Personal information
Lorena González Manzano, Ph.D.
COSEC -Computer Security Lab
cosec.inf.uc3m.es
University Carlos III of Madrid
Email: lgmanzan@inf.uc3m.es
Office: 2.2.A04
Address: Avda. de la Universidad, 30 -28911 Leganés(Madrid) Spain
Phone: (+34) 91624 9113
Currently: Associate Professor at the Computer Science Department at Carlos III Univ. of Madrid
June 2014: PhD in Computer Science and Technology at Carlos III Univ. of Madrid
February 2012: Master in Computer Science and Technology at Carlos III Univ. of Madrid
October 2010: Computer Engineering at Carlos III Univ. of Madrid
My researches are particularly focused on on different areas of cybersecurity but I am opened to any other field related to computer science. Particularly, I am currently working on:
2024
L. Ibañez-Lissen, J. M de Fuentes, L. González-Manzano, N. Anciaux "Continuous Authentication Leveraging Matrix Profile”. The 19th International Conference on Availability, Reliability and Security (ARES 2024).[doi]
L. Ibañez-Lissen, L. González-Manzano, J. M de Fuentes, M. Goyanes "Use of transfer learning for affordable in-context fake review generation”. IEEE Transactions on Big Data.[doi]
2023
L. Hernandez-Alvarez, E. Barbieratoc, S. Caputod, J. M de Fuentes, L. González-Manzano, L. Hernandez, L. Mucchid. "KeyEncoder: A secure and usable EEG-based cryptographic key generation mechanism”. Pattern Recognition Letters, 2023.[doi]
L. Ibañez-Lissen, L. González-Manzano, J. M de Fuentes, M. Goyanes "On the feasibility of predicting volumes of fake news -- the Spanish case”. IEEE Transactions on Computational Social Systems.[doi]
L. González-Manzano, J. M de Fuentes, F.Lombardi, C.Ramos " A technical characterization of APTs by leveraging public resources”. International Journal of Information Security.[doi]
M. Peidro, J. M de Fuentes, L. González-Manzano, M. Velasco " Characterizing the MasterPrint threat on Android devices with capacitive sensors”. The 18th International Conference on Availability, Reliability and Security (ARES 2023).
M. Gimenez, J. M de Fuentes, L. González-Manzano" Malicious uses of blockchains by malware -- from the analysis to Smart-Zephyrus”. International Journal of Information Security.[doi]
2022
J. Reverte, J. M de Fuentes, L. González-Manzano"Eye-based keystroke prediction for natural texts -- a feasibility analysis”. The 21st IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2022) [pdf]
L. González-Manzano, J. M de Fuentes, C.Ramos, A. Sanchez, F.Quispe "Identifying key relationships between nation-state cyberattacks and geopolitical and economic factors – a model”. Security and Communication Networks, 2022. [doi]
L. Hernandez-Alvarez, L. González-Manzano, J. M de Fuentes, L. Hernandez" Biometrics and Artificial Intelligence: Attacks and Challenges.”. Book chapter in Breakthroughs in Digital Biometrics and Forensics. Elsevier, 2022. [doi]
2021
M. Gimenez, J. M de Fuentes, L. González-Manzano, C. Camara" Zephyrus: An information hiding mechanism leveraging Ethereum data fields”. IEEE Access, 2021. [doi]
M. Gimenez, J. M de Fuentes, L. González-Manzano, D. Arroyo" Achieving cybersecurity in blockchain-based systems: a survey”. Future Generation Computer Systems, 2021. [doi]
L. Hernandez-Alvarez, J. M de Fuentes, L. González-Manzano, L. Hernandez" SmartCAMPP - Smartphone-based Continuous Authentication leveraging Motion sensors with Privacy Preservation”. Pattern Recognition Letters, 2021. [doi]
2020
L. González-Manzano "A primer on Open Source Intelligence (OSINT) leveraging existing tools”. International Congress of Space and Cyberspace (ACIS), 2020. [pdf]
L. González-Manzano, S. Bernardez, J. M de Fuentes "SmartLED: Smartphone-based covert channels leveraging the notification LED”. The 4th International Workshop on Cyberspace Security (IWCSS 2020) in conjunction with The 19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) 2020. [pdf]
