Research publications

This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author’s copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.

Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the Publisher.

(last update: August 30, 2024)

2024

• Towards a GDPR-compliant cloud architecture with data privacy controlled through sticky policies. María Emilia Cambronero, Miguel A. Martínez, Luis Llana, Ricardo J. Rodríguez, Alejandro Russo, PeerJ Computer Science, vol. 10:e1898, pp. 1–44, 2024. doi: 10.7717/peerj-cs.1898
• Exploring Shifting Patterns in Recent IoT Malware. Javier Carrillo-Mondéjar, Guillermo Suárez-Tangil, Andrei Costin, Ricardo J. Rodríguez, in Proceedings of the 23rd European Conference on Cyber Warfare and Security (ECCWS), vol. 23, pp. 96–106, ACI, 2024. doi: 10.34190/eccws.23.1.2280

2023

• MOSTO: A Toolkit to Facilitate Security Auditing of ICS Devices using Modbus/TCP. Ricardo J. Rodríguez, Stefano Marrone, Ibai Marcos, Giuseppe Porzio, Computers & Security, vol. 132, pp. 103373, 2023. doi: 10.1016/j.cose.2023.103373
• Module Extraction and DLL Hijacking Detection via Single or Multiple Memory Dumps. Pedro Fernández-Álvarez, Ricardo J. Rodríguez, Forensic Science International: Digital Investigation, vol. 44, pp. 301505, 2023. doi: 10.1016/j.fsidi.2023.301505
• Towards UAV-based MEC Service Chain Resilience Evaluation: A Quantitative Modeling Approach. Jing Bai, Xiaolin Chang, Ricardo J. Rodríguez, Kishor Trivedi, Shupan Li, IEEE Transactions on Vehicular Technology, vol. 72, iss. 4, pp. 5181–5194, 2023. doi: 10.1109/TVT.2022.3225564

2022

• Resource Consumption Evaluation of C++ Cryptographic Libraries on Resource-Constrained Devices. Razvan Raducu, Ricardo J. Rodríguez, Pedro Álvarez, in Applied Cryptography in Computer and Communications, pp. 65–75, Springer Nature Switzerland, 2022. doi: 10.1007/978-3-031-17081-2_5

• DI-AA: An Interpretable White-box Attack for Fooling Deep Neural Networks. Yixiang Wang, Jiqiang Liu, Xiaolin Chang, Ricardo J. Rodríguez, Jianhua Wang, Information Sciences, vol. 610, pp. 14–32, 2022. doi: 10.1016/j.ins.2022.07.157

• AB-FGSM: AdaBelief Optimizer and FGSM-Based Approach to Generate Adversarial Examples. Yixiang Wang, Jiqiang Liu, Xiaolin Chang, Jianhua Wang, Ricardo J. Rodríguez, Journal of Information Security and Applications, vol. 68, pp. 103227, 2022. doi: 10.1016/j.jisa.2022.103227

• OCamello: A Course and Summer School with Learn-OCaml. Roberto Blanco, Ricardo J. Rodríguez, OCaml Users and Developers Workshop 2022, vol. PP, iss. PP, pp. 2, 2022.

• Towards a Testbed for Critical Industrial Systems: SunSpec Protocol on DER Systems as a Case Study. Esteban Damián Gutiérrez Mlot, Jose Saldana, Ricardo J. Rodrı́guez, in Proceedings of the 27th International Conference on Emerging Technologies and Factory Automation, pp. 1–4, IEEE, 2022. doi: 10.1109/ETFA52439.2022.9921522

• Assessing Anonymous and Selfish Free-rider Attacks in Federated Learning. Jianhua Wang, Xiaolin Chang, Ricardo J. Rodríguez, Yixiang Wang, in Proceedings of the 2022 IEEE Symposium on Computers and Communications, pp. 6, IEEE, 2022. doi: 10.1109/ISCC55528.2022.9912903

