial para poder realizar estudios y análisis en diferentes campos, como la movilidad urbana, los protocolos de redes móviles, la epidemiología computacional o la simulación de cambios en la movilidad para la planificación urbana. Actual- mente, se ha observado que la generación de datos sintéticos sin protección adicional puede poner en riesgo la privacidad de los usuarios, dado que los modelos de aprendizaje profundo actuales son ataques de inferencia de membresía. un modelo de aprendizaje profundo ya existente llamado MoveSim, el cual genera datos sintéticos Este modelo ha sido modificado ferencialmente privado y, de esta manera, garantizar la privacidad de los usuarios que han proporcionado sus datos sin perder un rendimiento sustancial del modelo.
2024-03-18T12:19:29Z
Rubio Jornet, Víctor
Parra Arnau, Javier
Forné Muñoz, Jorge
La generación sintética de trayectorias es cru- cial para poder realizar estudios y análisis en diferentes campos, como la movilidad urbana, los protocolos de redes móviles, la epidemiología computacional o la simulación de cambios en la movilidad para la planificación urbana. Actual- mente, se ha observado que la generación de datos sintéticos sin protección adicional puede poner en riesgo la privacidad de los usuarios, dado que los modelos de aprendizaje profundo actuales son ataques de inferencia de membresía. un modelo de aprendizaje profundo ya existente llamado MoveSim, el cual genera datos sintéticos Este modelo ha sido modificado ferencialmente privado y, de esta manera, garantizar la privacidad de los usuarios que han proporcionado sus datos sin perder un rendimiento sustancial del modelo.
-
Addressing scalability for real-time multiuser holo-portation: introducing and assessing a Multipoint Control Unit (MCU) for volumetric video
http://hdl.handle.net/2117/404805
Addressing scalability for real-time multiuser holo-portation: introducing and assessing a Multipoint Control Unit (MCU) for volumetric video
Fernández Langa, Sergi; Montagud Climent, Mario; Rincón Rivera, David; Moragues, Jaume; Cernigliaro, Gianluca
Scalability, interoperability, and cost efficiency are key remaining challenges to successfully providing real-time holo-portation (and Metaverse-like) services. This paper, for the first time, presents the design and integration of a Multipoint Control Unit (MCU) in a pioneering real-time holo-portation platform, supporting realistic and volumetric user representations (i.e., 3D holograms), with the aim of overcoming such challenges. The feasibility and implications of adopting such an MCU, in comparison with state-of-the-art architectural approaches, are assessed through experimentation in two different deployment setups, by iteratively increasing the number of concurrent users in shared sessions. The obtained results are promising, as it is empirically proved that the newly adopted stream multiplexing together with the novel per-client and per-frame Volumetric Video (VV) processing optimization features provided by the MCU allow increasing the number of concurrent users, while: (i) significantly reducing resources consumption metrics (e.g., CPU, GPU, bandwidth) and frame rate degradation on the client side; and (ii) keeping the end-to-end latency within acceptable limits.
2024-03-18T11:18:57Z
Fernández Langa, Sergi
Montagud Climent, Mario
Rincón Rivera, David
Moragues, Jaume
Cernigliaro, Gianluca
Scalability, interoperability, and cost efficiency are key remaining challenges to successfully providing real-time holo-portation (and Metaverse-like) services. This paper, for the first time, presents the design and integration of a Multipoint Control Unit (MCU) in a pioneering real-time holo-portation platform, supporting realistic and volumetric user representations (i.e., 3D holograms), with the aim of overcoming such challenges. The feasibility and implications of adopting such an MCU, in comparison with state-of-the-art architectural approaches, are assessed through experimentation in two different deployment setups, by iteratively increasing the number of concurrent users in shared sessions. The obtained results are promising, as it is empirically proved that the newly adopted stream multiplexing together with the novel per-client and per-frame Volumetric Video (VV) processing optimization features provided by the MCU allow increasing the number of concurrent users, while: (i) significantly reducing resources consumption metrics (e.g., CPU, GPU, bandwidth) and frame rate degradation on the client side; and (ii) keeping the end-to-end latency within acceptable limits.