L. González-Manzano, U. Mahbub, J. M de Fuentes, R. Chellappa “Impact of injection attacks on sensor-based continuous authentication for smartphones”. Computer Communications, 2020. [doi]
L. González-Manzano, J. M de Fuentes, A. Ribagorda “Leveraging user-related Internet of Things for continuous authentication: a survey”. ACM Computing Surveys, 2020. [doi]
2019
L. González-Manzano, J. M de Fuentes “Design recommendations for online cybersecurity courses”. International Journal of Computers & Security, 2019. [doi]
O.Mirzaei, J. M de Fuentes, J. E. Tapiador, L. González-Manzano. “ AndrODet: An Adaptive Android Obfuscation Detector”.Future Generation Computer Systems, 2019. [doi]
2018
J. M de Fuentes, L. González-Manzano, A. Solanas, F. Veseli “Attribute-Based Credentials for Privacy-Aware Smart Health Services in IoT-based Smart Cities”. Computer, 2018. [pdf] [doi]
J. M de Fuentes, L. González-Manzano, A. Ribagorda “Secure and Usable User-in-a-Context Continuous Authentication in Smartphones Leveraging Non-Assisted Sensors”. Sensors, 2018. [pdf]
C. Camara, P. Peris, L. González-Manzano, J. E. Tapiador. “ Real-time Electrocardiogram Streams for Continuous Authentication”.Applied Soft Computing, 2018. [doi]
P. Peris, L. González-Manzano, C. Camara, J. M de Fuentes. “ Effect of attacker characterization in ECG-based continuous authentication mechanisms for Internet of Things”.Future Generation Computer Systems, 2018. [doi]
O. Mirzaei, J. M de Fuentes, L. González-Manzano. “Dynamic Risk Assessment in IT Environments: A Decision Guide”.Book chapter in Book "Preserving Information and Cyber Security in the Fourth Industrial Revolution", IGI Global, 2018.
2017
A. Blanco Blanco, J.M. de Fuentes, L. González Manzano, L. Hernández Encinas, A. Martín Muñoz, J.L. Rodrigo Oliva, I. Sánchez García. “A Framework for Acquiring and Analyzing Traces from Cryptographic Devices”, 13th EAI International Conference on Security and Privacy in Communication Networks 2017 (SecureComm). SePrIoT workshop. Oct. 2017 [pdf]
L. González-Manzano, M. Slaymaker, J. M de Fuentes, D. Vayenas. “SoNeUCON_{ABC}Pro: an access control model for social networks with translucent user provenance”, 13th EAI International Conference on Security and Privacy in Communication Networks 2017 (SecureComm). ATCS workshop. Oct. 2017 [pdf]
L. González-Manzano, P. Peris, J. M de Fuentes, C. Camara. “ Encryption by Heart (EbH) - Using ECG for time-invariant symmetric key generation”.Future Generation Computer Systems, 2017. [doi]
V. Gayoso, A. Martín, L. González-Manzano. “Secure elliptic curves in Cryptography”.Book chapter in Book "Computer and Network Security Essentials", Springer, 2017.[doi]
J. M de Fuentes, L. González-Manzano, J. Serna-Olvera, F. Veseli. “Assessment of attribute-based credentials for privacy-preserving road traffic services in smart cities”.Personal and Ubiquitous Computing, 2017. [pdf]
2016
J. M de Fuentes, L. González-Manzano, P. Peris, J.E. Tapiador. “PRACIS: Privacy-preserving and Aggregatable Cybersecurity Information Sharing”.International Journal of Computers & Security, 2016. [pdf]
J. M de Fuentes, L. González-Manzano, O. Mirzaei. “Privacy models in Wireless Sensor Networks - A survey”. Journal of Sensors, 2016.
R. Garrido, L. González-Manzano, S. Pastrana. “Shall we collaborate? A model to analyse the benefits of information sharing”. 13rd ACM Workshop on Information Sharing and Collaborative Security (WISCS 2016) in conjunction with 23rd ACM Conference on Computer and Communications Security (CCS 2016). [pdf]
L. González-Manzano, J. M de Fuentes, K.-K. R. Choo. “ase-PoW: a Proof of Ownership mechanism for cloud deduplication in hierarchical environments”., 12th EAI International Conference on Security and Privacy in Communication Networks 2016 (SecureComm). [doi]
L. González-Manzano, J. M de Fuentes, S. Pastrana, P. Peris, L. Hernandez. “PAgIoT - Privacy-preserving Aggregation protocol for Internet of Things”. Journal of Network and Computer Applications, 2016.
