Cookies Policy
The website need some cookies and similar means to function. If you permit us, we will use those means to collect data on your visits for aggregated statistics to improve our service. Find out More
Accept Reject
  • Menu
Publications

Publications by Pedro Filipe Pinto

2022

A hybrid heuristics artificial intelligence feature selection for intrusion detection classifiers in cloud of things

Authors
Sangaiah, AK; Javadpour, A; Ja'fari, F; Pinto, P; Zhang, WZ; Balasubramanian, S;

Publication
CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS

Abstract
Cloud computing environments provide users with Internet-based services and one of their main challenges is security issues. Hence, using Intrusion Detection Systems (IDSs) as a defensive strategy in such environments is essential. Multiple parameters are used to evaluate the IDSs, the most important aspect of which is the feature selection method used for classifying the malicious and legitimate activities. We have organized this research to determine an effective feature selection method to increase the accuracy of the classifiers in detecting intrusion. A Hybrid Ant-Bee Colony Optimization (HABCO) method is proposed to convert the feature selection problem into an optimization problem. We examined the accuracy of HABCO with BHSVM, IDSML, DLIDS, HCRNNIDS, SVMTHIDS, ANNIDS, and GAPSAIDS. It is shown that HABCO has a higher accuracy compared with the mentioned methods.

2022

GSAGA: A hybrid algorithm for task scheduling in cloud infrastructure

Authors
Pirozmand, P; Javadpour, A; Nazarian, H; Pinto, P; Mirkamali, S; Ja'fari, F;

Publication
JOURNAL OF SUPERCOMPUTING

Abstract
Cloud computing is becoming a very popular form of distributed computing, in which digital resources are shared via the Internet. The user is provided with an overview of many available resources. Cloud providers want to get the most out of their resources, and users are inclined to pay less for better performance. Task scheduling is one of the most important aspects of cloud computing. In order to achieve high performance from cloud computing systems, tasks need to be scheduled for processing by appropriate computing resources. The large search space of this issue makes it an NP-hard problem, and more random search methods are required to solve this problem. Multiple solutions have been proposed with several algorithms to solve this problem until now. This paper presents a hybrid algorithm called GSAGA to solve the Task Scheduling Problem (TSP) in cloud computing. Although it has a high ability to search the problem space, the Genetic Algorithm (GA) performs poorly in terms of stability and local search. It is therefore possible to create a stable algorithm by combining the general search capacities of the GA with the Gravitational Search Algorithm (GSA). Our experimental results indicate that the proposed algorithm can solve the problem with higher efficiency compared with the state-of-the-art.

2022

DMAIDPS: a distributed multi-agent intrusion detection and prevention system for cloud IoT environments

Authors
Javadpour, A; Pinto, P; Ja'fari, F; Zhang, WZ;

Publication
CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS

Abstract
Cloud Internet of Things (CIoT) environments, as the essential basis for computing services, have been subject to abuses and cyber threats. The adversaries constantly search for vulnerable areas in such computing environments to impose their damages and create complex challenges. Hence, using intrusion detection and prevention systems (IDPSs) is almost mandatory for securing CIoT environments. However, the existing IDPSs in this area suffer from some limitations, such as incapability of detecting unknown attacks and being vulnerable to the single point of failure. In this paper, we propose a novel distributed multi-agent IDPS (DMAIDPS) that overcomes these limitations. The learning agents in DMAIDPS perform a six-step detection process to classify the network behavior as normal or under attack. We have tested the proposed DMAIDPS with the KDD Cup 99 and NSL-KDD datasets. The experimental results have been compared with other methods in the field based on Recall, Accuracy, and F-Score metrics. The proposed system has improved the Recall, Accuracy, and F-Scores metrics by an average of 16.81%, 16.05%, and 18.12%, respectively.

2023

Severity Analysis of Web3 Security Vulnerabilities Based on Publicly Bug Reports

Authors
Melo, R; Pinto, P; Pinto, A;

Publication
Blockchain and Applications, 5th International Congress, BLOCKCHAIN 2023, Guimaraes, Portugal, 12-14 July 2023.

Abstract

2023

A Taxonomy for Tsunami Security Scanner Plugins

Authors
Lima, G; Gonçalves, VH; Pinto, P;

Publication
2023 IEEE INTERNATIONAL CONFERENCE ON CYBER SECURITY AND RESILIENCE, CSR

Abstract
Vulnerability scanning tools are essential in detecting systems weaknesses caused by vulnerabilities in their components or wrong configurations. Corporations may use these tools to assess a system in advance and fix its vulnerabilities, thus preventing or mitigating the impact of real attacks. A set of these tools are organized by plugins, each intended to check a specific vulnerability, such as the case of the Tsunami Security Scanner tool released in 2020 by Google. Multiple plugins for this tool were proposed in a community-based approach and thus, it is important for the users and research community to have these plugins in a framework consistently categorized across multiple sources and types. This paper proposes a comprehensive taxonomy for all the 61 plugins available, hierarchically sorted into 2 main categories, 4 categories, 4 subcategories, and 7 types. An analysis and a discussion on statistics by categories and types over time are also provided. The analysis shows that, so far, there are 4 main contributors, being Google, Community, Facebook, and Govtech. The Google source is still the top contributor counting 39 out of 61 plugins and the highest number of plugins available are in the RCE subcategory. The plugins available are mainly focused on critical and high vulnerabilities.

2023

Assessing Cybersecurity Hygiene and Cyber Threats Awareness in the Campus - A Case Study of Higher Education Institutions in Portugal and Poland

Authors
Oliveira, L; Chmielewski, A; Rutecka, P; Cicha, K; Rizun, M; Torres, N; Pinto, P;

Publication
2023 IEEE INTERNATIONAL CONFERENCE ON CYBER SECURITY AND RESILIENCE, CSR

Abstract
Cybersecurity skills are of utmost importance to prevent or mitigate the impact of cyberattacks. In higher education, there are graduations related to Information Technology (IT), where students are expected to develop technical skills, including cybersecurity. Thus, it is relevant to assess students' cybersecurity awareness regarding cybersecurity hygiene and cyber threats when they start their academic studies and to verify whether there are context-dependent differences. This paper presents the results of an assessment regarding the cybersecurity awareness level of 110 first-year students from computer science graduations from two different countries, Poland and Portugal. The assessment was designed as a survey divided into the following two main groups of questions: (1) awareness regarding cybersecurity hygiene and (2) awareness regarding major cyber threats considered in the European Union Agency for Cybersecurity (ENISA) 2021 cyber threat report. The survey results show that Polish and Portuguese students present different self-perceptions and knowledge regarding cybersecurity hygiene and knowledge of cybersecurity. In these areas, Polish students are generally more confident than Portuguese students. Also, Polish students presented better scores around 70%, against the ones obtained by the Portuguese students, scoring around 58%.

  • 10
  • 11