-
Assessing the impact of coupling RTT and RSSI measurements in fingerprinting Wi-Fi indoor positioning
http://hdl.handle.net/2117/404804
Assessing the impact of coupling RTT and RSSI measurements in fingerprinting Wi-Fi indoor positioning
González Díaz, Néstor; Zola, Enrica Valeria; Martín Escalona, Israel
The field of Indoor Positioning Systems (IPS) is rapidly expanding due to the increasing need for accurate indoor localization. This research delves into the fingerprinting technique, a commonly used method in IPS, and advocates for coupling the Received Signal Strength Indicator (RSSI) to the Round-Trip Time (RTT) to boost its effectiveness. The primary incentive for this integration is to alleviate the network burden caused by the Wi-Fi RTT method while maintaining the system’s precision. Our goal is two-fold: firstly, we aim to find the ideal combination of RTT and RSSI features that a specific machine learning algorithm requires to supply precise and prompt position estimations for real-time applications. Secondly, we aim to reduce the number of RTT features needed, as they demand the addition of location traffic, which may saturate the network when multiple stations try to locate themselves. To meet these goals, a variety of machine learning models and several combinations of the available metrics (RTT and RSSI) have been assessed. Initial findings indicate that this combined approach significantly diminishes network overhead and enhances the scalability and effectiveness of the fingerprinting method, paving the way for further exploration in indoor localization.
2024-03-18T11:12:53Z
González Díaz, Néstor
Zola, Enrica Valeria
Martín Escalona, Israel
The field of Indoor Positioning Systems (IPS) is rapidly expanding due to the increasing need for accurate indoor localization. This research delves into the fingerprinting technique, a commonly used method in IPS, and advocates for coupling the Received Signal Strength Indicator (RSSI) to the Round-Trip Time (RTT) to boost its effectiveness. The primary incentive for this integration is to alleviate the network burden caused by the Wi-Fi RTT method while maintaining the system’s precision. Our goal is two-fold: firstly, we aim to find the ideal combination of RTT and RSSI features that a specific machine learning algorithm requires to supply precise and prompt position estimations for real-time applications. Secondly, we aim to reduce the number of RTT features needed, as they demand the addition of location traffic, which may saturate the network when multiple stations try to locate themselves. To meet these goals, a variety of machine learning models and several combinations of the available metrics (RTT and RSSI) have been assessed. Initial findings indicate that this combined approach significantly diminishes network overhead and enhances the scalability and effectiveness of the fingerprinting method, paving the way for further exploration in indoor localization.
-
Study and development of an autopsy module for automated analysis of image metadata
http://hdl.handle.net/2117/404137
Study and development of an autopsy module for automated analysis of image metadata
Doménech Fons, Jordi; Pegueroles Vallés, Josep R.
The importance of cybersecurity is raising every day with the development of new technologies. Accordingly, cybercrimes are increasing notably and more than ever qualified people is needed to protect the rest of people from these type of infractions. Digital forensics is a very important part of the cybersecurity world, furthermore, the ultimate goal of a digital forensics investigation is to preserve, identify, acquire and document digital evidence to be used in the court of law. As a result, our paper will go in deep with the Digital Forensics field, especially with the analysis of image metadata employing the most important software used by digital forensics investigators: Autopsy. Nowadays, Autopsy cannot extract and analyze all type of metadata found in pictures, but thankfully to this paper, investigators will not be forced to run another external software only to analyze image metadata; they will be able to do it withAutopsy.
2024-03-11T15:12:13Z
Doménech Fons, Jordi
Pegueroles Vallés, Josep R.
