Person:
Izal Azcárate, Mikel

Loading...
Profile Picture

Email Address

Birth Date

Research Projects

Organizational Units

Job Title

Last Name

Izal Azcárate

First Name

Mikel

person.page.departamento

Ingeniería Eléctrica, Electrónica y de Comunicación

person.page.instituteName

ISC. Institute of Smart Cities

ORCID

0000-0002-2770-912X

person.page.upna

2083

Name

Search Results

Now showing 1 - 10 of 55
  • PublicationOpen Access
    Improving efficiency of IP alias resolution based on offsets between IP addresses
    (IEEE, 2009) García-Jiménez, Santiago; Magaña Lizarrondo, Eduardo; Morató Osés, Daniel; Izal Azcárate, Mikel; Automática y Computación; Automatika eta Konputazioa
    In order to get a router-level topology in Internet, IP address alias resolution techniques allow to identify IP addresses that belong to the same router. There are several proposals to make this identification, some based on active measurements and others based on inference studies. The former provides more accuracy and completeness, however efficiency is very low because of the high number of probes needed. These methods probe IP addresses in pairs. With thousands or even more IP addresses to check for aliases, the number of tests gets too high. In order to reduce the number of probes, we propose to select the pairs of IP addresses to test for aliasing using information available a priori. This selection will be based on the offset (numerical distance) between the IP addresses to test. We will show that we can improve efficiency of active alias identification with almost no loss on completeness and without generating probing traffic. The technique is also adaptable to a distributed measurement scenario.
  • PublicationOpen Access
    On linear prediction of Internet traffic for packet and burst switching networks
    (IEEE, 2001) Morató Osés, Daniel; Aracil Rico, Javier; Díez Marca, L. A.; Izal Azcárate, Mikel; Magaña Lizarrondo, Eduardo; Automática y Computación; Automatika eta Konputazioa
    In this paper, we show that prediction algorithms in the least mean square error sense prove better in a burst rather than in a packet switching network. For the latter, further information about the packet arrival distribution within the prediction interval is required. Regarding burst switching, we compare Optical Burst Switching networks with and without linear prediction to conclude that linear prediction provides a significant improvement in end-to-end latency with low bandwidth waste.
  • PublicationOpen Access
    Computation of traffic time series for large populations of IoT devices
    (MDPI, 2018) Izal Azcárate, Mikel; Morató Osés, Daniel; Magaña Lizarrondo, Eduardo; García-Jiménez, Santiago; Ingeniaritza Elektrikoa, Elektronikoaren eta Telekomunikazio Ingeniaritzaren; Institute of Smart Cities - ISC; Ingeniería Eléctrica, Electrónica y de Comunicación
    En este artículo se estudian las tecnicas para clasificar paquetes de tráfico de red en múltiples clases orientadas a la realización de series temporales de tráfico en escenarios de un elevado numero de clases como pueden ser los proveedores de red para dispositivos IoT. Se muestra que usando técnicas basadas en DStries se pueden monitorizar en tiempo real redes con decenas de miles de dispositivos.
  • PublicationOpen Access
    Ransomware encrypted your files but you restored them from network traffic
    (IEEE, 2019) Berrueta Irigoyen, Eduardo; Morató Osés, Daniel; Magaña Lizarrondo, Eduardo; Izal Azcárate, Mikel; Ingeniaritza Elektrikoa, Elektronikoaren eta Telekomunikazio Ingeniaritzaren; Institute of Smart Cities - ISC; Ingeniería Eléctrica, Electrónica y de Comunicación
    In a scenario where user files are stored in a network shared volume, a single computer infected by ransomware could encrypt the whole set of shared files, with a large impact on user productivity. On the other hand, medium and large companies maintain hardware or software probes that monitor the traffic in critical network links, in order to evaluate service performance, detect security breaches, account for network or service usage, etc. In this paper we suggest using the monitoring capabilities in one of these tools in order to keep a trace of the traffic between the users and the file server. Once the ransomware is detected, the lost files can be recovered from the traffic trace. This includes any user modifications posterior to the last snapshot of periodic backups. The paper explains the problems faced by the monitoring tool, which is neither the client nor the server of the file sharing operations. It also describes the data structures in order to process the actions of users that could be simultaneously working on the same file. A proof of concept software implementation was capable of successfully recovering the files encrypted by 18 different ransomware families.
  • PublicationOpen Access
    Delay-throughput curves for timer-based OBS burstifiers with light load
    (IEEE, 2006) Izal Azcárate, Mikel; Aracil Rico, Javier; Morató Osés, Daniel; Magaña Lizarrondo, Eduardo; Automática y Computación; Automatika eta Konputazioa
