DIT - RYSC - Artículos en Revistas Internacionales / International Journals

Permanent URI for this collection


Recent Submissions

Now showing 1 - 20 of 374
  • Publication
    Software-driven Connectivity Orchestration for Multi-domain NFV Ecosystems
    (IEEE, 2023-08-21) Nogales Dorado, Borja; Vidal Fernández, Iván; Valera Pintor, Francisco; Sánchez Agüero, Víctor; López, Diego R.; European Commission; Agencia Estatal de Investigación (España)
    Network Functions Virtualization (NFV) is a fundamental enabler in 5G networks, automating service deployment through softwarization and virtualization. However, challenges remain in providing network connectivity to service components, commonly referred to as Virtual Network Functions (VNFs), deployed on different domains. A usual approach to enable such connectivity is to rely on layer-3 routing from Internet service providers. However, this approach presents limitations to preserve isolation among remote VNFs, and may require undesirable network configurations. This paper proposes a novel connectivity orchestration service for multi-domain NFV ecosystems to address these limitations. The service is based on a set of interconnected software components that are deployed on every NFV domain. Connectivity is automatically provided to remote VNFs over the overlay network formed by these components using Software-Defined Network (SDN) technologies. The service has been prototyped using open-source software, being validated on a real NFV ecosystem.
  • Publication
    Design and Deployment of an Open Management and Orchestration Platform for Multi-Site NFV Experimentation
    (IEEE, 2019-01-01) Nogales Dorado, Borja; Vidal Fernández, Iván; López, Diego R.; Rodríguez, Juan; García Reinoso, Jaime José; Azcorra Saloña, Arturo; European Commission; Ministerio de Economía y Competitividad (España)
    Management and orchestration of virtual resources and functions, commonly referred to as MANO, are key functionalities of NFV environments. This article describes the design and deployment of the NFV MANO platform of 5TONIC, the open research and innovation laboratory on 5G technologies founded by Telefonica and IMDEA Networks. This NFV MANO platform provides 5TONIC trials and experiments with access to a functional production-like NFV environment, enabling experimentation with novel NFV products and services. As a relevant feature, the platform is capable of incorporating external sites to complement the portfolio of software and hardware resources that can be made available for experimentation activities. The 5TONIC MANO platform has been designed and built using open source technologies. The research carried out during its design and deployment has resulted in a contribution already made to its upstream projects regarding the automated configuration of virtualized network functions. Finally, we explore the scalability properties of the 5TONIC MANO platform, and we experimentally validate its functional capacity to orchestrate multi-site experiments.
  • Publication
    Digital twins for next-generation mobile networks: Applications and solutions
    (IEEE, 2023-05-08) Apostolakis, Nikolaos; Chatzieleftheriou, Livia Elena; Bega, Darío; Gramaglia, Marco; Banchs Roca, Albert; European Commission
    Digital Twins (DTs) create fully-synchronized virtual representations of real-world systems, which can serve as interactive counterparts for artificial intelligence (AI) and machine learning (ML) algorithms, and hold significant importance for the upcoming 6G mobile networks. In this paper, we argue that DTs can improve all phases of the intelligent networks' workflow, due to their adaptability and scalability properties that would allow them to transparently integrate new AI/ML algorithms faster, more scalably, and more precisely. Our contribution is two-fold: first, we propose three specific application scenarios of DT-enhanced network architectures in the context of 6G. Second, using open-source tools, we implement and evaluate in detail one of them. Our results demonstrate that our DT reflects the characteristics of the physical object, successfully and scalably twinning it, and adapting to changing contextual conditions.
  • Publication
    Protecting Image Processing Pipelines against Configuration Memory Errors in SRAM-Based FPGAs
    (MDPI, 2018-11-01) Aranda, Luis Alberto; Reviriego Vasallo, Pedro; Maestro, Juan Antonio
    Image processing systems are widely used in space applications, so different radiation-induced malfunctions may occur in the system depending on the device that is implementing the algorithm. SRAM-based FPGAs are commonly used to speed up the image processing algorithm, but then the system could be vulnerable to configuration memory errors caused by single event upsets (SEUs). In those systems, the captured image is streamed pixel by pixel from the camera to the FPGA. Certain local operations such as median or rank filters need to process the image locally instead of pixel by pixel, so some particular pixel caching structures such as line-buffer-based pipelines can be used to accelerate the filtering process. However, an SRAM-based FPGA implementation of these pipelines may have malfunctions due to the mentioned configuration memory errors, so an error mitigation technique is required. In this paper, a novel method to protect line-buffer-based pipelines against SRAM-based FPGA configuration memory errors is presented. Experimental results show that, using our protection technique, considerable savings in terms of FPGA resources can be achieved while maintaining the SEU protection coverage provided by other classic pipeline protection schemes.