The importance of cybersecurity is raising every day with the development of new technologies. Accordingly, cybercrimes are increasing notably and more than ever qualified people is needed to protect the rest of people from these type of infractions. Digital forensics is a very important part of the cybersecurity world, furthermore, the ultimate goal of a digital forensics investigation is to preserve, identify, acquire and document digital evidence to be used in the court of law. As a result, our paper will go in deep with the Digital Forensics field, especially with the analysis of image metadata employing the most important software used by digital forensics investigators: Autopsy. Nowadays, Autopsy cannot extract and analyze all type of metadata found in pictures, but thankfully to this paper, investigators will not be forced to run another external software only to analyze image metadata; they will be able to do it withAutopsy.
-
XSS vulnerability test enhancement for Progressive Web Applications
http://hdl.handle.net/2117/404136
XSS vulnerability test enhancement for Progressive Web Applications
Pegueroles Vallés, Josep R.; Kanj Bongard, Sebastien; Estebanell Castellví, Arnau
Progressive Web Applications produce false negative results when scanned with security vulnerability scanners. In this paper the author will investigate the causes behind vulnerability scanners missing simple vulnerabilities when being used on Progressive Web Applications (PWAs). Moreover, an analysis of the caveats of only having fully automated vulnerability scans and manual pentests, without a semi-automatic tool covering the gap between the two, will be performed. An explanation of how such tool has been built will be delivered at the end of the paper.
2024-03-11T15:04:43Z
Pegueroles Vallés, Josep R.
Kanj Bongard, Sebastien
Estebanell Castellví, Arnau
Progressive Web Applications produce false negative results when scanned with security vulnerability scanners. In this paper the author will investigate the causes behind vulnerability scanners missing simple vulnerabilities when being used on Progressive Web Applications (PWAs). Moreover, an analysis of the caveats of only having fully automated vulnerability scans and manual pentests, without a semi-automatic tool covering the gap between the two, will be performed. An explanation of how such tool has been built will be delivered at the end of the paper.
-
Análisis forense de la herramienta de tunelado de puertos Ngrok
http://hdl.handle.net/2117/404133
Análisis forense de la herramienta de tunelado de puertos Ngrok
Kanj Bongard, Sebastien; Navarro, Carlos; Pasamar, Abraham; Rosés, Oriol; Pegueroles Vallés, Josep R.
Las herramientas de tunelado, como Ngrok, permiten publicar a Internet puertos de interés camuflados en protocolos frecuentes y habitualmente permitidos en infraestructuras corporativas. Usando servidores proxy se evita realizar acciones en sistemas de red perimetrales y configuraciones adicionales en equipos finales. Esta funcionalidad es aprovechada porThreat Actors de ransomware para usar protocolos de control remoto, comoRDP, o protocolos de exfiltración, como FTP, en sus ataques, evadiendo las políticas de seguridad de red. En este artículo se realiza una investigación de los rastros que esta técnica evasiva deja en los equipos a fin de mejorar el análisis forense de incidentes de ransomware, proponiendo mecanismos de identificación y subrayando los artefactos útiles para su análisis
2024-03-11T14:57:19Z
Kanj Bongard, Sebastien
Navarro, Carlos
Pasamar, Abraham
Rosés, Oriol
Pegueroles Vallés, Josep R.
Las herramientas de tunelado, como Ngrok, permiten publicar a Internet puertos de interés camuflados en protocolos frecuentes y habitualmente permitidos en infraestructuras corporativas. Usando servidores proxy se evita realizar acciones en sistemas de red perimetrales y configuraciones adicionales en equipos finales. Esta funcionalidad es aprovechada porThreat Actors de ransomware para usar protocolos de control remoto, comoRDP, o protocolos de exfiltración, como FTP, en sus ataques, evadiendo las políticas de seguridad de red. En este artículo se realiza una investigación de los rastros que esta técnica evasiva deja en los equipos a fin de mejorar el análisis forense de incidentes de ransomware, proponiendo mecanismos de identificación y subrayando los artefactos útiles para su análisis
-
Correlación de Threat Actors según técnicas antianálisis en muestras de malware
http://hdl.handle.net/2117/404128
Correlación de Threat Actors según técnicas antianálisis en muestras de malware
Kanj Bongard, Sebastien; Pasamar, Abraham; Rosés, Oriol; Pegueroles Vallés, Josep R.