    The OBS burstifier delay-throughput curves are analyzed in this paper. The burstifier incorporates a timer-based scheme with minimum burst size, i. e., bursts are subject to padding in light-load scenarios. Precisely, due to this padding effect, the burstifier normalized throughput may not be equal to unity. Conversely, in a high-load scenario, padding will seldom occur. For the interesting light-load scenario, the throughput delay curves are derived and the obtained results are assessed against those obtained by trace-driven simulation. The influence of long-range dependence and instantaneous variability is analyzed to conclude that there is a threshold timeout value that makes the throughput curves flatten out to unity. This result motivates the introduction of adaptive burstification algorithms, that provide a timeout value that minimizes delay, yet keeping the throughput very close to unity. The dependence of such optimum timeout value with traffic long-range dependence and instantaneous burstiness is discussed. Finally, three different adaptive timeout algorithms are proposed, that tradeoff complexity versus accuracy.
  • PublicationOpen Access
    A proposal of burst cloning for video quality improvement in optical burst switching networks
    (2013) Espina Antolín, Félix; Morató Osés, Daniel; Izal Azcárate, Mikel; Magaña Lizarrondo, Eduardo; Automática y Computación; Automatika eta Konputazioa
  • PublicationOpen Access
    Video over OBS Networks
    (2008) Espina Antolín, Félix; Morató Osés, Daniel; Izal Azcárate, Mikel; Magaña Lizarrondo, Eduardo; Automática y Computación; Automatika eta Konputazioa
  • PublicationOpen Access
    Approximations for end-to-end delay analysis in OBS networks with light load
    (IEEE, 2004) Morató Osés, Daniel; Magaña Lizarrondo, Eduardo; Izal Azcárate, Mikel; Automática y Computación; Automatika eta Konputazioa
    In this paper we provide an analysis of end-to-end delay in OBS networks and a large deviations approximation. The analysis is based on an exponential approximation of the OBS router blocking time and on the assumption of Poisson arrivals in routers along the path from source to destination. On the other hand, a lightload assumption is performed, namely, waiting time is mainly due to residual life of the output wavelengths and not to buffering.
  • PublicationOpen Access
    A survey on detection techniques for cryptographic ransomware
    (IEEE, 2019) Berrueta Irigoyen, Eduardo; Morató Osés, Daniel; Magaña Lizarrondo, Eduardo; Izal Azcárate, Mikel; Ingeniaritza Elektrikoa, Elektronikoaren eta Telekomunikazio Ingeniaritzaren; Institute of Smart Cities - ISC; Ingeniería Eléctrica, Electrónica y de Comunicación
    Crypto-ransomware is a type of malware that encrypts user files, deletes the original data, and asks for a ransom to recover the hijacked documents. It is a cyber threat that targets both companies and residential users, and has spread in recent years because of its lucrative results. Several articles have presented classifications of ransomware families and their typical behaviour. These insights have stimulated the creation of detection techniques for antivirus and firewall software. However, because the ransomware scene evolves quickly and aggressively, these studies quickly become outdated. In this study, we surveyed the detection techniques that the research community has developed in recent years. We compared the different approaches and classified the algorithms based on the input data they obtain from ransomware actions, and the decision procedures they use to reach a classification decision between benign or malign applications. This is a detailed survey that focuses on detection algorithms, compared to most previous studies that offer a survey of ransomware families or isolated proposals of detection algorithms. We also compared the results of these proposals.
  • PublicationOpen Access
    Internet traffic shaping for IP over WDM links with source output buffering or multiple parallel wavelengths
    (Kluwer Academic Publishers, 2001) Aracil Rico, Javier; Izal Azcárate, Mikel; Morató Osés, Daniel; Automática y Computación; Automatika eta Konputazioa
    Since the number of wavelengths per fiber is growing in an exponential fashion the over- flow traffic can be routed through overflow lightpaths, thus providing an ideal network with near-infinite capacity and almost no-buffering. Such unprecedented bandwidth growth in the network backbone is only limited by the processing speed of the electronic elements. Even though multiple parallel high-speed channels (lightpaths) are provided between IP routers the switching speed of the latter is an order of magnitude below the lightpath transmission speed. As a result, minimizing transfer delay is not only a matter of forwarding traffic as fast as possible but to shape traffic so that the input queues of the destination routers do not over-flow. Even though it is desirable to exploit the WDM capabilities to forward traffic in parallel channels in order to nearly eliminate the router output buffering, it turns out that the extreme burstiness of Internet traffic is even increased by routing part of the traffic through a backup channel. Instead, the use of source output buffering for traffic shaping purposes proves more beneficial. In this paper, we examine the typical scenario of a static WDM network with several wavelengths between IP routers. In a simple configuration of a primary and over flow lightpath the results show that if 3% of the traffic is routed through the over flow lightpath then the packet forwarding speed in the destination router should be increased in 20% in order to obtain the same transfer delay as with the single lightpath configuration with source output buffering.