  • Publication
    Salary Prediction in the IT Job Market with Few High-Dimensional Samples: A Spanish Case Study
    (Atlantis Press, 2018-06-01) Martínez Fernández, Ignacio; Mariello, Andrea; Battiti, Roberto; Hernández Gutiérrez, José Alberto; Ministerio de Economía y Competitividad (España); Ministerio de Educación (España); Universidad Carlos III de Madrid
    The explosion of the Internet has deeply affected the labour market. Identifying most rewarded and demanded items in job offers is key for recruiters and candidates. This work analyses 4, 000 job offers from a Spanish IT recruitment portal. We conclude that (1) experience is more rewarded than education, (2) we identify five profile clusters based on required skills and (3) we develop an accurate salary-range classifier by using tree-based ensembles.
  • Publication
    Android Malware Characterization Using Metadata and Machine Learning Techniques
    (2018-07-01) Martín Martínez, Ignacio; Hernández Gutiérrez, José Alberto; Muñoz, Alfonso; Guzmán, Antonio; Ministerio de Educación, Cultura y Deporte (España)
    Android malware has emerged as a consequence of the increasing popularity of smartphones and tablets. While most previous work focuses on inherent characteristics of Android apps to detect malware, this study analyses indirect features and metadata to identify patterns in malware applications. Our experiments show the following: (1) the permissions used by an application offer only moderate performance results; (2) other features publicly available at Android markets are more relevant in detecting malware, such as the application developer and certificate issuer; and (3) compact and efficient classifiers can be constructed for the early detection of malware applications prior to code inspection or sandboxing.
  • Publication
    Security architecture for law enforcement agencies
    (Springer Nature, 2016-09) Urueña Pascual, Manuel; Machnik, Petr; Niemiec, Marcin; Stoianov, Nikolai; European Commission
    In order to carry out their duty to serve and protect, law enforcement agencies (LEAs) must deploy new tools and applications to keep up with the pace of evolving technologies. However, police information and communication technology (ICT) systems have stringent security requirements that may delay the deployment of these new applications, since necessary security measures must be implemented first. This paper presents an integrated security architecture for LEAs that is able to provide common security services to novel and legacy ICT applications, while fulfilling the high security requirements of police forces. By reusing the security services provided by this architecture, new systems do not have to implement custom security mechanisms themselves, and can be easily integrated into existing police ICT infrastructures. The proposed LEA security architecture features state-of-the-art technologies, such as encrypted communications at network and application levels, or multi-factor authentication based on certificates stored in smart cards.
  • Publication
    A Link-Layer Virtual Networking Solution for Cloud-Native Network Function Virtualisation Ecosystems: L2S-M
    (MDPI, 2023-08-01) González Blázquez, Luis Félix; Vidal Fernández, Iván; Valera Pintor, Francisco; Martín Celaya, Raúl; Artalejo Sacristán, Dulce Nombre De María; European Commission; Agencia Estatal de Investigación (España)
    Microservices have become promising candidates for the deployment of network and vertical functions in the fifth generation of mobile networks. However, microservice platforms like Kubernetes use a flat networking approach towards the connectivity of virtualised workloads, which prevents the deployment of network functions on isolated network segments (for example, the components of an IP Telephony system or a content distribution network). This paper presents L2S-M, a solution that enables the connectivity of Kubernetes microservices over isolated link-layer virtual networks, regardless of the compute nodes where workloads are actually deployed. L2S-M uses software-defined networking (SDN) to fulfil this purpose. Furthermore, the L2S-M design is flexible to support the connectivity of Kubernetes workloads across different Kubernetes clusters. We validate the functional behaviour of our solution in a moderately complex Smart Campus scenario, where L2S-M is used to deploy a content distribution network, showing its potential for the deployment of network services in distributed and heterogeneous environments.
  • Publication
    Mind the gender gap: COVID-19 lockdown effects on gender differences in preprint submissions
    (Public Library of Science, 2022-03-01) Úcar Marques, Iñaki; Torre Fernández, Margarita; Elías Fernández, Antonio; Comunidad de Madrid; Agencia Estatal de Investigación (España)
    The gender gap is a well-known problem in academia and, despite its gradual narrowing, recent estimations indicate that it will persist for decades. Short-term descriptive studies suggest that this gap may have actually worsened during the months of confinement following the start of the COVID-19 pandemic in 2020. In this work, we evaluate the impact of the COVID-19 lockdown on female and male academics' research productivity using preprint drop-off data. We examine a total of 307,902 unique research articles deposited in 5 major preprint repositories during the period between January and May each year from 2017 to 2020. We find that the proportion of female authors in online repositories steadily increased over time; however, the trend reversed during the confinement and gender parity worsened in two respects. First, the proportion of male authors in preprints increased significantly during lockdown. Second, the proportion of male authors in COVID-19-related articles was significantly higher than that of women. Overall, our results imply that the gender gap in academia suffered an approximately 1-year setback during the strict lockdown months of 2020, and COVID-related research areas suffered an additional 1.5-year setback.