Las muestras de malware (software malicioso) son uno de los Indicadores de Compromiso (IOC) más usados para la atribución de incidentes de ciberseguridad a los distintos actores (Threat Actors, TA) en activo. Es de interes de los atacantes ´tratar de demorar y dificultar al maximo el trabajo de los analistas de malware y para ello implementan diversas tecnicas de evasión o antianálisis. Los desarrolladores de malware venden sus muestras en foros o markets de la Dark Web a distintos perfiles de atacantes y esto genera relaciones entre los distintos grupos. En este trabajo se presenta el estudio en curso, dentro del doctorado industrial realizado con INCIDE, de correlacion de ´las tecnicas evasivas presentes en muestras de ´malware de Threat Actors para obtener un mapa
geopolítico de sinergias entre ellos y así perfilar mejor su actividad y mejorar las capacidades de
atribucion.
2024-03-11T14:48:45Z
Kanj Bongard, Sebastien
Pasamar, Abraham
Rosés, Oriol
Pegueroles Vallés, Josep R.
Las muestras de malware (software malicioso) son uno de los Indicadores de Compromiso (IOC) más usados para la atribución de incidentes de ciberseguridad a los distintos actores (Threat Actors, TA) en activo. Es de interes de los atacantes ´tratar de demorar y dificultar al maximo el trabajo de los analistas de malware y para ello implementan diversas tecnicas de evasión o antianálisis. Los desarrolladores de malware venden sus muestras en foros o markets de la Dark Web a distintos perfiles de atacantes y esto genera relaciones entre los distintos grupos. En este trabajo se presenta el estudio en curso, dentro del doctorado industrial realizado con INCIDE, de correlacion de ´las tecnicas evasivas presentes en muestras de ´malware de Threat Actors para obtener un mapa
geopolítico de sinergias entre ellos y así perfilar mejor su actividad y mejorar las capacidades de
atribucion.
-
Distributed learning for application placement at the edge minimizing active nodes
http://hdl.handle.net/2117/403863
Distributed learning for application placement at the edge minimizing active nodes
Torres Pérez, Claudia; Coronado Calero, Estefanía; Cervelló Pastor, Cristina; Camargo Barragán, Juan Sebastián; Siddiqui, Muhammad Shuaib
The main goal of application placement in Multi-Access Edge Computing (MEC) is to map their requirements to the infrastructure for desired Service Level Agreement (SLA). In highly distributed infrastructures in beyond 5G and 6G networks, meeting this need and minimizing energy use are crucial. Fo-cusing solely on meeting SLA requirements can lead to resource fragmentation and reduced energy efficiency, as nodes utilize only a small portion of their resources. Furthermore, when multiple orchestrators govern MEC nodes, achieving optimal efficiency becomes a more complex challenge. This paper addresses the application placement problem by employing distributed deep reinforcement learning to efficiently minimize the overall cost of active MEC nodes in a distributed scenario involving multiple MEC systems. Our technique reduces the number of active nodes maintaining an average accuracy of up to 98%, meets SLA requirements, and is scalable for hosting several MEC nodes.