• Evasion and Countermeasures Techniques to Detect Dynamic Binary Instrumentation Frameworks. Ailton Santos Filho, Ricardo J. Rodríguez, Eduardo L. Feitosa, Digital Threats: Research and Practice, vol. 3, iss. 2, pp. 28, 2022. doi: 10.1145/3480463

• Defense and Attack Techniques against File-based TOCTOU Vulnerabilities: a Systematic Review. Razvan Raducu, Ricardo J. Rodríguez, Pedro Alvarez, IEEE Access, vol. 10, pp. 21742–21758, 2022. doi: 10.1109/ACCESS.2022.3153064

• Characterization and Evaluation of IoT Protocols for Data Exfiltration. Daniel Uroz, Ricardo J. Rodríguez, IEEE Internet of Things Journal, vol. 9, iss. 19, pp. 19062–19072, 2022. doi: 10.1109/JIOT.2022.3163469

• Extraction and Analysis of Retrievable Memory Artifacts from Windows Telegram Desktop Application. Pedro Fernández-Álvarez, Ricardo J. Rodríguez, Forensic Science International: Digital Investigation, vol. 40, pp. 301342, 2022. doi: 10.1016/j.fsidi.2022.301342

2021

• LSGAN-AT: Enhancing Malware Detector Robustness against Adversarial Examples. Jianhua Wang, Xiaolin Chang, Yixiang Wang, Ricardo J. Rodríguez, Jianan Zhang, Cybersecurity, vol. 4:38, iss. 1, pp. 15, 2021. doi: 10.1186/s42400-021-00102-9

• Towards Optimal LSTM Neural Networks for Detecting Algorithmically Generated Domain Names. Jose Selvi, Ricardo J. Rodríguez, Emilio Soria-Olivas, IEEE Access, vol. 9, pp. 126446–126456, 2021. doi: 10.1109/ACCESS.2021.3111307

• Quantifying Paging on Recoverable Data from Windows User-Space Modules. Miguel Martín-Pérez, Ricardo J. Rodríguez, in Proceedings of the 12th EAI International Conference on Digital Forensics & Cyber Crime, pp. 1–19, Springer International Publishing, 2021. doi: 10.1007/978-3-031-06365-7_1

• A Vision for Improving Business Continuity through Cyber-resilience Mechanisms and Frameworks. Miguel Hernández-Bejarano, Ricardo J. Rodríguez, José Merseguer, in Proceedings of the 16th Iberian Conference on Information Systems and Technologies (CISTI), pp. 1–5, 2021. doi: 10.23919/CISTI52073.2021.9476324

• Evaluation of the Executional Power in Windows using Return Oriented Programming. Daniel Uroz, Ricardo J. Rodríguez, in Proceedings of the 15th IEEE Workshop on Offensive Technologies (WOOT), pp. 361–372, IEEE, 2021. doi: 10.1109/SPW53761.2021.00056

• Bringing Order to Approximate Matching: Classification and Attacks on Similarity Digest Algorithms. Miguel Martín-Pérez, Ricardo J. Rodríguez, Frank Breitinger, Forensic Science International: Digital Investigation, vol. 36, pp. 301120, 2021. doi: 10.1016/j.fsidi.2021.301120

• Pre-processing Memory Dumps to Improve Similarity Score of Windows Modules. Miguel Martín-Pérez, Ricardo J. Rodríguez, Davide Balzarotti, Computers & Security, vol. 101, pp. 102119, 2021. doi: 10.1016/j.cose.2020.102119

2020

• On Challenges in Verifying Trusted Executable Files in Memory Forensics. Daniel Uroz, Ricardo J. Rodríguez, Forensic Science International: Digital Investigation, vol. 32, pp. 300917, 2020. doi: 10.1016/j.fsidi.2020.300917

• On Fingerprinting of Public Malware Analysis Services. Álvaro Botas, Ricardo J. Rodríguez, Vicente Matellan, Juan F. García, M. T Trobajo, Miguel V. Carriegos, Logic Journal of the IGPL, vol. 28, iss. 4, pp. 473–486, 2020. doi: 10.1093/jigpal/jzz050

