Proyects and contracts

Access control systems aim to authenticate and authorize individuals or objects to grant or deny their access to services. Users asking for access must present certain credentials to demonstrate that they can be accepted by the policies implemented in these systems. In this context, the management of credentials is known as the identity management problem. For this problem, three main models exist: siloed, federated and self-sovereign identity (SSI), the latter being the one that is gaining the race in recent years.

In this project, we plan to apply the SSI model to IoT scenarios. Although there are some approaches that permit the use of SSI in IoT, we identify a specific scenario that is not covered by state-of-the-art solutions, i.e., that in which there exist interdependency among objects and people so that they need to form groups before authenticating and being authorized. Thus, this project suggests a solution based on the development of a collaborative credentials model applicable to IoT scenarios.

This solution is expected to have an important impact for several reasons. First, the functionalities and use cases currently covered by SSI solutions will be considerably extended. Specifically, this opens a door for solutions in which there is a need to impose restrictions for groups in real time. Second, the possibility to enforce restrictions for groups of objects and persons in a dynamic way will have an important economic impact on those markets that are affected by risks, e.g., insurances, security, travel, etc.

Identificador: PID2020-114495RB-I00

El espíritu de las “cátedras” de la Universidad de Granada es el establecimiento de alianzas estratégicas con empresas e instituciones públicas o privadas para el desarrollo de actividades de formación, divulgación y transferencia del conocimiento en una determinada área o ámbito de conocimiento.

En consonancia con ello, y derivado del interés y relevancia socio-económica actuales de la ciberseguridad, la Cátedra de Ciberseguridad CiberUGR (#CátedrasCiber*, #NextGenerationEU*), circunscrita al convenio C025/24 entre el INCIBE y la UGR, persigue la divulgación, formación y promoción del talento en ciber con objeto de aumentar la seguridad de los servicios y sistemas TIC actuales y, con ello, el uso y confianza de la sociedad en ellos.

Este proyecto está cofinanciado por el Instituto Nacional de Ciberseguridad (INCIBE) y su desarrollo y gestión recae en el equipo de trabajo compuesto por los miembros del "Network Engineering & Security Group" (NESG, TIC-233), conformado por profesorado multidisciplinar de la UGR con amplia trayectoria en el ámbito de la ciberseguridad: Pedro García Teodoro, J. Antonio Gómez Hernández, Gabriel Maciá Fernández, Roberto Magán Carrión, Margarita Robles Carrillo y Rafael A. Rodríguez Gómez, así como estudiantes de máster y doctorado y contratados: Yousef Abouhamda, Elvira Castillo Fernández, Rodolfo García Peñas, Felipe González López, Irene Gosálvez White y Joaquín Gaspar Medina Arco. 

Contrado de consulturia con Sulayr (http://www.sulayr.es/) para estudio en empresas de la adecuación del Esquema Nacional de Seguridad.

Funded by MINECO (ref. TIN2017-83494-R), this project is intended to design and develop of a dynamic security management system for mobile devices, aimed at improving security both for end devices (and users) and the environment where they are working on. With acronym MDSM ('Mobile device Dynamic Security Management') and intended to operate in a real network environment.

Funded by MINECO (ref. TIN2014-60346-R), this project is intended to develop a system to monitor security events by using a technology that allows to augment the detection capabilities by means of multivariate analysis techniques. Moreover, the system also allows information privacy, so that it is possible the SIEM-based business model.

This project (ref. CTA 17/795) is aimed at deploying an information monitoring system in the Deep web. The module developed by NESG will allow to obtain information exchanged among P2P and IRC networks to monitor events of interest.

In this project we carry out a security audit for the systems and networks deployed at Grupo Trevenque, which has became the most relevant cloud provider in Andalucía. 

The aim of this project is to carry out an exploratory analysis on security related network information for the Protectwise Inc. company. This analysis is intended to identify la best structure for an anomaly detection model.

This project deals with international roaming fraud issues, making a deep research on some specific and current fraud scenarios within mobile phone operators.

In last years, MANET networks (“Mobile Ad-hoc NETworks”) have become a widely employed solution in order to deal with a variety of problems and issues in certain areas, such as environmental or military applications. However, the particular features of all these kind of scenarios (e.g. lack of fixed infrastructure, power consumption constraints, a shared channel of communication, etc.) make them especially sensitive to diverse security incidents.

This project aims to achieve the improvement of the security levels in this kind of networks, by means of new cross-layer detection mechanisms, i.e. mechanisms dealing with multi-layer information. In addition, some response mechanisms to security incidents and security attacks, based on multi-layer information, are studied and developed.

An important aspect of the work developed by NESG is the one related to the analysis and monitoring of network traffic. In particular, this project considers the study of the traffic in some particular corporative scenarios in order to model its features. The obtained models let improve the design and development of the networks and resources involved in any of the scenarios considered in this project.

Information and communication technologies have deeply contributed in the improvement of the society, in a variety of aspects: economy, leisure, culture, etc. One relevant field for the application of these technologies and systems is tele-medicine.

In this scenario, TELEREHAB is a research project with Robotiker foundation (currently Tecnalia) to design and develop a complete telematic system to allow remote rehabilitation (at home) of patients suffering from an ictus or traumatic amputation. All this is achieved by means of videoconference, patient-specialist mailing, therapeutic games, etc.

This Project considers the application of exploratory data analysis (EDA) techniques to the classification of network traffic. In particular, the project is focused on the extension of some multivariate statistical analysis techniques to deal with large datasets.

These techniques allow increasing the data knowledge (relations among variables, observations, extreme data, etc.) in a simple and efficient manner.

The social importance of the Information and Communication Technologies in general and the Internet in particular, has been translated into a more and more easy way of carrying out whatever kind of commercial transactions by means of the network. In this sense, the electronic-bank services (e-bank) constitute an important risk in terms of fraud to users or entities.

In this context, the collaboration with Universidad Politécnica de Cataluña in this research contract implies the modeling of the normal behavior of legitimate users in order to discover and detect abnormal situations and behaviors in e-bank services, and to react against them.

Due to the wide use and presence of peer-to-peer services in last years, these kind of networks have become an important vehicle for network attacks to final users.

This project is focused on the study and detection of security attacks in these kind of peer-to-peer scenarios, so that they can be conveniently treated and solved.

The main goal of this research contract is to provide the know-how of NESG members in the field of security and networks to any corporation or institution that may require it, in order to afford issues related to technology selection, development, or improvement of existing systems.

In the context of a European project, the collaboration with Universidad Politécnica de Madrid in this research contract implies the elaboration of a ‘state of the art’ in the field of technologies to detect anomaly-based network intrusion.

In addition, in this study, it is also considered the existence of a variety of tools and platforms available for that purpose, as well as the main tendencies and challenges in this field.

This Project, the first one in network security field of the former members of what now is NESG, affords the design of a system for the detection of intruders, based on layers. In particular, the research team proposes the formal modeling of the network services considered, in order to make possible the detection of anomalies in the service provisioning. In addition, the project is also focused on the development of response mechanisms for the potential intrusions in the monitored scenario.