I am a Research Scientist at Telefonica Research in Barcelona, Spain.
I am also a collaborator professor at the Universitat Oberta de Catalunya (UOC).
My research interests lie in the areas of Networks and Security. Currently, my work focuses on the security of new networking and computing paradigms such as Software Defined Networking (SDN), Network Function Virtualisation (NFV), programmable data planes (e.g., through P4), containers or serverless computing.
In 2018, I obtained a PhD degree from the COSIC research group (KU Leuven, Belgium) under the supervision of Prof Bart Preneel and Dr Dave Singelée. My doctoral thesis is entitled Security and Privacy of Implantable Medical Devices.
In the past I graduated as a Telecommunications Engineer at the Universitat Politècnica de Catalunya (UPC) (Spain) with the master thesis Security analysis of an implantable cardioverter defibrillator developed at COSIC within the ERASMUS framework. After obtaining my PhD, I was a visiting research fellow in the SPRITZ group at the University of Padua (Italy) and a research fellow in the Security and Privacy group at the University of Birmingham (UK).
- Jan, 2023. Invited to serve on the PC of ESORICS and TMA
- Dec, 2022. Our paper “HAT: Secure and Practical Key Establishment for Implantable Medical Devices” has been accepted at CODASPY 2023.
- Sep, 2022. Our magazine paper “Serverless Computing: A Security Perspective” has been accepted at the Journal of Cloud Computing
- Sep, 2022. Our paper “Heimdallr: Fingerprinting SD-WAN Control-Plane Architecture via Encrypted Control Traffic” has been accepted at ACSAC 2022
- May, 2022. Bernardo has joined our group as an intern. He’ll work with me on SDN/P4 security for 6 months. Welcome Bernardo!
- May, 2022. Our paper “Primitives for Finite Field Arithmetic in Network Switches” has been accepted at P4 workshop 2022
- Mar, 2022. Seven of the proposals we submitted to EU calls have been accepted!. I was involved in 4 of them
- Mar, 2022. Our paper “PPFL: Enhancing Privacy in Federated Learning with Confidential Computing” has been accepted at ACM GetMobile 2022
- Mar, 2022. Our paper “Symbolon: Enabling Flexible Multi-device-based User Authentication” has been accepted at IEEE DSC 2022
- Mar, 2022. Our paper “Privacy-preserving AI for future networks” has been accepted at CACM 2022
- Oct, 2021. Our paper “EqualNet: A Secure and Practical Defense for Long-term Network Topology Obfuscation” has been accepted at NDSS 2022
- Sep, 2021. Our paper “FuzzyKey: Comparing Fuzzy Cryptographic Primitives on Resource-Constrained Devices” has been accepted at CARDIS 2021
- June, 2021. We wrote a paper on the security of serverless computing. Have a look at our paper here
- June, 2021. Our MobiSys paper got the best paper award!
- Apr, 2021. Our work “Inter-operability and Orchestration in Heterogeneous Cloud/Edge Resources: the ACCORDION vision” has been accepted at FRAME 2021
- Mar, 2021. Our work “PPFL: Privacy-preserving Federated Learning with Trusted Execution Environments” has been accepted at ACM MobiSys 2021
- Feb, 2021. We are organising the 1st Workshop on Mobile Serverless (MobileServerless), co-located with ACM MobiSys 2021 in a virtual (on-line) format. Please consider submitting your work.
- Dec, 2020. We wrote an article entitled “Software Defined Networking privacy” for the (3rd) edition of Encyclopedia of Cryptography, Security, and Privacy. Stay tuned!
- May, 2020. Our work “Remote monitoring of cardiac implanted electronic devices – legal requirements and ethical principles ESC REGULATORY AFFAIRS / EHRA JOINT TASK FORCE REPORT” has been accepted at EP Europace 2020. This paper is the result of a collaboration with the European Society of Cardiology (ESC).
- May, 2020. I have joined Telefonica Research as a Researcher!
