New report: Twitter botnets detection in sports event

ElevenPaths    20 December, 2018
New report: Twitter botnets detection in sports event imagen

We all know that a botnet is a number of Internet-connected devices, each of which is running one or more bots. Botnets can be used to perform DDoS attacks, steal data, send spam and allows the attacker to access the device and its connection. The owner can control the botnet using C&C software.

Many Twitter users are bots, which are accounts controlled and sometimes created by computers. Twitter bots can send spam tweets, manipulate public opinion, be used for online fraud, and in our case, for promoting URL access to illegal sport content. The botnet contains a single type of bot, showing the same properties throughout the botnet. Bots are sold for money as fake followers.

This report is an analysis of social botnets. We have analyzed two different Twitter large conversations and identified the behavior of several groups of profiles with automatic and non-standard activities. The first conversation focuses on the 2018 FIFA World Cup, held between the 14th of June and the 15th of July. We worked on the communities of the entire conversation and discovered several profile groups behaving oddly. After applying proprietary algorithms, we confirmed that those communities were content diffusing botnets that were activated during the football games to share illegal streaming URL’s.

Tweets with links to illegal football games streamings imagen
Figure 1,2,3: Tweets with links to illegal football games streamings

In order to make a wider analysis, we investigated a larger scope of sports in the entire world for five weeks; from the 1st of November until the 10th of December. This new conversation covered the sports streaming theme in Twitter and included important events like the Premier League, UEFA Champions League, cricket games or the weekly NFL games in the US.

Tweets heat map related to the 5 weeks sport events monitoring image
Tweets heat map related to the 5 weeks sport events monitoring

To have a clear view of the sport’s streaming diffusion in Twitter, we created a query formed by the major sports and leagues of the world and streaming related terminology. Aldara’s graph analysis helps clearing out the conversation’s noise and focus on the core areas of interest.

Twitter conversation about the streaming of several sports image
Twitter conversation about the streaming of several sports.

Not only we discovered that some of the botnets identified in the FIFA World Cup were still active and diffusing current content, but new botnets were found focused in different sports. The size and composition of the botnets changes often as the accounts are very often suspended or deleted in Twitter.
As a result, we have learnt how to identify this kind of networks based on the “particular shape” of the composition and based of several algorithms. This “know-how” has also been applied in several use cases, such as in reputational crisis.
Expected behavior of a legal broadcasting (unidirectional behavior) image
Expected behavior of a legal broadcasting (unidirectional behavior)



Twitter botnet (chaotic and multidirectional) image
Twitter botnet (chaotic and multidirectional)



In addition to the analysis of the botnets of the conversation, we have analyzed the IP addresses of the streaming websites distributed in the tweets.



Number of Servers per country image



Number of Servers per country



To prevent this type of illegal broadcasting, the TSA (Telco Security Alliance) has different methods to fight against this cybercrime which goes from specific procedures with the main ISPs in the world to perform the necessary takedowns up to investing in start-ups that to protect intellectual property and improper use of your digital contents.


After analyzing the results, one of the conclusions is that, in proportion with the complete buzz of the sport, the most illegally broadcasted sport is the American football. The number of tweets that shared American football streaming links represents the 0,5% of the total number of results related to American football (including games, players, advertising, etc.)







Helene Aguirre
Mindeguia
Julio Gómez Ortega
Carlos González Álvarez
Sebastián García De
Saint-Léger
Pablo Moreno González





Worker’s Diary IoT III

Beatriz Sanz Baños    18 December, 2018

18:00. Daniel arrives at school to pick up his children. He knows that they are still inside thanks to the trackers in their backpacks . While he is waiting for them, he can check the daily news on his smartwatch. When the children get in the car and buckle up their favorite show starts playing on the screen of the car. Magic they think, without knowing that their dad did it from the onboard navigator.

18:10. The next destination will be the shopping center. Before starting the march, Daniel consults on the GPS to see which one is the closest and to check the traffic status. Next, he programs the most efficient route, enough time for the kids to finish watching their episode. Perfect.

18:30. Daniel finds a parking lot easily at the mall through the parking app that informs him in real time. Afterwards, he invites his children to have a snack at a hamburger joint – Fridays are cool. They choose the products on the digital panel and make the payment with the discount coupons available on their smartphone.

19:00. Moment for purchases. Upon entering their favorite clothing store of the mall, the beacons devices automatically send personalized offers to Daniel’s smartphone. He decides to try on and he discovers that the mirror in the dressing room is smart and it proposes other garments that match his colors. Good choice, he thinks. He pays with his mobile thanks to NFC technology and then he picks up the kids from the playground to go back home. Mom will be arriving soon.

19:40. Upon reaching home, Daniel deactivates the alarm with his smartphone. Then he uses the smartphone again to open the garage door. Once inside, the smart coffee machine has prepared chocolate milk for the kids, they will enjoy it while watching the latest child movie downloaded on the smart TV. Daniel stares at the phone, who would have told him it would become the master key to his house.

