Artículos (Ingeniería Telemática)https://hdl.handle.net/11441/113872024-03-28T12:24:06Z2024-03-28T12:24:06ZSmart home anomaly-based IDS: architecture proposal and case studyhttps://hdl.handle.net/11441/1480552024-02-17T16:41:58Z2023-01-01T00:00:00ZSmart home anomaly-based IDS: architecture proposal and case study
The complexity and diversity of the technologies involved in the Internet of Things (IoT)
challenge the generalization of security solutions based on anomaly detection, which should
fit the particularities of each context and deployment and allow for performance comparison.
In this work, we provide a flexible architecture based on building blocks suited for detecting
anomalies in the network traffic and the application-layer data exchanged by IoT devices in
the context of Smart Home. Following this architecture, we have defined a particular Intrusion
Detector System (IDS) for a case study that uses a public dataset with the electrical consumption
of 21 home devices over one year. In particular, we have defined ten Indicators of Compromise
(IoC) to detect network attacks and two anomaly detectors to detect false command or data
injection attacks. We have also included a signature-based IDS (Snort) to extend the detection
range to known attacks. We have reproduced eight network attacks (e.g., DoS, scanning) and
four False Command or Data Injection attacks to test our IDS performance. The results show that
all attacks were successfully detected by our IoCs and anomaly detectors with a false positive
rate lower than 0.3%. Signature detection was able to detect only 4 out of 12 attacks. Our
architecture and the IDS developed can be a reference for developing future IDS suited to
different contexts or use cases. Given that we use a public dataset, our contribution can also
serve as a baseline for comparison with new techniques that improve detection performance.
This is an open access article under the CC BY license
(http://creativecommons.org/licenses/by/4.0/).
2023-01-01T00:00:00ZBlockchain-Based Service-Oriented Architecture for Consent Management, Access Control, and Auditinghttps://hdl.handle.net/11441/1455892024-02-14T19:37:48Z2023-01-01T00:00:00ZBlockchain-Based Service-Oriented Architecture for Consent Management, Access Control, and Auditing
Continuity of care requires the exchange of health information among organizations and care teams. The EU General Data Protection Regulation (GDPR) establishes that subject of care should give explicit consent to the treatment of her personal data, and organizations must obey the individual’s will. Nevertheless, few solutions focus on guaranteeing the proper execution of consents. We propose a serviceoriented architecture, backed by blockchain technology, that enables: (1) tamper-proof and immutable storage of subject of care consents; (2) a fine-grained access control for protecting health data according to consents; and (3) auditing tasks for supervisory authorities (or subjects of care themselves) to assess that healthcare organizations comply with GDPR and granted consents. Standards for health information exchange and access control are adopted to guarantee interoperability. Access control events and the subject of care consents are maintained on a blockchain, providing a trusted collaboration between organizations, supervisory authorities, and individuals. A prototype of the architecture has been implemented as a proof of concept to evaluate the performance of critical components. The application of subject of care consent to control the treatment of personal health data in federated and distributed environments is a pressing concern.
The experimental results show that blockchain can effectively support sharing consent and audit events among healthcare organizations, supervisory authorities, and individuals.
2023-01-01T00:00:00ZCO-CAC: A new approach to Call Admission Control for VoIP in 5G/WiFi UAV-based relay networkshttps://hdl.handle.net/11441/1453262024-02-14T13:59:13Z2023-01-01T00:00:00ZCO-CAC: A new approach to Call Admission Control for VoIP in 5G/WiFi UAV-based relay networks
Voice over IP (VoIP) requires a Call Admission Control (CAC) mechanism in WiFi networks to preserve VoIP packet flows from excessive network delay or packet loss. Ideally, this mechanism should be integrated with the operational scenario, guarantee the quality of service of active calls, and maximize the number of concurrent calls. This paper presents a novel CAC scheme for VoIP in the context of a WiFi access network deployed with Unmanned Aerial Vehicles (UAVs) that relay to a backhaul 5G network. Our system, named Codec-Optimization CAC (CO-CAC), is integrated into each drone. It intercepts VoIP call control messages and decides on the admission of every new call based on a prediction of the WiFi network’s congestion level and the minimum quality of service desired for VoIP calls. To maximize the number of concurrent calls, CO-CAC proactively optimizes the codec settings of active calls by exchanging signaling with VoIP users.