[doi] [pdf]
2015 J. Rodríguez-Canseco, J. M de Fuentes, L. González-Manzano, A. Ribagorda. "MONOCLE – Extensible open-source forensic tool applied to cloud storage cases", VIII Congreso Iberoamericano en Seguridad Informática (CIBSI), 2015.
[pdf]
L. González-Manzano, J. M de Fuentes, A. Orfila. “Access control for the Cloud based on multi-device authentication”. IEEE 14th International Conference on Trust, Security and Privacy in Computing and Communications, 2015.
[pdf]
E. Palomar, L. González-Manzano, A. Alcaide, A. Galán. "Implementing a Privacy-enhanced ABC System for Online Social Networks with Co-Ownership Management", IET Information Security, 2015.
[pdf]
L. González-Manzano, A. Orfila. "An efficient confidentiality-preserving Proof of Ownership for Deduplication", Journal of Network and Computer Applications, 2015.
[pdf]
2014 Ph.D. Thesis: A user-managed access control model and mechanisms for Web Based Social Networks. Enhancing expressive power, co-ownership management, interoperability and authorized data exposures. June 2014. Supervisors: A. Isabel González-Tablas and Arturo Ribagorda
A. Alcaide, E. Palomar, J.M. de Fuentes, L. González-Manzano. "A Privacy-aware Average Speed Monitoring System for VANETs", IET Intelligent Transport Systems, 2014.
L. González-Manzano, Ana I. González-Tablas, J. M de Fuentes, A. Ribagorda. "CooPeD: Co-owned Personal Data Management", International Journal of Computers and Security , 2014.
[pdf]
L. González-Manzano, Ana I. González-Tablas, J. M de Fuentes, A. Ribagorda. “SoNeUCON_{ADM}: the administrative model for SoNeUCON_{ABC} usage control model”. XII Reunión española sobre Criptología y Seguridad de la Información (RECSI), Sep 2014. L. González-Manzano, Ana I. González-Tablas, J. M de Fuentes, A. Ribagorda. "Extended U+F Social Network Protocol: Interoperability, reusability, data protection and indirect relationships in Web Based Social Networks", International Journal of Systems and Software, 2014.
[pdf]
L. González-Manzano, G. Brost, M.Aumuller. "An architecture for trusted PaaS cloud computing for personal data", Proceedings of the Workshop Wissenschaftliche Ergebnisse der Trusted Cloud Initiative, Springer Verlang, 2014.
[pdf]
L. González-Manzano, Ana I. González-Tablas, J. M de Fuentes, A. Ribagorda. "SoNeUCON_ABC, an expressive usage control model for Web-Based Social Networks", International Journal of Computers & Security, 2014.
[pdf]
J. M de Fuentes, J. Blasco, Ana I. González-Tablas, L. González-Manzano. "Applying information hiding in VANETs to covertly report misbehaving vehicles", International Journal of Distributed Sensor Networks, 2014.
[pdf]
2013 J. M de Fuentes, L. González-Manzano, Ana I. González-Tablas, J. Blasco. "Security models in vehicular ad-hoc networks: a survey", IETE Technical review, 2013.
[pdf]
J. M de Fuentes, L. González-Manzano, Ana I. González-Tablas, B. Ramos. "El proyecto E-SAVE: asegurando las comunicaciones vehiculares para la mejora de la seguridad vial", VII Congreso Iberoamericano en Seguridad Informática (CIBSI), 2013.
L. González-Manzano, Ana I. González-Tablas, J. M de Fuentes, A. Ribagorda. "Seguridad en Redes Sociales: problemas, tendencias y retos futuros", VII Congreso Iberoamericano en Seguridad Informática (CIBSI), 2013.
[pdf]
L. González-Manzano, Ana I. González-Tablas, J. M de Fuentes, A. Ribagorda. Security and Privacy Preserving in Social Networks. Springer. Chapter "User-Managed Access Control in Web Based Social Networks", 2013.
