Cybersecurity Researcher
Valencia, Spain
fernando (at) fervagar.com
My main research interests include cybersecurity, memory management in cloud computing,
critical infrastructures and virtualization technologies, among others. I have
participated in research projects as Co-Investigator. I am author of many articles of
computer security in operating systems and cloud computing, and I also contributed on
several occasions as a reviewer for top international scientific conferences and
reputable scientific journals. I obtained a PhD degree in computer science,
cybersecurity at the University of the West of Scotland, United Kingdom. I completed my
MSc in cybersecurity at Universidad Carlos III de Madrid, Spain and my BSc Computer
Engineering degree at Universitat Politècnica de València.
I love GNU/Linux and the philosophy that surrounds it.
I actually believe that the real computer security and the open source code are the
formula to achieve a conscious society and, definitely, make the world a better place.
Ph.D in Cybersecurity
Research Associate
Bachelor’s Degree in Computer Engineering
In this work, an open source project of a honeypot (available for the community) has been chosen, with the purpose of setting up, configuring and expanding the functionality in order to avoid bypass and evasion attacks. Afterwards, it has been located under a controlled environment, exposed through a public IP address reachable from the Internet during a month, with the purpose of analysing a posteriori the performed attacks against the system. Advanced knowledge of operating systems (Linux kernel and Loadable Kernel Modules, syscall hooking), the SSH protocol, malware analysis and the configuration and general operation of a honeypot are put into practice.
This project deals with the implementation of a program written in C language that, given a ELF executable file of the ARM architecture, locates in it all those code snippets (called Gadgets in ROP) which can be used to prepare a payload. The goal, therefore, is to provide a tool which shows all available gadgets for the production of payloads, as well as the automation of an specific payload which executes a Linux shell. Advanced knowledge of operating systems (calling convention), the assembly language of the ARM architecture, exploitation of programming errors (buffer overflow), and the ELF executable files structure are put into practice.