Cookies Policy
The website need some cookies and similar means to function. If you permit us, we will use those means to collect data on your visits for aggregated statistics to improve our service. Find out More
Accept Reject
  • Menu
Publications

Publications by Rolando Martins

2019

Iris: Secure reliable live-streaming with opportunistic mobile edge cloud offloading

Authors
Martins, R; Correia, ME; Antunes, L; Silva, F;

Publication
FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE

Abstract
The ever-increasing demand for higher quality live streams is driving the need for better networking infrastructures, specially when disseminating content over highly congested areas, such as stadiums, concerts and museums. Traditional approaches to handle this type of scenario relies on a combination of cellular data, through 4G distributed antenna arrays (DAS), with a high count of WiFi (802.11) access points. This obvious requires a substantial upfront cost for equipment, planning and deployment. Recently, new efforts have been introduced to securely leverage the capabilities of wireless multipath, including WiFi multicast, 4G, and device-to-device communications. In order to solve these issues, we propose an approach that lessens the requirements imposed on the wireless infrastructures while potentially expanding wireless coverage through the crowd-sourcing of mobile devices. In order to achieve this, we propose a novel pervasive approach that combines secure distributed systems, WiFi multicast, erasure coding, source coding and opportunistic offloading that makes use of hyperlocal mobile edge clouds. We empirically show that our solution is able to offer a 11 fold reduction on the infrastructural WiFi bandwidth usage without having to modify any existing software or firmware stacks while ensuring stream integrity, authorization and authentication.

2019

Reputation based approach for improved fairness and robustness in P2P protocols

Authors
Nwebonyi, FN; Martins, R; Correia, ME;

Publication
PEER-TO-PEER NETWORKING AND APPLICATIONS

Abstract
Peer-to-Peer (P2P) overlay networks have gained popularity due to their robustness, cost advantage, network efficiency and openness. Unfortunately, the same properties that foster their success, also make them prone to several attacks. To mitigate these attacks, several scalable security mechanisms which are based on the concepts of trust and reputation have been proposed. These proposed methods tend to ignore some core practical requirements that are essential to make them more useful in the real world. Some of such requirements include efficient bootstrapping of each newcomer's reputation, and mitigating seeder(s) exploitation. Additionally, although interaction among participating peers is usually the bases for reputation, the importance given to the frequency of interaction between the peers is often minimized or ignored. This can result in situations where barely known peers end-up having similar trust scores to the well-known and consistently cooperative nodes. After a careful review of the literature, this work proposes a novel and scalable reputation based security mechanism that addresses the aforementioned problems. The new method offers more efficient reputation bootstrapping, mitigation of bandwidth attack and better management of interaction rate, which further leads to improved fairness. To evaluate its performance, the new reputation model has been implemented as an extension of the BitTorrent protocol. Its robustness was tested by exposing it to popular malicious behaviors in a series of extensive PeerSim simulations. Results show that the proposed method is very robust and can efficiently mitigate popular attacks on P2P overlay networks.

2019

Breaking MPC implementations through compression

Authors
Resende, JS; Sousa, PR; Martins, R; Antunes, L;

Publication
INTERNATIONAL JOURNAL OF INFORMATION SECURITY

Abstract
There are many cryptographic protocols in the literature that are scientifically and mathematically sound. By extension, cryptography today seeks to respond to numerous properties of the communication process beyond confidentiality (secrecy), such as integrity, authenticity, and anonymity. In addition to the theoretical evidence, implementations must be equally secure. Due to the ever-increasing intrusion from governments and other groups, citizens are now seeking alternatives ways of communication that do not leak information. In this paper, we analyze multiparty computation (MPC), which is a sub-field of cryptography with the goal of creating methods for parties to jointly compute a function over their inputs while keeping those inputs private. This is a very useful method that can be used, for example, to carry out computations on anonymous data without having to leak that data. Thus, due to the importance of confidentiality in this type of technique, we analyze active and passive attacks using complexity measures (compression and entropy). We start by obtaining network traces and syscalls, then we analyze them using compression and entropy techniques. Finally, we cluster the traces and syscalls using standard clustering techniques. This approach does not need any deep specific knowledge of the implementations being analyzed. This paper presents a security analysis for four MPC frameworks, where three were identified as insecure. These insecure libraries leak information about the inputs provided by each party of the communication. Additionally, we have detected, through a careful analysis of its source code, that SPDZ-2's secret sharing schema always produces the same results.