19:50. Candela, Daniel’s wife, returns home in the carsharing vehicle she has booked with her wearable. It’s Friday and he wants to organize a family plan . Daniel finds on the tablet the offer of activities on the municipal website and, together, they decide to go see a play for all audiences.

20:00. The family goes walking to the theater. Daniel and Candela receive information on their smart bracelet that they have reached their daily step goals, and they still have to go back home! – Well done – . Once there, they access the site using the tickets on the screen readers that they have downloaded to their mobile phones.

21:45. Already at home. While Candela bathes at the right temperature thanks to the sensors in the shower, Daniel orders the dinner with his smartphone through a meal app at home. Thanks to GPS dealer, they know exactly when it will arrive.

22:30. The children have already had dinner and are in bed. Daniel and Candela know that the kids are fine thanks to the video images of their room that they receive in their tablet. In addition, temperature and humidity sensors make sure that there’s an excellent atmosphere in the house.

23:00. Rest time for dads too. They plan the Saturday morning from the bed. You will go out to exercise as a family, while Daniel and Candela run; the children will accompany them with their bikes. The sport activity will be reflected in their history thanks to the smart templates of the family shoes that send all the data to their smartphones. The addition of trackers to children’s bikes also reflects their activity, they love to get home and compare the results.

23:30. It’s time to rest. Phone in hand, Candela sets the alarm while Daniel lowers the blinds and switches off the lights from his phone. Good night family.

Fake news, literally

AI of Things    17 December, 2018
The BBC recently launched a test, joining forces with software company Synthesia, to manipulate the speech of BBC newsreader Mathew Amroliwala. The presenter only speaks English, but the artificially intelligent technology used by the company is able to give the illusion that he is speaking Spanish, Mandarin and Hindi.

They started by having Matthew read a script in the studio in English, which was then read by 3 other men, one in Spanish, one in Hindi and one in Mandarin. The software works by mapping the movements of their mouths whilst they speak. It then correlates this data to manipulate the selected language to Matthews mouth, keeping his tone and characteristics the same as in his language.

When reacting to the resulting video, Matthew commented that it was “incredible” and “unsettling because I know I can´t do that.” Although it is true that, once knowing what has been done, one is able to see the manipulation, this technology remains astounding.

The argument does arise on whether or not this may make it harder to spot fake news. In recent years, especially with the increase in social media networks and the speed at which information can be transferred, fake news has become an epidemic.

Another interesting use of this AI technology relates to a model created by researchers at the University of Washington. They were able to create a synthetic Barak Obama using neural networks to shape his mouth to correlate to the words they chose him to say. They did this by using the 14 hours of footage they had studied to map the audio and image onto the former president. Now they are able to match any audio to the synthetic Obama and create a new model, even using speeches by his impersonators.

One of the researchers involved in this project, Professor Kemelmacher-Schlizerman responded to claims that this technology could once again add to the fake news epidemic saying, “once you know how to create something you know how to reverse engineer it.” She adds that someone could create a software to identify these edited videos by comparing them to the original versions and take away the confusion surrounding fake news.

Post by Lucy Beardsley

You can also follow us on TwitterYouTube and LinkedIn

An Artificial Intelligence capable of designing medicines from scratch

AI of Things    14 December, 2018

The applications of AI in the pharmaceutical world are well known. But did you know Artificial Intelligence can also help create new medicines?

The applications of AI that many people know of though, focus more on the diagnosis than on the treatment options. In particular, the applications of pharmaceuticals are unknown to the greater public. 

The objective of this investigation about medicines is to find therapeutic solutions for diseases for which there is no cure found yet. We are talking about diseases like cancer, genetic diseases, and autoimmune disorders, neurologic or infectious diseases. 

This year the Pharmaceutical school of UNC Eshelman, part of the University of North Carolina, presented in the Science Advances Magazine a revolutionary system based on AI  that allows for the acceleration of the creation of new medicines.

The ReLeaSE system bases itself on the use of two neural networks that have a teacher and student relationship. The teacher knows the “sintax” and the “linguistic rules” of the vocabulary of the chemical structures (for more than 2 million molecules that are biologically active). The process is similar to learning a foreign language. When a student has learned the molecular alphabet and the rules of the language, he can create new “words” or molecules. Once created, he presents them to the teacher, for evaluation.  In this final step, he approves or disapproves each molecule, depending on its characteristics and if it has the desired effect. By working with the teacher, the student learns over time and makes better proposals each time for new molecules that can be useful as new medicines.

ReLeaSE is a powerful innovation for virtual screening, the computational method used by the pharmaceutical industry to identify viable new drugs. Current techniques only allow working with known chemical products. However, ReLeaSE allows you to create and evaluate new molecules from scratch. It is like going from having to choose a dish from the menu, to having a large store of products and a chef to create for you whichever dish you want. Thus, molecules with personalized physical properties (such as their melting point and solubility in water) can be generated; and new compounds with inhibitory activity against an enzyme associated with leukemia for example, can be designed. 