  • Publication
    A unified service-based capability exposure framework for closed-loop network automation
    (Wiley, 2022-11-01) Gramaglia, Marco; Kajo, Marton; Mannweiler, Christian; Bulakci, Ömer; Wei, Qing; European Commission; Ministerio de Asuntos Económicos y Transformación Digital (España)
    The ongoing quest for the tight integration of network operation and the network service provisioning initiated with the introduction of 5G often clashes with the capacity of current network architectures to provide means for such integration. Owing to the traditional design of mobile networks, which barely required a tight interaction, network elements offer capabilities for their continuous optimization just within their domain (eg, access, or core), allowing for a "silo-style" automation that falls short when aiming at closed-loop automation that embraces all the actors involved in the network, from network functions up to the service-provider network functions. To this end, in this article, we make the case for the network-wide capability exposure framework for closed-loop automation by (i) defining the different entities that shall expose capabilities, and (ii) discussing why the state of the art solutions are not enough to support this vision. Our proposed architecture, which relies on registration and discovery, and exposure functions, allows for enhanced use cases that are currently not possible with state of the art solution. We prove the feasibility of our solution by implementing it in a real-world testbed, employing Artificial Intelligence algorithms to close the loop for the management of the radio access network.
  • Publication
    Are crowd-sourced CTI datasets ready for supporting anti-cybercrime intelligence?
    (Elsevier, 2023-07-11) Allegretta, Mauro; Siracusano, Giuseppe; González, Roberto; Gramaglia, Marco; Ministerio de Asuntos Económicos y Transformación Digital (España)
    Cyber crimes rapidly increased over the past years, with attackers performing large-scale activities, using sophisticated and complex tactics and techniques, that have targeted governments, companies, and even strategic infrastructures. To tackle these attacks, the cyber-security community usually shares Cyber Threat Intelligence (CTI) that includes the collected Indicators of Compromise (IoC) using several open or private sharing platforms. In this paper, we study the informativeness and relevance of the IoCs related to cyber crimes following a major real-world event such as the war in Ukraine, which started in February 2022. To this end, we analyze different kinds of attacks available in a crowd-sourced dataset of Cyber Threat Intelligence (CTI) reports. Our analysis shows that while this data is able to capture major trends such as the ones following major events, the degree of miscellaneous information inside the reports makes it difficult to discern the association of a specific trace unequivocally.
  • Publication
    RL-NSB: reinforcement learning-based 5G network slice broker
    (IEEE, 2019-08-01) Sciancalepore, Vincenzo; Costa-Pérez, Xavier; Banchs Roca, Albert; European Commission; Ministerio de Economía y Competitividad (España)
    Network slicing is considered one of the main pillars of the upcoming 5G networks. Indeed, the ability to slice a mobile network and tailor each slice to the needs of the corresponding tenant is envisioned as a key enabler for the design of future networks. However, this novel paradigm opens up to new challenges, such as isolation between network slices, the allocation of resources across them, and the admission of resource requests by network slice tenants. In this paper, we address this problem by designing the following building blocks for supporting network slicing: i) traffic and user mobility analysis, ii) a learning and forecasting scheme per slice, iii) optimal admission control decisions based on spatial and traffic information, and iv) a reinforcement process to drive the system towards optimal states. In our framework, namely RL-NSB, infrastructure providers perform admission control considering the service level agreements (SLA) of the different tenants as well as their traffic usage and user distribution, and enhance the overall process by the means of learning and the reinforcement techniques that consider heterogeneous mobility and traffic models among diverse slices. Our results show that by relying on appropriately tuned forecasting schemes, our approach provides very substantial potential gains in terms of system utilization while meeting the tenants' SLAs.
