Persona:
Robles Gómez, Antonio

Foto de perfil
Dirección de correo electrónico
ORCID
0000-0002-5181-0199
Fecha de nacimiento
Proyectos de investigación
Unidades organizativas
Puesto de trabajo
Apellidos
Robles Gómez
Nombre de pila
Antonio
Nombre

Filtros

2016 - 201932020 - 202527
Restablecer filtros

Ajustes

Resultados de la búsqueda

Mostrando 1 - 10 de 32
  • Miniatura
    Publicación
    Analyzing the Users’ Acceptance of an IoT Cloud Platform using the UTAUT/TAM Model
    (Institute of Electrical and Electronics Engineers, 2021) Haut, Juan M.; Robles Gómez, Antonio; Tobarra Abad, María de los Llanos; Pastor Vargas, Rafael; Hernández Berlinches, Roberto
    Antonio Robles-Gómez, Llanos Tobarra, Rafael Pastor-Vargas, Roberto Hernández, Juan M. Haut; Título:; Publicación: . ISSN (https://doi.org/10.1109/ACCESS.2021.3125497);
  • Miniatura
    Publicación
    Forensic Analysis Laboratory for Sport Devices: A Practical Case of Use
    (MDPI, 2023) Donaire Calleja, Pablo; Robles Gómez, Antonio; Tobarra Abad, María de los Llanos; Pastor Vargas, Rafael
    At present, the mobile device sector is experiencing significant growth. In particular, wear- 1 able devices have become a common element in society. This fact implies that users unconsciously 2 accept the constant dynamic collection of private data about their habits and behaviours. Therefore, 3 this work focuses on highlighting and analyzing some of the main issues that forensic analysts face 4 in this sector, such as the lack of standard procedures for analysis and the common use of private 5 protocols for data communication. Thus, it is almost impossible for a digital forensic specialist to 6 fully specialize in the context of wearables, such as smartwatches for sports activities. With the aim 7 of highlighting these problems, a complete forensic analysis laboratory for such sports devices is 8 described in this paper. We selected a smartwatch belonging to the Garmin Forerunner Series, due to 9 its great popularity. Through an analysis, its strengths and weaknesses in terms of data protection 10 are described. We also analyze how companies are increasingly taking personal data privacy into 11 consideration, in order to minimize unwanted information leaks. Finally, a set of initial security 12 recommendations for the use of these kinds of devices are provided to the reader.
  • Miniatura
    Publicación
    Automated IoT vulnerability classification using Deep Learning
    (2025-07-01) Enrique Fernández Morales,; García Merino, José Carlos; Tobarra Abad, María de los Llanos; Pastor Vargas, Rafael; Robles Gómez, Antonio; Sarraipa, Joao; Sernández Iglesias, Daniel
    Technological advancements in the development of low-power chips have enabled everyday objects to connect to the Internet, giving rise to the concept known as the Internet of Things (IoT). It is currently estimated that there are approximately 16 billion IoT connections worldwide, a figure expected to double by 2030. However, this rapid growth of the IoT ecosystem has introduced new vulnerabilities that could be exploited by malicious actors. Since many IoT devices handle personal and sensitive information, threats to these devices can have severe consequences. Moreover, a series of cybersecurity incidents could undermine public trust in IoT technology, potentially delaying its widespread adoption across various sectors.Common Vulnerabilities and Exposures records (also known by their acronym as CVEs) is a public cataloging system designed to identify and list known security vulnerabilities in software and hardware products. This system is developed and maintained by MITRE with the support of the cybersecurity community and sponsored by the U.S. Department of Homeland Security (DHS) through the Cybersecurity and Infrastructure Security Agency (CISA). CVE provides a reference database that enables security researchers, manufacturers, and organizational security managers to more effectively identify and address security issues.In our study, we have focused on CVEs exclusively oriented towards IoT systems, with the aim of analyzing the main vulnerabilities detected from 2010 to nowadays as a basis for detecting the main attack vectors in IoT systems. As part of this effort we have created the following dataset. CVEs records include various metrics such as: - Common Weakness Enumeration (CWE), mainly