The pharmaceutical industry needs new approaches to shorten the time between the creation of new drugs and the clinical trials that follow. This is where Artificial Intelligence comes to the rescue, to reduce this long and painful process.

These algorithms, that are capable of designing new molecules that are immediately patentable, with specific biological activities and optimal safety profiles, are an excellent solution for this problem, and excellent news for the industry and those suffering from these long illnesses. 

Don’t miss out on a single post. Subscribe to LUCA Data Speaks.

You can also follow us on TwitterYouTube and LinkedIn

IoT in Hotels

Beatriz Sanz Baños    13 December, 2018

The digitization of the economy is reaching all areas of our society. One sector that is more evolved with the application of Internet of Things is tourism. More and more hotels are applying connectivity solutions to deliver better services and improve management effectiveness.

The installation of sensors connected in hotels provides a huge potential for optimizing energy efficiency. These devices allow, for example, a measure of environmental conditions and communicate them to other teams and adapt.

They include smart thermostats that regulate the temperature and humidity depending on the presence of guests in the rooms. Similarly, smart lighting bulbs manage hallways and common rooms considering the light from outside and the presence of people in different areas.

More and more hotels are applying connectivity solutions

On the other hand, the monitoring facility provides the ability to schedule alerts based on abnormal parameters, facilitating predictive maintenance, which avoids unexpected breakdowns and inconvenience to customers. Security can also be controlled with connected cameras that send alarms to in case of unexpected presences in certain areas.

In addition, the IoT technology also helps supply management. For example, refrigerators connected notify when there is a problem with the temperature, a shortage of certain foods or when the products are approaching their expiration date. These devices also allow you to make automatic schedule orders in case there is no stock left.

As for guest services, connectivity experience can start even before reaching the hotel. With an app client you can receive a notification on your smartphone at the time the room is available. Similarly, you can make the process of check-in / check-out without waiting in queues.

In the same vein, the existence of intelligent locks with NFC readers eliminates the need to carry a key or a physical card. Custom code on your smartphone is enough to open the door of the room when desired.

In the room, installing IoT technologies allows customers to communicate by voice with connected devices, such as television, blinds, air conditioning, lights or alarm.

IoT allows customers to communicate with connected devices in the room

Thanks to the evolution of connectivity, some hotels already have even robots practicing automatic tasks such as reception and luggage transport or delivery room products such as meals or daily newspapers.

Hotels connectivity also enables the application of techniques of Big Data and Machine Learning to automate the provision of personalized services to each customer based on their previous stays. There are even applications available for booking services such as massages or receive updated information from the environment related to the weather forecast, traffic conditions, tourist sites, restaurants or shops.

The hotel industry has great potential to apply new technologies. In such a competitive sector, measures of digital innovation provide a great opportunity to improve the customer experience, as well as energy efficiency and logistics. The road to the future is IoT.

The potential of IoT devices in education

Beatriz Sanz Baños    11 December, 2018

Paying in a store, controlling the vacuum cleaner from the mobile or the refrigerator detecting a shortage of the apples we like and making the purchase autonomously, etc… these things have become normal in thousands of homes throughout the planet. The education sector, which is not immune to the possibilities provided by technology, has also included the Internet of Things (IoT) in its activities.

Beyond email, tablets, or the intranet, Internet of Things makes it possible for schools to implement an unprecedented number of systems and methods. The benefits of the integration of this type of technology in the educational environment are multiple: they save time, streamline tasks, enhance the abilities of students and they also revolutionize classroom dynamics, from Primary courses to University education.

The education sector, which is not immune to the possibilities provided by technology, has also included Internet of Things (IoT) in its activities

In Thailand we found a good example of this trend. Schools in the Asian country successfully test an IoET (Educational Internet of Things) device called OBSY (Observation Learning System) to improve the participation of children in the classroom. This friendly looking toy is able to optimize the learning outcomes of students who use it.

Putjorn Pruet, PhD student in University of Kent, UK, has been responsible for developing the device based on Raspberry Pi. The system is basically composed of several parts, first a device with which the child interacts, apparently a toy with several tentacles, to which the child can connect different environmental sensors (ambient light, temperature monitor, etc.). Then it sends that information through a wireless connection. Because it looks like a toy it does not generate distrust and anxiety in children and has a very beneficial effect in approaching the technology to kids. On the other hand, the system consists of the IoET platform (Internet of Educational Things), which is responsible for processing the context of the exercise, how it has been carried out, as well as its results, allowing improvements to be made.

The OBSY device was used as a basis for three different experiments in the classroom with the aim making students understand simple science processes while learning to work in teams. As a result, it was seen that it encouraged observation and invited students to participate and share their results with the rest of their classmates.

After the research part, the information that had been sent by OBSY in the form of graphics to the students’ tablets was studied. It was concluded that this process facilitates students’ understanding of the different results produced in the experiments carried out.

After the experiment, Thai researchers showed that students who used the OBSY device scored better than those who did not. In addition, the group’s commitment to its learning process increased.

On the other hand, they also found that neither gender, nor age, nor the qualities of technology are a differentiating factor for good results. Although previous studies have proposed that children learn more easily through technology, it was shown that devices and platforms could be designed for both sexes.