  • Publication
    Unsupervised scalable statistical method for identifying influential users in online social networks
    (Springer, 2018-05-03) Azcorra Saloña, Arturo; Chiroque Núñez, Luis Felipe; Cuevas Rumín, Rubén; Fernández Anta, Antonio; Laniado Rodas, Henry; Lillo Rodríguez, Rosa Elvira; Romo, Juan; Sguera, Carlo
    Billions of users interact intensively every day via Online Social Networks (OSNs) such as Facebook, Twitter, or Google+. This makes OSNs an invaluable source of information, and channel of actuation, for sectors like advertising, marketing, or politics. To get the most of OSNs, analysts need to identify influential users that can be leveraged for promoting products, distributing messages, or improving the image of companies. In this report we propose a new unsupervised method, Massive Unsupervised Outlier Detection (MUOD), based on outliers detection, for providing support in the identification of influential users. MUOD is scalable, and can hence be used in large OSNs. Moreover, it labels the outliers as of shape, magnitude, or amplitude, depending of their features. This allows classifying the outlier users in multiple different classes, which are likely to include different types of influential users. Applying MUOD to a subset of roughly 400 million Google+ users, it has allowed identifying and discriminating automatically sets of outlier users, which present features associated to different definitions of influential users, like capacity to attract engagement, capacity to attract a large number of followers, or high infection capacity.
  • Publication
    A deep dive into the accuracy of IP geolocation databases and its impact on online advertising
    (IEEE, 2023-08-01) Callejo Pinardo, Patricia; Gramaglia, Marco; Cuevas Rumín, Rubén; Cuevas Rumín, Ángel; Comunidad de Madrid; European Commission; Agencia Estatal de Investigación (España)
    The quest for every time more personalized Internet experience relies on the enriched contextual information about each user. Online advertising also follows this approach. Among the context information that advertising stakeholders leverage, location information is certainly one of them. However, when this information is not directly available from the end users, advertising stakeholders infer it using geolocation databases, matching IP addresses to a position on earth. The accuracy of this approach has often been questioned in the past: however, the reality check on an advertising stakeholder shows that this technique accounts for a large fraction of the served advertisements. In this paper, we revisit the work in the field, that is mostly from almost one decade ago, through the lenses of big data. More specifically, we, i) benchmark two commercial Internet geolocation databases, evaluate the quality of their information using a ground-truth database of user positions containing over 2 billion samples, ii) analyze the internals of these databases, devising a theoretical upper bound for the quality of the Internet geolocation approach, and iii) we run an empirical study that unveils the monetary impact of this technology by considering the costs associated with a real-world ad impressions dataset.
  • Publication
    On the tweet arrival process at Twitter: analysis and applications
    (Wiley, 2014-02) González Sánchez, Roberto; Muñoz Muñoz, Alfonso; Hernández Gutiérrez, José Alberto; Cuevas Rumín, Rubén; European Commission
    This work provides a novel measurement-based analysis of the tweet arrival traffic process at Twitter. The analysis considers more than one million total tweets collected at 48 different times of the day (o'clock and half-past every hour). We observe a 3.5-tweet/ms average rate with a valley of 2.5 tweets/ms at 10 AM (GMT+1) and a peak at 3 PM (GMT+1) of about 5 tweets/ms. We further model the traffic pattern as a Gaussian process, and we validate such an assumption with multiple normality tests. Finally, we overview a number of applications where such a model may show its utility, namely infrastructure dimensioning and upgrading, the detection of outlier events, energy efficiency and so on.
  • Publication
    TorrentGuard: Stopping scam and malware distribution in the BitTorrent ecosystem
    (Elsevier, 2014-02-11) Cuevas Rumín, Rubén; Kryczka, Michal; González Sánchez, Roberto; Cuevas Rumín, Ángel; Azcorra Saloña, Arturo; Comunidad de Madrid; European Commission; Ministerio de Economía y Competitividad (España)
    In this paper we conduct a large scale measurement study in order to analyse the fake content publishing phenomenon in the BitTorrent ecosystem. Our results reveal that fake content represents an important portion (35%) of those files shared in BitTorrent and just a few tens of users are responsible for 90% of this content. Furthermore, more than 99% of the analysed fake files are linked to either malware or scam websites. This creates a serious threat for the BitTorrent ecosystem. To address this issue, we present a new tool named TorrentGuard for the early detection of fake content. Based on our evaluation this tool may prevent end users from downloading more than 35 millions fake files per year. This could help to reduce the number of computer infections and scams suffered by BitTorrent users. TorrentGuard is already available and it can be accessed through both a webpage or a Vuze plugin.