• Reducing the Attack Surface of Dynamic Binary Instrumentation Frameworks. Ailton Santos Filho, Ricardo J. Rodríguez, Eduardo L. Feitosa, in Developments and Advances in Defense and Security, vol. 152, pp. 3–13, Springer Singapore, 2020. doi: 10.1007/978-981-13-9155-2_1

• An Evaluation Framework for Comparative Analysis of Generalized Stochastic Petri Net Simulation Techniques. R. J. Rodríguez, S. Bernardi, A. Zimmermann, IEEE Transactions on Systems, Man, and Cybernetics: Systems, vol. 50, iss. 8, pp. 2834–2844, 2020. doi: 10.1109/TSMC.2018.2837643

2019

• Characteristics and Detectability of Windows Auto-Start Extensibility Points in Memory Forensics. Daniel Uroz, Ricardo J. Rodríguez, Digital Investigation, vol. 28, pp. S95–S104, 2019. doi: 10.1016/j.diin.2019.01.026
• Detection of Algorithmically Generated Malicious Domain Names using Masked N-Grams. Jose Selvi, Ricardo J. Rodríguez, Emilio Soria-Olivas, Expert Systems with Applications, vol. 124, pp. 156–163, 2019. doi: 10.1016/j.eswa.2019.01.050
• Profiling the Publish/Subscribe Paradigm for Automated Analysis Using Colored Petri Nets. Abel Gómez, Ricardo J. Rodríguez, María-Emilia Cambronero, Valentín Valero, Software and Systems Modeling, vol. 18, iss. 5, pp. 2973–3003, 2019. doi: 10.1007/s10270-019-00716-1
• Quantitative security analysis of a dynamic network system under lateral movement-based attacks. Yu Shi, Xiaolin Chang, Ricardo J. Rodríguez, Zhenjiang Zhang, Kishor S. Trivedi, Reliability Engineering & System Safety, vol. 183, pp. 213–225, 2019. doi: 10.1016/j.ress.2018.11.022
• A Dynamic Data-Throttling Approach to Minimize Workflow Imbalance. Ricardo J. Rodríguez, Rafael Tolosana-Calasanz, Omer F. Rana, ACM Transactions on Internet Technology, vol. 19, iss. 3, pp. 1–21, 2019. doi: 10.1145/3278720
• On Throughput Approximation of Resource Allocation Systems by Bottleneck Regrowing. Ricardo J. Rodríguez, Javier Campos, IEEE Transactions on Control Systems Technology, vol. 27, iss. 1, pp. 370–377, 2019. doi: 10.1109/TCST.2017.2768512

2018

• Desanonimización y categorización de servicios ocultos de la red Tor. Ricardo J. Rodríguez, Jorge García de Quirós, in Actas del VI Congreso Nacional de i+d en Defensa y Seguridad (DESEi+d 2018), pp. 259, 2018.

• Survivability Model for Security and Dependability Analysis of a Vulnerable Critical System. Xiaolin Chang, Shaohua Lv, Ricardo J. Rodríguez, Kishor Trivedi, in Proceedings of the 2018 27th International Conference on Computer Communication and Networks (ICCCN), pp. 1–6, 2018. doi: 10.1109/ICCCN.2018.8487446

• A Tool to Compute Approximation Matching between Windows Processes. Ricardo J. Rodríguez, Miguel Martín-Pérez, Iñaki Abadía, in Proceedings of the 2018 6th International Symposium on Digital Forensic and Security (ISDFS), pp. 313–318, 2018. doi: 10.1109/ISDFS.2018.8355372

• Model-based Sensitivity Analysis of IaaS Cloud Availability. Bo Liu, Xiaolin Chang, Zhen Han, Kishor Trivedi, Ricardo J. Rodríguez, Future Generation Computer Systems, vol. 83, pp. 1–13, 2018. doi: 10.1016/j.future.2017.12.062

