Contact Information: Pedro García Teodoro

ETS de Ingenierías Informática y de Telecomunicación

Periodista Daniel Saucedo Aranda, s/n

18071-Granada (Spain)

+34 958 24 23 05 | nesg@ugr.es

https://nesg.ugr.es

About the University of Granada

The UGR is the leading University in Spain in ICT research, and the third one in Europe according to the NTU ranking. The UGR has extensive experience in EU projects, with 66 active projects in FP7 (312 presented,

21% success rate, 18M€), and 25 in H2020 (240 presen-ted, 12% success rate, 6M€).

In addition, the Faculty of Computer Science and Tele-communication Engineering of the UGR is ranked in the 33rd position in the Shanghai ranking.

About NESG

NESG is a cybersecurity research group of the Uni-versity of Granada (UGR), in Spain. NESG is focused on providing and improving security in networks,

systems and services, either for wired, wireless and mobile environments.

NESG is member of the CITIC-UGR (http://citic.ugr.es) and leads the UGR CyberSecuri-ty Group (UCyS - https://ucys.ugr.es), with more than 20 university professors with multidisciplinary experti-ses in areas such as network and system security, cryptography, secure hardware and software design, cyberlaw, artificial intelligence, machine learning and Big Data.

In addition, through the UGR, NESG is founding mem-ber of the Spanish Network in Cybersecurity Re-search (RENIC - https://www.renic.es/en), in turn member of the European Cyber-Security Organi-sation (ECSO - https://www.ecs-org.eu/).

Likewise, NESG is also member of the Big Data Va-lue Association (BDVA - https://www.bdva.eu/).

Information Dossier

U n i v e r s i t y o f G r an a d a

Data processing and networkmetrics

The networkmetrics research line seeks to take

advantage of multivariate analysis and machine

learning tools to tackle problems in communication

networks, with cybersecurity as main example. An

effective detection of cybersecurity incidents requi-

res the combination of several and disparate data

sources. This makes cybersec a typical Big Data

problem, where the challenge is to handle tons of

information from heterogeneous sources at a fast

pace. In NESG, we develop new analysis methods

to handle Multivariate Big Data, which are also of

value in applications like IoT monitoring or Industry

4.0, and in other domains, like chemometrics, bioin-

formatics and personalized medicine.

Mai

n c

on

trib

uti

on

s

Cam

acho

, J.,

Pér

ez-V

illeg

as, A

., G

arcí

a-T

eodo

ro, P

., M

aciá

-Fer

nánd

ez,

G. P

CA

-bas

ed M

ultiv

aria

te S

tatis

tical

Net

wor

k M

onito

ring

for

Ano

mal

y

Det

ectio

n. C

ompu

ters

& S

ecur

ity, 2

016,

59:

118

-137

.

Cam

acho

, J.,

Rod

rígu

ez-G

ómez

, R.,

Sac

cent

i, E

. Gro

up-w

ise

Prin

cipa

l

Com

pone

nt A

naly

sis

for

Exp

lora

tory

Dat

a A

naly

sis.

Jou

rnal

of C

ompu

ta-

tiona

l and

Gra

phic

al S

tatis

tics

, 201

7, 2

6 (3

): 5

01-5

12.

Cam

acho

, J.,

Mag

án-C

arrió

n, R

., G

arcí

a-T

eodo

ro, P

., T

rein

en, J

.J.

Net

wor

kmet

rics:

Mul

tivar

iate

Big

Dat

a A

naly

sis

in th

e C

onte

xt o

f the

Inte

r-

net.

Jour

nal o

f Che

mom

etric

s, 2

016,

30:

487

.

UG

R'1

6: A

New

Dat

aset

for

the

Eva

luat

ion

of C

yclo

stat

iona

rity-

Bas

ed

Net

wor

k ID

Ss

(20

18).

Intrusion detection and protection

Systems and users are very vulnerable to attacks of

different typology and impact: virus, trojans, ran-

somware, spyware, data leakage, etc. This way, a

principal topic addressed by NESG is that of protec-

ting network environments by means of two subse-

quent procedures: detection of malicious behaviors,

and adoption of countermeasures.

For that, specific research lines are:

- Behavior modeling and classification (multiva-

riate, HMM, clustering, SVM, GA, …)

- Anomaly detection

- Malware detection and classification

- Countermeasures and response mechanisms

Cyberlaw

Cyberlaw is a very extensive field of research that,

within the NESG group, focuses on the analysis of

International and European regulations and their

application in domestic law. The methodological

approach is interdisciplinary. The objective is to ana-

lyze the state of the regulations, their scope and

nature and the problems posed by their application

with the purpose of proposing new norms or reforms

of existing ones when they are not sufficiently effec-

tive. The main areas of study are security of network

and information systems, cybersecurity, data protec-

tion and Internet governance.