  • Publication
    On exploiting social relationship and personal background for content discovery in P2P networks
    (Elsevier, 2014-11) Han, Xiao; Cuevas Rumín, Ángel; Crespi, Noël; Cuevas Rumín, Rubén; Huang, Xiaodi; European Commission; Ministerio de Economía y Competitividad (España)
    Content discovery is a critical issue in unstructured Peer-to-Peer (P2P) networks as nodes maintain only local network information. However, similarly without global information about human networks, one still can find specific persons via his/her friends by using social information. Therefore, in this paper, we investigate the problem of how social information (i.e., friends and background information) could benefit content discovery in P2P networks. We collect social information of 384,494 user profiles from Facebook, and build a social P2P network model based on the empirical analysis. In this model, we enrich nodes in P2P networks with social information and link nodes via their friendships. Each node extracts two types of social features – Knowledge and Similarity – and assigns more weight to the friends that have higher similarity and more knowledge. Furthermore, we present a novel content discovery algorithm which can explore the latent relationships among a node’s friends. A node computes stable scores for all its friends regarding their weight and the latent relationships. It then selects the top friends with higher scores to query content. Extensive experiments validate performance of the proposed mechanism. In particular, for personal interests searching, the proposed mechanism can achieve 100% of Search Success Rate by selecting the top 20 friends within two-hop. It also achieves 6.5 Hits on average, which improves 8x the performance of the compared methods.
  • Publication
    KPI guarantees in network slicing
    (IEEE, 2021-10-22) Martín Pérez, Jorge; Malandrino, Francesco; Chiasserini, Carla Fabiana; Groshev, Milan; Bernardos Cano, Carlos Jesús; European Commission
    Thanks to network slicing, mobile networks can now support multiple and diverse services, each requiring different key performance indicators (KPIs). In this new scenario, it is critical to allocate network and computing resources efficiently and in such a way that all KPIs targeted by a service are met. Accounting for all sorts of KPIs (e.g., availability and reliability, besides the more traditional throughput and latency) is an aspect that has been scarcely addressed so far and that requires tailored models and solution strategies. We address this issue by proposing a novel methodology and resource orchestration scheme, named OKpi, which provides high-quality decisions on VNF (Virtual Network Function) placement and data routing, including the selection of radio points of attachment. Importantly, OKpi has polynomial computational complexity and accounts for all KPIs required by each service, and for any resource available from the fog to the cloud. We prove several properties of OKpi and demonstrate that it performs very closely to the optimum under real-world scenarios. We also implement OKpi in a testbed supporting a robot-based, smart factory service, and we present some field tests that further confirm the ability of OKpi to make high-quality decisions.
  • Publication
    Balloons in the Sky: Unveiling the Characteristics and Trade-offs of the Google Loon Service
    (IEEE, 2023-06-01) Serrano Yáñez-Mingot, Pablo; Gramaglia, Marco; Mancini, Francesco; Chiraraviglio, Luca; Bianchi, Giuseppe; Agencia Estatal de Investigación (España)
    The Google's Loon[TM] initiative aims at covering rural or underdeveloped areas via fleets of high-altitude balloons supporting LTE connectivity. But how effective and stable can be the coverage provided by a network deployed via propulsion-free balloons, floating in the sky, and only loosely controllable through altitude variations? To provide some insights on the relevant performance and trade-offs, in this paper we gather real-world data from publicly available flight tracking services, and we analyze coverage and service stability in three past deployment scenarios. Besides employing a variety of metrics related to spatial and temporal coverage, we also assess service continuity, by also leveraging recently proposed “meaningful availability” metrics. While our analyses show that balloons are certainly a cost-effective way to provide a better-than-nothing and delay-tolerant service, there is yet no empirical evidence that an increase in the number of overlapping balloons may be rewarded with a substantial performance increase - in other words, we suspect that guaranteeing coverage and service stability levels comparable to that of a terrestrial cellular network is a challenging goal.
  • Publication
    Choose, not hoard: Information-to-model matching for Artificial Intelligence in O-RAN
    (IEEE, 2023-04) Martín Pérez, Jorge; Molner, Nuria; Malandrino, Francesco; Bernardos Cano, Carlos Jesús; Oliva Delgado, Antonio de la; Gomez-Barquero, David; European Commission; Ministerio de Economía y Competitividad (España)
    Open Radio Access Network (O-RAN) is an emerging paradigm, whereby virtualized network infrastructure elements from different vendors communicate via open, standardized interfaces. A key element therein is the RAN Intelligent Controller (RIC), an Artificial Intelligence (AI)-based controller. Traditionally, all data available in the network has been used to train a single AI model to be used at the RIC. This paper introduces, discusses, and evaluates the creation of multiple AI model instances at different RICs, leveraging information from some (or all) locations for their training. This brings about a flexible relationship between gNBs, the AI models used to control them, and the data such models are trained with. Experiments with real-world traces show how using multiple AI model instances that choose training data from specific locations improve the performance of traditional approaches following the hoarding strategy.