Rubén Ríos

@article{rios2022cpa,

title = {Constrained Proximity Attacks on Mobile Targets},

author = {Xueou Wang and Xiaolu Hou and Ruben Rios and Nils Ole Tippenhauer and Martin Ochoa},

url = {/wp-content/papers/rios2022cpa.pdf},

doi = {10.1145/3498543},

issn = {2471-2566},

year  = {2022},

date = {2022-05-01},

urldate = {2022-05-01},

journal = {ACM Transactions on Privacy and Security (TOPS)},

volume = {25},

number = {10},

pages = {1 - 29},

publisher = {Association for Computer Machinery (ACM)},

abstract = {Proximity attacks allow an adversary to uncover the location of a victim by repeatedly issuing queries with fake location data. These attacks have been mostly studied in scenarios where victims remain static and there are no constraints that limit the actions of the attacker. In such a setting, it is not difficult for the attacker to locate a particular victim and quantifying the effort for doing so is straightforward. However, it is far more realistic to consider scenarios where potential victims present a particular mobility pattern. In this paper, we consider abstract (constrained and unconstrained) attacks on services that provide location information on other users in the proximity. We derive strategies for constrained and unconstrained attackers, and show that when unconstrained they can practically achieve success with theoretically optimal effort. We then propose a simple yet effective constraint that may be employed by a proximity service (for example, running in the cloud or using a suitable two-party protocol) as countermeasure to increase the effort for the attacker several orders of magnitude both in simulated and real-world cases.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{rios2022pmec,

title = {Personal IoT Privacy Control at the Edge},

author = {Ruben Rios and Jose A. Onieva and Rodrigo Roman and Javier Lopez},

url = {/wp-content/papers/rios2022pmec.pdf},

doi = {10.1109/MSEC.2021.3101865},

issn = {1540-7993},

year  = {2022},

date = {2022-01-01},

urldate = {2022-01-01},

journal = {IEEE Security \& Privacy},

volume = {20},

pages = {23 - 32},

publisher = {IEEE},

abstract = {This article introduces a privacy manager for IoT data based on Edge Computing. This poses the advantage that privacy is enforced before data leaves the control of the user, who is provided with a tool to express data sharing preferences based on a novel context-aware privacy language.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{roman2018VIS,

title = {Immune System for the Internet of Things using Edge Technologies},

author = {Rodrigo Roman and Ruben Rios and Jose A. Onieva and Javier Lopez},

url = {/wp-content/papers/roman2018VIS.pdf

https://ieeexplore.ieee.org/document/8449989/},

doi = {10.1109/JIOT.2018.2867613},

issn = {2327-4662},

year  = {2019},

date = {2019-06-01},

urldate = {2019-06-01},

journal = {IEEE Internet of Things Journal},

volume = {6},

pages = {4774-4781},

publisher = {IEEE Computer Society},

abstract = {The Internet of Things (IoT) and Edge Computing are starting to go hand in hand. By providing cloud services close to end-users, edge paradigms enhance the functionality of IoT deployments, and facilitate the creation of novel services such as augmented systems. Furthermore, the very nature of these paradigms also enables the creation of a proactive defense architecture, an immune system, which allows authorized immune cells (e.g., virtual machines) to traverse edge nodes and analyze the security and consistency of the underlying IoT infrastructure. In this article, we analyze the requirements for the development of an immune system for the IoT, and propose a security architecture that satisfies these requirements. We also describe how such a system can be instantiated in Edge Computing infrastructures using existing technologies. Finally, we explore the potential application of immune systems to other scenarios and purposes.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{Lopez2017iotpriv,

title = {Evolving privacy: From sensors to the Internet of Things},

author = {Javier Lopez and Ruben Rios and Feng Bao and Guilin Wang},

url = {/wp-content/papers/Lopez2017iotpriv.pdf},

doi = {10.1016/j.future.2017.04.045},

issn = {0167-739X},

year  = {2017},

date = {2017-10-01},

urldate = {2017-10-01},

journal = {Future Generation Computer Systems},

volume = {75},

pages = {46\textendash57},

publisher = {Elsevier},

abstract = {The Internet of Things (IoT) envisions a world covered with billions of smart, interacting things capable of offering all sorts of services to near and remote entities. The benefits and comfort that the IoT will bring about are undeniable, however, these may come at the cost of an unprecedented loss of privacy. In this paper we look at the privacy problems of one of the key enablers of the IoT, namely wireless sensor networks, and analyse how these problems may evolve with the development of this complex paradigm. We also identify further challenges which are not directly associated with already existing privacy risks but will certainly have a major impact in our lives if not taken into serious consideration.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}