Ethical hacking and digital forensics

Ethical hacking and digital forensics constitute well-

known topics aimed at testing and recovering systems

and services. Some specific aspects addressed by

NESG in this area are:

- Development of new methodologies

- Techniques for fingerprinting

- Exploitation techniques and their countermeasures

- Ethical Hacking capabilities training

- Privacy mechanisms

- Malware analysis and reverse engineering.

- Privacy mechanisms

- Tools and methodologies for digital forensics

NESG leads the HACKIIT team participating in CTF

competitions.

M

ain

co

ntr

ibu

tio

ns

NE

SG

: “M

obile

Dev

ice

Dyn

amic

Sec

urity

Man

agem

ent”

. Spa

nish

TIN

2017

-834

94-T

pro

ject

, 201

8-2

020.

J.A

. Góm

ez-H

erná

ndez

, L. Á

lvar

ez-G

onzá

lez,

P. G

arcí

a-T

eodo

ro: “

R-

Lock

er: T

hwar

ting

Ran

som

war

e A

ctio

n th

roug

h a

Hon

eyfil

e-b

ased

Ap-

proa

ch”,

Com

pute

rs &

Sec

urity

, Vol

. 73,

pp.

389

-398

, 201

8.

Rui

z-H

eras

, P. G

arcí

a-T

eodo

ro, L

. Sán

chez

-Cas

ado:

"A

Dro

id: A

nom

aly-

base

d D

etec

tion

of M

alic

ious

Eve

nts

in A

ndro

id P

latfo

rms"

, In

tern

atio

nal

Jour

nal o

f Inf

orm

atio

n S

ecur

ity, v

ol. 1

6, n

. 4, p

p. 3

71-3

84, 2

017.

P. G

arcí

a, J

.E. D

íaz-

Ver

dejo

, G. M

aciá

, E. V

ázqu

ez: "

Ano

mal

y-

Bas

ed N

etw

ork

Intr

usio

n D

etec

tion:

Tec

hniq

ues,

Sys

tem

s an

d

Cha

lleng

es".

Com

pute

rs &

Sec

urity

, vol

. 28;

pp.

18

-28,

200

9.

Main

con

tribu

tion

s

A

. Alhazm

i, G. M

aciá-F

ernández, J. Cam

acho, "Torrent F

orensics: Are your

Files B

eing Shared in the B

itTorrent N

etwork?", C

YB

ER

'2017.

L. S

ánchez Casado, G

. Maciá F

ernández, P. G

arcía Teodoro and N

ils

Aschenbruck, "Identification of C

ontamination Z

ones for Sinkhole D

etection in M

AN

ET

s", Journal of Netw

ork and Com

puter Applications (2015).

R

.A. R

odríguez-Góm

ez, G. M

aciá-Fernández, P

. García

-Teodoro, M

. S

teiner, D. B

alzarotti, "Resource M

onitoring for the Detection of P

arasite

P2P

Botnets", C

omputer N

etworks (2014).

G

. Maciá-F

ernández, J.E. D

íaz-Verdejo, P

. García

-Teodoro, "E

valuation of

a Low-R

ate DoS

Attack A

gainst Application S

ervers", Com

puters &

Security (2008).

NNeettwwoorrkk EEnnggiinneeeerriinngg && SSeeccuurriittyy GGrroouupp –– NNEESSGG ((hhttttppss::////nneessgg..uuggrr..eess))

Main

con

tribu

tion

s

R

obles Carrillo, M

. (2017). El proceso de reform

a de la ICA

NN

: objeti-vos, régim

en jurídico y estructura orgánica. Revista de P

rivacidad y De-

recho Digital, año II, N

º 7, pp. 25-65.

R

obles Carrillo, M

. (2016). Los principios rectores de la cooperación internacional en el ciberespacio. A

lcance y contenido del consenso en-

tre los Estados. R

evista Iberoamericana de D

erecho Internacional y de la Integración, N

º 5.

R

obles Carrillo, M

. (2016). Am

enaza y uso de la fuerza a través del ciberespacio: un cam

bio de paradigma. R

evista Latinoamericana de

Derecho Internacionalatin A

merican Journal of International Law

, Nº 4.