focused on technical classification of vulnerabilities. - Common Vulnerability Scoring System (CVSS), which reports about different metrics such as the attack vector, the severity of the vulnerability or the impact level of the exploitation of the vulnerability. This is one of the most informative metric. - Stakeholder-Specific Vulnerability Categorization (SSVC), oriented towards help cybersecurity team to handle properly the vulnerability. These metrics allow security teams on the one hand to prioritize, such vulnerabilities within their security program, evaluating efforts to mitigate them. But according to our analysis of our dataset, around the 14% of CVEs records do not contain any metric. Around the 83% of CVEs registries contain CWE metric (an ID or its textual description). This metric, as it is explained before, only reports about the type of vulnerability from a technic point of view. Only the 10% of CVEs registries contain SSVC metrics. And CVSS, in its different versions, appears only in the 40% of the studied CVEs registries. Additionally, most of studied records includes metrics a retrospectively, several weeks or months later the vulnerability is disclosed. Thus, cybersecurity teams must trust their previous knowledge in order to distinguish which vulnerabilities are relevant and which not.To tackled this situation, our proposal is focused in the application of Deep Learning techniques in order to classify the severity of CVE records from its textual description. Textual description is a mandatory field that is present in all CVEs records. To achieve this objective, we trained the BiLSTM algorithm using the CVE records with CVSS metrics and its description field; and performed a comparative study of different hyperparameter configurations to find the optimal configuration. The metrics for model evaluation that have been studied are accuracy, loss and F1-score.
  • Miniatura
    Publicación
    Machine learning models and dimensionality reduction for improving the Android malware detection
    (PeerJ, 2024-12-23) Moran, Pablo; Robles Gómez, Antonio; Duque Fernández, Andrés; Tobarra Abad, María de los Llanos; Pastor Vargas, Rafael
    Today, a great number of attack opportunities for cybercriminals arise in Android, since it is one of the most used operating systems for many mobile applications. Hence, it is very important to anticipate these situations. To minimize this problem, the analysis of malware search applications is based on machine learning algorithms. Our work uses as a starting point the features proposed by the DREBIN project, which today constitutes a key reference in the literature, being the largest public Android malware dataset with labeled families. The authors only employ the support vector machine to determine whether a sample is malware or not. This work first proposes a new efficient dimensionality reduction of features, as well as the application of several supervised machine learning algorithms for prediction purposes. Predictive models based on Random Forest are found to achieve the most promising results. They can detect an average of 91.72% malware samples, with a very low false positive rate of 0.13%, and using only 5,000 features. This is just over 9% of the total number of features of DREBIN. It achieves an accuracy of 99.52%, a total precision of 96.91%, as well as a macro average F1-score of 96.99%.
  • Miniatura
    Publicación
    Dataset Generation and Study of Deepfake Techniques
    (Springer, 2023) Falcón López, Sergio Adrián; Robles Gómez, Antonio; Tobarra Abad, María de los Llanos; Pastor Vargas, Rafael
    The consumption of multimedia content on the Internet has nowadays been expanded exponentially. These trends have contributed to fake news can become a very high influence in the current society. The latest techniques to influence the spread of digital false information are based on methods of generating images and videos, known as Deepfakes. This way, our research work analyzes the most widely used Deepfake content generation methods, as well as explore different conventional and advanced tools for Deepfake detection. A specific dataset has also been built that includes both fake and real multimedia contents. This dataset will allow us to verify whether the used image and video forgery detection techniques can detect manipulated multimedia content.
