Visible to the public Biblio

Filters: Author is Caballero-Gil, Cándido  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 
Lodeiro-Santiago, Moisés, Caballero-Gil, Cándido, Caballero-Gil, Pino.  2017.  Collaborative SQL-injections Detection System with Machine Learning. Proceedings of the 1st International Conference on Internet of Things and Machine Learning. :45:1–45:5.
Data mining and information extraction from data is a field that has gained relevance in recent years thanks to techniques based on artificial intelligence and use of machine and deep learning. The main aim of the present work is the development of a tool based on a previous behaviour study of security audit tools (oriented to SQL pentesting) with the purpose of creating testing sets capable of performing an accurate detection of a SQL attack. The study is based on the information collected through the generated web server logs in a pentesting laboratory environment. Then, making use of the common extracted patterns from the logs, each attack vector has been classified in risk levels (dangerous attack, normal attack, non-attack, etc.). Finally, a training with the generated data was performed in order to obtain a classifier system that has a variable performance between 97 and 99 percent in positive attack detection. The training data is shared to other servers in order to create a distributed network capable of deciding if a query is an attack or is a real petition and inform to connected clients in order to block the petitions from the attacker's IP.
Caballero-Gil, Pino, Caballero-Gil, Cándido, Molina-Gil, Jezabel.  2018.  Ubiquitous System to Monitor Transport and Logistics. Proceedings of the 15th ACM International Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks. :71–75.
In the management of transport and logistics, which includes the delivery, movement and collection of goods through roads, ports and airports, participate, in general, many different actors. The most critical aspects of supply chain systems include time, space and interdependencies. Besides, there are several security challenges that can be caused both by unintentional and intentional errors. With all this in mind, this work proposes the combination of technologies such as RFID, GPS, WiFi Direct and LTE/3G to automate product authentication and merchandise tracking, reducing the negative effects caused either by mismanagement or attacks against the process of the supply chain. In this way, this work proposes a ubiquitous management scheme for the monitoring through the cloud of freight and logistics systems, including demand management, customization and automatic replenishment of out-of-stock goods. The proposal implies an improvement in the efficiency of the systems, which can be quantified in a reduction of time and cost in the inventory and distribution processes, and in a greater facility for the detection of counterfeit versions of branded articles. In addition, it can be used to create safer and more efficient schemes that help companies and organizations to improve the quality of the service and the traceability of the transported goods.