Neither gender, nor age, nor the qualities of technology are a differentiating factor for the good results of Iot applied in the classroom

“The OBSY experiment demonstrates the potential of IoET devices in a wide variety of ages and implementation of similar systems could be an important tool for educational development in young children” in the words of the principal investigator Pruet Putjorn.

In Spain, 30% of Spanish children aged 10 have a mobile phone and at age 14, 83% already have this type of device, according to the National Statistics Institute (INE). In addition, most children 2 and 3 years old regularly access their parents’ terminals, handling various applications, photographs and videos, according to a study prepared by Internet Safety Center for Minors in Spain.

The irruption of Internet of Things in education is modifying the conception we had of a sensitive and primordial field. New goals and endless possibilities are being established within the education sector. In addition to finding a variety of free software tools, they are likely to interact with IoT in teaching; we can already see positive results in their implementation in education.

5 in 5: Top 5 future predictions for AI

AI of Things    11 December, 2018

Welcome to the 4th instalment of 5 in 5. This week we will dive into the top 5 future predictions for Artificial Intelligence (AI). As we have seen previously, AI has the potential to increase performance in many areas of business, as demonstrated by 5 of the biggest companies in the world who are already leading this technological revolution. 


2018 has been a big year for AI, with many firms not only realising its potential, but also acknowledging the needs of ever-evolving markets. We know that extreme planning and care is needed to implement and teach the software, but what will be the result of this meticulous construction? 


Briefly, Artificial Intelligence is the fundamental application of the ideology of creating a computer that is capable of solving a complex problem in the same way a human would.

Experts have articulated that in 2019 (and for many years to come), AI will continue to be a booming breakthrough in our world. They say that the advances we can to expect exceed any imaginings we have previously had.

1) Rise of AI assistants 

Simply defined, assistants are AI-programmed smart robots that understand natural language and help us complete tasks. Many of us interact with this technology through Apple´s Siri and Amazons´ Alexa without fully realising the technology we have at our fingertips.

We already use these AI assistants for a multitude of tasks, from paying our bills to writing emails; and the future looks set to implement this technology in more areas of our lives, including our cars. Kia and Hyundai have already planned to include AI assistants in their vehicles in 2019, capable of understanding colloquial expressions in 23 languages.

With advances such as MovistarHome, people are already welcoming AI into their homes, allowing for more personalized responses, with the hope of building an understanding relationship between man and machine. As it learns, the AI will be able to give more individualised responses as voice recognition software is able to identify different voices and recall past experiences with each user. It is said that by 2025, we will be talking to and interacting with nearly all of our devices, from our cars to our refrigerators.

2) AI will create more jobs that it will eliminate

Many conflicting opinions exist around whether or not AI will make human jobs redundant. But a recent finding suggest that by 2020, 2.3 million jobs will be created, compared to the reduction of 1.8 million of these.

It is commonly predicted that AI will prove to change the nature of jobs in certain sectors, rather than making humans redundant. However, industries that have already seen a sharp decline in employment due to the automation of tasks, such as manufacturing, will take a big hit in the future. Sectors where the human input is invaluable such as medicine and education will experience a shift in the skills demanded and the way in which they will carry out their work.

As is the nature of change, a knock-on effect will happen where the needs of the AI will require the creation of new jobs. It has been predicted that in 10 years we will be doing jobs that do not even exist yet. The most common conclusion is that most jobs will be a combination of human and artificial intelligence. It is already being used in the world of medicine with doctors to help increase accurate diagnosis, with Harvard researchers reporting that diagnostic accuracy increased from 96% to 99.5% when using AI. We will expand upon this human-AI collaboration now.

3) Further evolution of machine and human interaction 

In the past, many understood AI as robots that would carry out mundane and automated tasks. The reality of today is that business are starting to look at AI as an extension of their business, working to enhance their relationship with the machines for the benefit of the company.

The potential of AI in sectors such as retail is incredible; the human brain is simply unable to remember details of all customers, but AI has this power. In the future it is said that we will likely be buying most of our items from AI. What the human brains lack in efficiency and consistency, AI makes up for, and vice versa, what AI lacks in cognition and initiative, humans make up for. This amplification of our cognitive strength gives us the potential to far extend our physical capabilities.

The responsible use of AI falls to humans, it is up to us to train, explain, and sustain their successful use and avoid harm to humans.

4) Autonomous vehicles will be ever-present 

We have seen examples of self-driving cars already in the market, with Google having already entering the market. Ford is set to release true self-driving (no human input required) cars by 2021, investing $1 billion in Argo AI.

By the time Japan will host the Summer Olympics in 2020, Honda hope to have cars that can drive themselves on motorways in full force. Overall, the industry is expected to witness a significant number or self-driving vehicles on the roads by 2020.

We must consider that the success of these predicted advances will be subject to changing regulation, liability concerns are rife when machines self-operate in potentially dangerous environments. Even with these concerns, it is highly likely that we will be able to hail an autonomous vehicle on our streets within the decade.