• A Methodology for Model-based Verification of Safety Contracts and Performance Requirements. Elena Gómez-Martínez, Ricardo J. Rodríguez, Clara Benac Earle, Leire Etxeberria Elorza, Miren Illarramendi Rezaba, Proceedings of the Institution of Mechanical Engineers, Part O: Journal of Risk and Reliability, vol. 232, iss. 3, pp. 227–247, 2018. doi: 10.1177/1748006X16667328

• Modeling and Analysis of High Availability Techniques in a Virtualized System. Xiaolin Chang, Tianju Wang, Ricardo J. Rodríguez, Zhenjiang Zhang, The Computer Journal, vol. 61, iss. 2, pp. 180–198, 2018. doi: 10.1093/comjnl/bxx049

2017

• Some Notes on Rare-Event Simulation Challenges: Fast Abstract. Armin Zimmermann, Andrés Canabal Lavista, Ricardo J. Rodríguez, in Proceedings of 11th EAI International Conference on Performance Evaluation Methodologies and Tools (VALUETOOLS 2017), pp. 263–264, ACM, 2017. doi: 10.1145/3150928.3150963

• Empirical Study to Fingerprint Public Malware Analysis Services. Álvaro Botas, Ricardo J. Rodríguez, Vicente Matellán, Juan F. García, in Proceedings of the International Joint Conference SOCO'17-CISIS'17-ICEUTE'17, Advances in Intelligent Systems and Computing series, vol. 649, pp. 589–599, Springer International Publishing, 2017. doi: 10.1007/978-3-319-67180-2_57

• Security Assessment of the Spanish Contactless Identity Card. Ricardo J. Rodríguez, Juan Carlos Garcia-Escartin, IET Information Security, vol. 11, iss. 6, pp. 386–393(7), 2017. doi: 10.1049/iet-ifs.2017.0299

• Evolution and Characterization of Point-of-Sale RAM Scraping Malware. Ricardo J. Rodríguez, Journal in Computer Virology and Hacking Techniques, vol. 13, iss. 3, pp. 179–192, 2017. doi: 10.1007/s11416-016-0280-4

• A Petri Net Tool for Software Performance Estimation Based on Upper Throughput Bounds. Ricardo J. Rodríguez, Automated Software Engineering, vol. 24, iss. 1, pp. 73–99, 2017. doi: 10.1007/s10515-015-0186-2

2016

• On Qualitative Analysis of Fault Trees Using Structurally Persistent Nets. Ricardo J. Rodríguez, IEEE Transactions on Systems, Man and Cybernetics: Systems, vol. 46, iss. 2, pp. 282–293, 2016. doi: 10.1109/TSMC.2015.2437360

• Towards the Detection of Isolation-Aware Malware. Ricardo J. Rodríguez, Iñaki Rodríguez-Gastón, Javier Alonso, IEEE Latin America Transactions (Revista IEEE America Latina), vol. 14, iss. 2, pp. 1024–1036, 2016. doi: 10.1109/TLA.2016.7437254

• Model-Based Vulnerability Assessment of Self-Adaptive Protection Systems. Ricardo J. Rodríguez, Stefano Marrone. Paulo Novais, David Camacho, Cesar Analide, Amal El Fallah Seghrouchni, Costin Badica, editors, in Intelligent Distributed Computing IX, Studies in Computational Intelligence series, vol. 616, pp. 439–449, Springer International Publishing, 2016. doi: 10.1007/978-3-319-25017-5_41

• Survivability Analysis of a Computer System under an Advanced Persistent Threat Attack. Ricardo J. Rodríguez, Xiaolin Chang, Xiaodan Li, Kishor S. Trivedi. Barbara Kordy, Mathias Ekstedt, Seong Dong Kim, editors, in Proceedings of the 3rd International Workshop on Graphical Models for Security, vol. 9987, pp. 134–149, 2016. doi: 10.1007/978-3-319-46263-9_9