  • Miniatura
    Publicación
    Comprehensive AI-Driven Privacy Risk Assessment in Mobile Apps and Social Networks
    (Springer, 2025-09-29) Blanco Aza, Daniel; Robles Gómez, Antonio; Pastor Vargas, Rafael; Tobarra Abad, María de los Llanos; Vidal Balboa, Pedro; Méndez-Suárez, Mariano
    The pervasive use of mobile applications and social networks has intensified privacy concerns due to the widespread collection, processing, and sharing of personal data. To address these challenges, we introduce SafeMountain, a novel AI-driven framework designed to systematically quantify, evaluate, and visualize privacy risks in mobile apps and social platforms, ensuring strict compliance with international regulations, particularly the General Data Protection Regulation (GDPR). SafeMountain combines static and dynamic code analyses to scrutinize real-world data handling practices and detect potential privacy breaches. It also employs advanced Natural Language Processing (NLP) techniques for automated interpretation and evaluation of privacy policies and Terms of Service. By mapping textual policy disclosures to actual app permissions and behaviors, it identifies discrepancies and highlights potential non-compliance and data misuse. The framework introduces an objective risk scoring mechanism aligned with international standards and regulatory requirements, offering a structured methodology to classify and visualize privacy risks. This risk assessment spans multiple dimensions (predictability, manageability, and disassociability) leveraging privacy engineering principles and regulatory risk factors, and uses an intuitive traffic-light system (Green, Yellow, Red) to enhance transparency and user comprehension. SafeMountain addresses major research gaps, notably the absence of standardized privacy risk scoring and comprehensive visualization tools. By delivering actionable insights into permission consistency, policy transparency, compliance gaps, and data leakage vulnerabilities, it empowers users, developers, and organizations to manage privacy risks proactively. Ultimately, SafeMountain fosters trust through more transparent and accountable data privacy practices across digital ecosystems.
  • Miniatura
    Publicación
    A WoT Platform for Supporting Full-Cycle IoT Solutions from Edge to Cloud Infrastructures: A Practical Case
    (MDPI, 2020-07-05) Pastor Vargas, Rafael; Tobarra Abad, María de los Llanos; Robles Gómez, Antonio; Martín Gutiérrez, Sergio; Hernández Berlinches, Roberto; Cano, Jesús; MDPI; https://orcid.org/0000-0001-6926-1311
    Internet of Things (IoT) learning involves the acquisition of transversal skills ranging from the development based on IoT devices and sensors (edge computing) to the connection of the devices themselves to management environments that allow the storage and processing (cloud computing) of data generated by sensors. The usual development cycle for IoT applications consists of the following three stages: stage 1 corresponds to the description of the devices and basic interaction with sensors. In stage 2, data acquired by the devices/sensors are employed by communication models from the origin edge to the management middleware in the cloud. Finally, stage 3 focuses on processing and presentation models. These models present the most relevant indicators for IoT devices and sensors. Students must acquire all the necessary skills and abilities to understand and develop these types of applications, so lecturers need an infrastructure to enable the learning of development of full IoT applications. AWeb of Things (WoT) platform named Labs of Things at UNED (LoT@UNED) has been used for this goal. This paper shows the fundamentals and features of this infrastructure, and how the different phases of the full development cycle of solutions in IoT environments are implemented using LoT@UNED. The proposed system has been tested in several computer science subjects. Students can perform remote experimentation with a collaborativeWoT learning environment in the cloud, including the possibility to analyze the generated data by IoT sensors.
  • Miniatura
    Publicación
    Exploring IoT Vulnerabilities in a Comprehensive Remote Cybersecurity Laboratory
    (MDPI, 2023) Delgado, Ismael; Sancristóbal Ruiz, Elio; Martín Gutiérrez, Sergio; Robles Gómez, Antonio
    With the rapid proliferation of Internet of things (IoT) devices across various sectors, ensuring robust cybersecurity practices has become paramount. The complexity and diversity of IoT ecosystems pose unique security challenges that traditional educational approaches often fail to address comprehensively. Current curricula may provide theoretical knowledge but typically lack the practical components necessary for students to engage with real-world cybersecurity scenarios. This gap hinders the development of proficient cybersecurity professionals capable of securing complex IoT infrastructures. To bridge this educational divide, a remote online laboratory was developed, allowing students to gain hands-on experience in identifying and mitigating cybersecurity threats in an IoT context. This virtual environment simulates real IoT ecosystems, enabling students to interact with actual devices and protocols while practicing various security techniques. The laboratory is designed to be accessible, scalable, and versatile, offering a range of modules from basic protocol analysis to advanced threat management. The implementation of this remote laboratory demonstrated significant benefits, equipping students with the necessary skills to confront and resolve IoT security issues effectively. Our results show an improvement in practical cybersecurity abilities among students, highlighting the laboratory’s efficacy in enhancing IoT security education.