5) AI will be common place in medicine

Medical technological advances are taking place every day. We have already seen how AI can dramatically increase success rates in IVF patients, thanks to the use and availability of Big Data and AI, and market growth looks to reach $1.7 billion by 2019.

We will see, once again, this human-AI partnership. One of the most valuable assets doctors have, other than their expertise, is empathy, a trait that AI is yet to possess (and we don´t know what the future will hold for AI and empathy). AI stands to catch errors that may occur by the human hand, as it has the ability to objectively work through millions of patient data to determine diagnosis.

Perhaps the most promising medical AI prediction is that it can help with the diagnosis, and eventually treatment, of rare conditions. The configuration of AI will allow them to draw from each other´s insights, catch each other’s mistakes or anomalies, and come  up with innovative fixes.

In the surgical world, AI will be able to provide real-time information to surgeons, including MRI scans, patient history and a visual division of regions of the brain

Neil Jacobstein, Chair of the AI and Robotics Track at Singularity University, has stated that “AI allows us to do things that humans just couldn’t do before, like consider your entire genomic profile before making a recommendation.”

Related articles:

Don’t miss out on a single post. Subscribe to LUCA Data Speaks.

You can also follow us on TwitterYouTube and LinkedIn

AuthCode: Our award-winning continuous-authentication system, jointly developed with the University of Murcia

ElevenPaths    11 December, 2018
Continuous-authentication systems aim to identify users’ behavior through interactions with their device. The main advantage of this type of authentication is that it improves users’ experience when using services or apps of their mobile device, free from intrusions. Fruit of a joint research with the University of Murcia, we were able to develop AuthCode. This project reached such a stage of maturity that we could present it over the Security Innovation Day 2018. Furthermore, it has won several awards and prizes. Let’s explain what AuthCode is in further detail.

In most cases, continuous authentication avoids using passwords, access patterns, biometric recognition, etc. when the user wish to have access to an app or service requiring authentication. In this sense, permanent authentication increases users’ security regarding the operations executed on the device. Moreover, we can take advantage of this continuous trust status to make user app interactions much simpler and more fluent by doing so, users’ experience gets better.

Despite the advantages of these continuous-authentication systems, current solutions raise a number of challenges, for instance: selecting the dimensions and features that allow to shape the owner’s behavior and be able to clearly and precisely discern its behavior from other users’ one; enabling system adaptability to slight changes in user’s behavior; reducing authentication time; using new functionalities or optimizing device resources’ use and consumption. These aspects are critical to provide the user with a satisfactory experience and not excessively impact the battery.

Challenge background
Aware of the usefulness and potential of this kind of systems, over the last 2017 National Colloquium on Cybersecurity Research (in Spanish, Jornadas Nacionales de Investigación en Ciberseguridad or JNIC ), ElevenPaths presented, within the Transference Track, a challenge on the development of a proof of concept for a continuous and adaptive authentication. This challenge was undertaken by the Cybersecurity and Cyberdefence Research Lab from the Faculty of Computer Science of the University of Murcia, that started working on it adapting their long-year knowledge on cybersecurity to meet the new and demanding requirements of the challenge raised.
The team was composed of the students José María Jorquera Valero and Pedro Miguel Sánchez Sánchez, under the supervision of their mentors Alberto Huertas Celdrán and Gregorio Martínez Pérez, that were in charge of organizing the tasks to be performed by the the Department of Information and Communication Engineering and the Department of Computer Technology and Architecture from the University of Murcia.
Proposed solution
As of the mentioned challenge, a joint company-university arises with the aim of developing an accurate solution that can be useful for society, and all this beyond the transference track framework, i.e. with the will to push this project beyond a mere research proposal, so becoming an out-of-lab proof of concept to be successfully tested by the users in several and different real scenarios. The good understanding between university and company clearly showed the advantages of joining two different sectors and visions for a common purpose.
The work performed consists of designing and implementing an adaptive continuous-authentication system for mobile devices, that allows an accurate identification of the device owner. This system has been named AuthCode. The proposed solution is based on the creation of user profiles by shaping the user behavior when using apps as well as on the evaluation of certain metrics collected through several device sensors. AuthCode can get adapted to new changes in user behaviors. Additionally, Machine Learning techniques are used as well (using the algorithm Isolation Forest), based on the detection of the appropriate anomalies for low-system-resource devices. As a proof of concept, the mentioned system has been implemented in Android (compatible with version 6.0 or later) and successfully tested with several groups of users.

The system functioning is divided into four phases:

  • Phase 0. Over this phase the most relevant dimensions and features intended to shape user’s behavior are selected. It should be highlighted that this selection process is a one-time process performed prior to system development over the design phase.
  • Phase 1. Acquisition of the mobile device data to extract the predetermined features and create a dataset where such features will be stored. Data collection is periodically performed in one-minute cycles for two weeks.
  • Phase 2. Firstly, Machine Learning algorithm is trained by means of the generated dataset in order to shape a profile for user’s behavior. Once this training has finished, the evaluation phase is triggered, over which the system compares the current user’s behavior with the one stored over the training phase. By doing so, the system returns an authentication level ranging from 0.0 and 0.1. This is a one-minute process as well.
  • Phase 3. System adaptability to new changes in user’s behavior by insertion and removal of vectors within the dataset, keeping it updated and preventing system from overtraining.