We have simulated CO-CAC in a 50 m
50 m scenario with four UAVs providing VoIP service to up to 200 ground users with IEEE 802.11ac WiFi terminals. Our results show that without CAC, the number of calls that did not meet a minimum quality level during the simulation was 10% and 90%, for 50 and 200 users, respectively. However, when CO-CAC was in place, all calls achieved minimum quality for up to 90 users without rejecting any call. For 200 users, only 25% of call attempts were rejected by the admission control scheme. These results were narrowly worse when the ground users moved randomly in the scenario.
2023-01-01T00:00:00ZAproximación metodológica al diseño de un sistema de teleasistencia para pacientes en prediálisis y diálisis peritonealhttps://hdl.handle.net/11441/1444012024-01-23T14:40:01Z2014-03-01T00:00:00ZAproximación metodológica al diseño de un sistema de teleasistencia para pacientes en prediálisis y diálisis peritoneal
Antecedentes: Un importante obstáculo que dificulta el despliegue de soluciones tecnológicas en sanidad es el rechazo que encuentran los sistemas desarrollados por los usuarios que tienen que utilizarlos (ya sean profesionales sanitarios o pacientes), que consideran que no se adaptan a sus necesidades reales. Objetivos: (1) Diseñar una arquitectura tecnológica para la asistencia remota de pacientes nefrológicos aplicando una metodología que prime la implicación de los usuarios (profesionales y pacientes) en todo el diseño y desarrollo; (2) ilustrar cómo las necesidades de los usuarios pueden ser recogidas y respondidas mediante la tecnología, aumentando el nivel de aceptación de los sistemas finales. Métodos: Para obtener las principales necesidades que existen actualmente en Nefrología se implicó a un conjunto de servicios españoles de la especialidad. Se realizó una recogida de necesidades mediante entrevistas semiestructuradas al equipo médico y cuestionarios a profesionales y pacientes. Resultados: Se extrajeron un conjunto de requisitos tanto de profesionales como de pacientes y, paralelamente, el grupo de ingenieros biomédicos identificó requisitos de la asistencia remota de pacientes desde un punto de vista tecnológico. Todos estos requisitos han dado pie al diseño de una arquitectura modular para la asistencia remota de pacientes en diálisis peritoneal y prediálisis. Conclusiones: Este trabajo ilustra cómo es posible implicar a los usuarios en todo el proceso de diseño y desarrollo de un sistema. Fruto de este trabajo es el diseño de una arquitectura modular adaptable para asistencia remota de pacientes nefrológicos respondiendo a las preferencias y necesidades de los usuarios pacientes y profesionales consultados.; Background: A major obstacle that hinders the implementation of
technological solutions in healthcare is the rejection of developed
systems by users (healthcare professionals and patients), who
consider that they do not adapt to their real needs. Objectives:
(1) To design technological architecture for the telecare of
nephrological patients by applying a methodology that prioritises
the involvement of users (professionals and patients) throughout
the design and development process; (2) to show how users’
needs can be determined and addressed by means of technology,
increasing the acceptance level of the final systems. Methods:
In order to determine the main current needs in Nephrology, a
group of Spanish Nephrology Services was involved. Needs were
recorded through semi-structured interviews with the medical
team and questionnaires for professionals and patients. Results:
A set of requirements were garnered from professionals and
patients. In parallel, the group of biomedical engineers identified
requirements for patient telecare from a technological perspective.
All of these requirements drove the design of modular architecture
for the telecare of peritoneal dialysis and pre-dialysis patients.
Conclusions: This work shows how it is possible to involve users
in the whole process of design and development of a system. The
result of this work is the design of adaptable modular architecture
for the telecare of nephrological patients and it addresses the
preferences and needs of patient and professional users consulted.
2014-03-01T00:00:00Z