• Formal Security Assessment of Modbus Protocol. Roberto Nardone, Ricardo J. Rodríguez, Stefano Marrone, in Proceedings of the 11th International Conference for Internet Technology and Secured Transactions, pp. 142–147, IEEE, 2016. doi: 10.1109/ICITST.2016.7856685

• A Peek Under the Hood of iOS Malware. Laura García, Ricardo J. Rodríguez, in Proceedings of the 2016 11th International Conference on Availability, Reliability and Security (ARES), pp. 590–598, 2016. doi: 10.1109/ARES.2016.15

2015

• Practical Experiences on NFC Relay Attacks with Android: Virtual Pickpocketing Revisited. José Vila, Ricardo J. Rodríguez, in Proceedings of the 11th International Workshop on RFID Security (RFIDsec), Lecture Notes in Computer Science series, vol. 9440, pp. 87–103, Springer, 2015. doi: 10.1007/978-3-319-24837-0_6

• Modelling Security of Critical Infrastructures: A Survivability Assessment. Ricardo J. Rodríguez, José Merseguer, Simona Bernardi, The Computer Journal, vol. 58, iss. 10, pp. 2313–2327, 2015. doi: 10.1093/comjnl/BXU096

• On Synergies of Cyber and Physical Security Modelling in Vulnerability Assessment of Railway Systems. Stefano Marrone, Ricardo J. Rodríguez, Roberto Nardone, Francesco Flammini, Valeria Vittorini, Computers and Electrical Engineering, vol. 47, pp. 275–285, 2015. doi: 10.1016/j.compeleceng.2015.07.011

• Model-Based Verification of Safety Contracts. Elena Gómez-Martínez, Ricardo J. Rodríguez, Leire Etxeberria, Miren Illarramendi, Clara Benac, in Proceedings of the 1st International Workshop on Safety and Formal Methods (SaFoMe), Lecture Notes in Computer Science series, vol. 8938, pp. 101–115, Springer International Publishing, 2015. doi: 10.1007/978-3-319-15201-1_7

• Counterfeiting and Defending the Digital Forensic Process. Alvaro Botas, Ricardo J. Rodríguez, Teemu Vaisanen, Patrycjusz Zdzichowski, in Proceedings of the 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing (CIT/IUCC/DASC/PICOM), pp. 1966–1971, IEEE, 2015. doi: 10.1109/CIT/IUCC/DASC/PICOM.2015.291

2014

• Cost Optimisation in Certification of Software Product Lines. Ricardo J. Rodríguez, Sasikumar Punnekkat, in Proceedings of the 2014 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW), pp. 509–514, IEEE, 2014. doi: 10.1109/ISSREW.2014.103

• Model-based Safety Assessment using OCL and Petri Nets. Ricardo J. Rodríguez, Elena Gómez-Martínez, in Proceedings of the 40th EUROMICRO Conference on Software Engineering and Advanced Applications (SEAA), pp. 56 – 59, 2014. doi: 10.1109/SEAA.2014.36

• Execution and Verification of UML State Machines with Erlang (Tool Paper). Ricardo J. Rodríguez, Lars-̊Ake Fredlund, Ángel Herranz, Julio Mariño. Dimitra Giannakopoulou, Gwen Salaün, editors, in Proceedings of the 12th International Conference on Software Engineering and Formal Methods (SEFM), Lecture Notes in Computer Science series, vol. 8702, pp. 284–289, Springer, 2014. doi: 10.1007/978-3-319-10431-7_22

• Performance Evaluation of Dynamic Binary Instrumentation Frameworks. Ricardo J. Rodríguez, Juan Antonio Artal, José Merseguer, IEEE Latin America Transactions (Revista IEEE America Latina), vol. 12, iss. 8, pp. 1572–1580, 2014. doi: 10.1109/TLA.2014.7014530

2013

• Performance Analysis and Resource Optimisation of Critical Systems Modelled by Petri Nets Ricardo J. Rodríguez. PhD. thesis, Dpto. de Informática e Ingeniería de Sistemas, Universidad de Zaragoza, 2013.

