Skip to main content
aams-eam

Publications

When I have had the opportunity I have made some publications, here you have access to them.

  1. Annals of Telecommunications - Springer

    22 mar. 2023

    A data infrastructure for heterogeneous telemetry adaptation. Application to Netflow-based cryptojacking detection

    Authors: Alejandro A. Moreno-Sancho, Antonio Pastor, Ignacio D. Martinez-Casanueva, Daniel González-Sánchez, Luis Bellido Triana.

    Abstract
    This article is an extensión of my previous work.

  2. IEEE

    22 mar. 2023

    A data infrastructure for heterogeneous telemetry adaptation. Application to Netflow-based cryptojacking detection

    Authors: Alejandro A. Moreno-Sancho, Antonio Pastor, Ignacio D. Martinez-Casanueva, Daniel González-Sánchez, Luis Bellido Triana.

    Abstract
    The increasing development of cryptocurrencies has brought cryptojacking as a new security threat in which attackers steal computing resources for cryptomining. The digitization of the supply chain is a potential major target for cryptojacking due to the large number of different infrastructures involved. These different infrastructures provide information sources that can be useful to detect cryptojacking, but with a wide variety of data formats and encodings. This paper describes the Semantic Data Aggregator (SDA), a normalization and aggregation system based on data modelling and low-latency processing of data streams that facilitates the integration of heterogeneous information sources. As a use case, the paper describes a Cryptomining Detection System (CDS) based on network traffic flows processed by a machine learning engine. The results show how the SDA is leveraged in this use case to obtain aggregated information that improves the performance of the cryptomining detection system.

  3. IEEE

    3 ago. 2022

    Model-Driven Network Monitoring Using NetFlow Applied to Threat Detection

    Authors: Daniel González-Sánchez, Ignacio D. Martinez-Casanueva, Antonio Pastor, Luis Bellido Triana, Cristina Pinar Muñoz Zamarro, Alejandro A. Moreno-Sancho, David Fernández Cambronero, Diego Lopez.

    Abstract
    In recent years, several research works have proposed the analysis of network flow information using machine learning in order to detect threats or anomalous activities. In this sense, NetFlow-based systems stand out as one of the main sources of network flow information. In these systems, NetFlow collectors provide the flow monitoring information to be analyzed, but the particular information structure and format provided by different collector implementations is a recurring problem. In this paper, a new YANG data model is proposed as a standard model to use NetFlow-based monitoring data. In order to validate the proposal, a NetFlow collector incorporating the proposed NetFlow YANG model has been developed, to be integrated in a network scenario in which network flows are analyzed to detect malicious cryptomining activity. This collector extends an existing one, and provides design patterns to incorporate other existing collectors into this common data model. Our results show how, by using the YANG modeling language, network flow information can be handled and aggregated in a formal and unified way that provides flexibility and facilitates data analysis applied to threat detection.

  4. URSI

    1 sept. 2021

    Estimation of KQIs based on mobile application traces

    Authors: Alejandro A. Moreno-Sancho, Sergio Fortes-Rodriguez, Eduardo Baena-Martínez, Francisco Javier Pareja Peña, Raquel Barco-Moreno.

    Abstract
    The increasing complexity of mobile networks, even more so with the development of 5G, makes it difficult to relate the traditional low-layer radio metrics used so far to actual user quality. These measures, known as KPIs (Key Performance Indicators), are easy to obtain compared to KQIs (Key Quality Indicators), but it is the latter that give a true approximation of user quality. The problem with the KQI is the difficulty of obtaining them, they consume time and battery on mobile devices, since the vast majority of them require downloading and uploading files, http requests, and live video streaming among others. A complete framework for estimating KQIs using KPIs and additional information is proposed and evaluated in a real cellular network, achieving the advantages of KQI accuracy from the ease of obtaining KPIs.

  5. URSI

    2 oct. 2020

    Experimental mobile network monitoring probe for events

    Authors: Alejandro A. Moreno-Sancho, Eduardo Baena-Martínez, Sergio Fortes-Rodriguez, Raquel Barco-Moreno.

    Abstract
    The high increase of people using mobile networks added to high influx situations, events such as, concerts or football matches occur, have been causing trouble with the management of those networks, causing a reduction of quality for the user. In this article it is exposed the bad effects of this events and linking them up with the final quality of the user in different experiments that will also be explained. Analyzing data from certain LTE nodes located in Lerkendal Stadium in Norway, we have been able to appreciate that problems. Recognising when the change of quality is caused and how it behaves is the first step to make a solution that improves the situation.