These phases, together with some steps in detail, are shown in the following figure.




The mentioned authentication level is key to show the real goal of the technology developed: getting a determined value from the authentication level provided by the device, on the basis of user’s behavior. This value sets up trust levels that can be configured regarding user experience, thus allowing adaptability. That way a value near 1.0 would rid the user of entering passwords, using additional authentication factors and having limitations regarding the use of the device until its authentication has been completely verified. By doing so, AuthCode would only ease security needs in those cases where trust in user identity has been defined as accurate due to its behavior. 
In the worst-case scenario a range of palliative actions to be performed would be launched if the system detected that the user is not authorized to use the device. This would enable to perform a number of actions such as remote blockage, action log, taking pictures of the current user and sending, when appropriate, notifications or alerts. AuthCode allows system adaptability as long as user evaluation is positive. Otherwise, if the user generates a determined number of consecutive and negative evaluations (that can be configured according to the scenario), the device will be blocked and it will be necessary to enter the appropriate credentials to unblock it.

In the following video you will find further details on the design and functioning of this system:

Once the proof of concept has been implemented, a use case is developed in order to show how useful is this continuous-authentication system in a real environment. Such use case is an online banking application and its functionality has been integrated with the continuous authentication system. For this purpose, an app for mobile devices has been designed and implemented pretending to be an online banking application (our fictitious Nevele Bank) connected to this continuous authentication system.

Awards and prizes
The resulting solution for the Transference Track challenge was presented over the 2018 National Colloquium on Cybersecurity Research. It won the prize for the best solution proposed in relation to the challenges set out over the event.
Logros y premios imagen
Once the challenge was concluded, the team kept working on the improvement of the proof of concept previously achieved. This additional research has resulted in an article published in the journal Sensors (classified as a Q2 according to the JCR).
Furthermore, this challenge helped two students in Computer Engineering to develop their bachelor’s degree theses. These theses were presented over the Certamen Arquímedes driven by the Spanish Ministry of Science, Innovation and Universities, and they reached the final phase held from 21 to 23 November at the URJC (Universidad Rey Juan Carlos). Finally, a special prize was awarded by Fundación ONCE for the best research project targeted to improve the quality of life of disabled people, together with a secondary prize.
Currently, AuthCode is being evaluated to be provided with funding by Fundación Séneca – Agencia de Ciencia y Tecnología, from the Region of Murcia. This way, it could become a completely-functional proof of concept tested by a great number of users in real scenarios.
At the same time, ElevenPaths, the Telefónica’s Cybersecurity Unit, continues directly working and providing ideas and support with the research team of the University of Murcia to be able to further develop the proof of concept. All this with a strong commitment by ElevenPaths to enhance university and company innovation and knowledge transference.

Innovations and Labs
www.elevenpaths.com


The Confirmation Bias: we seek the information that confirms our decisions, refusing their opposed evidences