© 2023 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes,creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
2024-03-06T12:45:50Z
Torres Pérez, Claudia
Coronado Calero, Estefanía
Cervelló Pastor, Cristina
Camargo Barragán, Juan Sebastián
Siddiqui, Muhammad Shuaib
The main goal of application placement in Multi-Access Edge Computing (MEC) is to map their requirements to the infrastructure for desired Service Level Agreement (SLA). In highly distributed infrastructures in beyond 5G and 6G networks, meeting this need and minimizing energy use are crucial. Fo-cusing solely on meeting SLA requirements can lead to resource fragmentation and reduced energy efficiency, as nodes utilize only a small portion of their resources. Furthermore, when multiple orchestrators govern MEC nodes, achieving optimal efficiency becomes a more complex challenge. This paper addresses the application placement problem by employing distributed deep reinforcement learning to efficiently minimize the overall cost of active MEC nodes in a distributed scenario involving multiple MEC systems. Our technique reduces the number of active nodes maintaining an average accuracy of up to 98%, meets SLA requirements, and is scalable for hosting several MEC nodes.
-
Correlation study between the performance in different engineering courses and project-based courses
http://hdl.handle.net/2117/403055
Correlation study between the performance in different engineering courses and project-based courses
Bermejo Broto, Sandra; Bragós Bardia, Ramon; Rey Micolau, Francesc; Pegueroles Vallés, Josep R.
In a previous study, already published (Bragós, 2022), we analyzed the correlation between the University access mark to the engineering studies with the grades obtained in projectbased courses and in non-project-based standard courses. A lower correlation with the capstone course performance (R=0.3) than the one obtained with the average of the other courses (R=0.6) was obtained. Probably as a result of the fact that a different kind of skills are promoted in these courses. In this paper, we have changed and extended the scope of the correlation study. We used as a reference of the students’ performance index the individual average marks in the 1st year basic courses. Then we obtained the correlation with different categories of courses of our engineering program: theoretical/practical, mandatory/elective, by disciplines, and the Project-Based Learning (PBL) and Product Development Project (PDP) courses. This is, using internal indicators instead of the access mark, which has an external origin, and improving the granularity of the study. We have analyzed four consecutive cohorts that have completed a coherent set of subjects, n=762 students. We have classified the subjects (40 courses per student in average) in the categories aforementioned. They are
compared with the performance in two “classic” PBL courses and a capstone PDP course.
There is also a final Engineering bachelor thesis which is usually performed individually in companies or research labs. The very abridged results of the study display differences even higher that the ones obtained with the access mark. The three groups of non-project standard
courses show a higher correlation among them (R=0.84 Basic to Mandatory-Disciplinary; R=0.69 Basic to Elective-Disciplinary) that when comparing the Basic courses with the PBL courses (R=0.59) or with the capstone PDP course (a very weak correlation with R=0.26). The
complete set of cross-correlations among the categories is displayed in the paper. Like in the study about the correlation with the access mark, the main conclusion is the evidence that there is a remarkable set of students which have difficulties in the standard courses, with a higher analytic content but can perform very well in the project-based courses. Therefore, a different kind of skills are promoted in these courses. This is, in our opinion, a positive result because these students can find a place to stand out. It enhances their self-confidence and their perception of a potentially good performance in their future career.
2024-02-23T14:06:46Z
Bermejo Broto, Sandra
Bragós Bardia, Ramon
Rey Micolau, Francesc
Pegueroles Vallés, Josep R.
In a previous study, already published (Bragós, 2022), we analyzed the correlation between the University access mark to the engineering studies with the grades obtained in projectbased courses and in non-project-based standard courses. A lower correlation with the capstone course performance (R=0.3) than the one obtained with the average of the other courses (R=0.6) was obtained. Probably as a result of the fact that a different kind of skills are promoted in these courses. In this paper, we have changed and extended the scope of the correlation study. We used as a reference of the students’ performance index the individual average marks in the 1st year basic courses. Then we obtained the correlation with different categories of courses of our engineering program: theoretical/practical, mandatory/elective, by disciplines, and the Project-Based Learning (PBL) and Product Development Project (PDP) courses. This is, using internal indicators instead of the access mark, which has an external origin, and improving the granularity of the study. We have analyzed four consecutive cohorts that have completed a coherent set of subjects, n=762 students. We have classified the subjects (40 courses per student in average) in the categories aforementioned. They are
compared with the performance in two “classic” PBL courses and a capstone PDP course.