[pdf]
J. M de Fuentes, Ana I. González-Tablas, J. Blasco, L. González-Manzano. “WEVAN: a mechanism for evidence creation and verification in VANETs”, Journal of Systems Architecture, 2013. [pdf]
2012 L. González-Manzano, Ana I. González-Tablas, J. M de Fuentes, A. Ribagorda. “U+F Social Network Protocol: Achieving interoperability and reusability between Web Based Social Networks”. 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, 2012.
[pdf] L. González-Manzano, Ana I. González-Tablas, J. M de Fuentes, B. Ramos. “Control de Acceso en Redes Sociales Web”. XII Reunión española sobre Criptología y Seguridad de la Información (RECSI), 2012. [pdf] J. M de Fuentes, Ana I. González-Tablas, L. González-Manzano, A. Ribagorda, B. Ramos. “Diseño de un protocolo para el envío de notificaciones de tráfico a través de las tecnologías ITS”. XII Congreso Español sobre Sistemas Inteligentes de Transporte, 2012. [pdf]
Current
MORE4AIO, Threat Monitoring And Remediation for Artificial Intelligence Systems in Operation. Date: 2024-2027. Funding: Spanish National Research Agency.
APAMCiber, Prevention and Attribution of Cyberthreats against Cybersecurity Collectives (Atribución y prevención de amenazas con impacto en múltiples colectivos relevantes en ciberseguridad). Date: 2023-2025. Funding: Spanish National Cybersecurity Institute (INCIBE).
TRUSTaWARE, Enhancing Digital Security, Privacy and TRUST in software. Date: 2021-2024. Funding: European Commission, H2020.
ECYSAP, European Cyber Situational Awareness Platform. Date: 2021-2025. Funding: European Defense Industrial Development Program (EDIDP).
Previous
DEPROFAKE, Proactive defense against fake content. Date: 2022-2024. Funding: Community of Madrid together with University Carlos III of Madrid.
ASSETS+ European Project. Cybersecurity in the Defence sector. Date: 2020-2023. Funding: Erasmus+ Programme of the European Union.
ODIO: use and abuse of digital identities in a connected world. Date: 2019-2023. Funding: Spanish Ministry of Science and Innovation.
CAVTIONS: Advance Persistent Threats, mechanisms analysis and sociopolitical ties. Date: 2020-2022. Funding: Community of Madrid together with University Carlos III of Madrid.With partial support of Virus Samples www.virussamples.com
CYNAMON: Cybersecurity, Network Analysis and Monitoring for the Next Generation in Internet. Date: 2018-2021. Funding: Spanish Ministry of Economy and Finance, together with European FEDER funds.
SMOG: Security mechanism for fog computing. Date: 2016-2019. Funding: Spanish Ministry of Economy and Finance, together with European FEDER funds.
CIBERDINE: Cybersecurity: data, information and risk. Date: 2014-2018. Funding: Autonomous community of Madrid.
SPINY: Security and Privacy in the Internet-of-You. Date: 2014-2016. Funding: Spanish Ministry of Economy and Finance.
SACO: An Advanced Cyberdefense Simulator. Date: 2011-2014. Funding: Spanish Ministry of Science and Innovation.
Collaborative system to fill in and submit European accident statements using smartphones. Date: 2014-2015. Funding: Mapfre, Spain (Research grants Ignacio H. de Larramendi 2013).
Institut Polytechnique de Paris, Paris (France). 2023-2024 (one-year visit). Hosted by Prof. Joaquín Garcia-Alfaro
University of Maryland, Maryland (United States). 2019. Hosted by Prof. Dr. Rama Chellappa
University of Birmingham, Birmingham (United Kingdom). 2016. Hosted by Prof. Dr. Mark Ryan
Research Institution for Applied and Integrated Security (AISEC), Munich (Germany). 2013. Hosted by Mr. Mario Hoffmann and Prof. Dr. Claudia Eckert
Editorial board
Future Generation Computer Systems (FGCS). Outstanding Editors Awards 2020
Journal of Communications and Networks (JCN).
Reviewer (selected ones)
Security and communication networks.
Journal of Network and Computer Applications.
Security and communication networks (SCN).
Journal of Computers & Electrical Engineering.
Program committee member (selected ones)
International Conference on Availability, Reliability and Security (ARES).
European symposium on research in computer security (ESORICS).
IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom).
IEEE/ACIS International Conference on Computer and Information Science (ICIS).
IEEE/International Conference on Software Engineering Research, Management and Applications (SERA).
International Conference on Emerging Ubiquitous Systems and Pervasive Networks (EUSPN).
IEEE International Conference on Open Source Systems & Technologies (ICOSST).
Cyber Security Basics: A Hands-on Approach MOOC in edX. Spanish version also available
Information security and technological risk management (Master in Big Data Analytics). Course 2017:2018 - 2019/2020
System software exploitation (Master in Cybersecurity). Course 2014:2015 - 2019/2020
Cryptography and Security Information (Degree in Computer Engineering). Courses 2013-2014 - 2019/2020
Information hidden techniques (Degree in Computer Engineering at Civil Guard Officers Academy of Aranjuez, Madrid (SP)). Courses 2012-2013- 2019/2020
Security Engeneering (Degree in Computer Engineering). Courses 2011-2012; 2012-2013; 2013-2014; - 2018/2019
Security in Mobile Devices (Degree in Computer Engineering). Course 2011-2012
Patent (2015):: Procedimiento y sistema de acreditación de autorizaciones para vehículos en circulación (Acreditation system and procedure of authorizations for passing by vehicles).
Method to do remote verification of the validity of administrative authorizations for passing by vehicles. Co-invented with A. Isabel González-Tablas and J. de Fuentes.
Tool for the prediction of the volumne of fake news based on artificial intelligence (2023)
This tool allows the predicción of the quantity of fake news that may appear at short, medium and long time. Co-invented with L.Ibañez and J. de Fuentes
Tool for the generation of fake reviews based on artificial intelligence (2023)
This tool allows the generation of fake reviews given a context, e.g. restaurants. Co-invented with L.Ibañez and J. de Fuentes
Tool for the analysis of poisoning attacks in generalistic artificial intelligence (2023)
This tool allows the analysis of poisoning attacks in multiple tasks considering generalistic artificial intelligence models. Co-invented with L.Ibañez and J. de Fuentes
MONOCLE - plugin for iCloud and BOX (2015): free software for forensic analysis.
These plugins allow the identification of forensic traces in cloud storage tools, namely in BOX and iCloud. Co-invented with J.Rodríguez, J. de Fuentes and P.Peris.
Answer2Pass Pro (2015): e-learning software platform based on quizzes.
E-learning software platform integrated in Facebook which enables teachers to evaluate their students through quizzes. Every quizz is different, showing different board sizes, category colours, randomly picked
questions and answers and joker squares. Co-invented with H. Cornejo and J. de Fuentes.
E-RETO (2014): e-mail usage pattern analyzer.
Analyser of e-mails to extract usage patters. It connects to given e-mail servers and download and process all stored e-mails. Co-invented with E. Muñoz and J. de Fuentes.
Software of interactive learning PAB (2012): Bridge learning system.
Software that helps to learn basical skills regarding the Bridge card game. Co-invented with Antonio Castells and J. de Fuentes.
eStorePass (2012): Password manager based on DNIe.
eStorePass focuses on managing passwords making use of the DNIe as a mechanism to protect passwords files. Passwords are stored encrypted applying the DNIe keys, though a pair of options are offered, the user can make use of a master key or simply encrypt passwords using exclusively the DNIe. Co-invented with J. de Fuentes.
Former Students (selected ones)
“OSINT application to identify identities”. Luis Miguel Gonzalez. Bachelor in Informatics Engineering. July 2023.
“Vulnerability detection using deep learning”. Alejandro de la Rubia. Master in Cibersecurity. September 2022.
“Towards deepfake detection”. Sofia Najarro. Master in Cibersecurity. September 2021.
“Deep analysis of cookie consent banners and their behaviour”. Cristian Pascual. Master in Cibersecurity. July 2020.
“Android bug-hunting: mutational fuzzing approach”. Luis Buendía. Master in Cibersecurity. September 2017.
“LuminApp: A multi-factor and social-empowered early risk warning app for Android”. Iván Hurtado. Master in Cibersecurity. September 2016.
“Development of an Extensible Forensic Analysis Framework. Application to user-side cloud scenarios”. Jorge Rodríguez. Bachelor in Informatics Engineering. July 2015.