ElevenPaths    10 December, 2018
Imagine yourself in a lab over an experiment. You’re asked to analyze the following number sequence:
2, 4, 6
This sequence follows a rule. What do you think the rule is? You can propose more three-number sequences to the experiment leader, who will tell you if the sequence proposed follows the rule or not. You can propose as many new three-number sequences as you wish. As soon as you discern the rule, announce it to the experiment leader for you to know if you got it or not.
So, which is the first three-number sequence that you would propose to discern the rule followed by the sequence 2,4,6?
Please, try to think about it before reading on, which three numbers would you use?
Think about it a little more…, don’t read the answer yet…
I’m sure that, as soon as you have seen the sequence 2,4,6, the first rule that sprang to mind was “even numbers ascending in pairs”. I have performed this experiment a number of times with scientists from all fields as well as with security professionals. So far, in 100% of cases, people tend to propose sequences as 8,10,12. That is, they put forward three consecutive even numbers in order to confirm their hypothesis. Would you have raised a similar sequence?
I confirm them that, indeed, sequences such as 8, 10, 12 or 10, 12, 14 or similar ones follow the rule. Then, they put forward sequences such as 100, 102, 104 or similar ones. Would you have proposed something like this as well?
Once they have suggested two or three more sequences like these ones, they firmly believe that they got it and announce: “The rule is even numbers ascending in pairs”.
Of course, this is not the rule!. At this stage, they change the rule and suggest sequences as 11, 13, 15. Once again, I confirm that they follow the rule, so they feel encouraged and put forward 101, 103, 105. It follows the rule as well. At this time, they announce: “The rule is numbers ascending in pairs”.
But neither is it the answer! Some suggest then 5, 3, 1, but this sequence does not follow the rule. And this is how, little by little, they finally reach the real rule. Have you already guessed it? 
The rule is any number sequence in ascending order, regardless of the difference between each number and its following one, for instance: 1, 100, 1000.
What’s happening here? Why is so difficult to find such an easy rule? Just because people try to prove that their hypotheses are the right ones: they choose examples that confirm their hypothesis instead of taking those that disprove it. The real scenario is that no hypothesis can be completely validated. Just a counterexample is enough to reject it. The first black swan discovered in Australia disproved the long-held theory in Europe that “all swans are white”. In science, this happens continuously. New findings displace old theories, thus rejecting hypothesis sometimes supported for centuries.
In conclusion: if you want to prove that your hypothesis is certainly right, you must fail in your attempts to disprove it. In other words, the experiments that you design do not have to be focused on proving your hypothesis, but on refuting it. It is at this point where most people fail, including scientists. Because we are clung to our hypotheses, to our ideas, we seek to confirm our beliefs.
Coming back to the sequence experiment. If your initial hypothesis is “even numbers ascending in pairs”, which number sequence would you have to propose? Instead of those sequences that confirm it, like 10, 12, 14, put forward those that would refute it, such as 9, 15, 29. Can you see it? The second sequence includes odd numbers that do not increase in pairs. If it follows the rule, your hypothesis is thus disproved. By doing so you move towards the right answer. Otherwise, no matter how many sequences confirming your hypothesis you propose: you will be fastened with your error. This is the heart of the scientific method: you try to refute your theories, not to prove them. And this, dear friends, it is a daunting task for humans.
If you think that something is true, don’t seek to confirm it, but instead try to disprove it
In the following video from Veritasium you can follow a number of persons over the 2-4-8 experiment:
Did you notice how do they persevere in their hypotheses? Even if their initial proposals for the rule are rejected, they keep on putting forward three-number sequences which are variants of their initial hypothesis. And they always, always, always suggest sequences to confirm the hypothesis, not to disprove it.
This experiment was designed and its results initially published by the psychologist Peter Wason in the sixties. Actually, it was him who coined the term “confirmation bias” to refer to our trend to boost information confirming our hypotheses, personal beliefs and ideas, no matter whether they are true or not.
Unfortunately, even if I’m explaining that you are swayed by this confirmation bias, you will keep on looking for information confirming your hypothesis and rejecting information that disproves it. The fact of being aware of it will not save yourself from risk. Don’t you believe it? Here you have another logical reasoning challenge, created again by Wason:
You are shown a set of four cards placed on a table, two of them show a letter each one and the remaining two a number each one:
 A D 3 7
Each card has a number on one side and a letter on the other side. The challenge is to decide which cards to turn over for verifying the following rule:
Any card having an A on one side has a 3 on the other side
This time I will not give you the answer. You are invited to let your answer in the comments below. I will only give you a lead: don’t try to validate your hypothesis, try to disprove it.  
We seek the evidence that confirms our position
These experiments show that, once you take a position on an issue, you are more likely to look for or give credit to these evidences supporting your position instead of to the evidence rejecting it. However, don’t think that we work like this just for drawing scientific theories up. We are swayed by this bias in our everyday life, at any moment and when we perform any kind of task or interact with other people. The more clung you are to a hypothesis, the more difficult considering opposed hypotheses will be.
The explanation is quite simple. Information assessment is an intellectual-cost activity. Our brain is lazy and prefers to use “thought shortcuts”. This is how it saves time when making choices, especially under pressure or when facing great uncertainty. Finally, we tend to prioritize that information allowing us to quickly reach the conclusion that we boost.
This trend to seek confirmatory information can lead to all kinds of false beliefs and bad choices, since you will always be able to find an evidence proving (almost) any idea. Do you smoke and want to believe that it isn’t so bad for health? I’m sure you had a relative who died at 98 and he smoked a carton of cigarettes per day. Do you have a sedentary lifestyle and think that sport is not that healthy? You certainly had another relative who was extremely careful about his health and died at 38 because of a heart attack. Do you use the same password to protect all your services and think is not necessary to change it? I’m sure you have been like this for years and nothing happened, so why should something happen tomorrow?
As you may have realized, the fact that there is an evidence supporting an affirmation is not enough to reach a determined conclusion, since there could be another evidence against it: people who had died because of lung cancer as a direct consequence of smoking, people who had died because of a heart attack as a consequence of the cardiovascular risk reached following years of sedentary lifestyle and obesity, or people whose account was hacked because the passwords used in different services were identical.
The highest risk of this confirmation bias is that if you are looking for a single kind of evidence, you will certainly find it. You need to look for both types of evidences: also that one that refutes your position.
You are not as open to change as you like to think
According to the professor Stuart Sutherland, the author of Irrationality: The Enemy within, changing our ideas and hypotheses about reality is extremely difficult due to several reasons:
  1. People consistently avoid exposing themselves to evidence that might disprove their beliefs.
  2. On receiving evidence against their beliefs, they often refuse to believe it.
  3. The existence of a belief distorts people’s interpretation of new evidence in such a way as to make it consistent with the belief.
  4. People selectively remember items that are in line with their beliefs.
  5. To these four reasons one might add a fifth, the desire to protect one’s self-esteem.
This confirmation bias is ubiquitous in cybersecurity work life. We can see it in our everyday life:
  • If you are a technologist, you may think that technology is the solution for your security problems. If technology fails, you will blame people who manage or use it , or the processes implemented. You will seek and highlight technology’s success in the same way you will ignore and underestimate its failures. By doing so, you will be, whether consciously or not, swollen its effectiveness.
  • Over a security audit, it is quite common to draw the conclusions just with some evidences. You find something, and you quickly make an explanation for it. Once an opinion is shaped soon after starting the research on the security of a system, you will spend more time seeking evidences confirming your first impression than those disproving it.
  • If you want to hire a security professional for your organization, and you think that those having certifications such as CISSP, CEH, CISM, etc., are higher-qualified, then you will find all sorts of evidences to support your belief.
  • If you are responsible for information security within a company, in case your CEO thinks it’s important to invest in security, the focus will be placed on your department’s achievements. Otherwise, if your CEO thinks it’s an unnecessary expense, the focus of their decisions will be placed on your errors and gaps, so ignoring your achieved successes.
  • Security experts within an organization, as well as the externally-hired security experts are that: experts. So, it’s quite normal if they want to be seen as humans. This halo of “expert” makes them to be trusted by everyone, so looking for alternative solutions becomes unnecessary. After all, if the expert considers that a given solution is the right one, why should we seek more? The expert will tend to reject those solutions that may threat their role.
  • In a similar vein, there is none more dangerous than a group of experts together in the same room, because the well-known “groupthink” will almost certainly appear: each group member will try to conform their opinion to the opinion considered as the group consensus, until the group agrees a determined action, that will be individually considered by each group member as inadvisable. When they think the same, is because no one is thinking.
  • In relation to this situation, we also can have a “false consensus”. We often invite people to a meeting because we know that they agree with us and share our ideas.
A survival guide for cybersecurity professionals
Whether you like it or not, we are all conditioned by the confirmation bias. Here you have a checklist guide that you can use before taking important decisions. I have made it on the basis of the advices given by Stuart Sutherland in his book Irrationality.
  • I have actively sought evidences that disprove my beliefs.
  • I have looked for more than a single hypothesis, so I have considered a minimum of two opposed hypotheses.
  • I have invested time in and put attention to seriously consider the information that has contrasted with my beliefs, instead of rejecting it at once.
  • I have not distorted the new evidence built after my initial hypothesis: I have carefully considered if it can be interpreted as a refutation of my beliefs instead of as their confirmation.
  • I have not trusted my memory: I’m aware that those facts that better match with our way of thinking are easily remembered. This is why I have asked other people and checked out past events’ data and notes.
  • I have counted on the support of a devil’s advocate, who has questioned all my hypotheses.
As we explained in a previous article of this set, biases are an inherent characteristic in human thinking. The first step to avoid them is knowing them. In particular, the confirmation bias can become a problem when taking complex decisions. You can use this checklist if you must make an important choice to avoid the confirmation bias. And remember that changing your mind due to new evidences is a sign of strength, not a weakness.
Gonzalo Álvarez Marañón
Innovation and Labs (ElevenPaths)