- “Serverless computing: A security perspective”, WoSCx2, 22 June 2023
- “The evolution of cloud computing: A security perspective”, Keynote at Conference on Concurrence and Distributed Systems (JCSD), 20 June 2023
- “Serverless computing: A security perspective”, Webinar organised by Accordion and Charity EU projects, 20 April 2023
- “Artificial Intelligence and Decentralized Privacy Preserving Mechanisms for Telco Industry”, University of Murcia, 20 March 2023
- “Commercial R&D practices” Participation in panel at the APROPOS summer school, (Valencia, Spain), 28 September 2022
- “Security of new computing paradigms” Invited talk for the APROPOS summer school, (Valencia, Spain), 28 September 2022
- “EqualNet: A Secure and Practical Defense for Long-term Network Topology Obfuscation” Seminar at the Distributed, Parallel and Secure Systems group, University of Lisbon, (Lisbon, Portugal), February 2022
- ”Software-defined and programmable networks” Invited talk for the Two week International Winter School on Cyber Security and Threat Intelligence, (Virtual event), 25 January 2022
- “The security of modern networks: the case of Software-Defined Networks”, Invited talk for the Computer and Network Security course at TU Delft (Virtual event), 26 May 2021
- “A first look at the security of serverless applications” Cloud NativeSecurity Day Europe 2021, (Virtual event)
- “The security of modern networks: the case of Software-Defined Networks”, Invited talk for the Computer and Network Security course at University of Padua, (Virtual event), 4 Nov 2020
- “The (in)security of implantable medical devices”, Invited talk for the CIF Seminars interdisciplinary seminars at KU Leuven, (Virtual event), 17 July 2020
- “Introduction to Software-Defined Networking and its security challenges”, Invited talk for the “Computer and Network Security: Advanced Topics” course at TU Delft, (Virtual event), 20 May 2020
- “User-Controlled Hardware Security Anchors: Evaluation And Designs”, 2nd RISE Annual Conference (London, UK), 21 Nov 2019
- “An in-depth look into SDN topology discovery mechanisms: novel attacks and practical countermeasures”, CCS 2019 (London, UK), 13 Nov 2019
- “Is cybersecurity an issue with cardiac implanted electronic devices?”, European Society of Cardiology (ESC) congress (Paris, France), 3 September 2019
- “Topology discovery mechanisms in SDN networks”, International Summer School on Future Internet Architecture Security (Padua, Italy), 20 June 2019
- “On the difficulty of using patient’s physiological signals in cryptographic protocols”, SACMAT 2019 (Toronto, Canada), 5 June 2019
- “The (in)security of implantable medical devices”, Seminar at the security in telecommunications chair, TU Berlin, (Berlin, Germany), 28 May 2019
- “Security and privacy of implantable medical devices”, Worksession on “Aging Companions” organized by Constant (Leuven, Belgium), 19 June 2018
- “Securing wireless neurostimulators”, CODASPY 2018 (Tempe, USA), 20 March 2018
- “Security and privacy of medical devices”, Seminar at the SPRITZ security group (Padua, Italy), 25 October 2017
- “On the (in)security of the latest generation implantable cardiac defibrillators”, ACSAC 2016 (Los Angeles, USA), 8 December 2016
- “Towards quantum distance bounding protocols”, RFIDsec 2016 (Hong Kong), 2 December 2016
- “Medical device security”, ECRYPT-NET Workshop on Cryptography Design for the Internet of Things (Leuven, Belgium), 15 July 2016
- “Wireless security”, IPICS course (Leuven, Belgium), 15 July 2016
- “A privacy-preserving remote healthcare system offering end-to-end security”, ADHOC-NOW 2016 (Lille, France), 4-6 July 2016
- “On the feasibility of cryptography for a wireless insulin pump system”, CODASPY 2016 (New Orleans, USA), 9-11 March 2016
- “On the feasibility of cryptography for a wireless insulin pump system”, Seminar at the security and privacy research group (Birmingham, UK), 26 November 2015
- “Cyber-physical security solutions for implantable medical devices”, LICT Workshop on Cyber Physical Systems (Leuven, Belgium), 11 September 2014
- PC chair: MobileServerless 2021
- PC member (conferences): ESORICS 2023 and 2022, TMA 2023 and 2022, PST 2022 and PAM 2021
PC member (workshops): SecSoft 2023, ANT 2022, SSR 2022, LESS 2022 (co-located with Percom), MAISP 2021 (co-located with MobiSys), CLOUD S&P 2021 and 2020 (co-located with ACNS)
- Conference Reviewer: CHES 2023, ECML-PKDD 2023 (demo reviews), INFOCOM 2022 (x2), 2021 and 2020 (x2), Euro S&P 2020 and 2018, IEEE NFV-SDN 2021, 2020 and 2019, ICICS 2020, ASHES 2019 and 2017, ESORICS 2019 (x3), IEEE TrustCom 2019, WISTP 2018 and 2016, GIIS 2018, IEEE MASS 2018, DAC 2016, AsiaCCS 2016, Eurocrypt 2016 and Space 2014.
- Journal Reviewer: IEEE Communications Surveys & Tutorials, IEEE Transactions on Services Computing, Computer Networks, Journal of Computer Security, Concurrency and Computation: Practice and Experience, IEEE Transactions on Information Forensics and Security, Computers & Security, IEEE Transactions on Dependable and Secure Computing, IEEE Transactions on Network and Service Management, Expert Review of Medical Devices, Security and Communication Networks, IEEE Journal of Biomedical and Health Informatics, and Sensors