2021
Authors
Machado, BS; Silva, JMC; Lima, SR; Carvalho, P;
Publication
Twelfth International Conference on Ubiquitous and Future Networks, ICUFN 2021, Jeju Island, South Korea, August 17-20, 2021
Abstract
2021
Authors
Silva, JMC; Fonte, V; Sousa, A;
Publication
ICEGOV 2021: 14th International Conference on Theory and Practice of Electronic Governance, Athens, Greece, October 6 - 8, 2021
Abstract
2024
Authors
Silva, JM; Ribeiro, D; Ramos, LFM; Fonte, V;
Publication
57th Hawaii International Conference on System Sciences, HICSS 2024, Hilton Hawaiian Village Waikiki Beach Resort, Hawaii, USA, January 3-6, 2024
Abstract
The availability of public services through online platforms has improved the coverage and efficiency of essential services provided to citizens worldwide. These services also promote transparency and foster citizen participation in government processes. However, the increased online presence also exposes sensitive data exchanged between citizens and service providers to a wider range of security threats. Therefore, ensuring the security and trustworthiness of online services is crucial to Electronic Government (EGOV) initiatives' success. Hence, this work assesses the security posture of online platforms hosted in 3068 governmental domain names, across all UN Member States, in three dimensions: support for secure communication protocols; the trustworthiness of their digital certificate chains; and services' exposure to known vulnerabilities. The results indicate that despite its rapid development, the public sector still falls short in adopting international standards and best security practices in services and infrastructure management. This reality poses significant risks to citizens and services across all regions and income levels. © 2024 IEEE Computer Society. All rights reserved.
2023
Authors
Esteves, T; Pereira, B; Oliveira, RP; Marco, J; Paulo, J;
Publication
2023 42ND INTERNATIONAL SYMPOSIUM ON RELIABLE DISTRIBUTED SYSTEMS, SRDS 2023
Abstract
Cryptographic ransomware attacks are constantly evolving by obfuscating their distinctive features (e.g., I/O patterns) to bypass detection mechanisms and to run unnoticed at infected servers. Thus, efficiently exploring the I/O behavior of ransomware families is crucial so that security analysts and engineers can better understand these and, with such knowledge, enhance existing detection methods. In this paper, we propose CRIBA, an open-source framework that simplifies the exploration, analysis, and comparison of I/O patterns for Linux cryptographic ransomware. Our solution combines the collection of comprehensive information about system calls issued by ransomware samples, with a customizable and automated analysis and visualization pipeline, including tailored correlation algorithms and visualizations. Our study, including 5 Linux ransomware families, shows that CRIBA provides comprehensive insights about the I/O patterns of these attacks while aiding in exploring common and differentiating traits across families.
2023
Authors
Cardoso, WR; Silva, JM; Ribeiro, AdRL;
Publication
SSRN Electronic Journal
Abstract
2024
Authors
Mendes, J; Lima, SR; Carvalho, P; Silva, JMC;
Publication
INFORMATION SYSTEMS AND TECHNOLOGIES, VOL 1, WORLDCIST 2023
Abstract
Network traffic sampling is an effective method for understanding the behavior and dynamics of a network, being essential to assist network planning and management. Tasks such as controlling Service Level Agreements or Quality of Service, as well as planning the capacity and the safety of a network can benefit from traffic sampling advantages. The main objective of this paper is focused on evaluating the impact of sampling network traffic on: (i) achieving a low-overhead estimation of the network state and (ii) assessing the statistical properties that sampled network traffic presents regarding the eventual persistence of LongRange Dependence (LRD). For that, different Hurst parameter estimators have been used. Facing the impact of LRD on network congestion and traffic engineering, this work will help clarify the suitability of distinct sampling techniques in accurate network analysis.
The access to the final selection minute is only available to applicants.
Please check the confirmation e-mail of your application to obtain the access code.