TOP 5: The 5 most read posts of Synergic Partners

Carlos Lorenzo    7 December, 2018
Today we have an important announcement, as you know Synergic Partners has been integrated into LUCA, the data unit of Telefónica, and with the aim of continuing to offer the best content we have decided to add both blogs and keep our publications in LUCA. In this sense, and in honour of the last post published by Synergic, we bring you its 5 most read post
In no specific order, the first post that we share is one that it was well received as it explained, in a very schematic and concise way, the journey of Machine Learning since its beginning. Dating back to the first great milestone in 1950 with the “Turing Test“, where the machine had to be able to deceive a human into believing that it was human instead of a computer, arriving in 2016, when Google DeepMind defeated the world’s best Go player Lee Sedol 5 games to 1.

In the current scenario where we are, a so-called data economy, it is essential that all companies have a deep knowledge of the value of their own data for the business. To do this, they must adapt their workforce with new profiles capable of extracting knowledge of their data. The Chief Data Officer emerges with a fundamental role in this transition process. Here our next featured post:
Big Data and Artificial Intelligence are in the public eye, and new words are also emerging, we now talk of Machine Learning and Deep Learning within the AI family. The following post that we bring here explains just these terms in a very simple way and brings us closer to the potential that has the application of these techniques for companies.
One of the great challenges that the analysis of a huge amount of data has is to know how to translate it clearly so that anyone can understand it, we speak of thousands of variables, millions of data. Therefore, it is almost as important to have the data as to know how to show them. In this outstanding post we find this other side of the coin, we talk about telling stories through the data, that the data speak to us.
Finally, we leave you with the most read post on our blog. It may be because it is the daily life of all data scientists. We talk about the things to take into account when standardizing data, with a technical focus but at the same time brief and practical.