  • Miniatura
    Publicación
    SiCoDeF² Net: Siamese Convolution Deconvolution Feature Fusion Network for One-Shot Classification
    (IEEE, 2021) Kumar Roy, Swalpa; Kar, Purbayan; Paoletti, Mercedes E.; Haut, Juan M.; Pastor Vargas, Rafael; Robles Gómez, Antonio
    Nowadays, deep convolutional neural networks (CNNs) for face recognition exhibit a performance comparable to human ability in the presence of the appropriate amount of labelled training data. However, training CNNs remains as an arduous task due to the lack of training samples. To overcome this drawback, applications demand one-shot learning to improve the obtained performances over traditional machine learning approaches by learning representative information about data categories from few training samples. In this context, Siamese convolutional network ( SiConvNet ) provides an interesting deep architecture to tackle the data limitation. In this regard, applying the convolution operation on real world images by using the trainable correlative Gaussian kernel adds correlations to the output images, which hinder the recognition process due to the blurring effects introduced by the convolution kernel application. As a result the pixel-wise and channel-wise correlations or redundancies could appear in both single and multiple feature maps obtained by a hidden layer. In this sense, convolution-based models fail to generalize the feature representation because of both the strong correlations presence in neighboring pixels and the channel-wise high redundancies between different channels of the feature maps, which hamper the effective training. Deconvolution operation helps to overcome the shortcomings that limit the conventional SiConvNet performance, learning successfully correlation-free features representation. In this paper, a simple but efficient Siamese convolution deconvolution feature fusion network ( SiCoDeF 2 Net ) is proposed to learn the invariant and discriminative complementary features generated from both the (i) sub-convolution (SCoNet) and (ii) sub deconvolutional (SDeNet) networks using a concatenation operation which significantly improves the one-shot unconstrained facial recognition task. Extensive experiments performed on several widely used benchmarks, provide promising results, where the proposed SiCoDeF 2 Net model significantly outperforms the current state-of-art in terms of classification accuracy, F1, precision and recall. The code will be available on: https://github.com/purbayankar/SiCoDeF2Net .
  • Miniatura
    Publicación
    Students’ Acceptance and Tracking of a New Container-Based Virtual Laboratory
    (MDPI, 2020) Cano, Jesús; Tobarra Abad, María de los Llanos; Robles Gómez, Antonio; Pastor Vargas, Rafael; Hernández Berlinches, Roberto; Duque Fernández, Andrés
    Presently, the ever-increasing use of new technologies helps people to acquire additional skills for developing an applied critical thinking in many contexts of our society. When it comes to education, and more particularly in any Engineering subject, practical learning scenarios are key to achieve a set of competencies and applied skills. In our particular case, the cybersecurity topic with a distance education methodology is considered and a new remote virtual laboratory based on containers will be presented and evaluated in this work. The laboratory is based on the Linux Docker virtualization technology, which allows us to create consistent realistic scenarios with lower configuration requirements for the students. The laboratory is comparatively evaluated with our previous environment, LoT@UNED, from both the points of view of the students’ acceptance with a set of UTAUT models, and their behavior regarding evaluation items, time distribution, and content resources. All data was obtained from students’ surveys and platform registers. The main conclusion of this work is that the proposed laboratory obtains a very high acceptance from the students, in terms of several different indicators (perceived usefulness, estimated effort, social influence, attitude, ease of access, and intention of use). Neither the use of the virtual platform nor the distance methodology employed affect the intention to use the technology proposed in this work