There is also a final Engineering bachelor thesis which is usually performed individually in companies or research labs. The very abridged results of the study display differences even higher that the ones obtained with the access mark. The three groups of non-project standard
courses show a higher correlation among them (R=0.84 Basic to Mandatory-Disciplinary; R=0.69 Basic to Elective-Disciplinary) that when comparing the Basic courses with the PBL courses (R=0.59) or with the capstone PDP course (a very weak correlation with R=0.26). The
complete set of cross-correlations among the categories is displayed in the paper. Like in the study about the correlation with the access mark, the main conclusion is the evidence that there is a remarkable set of students which have difficulties in the standard courses, with a higher analytic content but can perform very well in the project-based courses. Therefore, a different kind of skills are promoted in these courses. This is, in our opinion, a positive result because these students can find a place to stand out. It enhances their self-confidence and their perception of a potentially good performance in their future career.
-
Virtual Satellite Network Simulator (VSNeS): a simulation engine to virtualize non-terrestrial networks
http://hdl.handle.net/2117/400869
Virtual Satellite Network Simulator (VSNeS): a simulation engine to virtualize non-terrestrial networks
Ruiz de Azua, Joan Adria; López Fernandez, Uriel; Ávila Acosta, José Luis; Rincón Rivera, David
The space has been populated by a wide range of satellite systems from governmental and private space entities. Monolithic satellites have been ruling the space by providing a custom design that accomplishes a specific mission. However, novel user demands emerged requiring global coverage, low revisit time, and ubiquitous service. The possibility to integrate in-orbit infrastructure to support current mobile communications systems is being discussed persistently in the last years. Specifically, the concept of deploying networks composed of aircraft and spacecraft as nodes, so-called Non-Terrestrial Networks, have emerged as a potential architecture to satisfy this new demand. This novel concept enables to investigate in mobile technologies in space infrastructure. It is the case of the Software-Defined Satellite, which aims at managing in-orbit infrastructure by using Software-Defined Network techniques. However,
simulation engines are required to enhance novel developments in this domain. This work presents the Virtual Satellite Network Simulator, a novel simulation engine capable to represent satellites and ground nodes in virtual machines and deploy a virtual network that represents the channel effects and dynamics. The concept, requirements and design of the software is presented in detail, remarking each component and their functionalities. Additionally, results of the performance evaluation are discussed, demonstrating the viability of the system to deploy large constellations. Finally, a realistic scenario is deployed demonstrating its usage to enhance future developments.
2024-02-02T11:52:31Z
Ruiz de Azua, Joan Adria
López Fernandez, Uriel
Ávila Acosta, José Luis
Rincón Rivera, David
The space has been populated by a wide range of satellite systems from governmental and private space entities. Monolithic satellites have been ruling the space by providing a custom design that accomplishes a specific mission. However, novel user demands emerged requiring global coverage, low revisit time, and ubiquitous service. The possibility to integrate in-orbit infrastructure to support current mobile communications systems is being discussed persistently in the last years. Specifically, the concept of deploying networks composed of aircraft and spacecraft as nodes, so-called Non-Terrestrial Networks, have emerged as a potential architecture to satisfy this new demand. This novel concept enables to investigate in mobile technologies in space infrastructure. It is the case of the Software-Defined Satellite, which aims at managing in-orbit infrastructure by using Software-Defined Network techniques. However,
simulation engines are required to enhance novel developments in this domain. This work presents the Virtual Satellite Network Simulator, a novel simulation engine capable to represent satellites and ground nodes in virtual machines and deploy a virtual network that represents the channel effects and dynamics. The concept, requirements and design of the software is presented in detail, remarking each component and their functionalities. Additionally, results of the performance evaluation are discussed, demonstrating the viability of the system to deploy large constellations. Finally, a realistic scenario is deployed demonstrating its usage to enhance future developments.