2019

Secure Provisioning for Achieving End-to-End Secure Communications

Authors
Sousa, PR; Resende, JS; Martins, R; Antunes, L;

Publication
AD-HOC, MOBILE, AND WIRELESS NETWORKS (ADHOC-NOW 2019)

Abstract
The growth of the Internet of Things (IoT) is raising significant impact in several contexts, e.g., in cities, at home, and even attached to the human body. This digital transformation is happening at a high pace and causing a great impact in our daily lives, namely in our attempt to make cities smarter in an attempt to increase their efficiency while reducing costs and increasing safety. However, this effort is being supported by the massive deployment of sensors throughout cities worldwide, leading to increase concerns regarding security and privacy. While some of these issues have already been tackled, device authentication remains without a viable solution, specially when considering a resilient decentralized approach that is the most suitable for this scenario, as it avoids some issues related to centralization, e.g., censorship and data leakage or profit from corporations. The provisioning is usually an arduous task that encompasses device configuration, including identity and key provisioning. Given the potential large number of devices, this process must be scalable and semi-autonomous, at least. This work presents a novel approach for provisioning IoT devices that adopts an architecture where other device acts as a manager that represents a CA, allowing it to be switched on/off during the provisioning phase to reduce single point of failure (SPOF) problems. Our solution combines One Time Password (OTP) on a secure token and cryptographic algorithms on a hybrid authentication system.

2019

A Survey on Using Kolmogorov Complexity in Cybersecurity

Authors
Resende, JS; Martins, R; Antunes, L;

Publication
ENTROPY

Abstract
Security and privacy concerns are challenging the way users interact with devices. The number of devices connected to a home or enterprise network increases every day. Nowadays, the security of information systems is relevant as user information is constantly being shared and moving in the cloud; however, there are still many problems such as, unsecured web interfaces, weak authentication, insecure networks, lack of encryption, among others, that make services insecure. The software implementations that are currently deployed in companies should have updates and control, as cybersecurity threats increasingly appearing over time. There is already some research towards solutions and methods to predict new attacks or classify variants of previous known attacks, such as (algorithmic) information theory. This survey combines all relevant applications of this topic (also known as Kolmogorov Complexity) in the security and privacy domains. The use of Kolmogorov-based approaches is resource-focused without the need for specific knowledge of the topic under analysis. We have defined a taxonomy with already existing work to classify their different application areas and open up new research questions.

2019

Security and Fairness in IoT Based e-Health System: A Case Study of Mobile Edge-Clouds

Authors
Nwebonyi, FN; Martins, R; Correia, ME;

Publication
2019 INTERNATIONAL CONFERENCE ON WIRELESS AND MOBILE COMPUTING, NETWORKING AND COMMUNICATIONS (WIMOB)

Abstract
Through IoT, humans and objects can be connected seamlessly, to guaranty improved quality of service (QoS). IoT-driven e-Health systems benefit from such rich network setting, to transmit health information and deliver health services. It is expected to grow massively in scale, but for that to happen, several issues need to be addressed, including security and trust. Edge computing paradigms, such as Fog computing and Cloudlet, are already popular in IoT based e-Health domain. Fog nodes are leveraged to reduce latency between IoT devices and remote cloud computing infrastructure. In this work, we explain how Mobile edge-clouds, which is a less popular edge computing paradigm, can be employed to achieve similar or lower latency, at a lower cost. We also propose a lightweight mechanism for security and fairness in e-Health protocols that are based on mobile edge-clouds and other paradigms. Detailed simulation experiments show that the proposed method is scalable and can efficiently mitigate attacks that are targeted at e-Health information and the network.

  • 4
  • 8