• On the Performance Estimation and Resource Optimisation in Process Petri Nets. Ricardo J. Rodríguez, Jorge Júlvez, José Merseguer, IEEE Transactions on Systems, Man, and Cybernetics: Systems, vol. 43, iss. 6, pp. 1385–1398, 2013. doi: 10.1109/TSMC.2013.2245118

• Quantification and Compensation of the Impact of Faults in System Throughput. Ricardo J. Rodríguez, Jorge Júlvez, José Merseguer, Proceedings of the Institution of Mechanical Engineers, Part O: Journal of Risk and Reliability, vol. 227, iss. 6, pp. 614–628, 2013. doi: 10.1177/1748006X13492284

• From UML State-Machine Diagrams to Erlang. Ricardo J. Rodríguez, Lars-̊Ake Fredlund, Ángel Herranz, in Proceedings of the XIII Spanish Conference on Programming and Computer Languages (PROLE 2013), pp. 288–299, 2013.

2012

• Measuring the Effectiveness of Thottled Data Transfers on Data-Intensive Workflows. Ricardo J. Rodríguez, Rafael Tolosana-Calasanz, Omer F. Rana. Gordan Jezic, Mario Kusek, Ngoc Thanh Nguyen, Robert J. Howlett, Lakhmi C. Jain, editors, in Proceedings of the 6th International KES Conference on Agents and Multi-agent Systems – Technologies and Applications, Lecture Notes in Computer Science series, vol. 7327, pp. 144–153, Springer, 2012. doi: 10.1007/978-3-642-30947-2_18

• Automating Data-Throttling Analysis for Data-Intensive Workflows. Ricardo J. Rodríguez, Rafael Tolosana-Calasanz, Omer F. Rana, in Proceedings of the 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid), pp. 310–317, IEEE, 2012. doi: 10.1109/CCGrid.2012.27

• Fault-Tolerant Techniques and Security Mechanisms for Model-based Performance Prediction of Critical Systems. Ricardo J. Rodríguez, Catia Trubiani, José Merseguer, in Proceedings of the 3rd International Symposium on Architecting Critical Systems (ISARCS), pp. 21–30, ACM, 2012. doi: 10.1145/2304656.2304660

• PeabraiN: A PIPE Extension for Performance Estimation and Resource Optimisation. Ricardo J. Rodríguez, Jorge Júlvez, José Merseguer, in Proceedings of the 12th International Conference on Application of Concurrency to System Designs (ACSD), pp. 142–147, IEEE, 2012. doi: 10.1109/ACSD.2012.13

2011

• A Security Analysis and Modelling profile: an Overview. Ricardo J. Rodríguez, José Merseguer, Simona Bernardi, Technical report, Dpto. de Ingeniería e Informática de Sistemas, Universidad de Zaragoza, 2011.

2010

• Integrating Fault-Tolerant Techniques into the Design of Critical Systems. Ricardo J. Rodríguez, José Merseguer. Holger Giese, editors, in Proceedings of the 1st International Symposium on Architecting Critical Systems (ISARCS), Lecture Notes in Computer Science series, vol. 6150, pp. 33–51, Springer, 2010. doi: 10.1007/978-3-642-13556-9_3

• Modelling and Analysing Resilience as a Security Issue within UML. Ricardo J. Rodríguez, José Merseguer, Simona Bernardi, in Proceedings of the 2nd International Workshop on Software Engineering for Resilient Systems (SERENE), pp. 42–51, ACM, 2010. doi: 10.1145/2401736.2401741

• Accurate Performance Estimation for Stochastic Marked Graphs by Bottleneck Regrowing. Ricardo J. Rodríguez, Jorge Júlvez, in Proceedings of the 7th European Performance Engineering Workshop (EPEW), Lecture Notes in Computer Science series, vol. 6342, pp. 175–190, Springer, 2010. doi: 10.1007/978-3-642-15784-4_12