Cookies Policy
The website need some cookies and similar means to function. If you permit us, we will use those means to collect data on your visits for aggregated statistics to improve our service. Find out More
Accept Reject
  • Menu
Publications

Publications by CRACS

2024

On the Use of VGs for Feature Selection in Supervised Machine Learning - A Use Case to Detect Distributed DoS Attacks

Authors
Lopes, J; Partida, A; Pinto, P; Pinto, A;

Publication
OPTIMIZATION, LEARNING ALGORITHMS AND APPLICATIONS, PT I, OL2A 2023

Abstract
Information systems depend on security mechanisms to detect and respond to cyber-attacks. One of the most frequent attacks is the Distributed Denial of Service (DDoS): it impairs the performance of systems and, in the worst case, leads to prolonged periods of downtime that prevent business processes from running normally. To detect this attack, several supervised Machine Learning (ML) algorithms have been developed and companies use them to protect their servers. A key stage in these algorithms is feature pre-processing, in which, input data features are assessed and selected to obtain the best results in the subsequent stages that are required to implement supervised ML algorithms. In this article, an innovative approach for feature selection is proposed: the use of Visibility Graphs (VGs) to select features for supervised machine learning algorithms used to detect distributed DoS attacks. The results show that VG can be quickly implemented and can compete with other methods to select ML features, as they require low computational resources and they offer satisfactory results, at least in our example based on the early detection of distributed DoS. The size of the processed data appears as the main implementation constraint for this novel feature selection method.

2024

A blockchain architecture with smart contracts for an additive symbiotic network - a case study

Authors
Ferreira, IA; Palazzo, G; Pinto, A; Pinto, P; Sousa, P; Godina, R; Carvalho, H;

Publication
OPERATIONS MANAGEMENT RESEARCH

Abstract
Adopting innovative technologies such as blockchain and additive manufacturing can help organisations promote the development of additive symbiotic networks, thus pursuing higher sustainable goals and implementing circular economy strategies. These symbiotic networks correspond to industrial symbiosis networks in which wastes and by-products from other industries are incorporated into additive manufacturing processes. The adoption of blockchain technology in such a context is still in a nascent stage. Using the case study method, this research demonstrates the adoption of blockchain technology in an additive symbiotic network of a real-life context. The requirements to use a blockchain network are identified, and an architecture based on smart contracts is proposed as an enabler of the additive symbiotic network under study. The proposed solution uses the Hyperledger Fabric Attribute-Based Access Control as the distributed ledger technology. Even though this solution is still in the proof-of-concept stage, the results show that adopting it would allow the elimination of intermediary entities, keep available tracking records of the resources exchanged, and improve trust among the symbiotic stakeholders (that do not have any trust or cooperation mechanisms established before the symbiotic relationship). This study highlights that the complexity associated with introducing a novel technology and the technology's immaturity compared to other data storage technologies are some of the main challenges related to using blockchain technology in additive symbiotic networks.

2024

Use of Visibility Graphs for the Early Detection of DoS Attacks

Authors
Lopes, J; Pinto, P; Partida, A; Pinto, A;

Publication
2024 IEEE INTERNATIONAL CONFERENCE ON CYBER SECURITY AND RESILIENCE, CSR

Abstract
The world economy depends on information systems. Business value resides in the data stored on Information Technology (IT) systems and on the processes run with those data. Malicious actors target these IT systems to extract value out of them using different cyberattacks. Denial of Service (DoS) attacks are a common and harmful method to render IT systems connected to the Internet and, consequently, business processes running on top of them, unavailable. Cybersecurity researchers in the industry and academia are in search of early warning and detection systems to detect and mitigate these DoS attacks. This article proposes a novel early detection strategy for DoS attacks based on the information provided by Horizontal Visibility Graphs (HVG) and Natural Visibility Graphs (VG) obtained out of the network flows monitored at the receiving end of the attack. From the primary results obtained, this strategy can detect a DoS attack under 70ms and 30 packets. These results point out that the application HVGs and VGs is a relevant and promising research direction to prevent or mitigate the impact of a DoS attack.

2024

Integrating Multi-Access Edge Computing (MEC) into Open 5G Core

Authors
Xavier, R; Silva, RS; Ribeiro, M; Moreira, W; Freitas, L; Oliveira, A Jr;

Publication
TELECOM

Abstract
Multi-Access Edge Computing (MEC) represents the central concept that enables the creation of new applications and services that bring the benefits of edge computing to networks and users. By implementing applications and services at the edge, close to users and their devices, it becomes possible to take advantage of extremely low latency, substantial bandwidth, and optimized resource usage. However, enabling this approach requires careful integration between the MEC framework and the open 5G core. This work is dedicated to designing a new service that extends the functionality of the Multi-Access Traffic Steering (MTS) API, acting as a strategic bridge between the realms of MEC and the 5G core. To accomplish this objective, we utilize free5GC (open-source project for 5G core) as our 5G core, deployed on the Kubernetes cluster. The proposed service is validated using this framework, involving scenarios of high user density. To conclude whether the discussed solution is valid, KPIs of 5G MEC applications described in the scientific community were sought to use as a comparison parameter. The results indicate that the service effectively addresses the described issues while demonstrating its feasibility in various use cases such as e-Health, Paramedic Support, Smart Home, and Smart Farms.

2024

Privkit: A Toolkit of Privacy-Preserving Mechanisms for Heterogeneous Data Types

Authors
Cunha, M; Duarte, G; Andrade, R; Mendes, R; Vilela, JP;

Publication
PROCEEDINGS OF THE FOURTEENTH ACM CONFERENCE ON DATA AND APPLICATION SECURITY AND PRIVACY, CODASPY 2024

Abstract
With the massive data collection from different devices, spanning from mobile devices to all sorts of IoT devices, protecting the privacy of users is a fundamental concern. In order to prevent unwanted disclosures, several Privacy-Preserving Mechanisms (PPMs) have been proposed. Nevertheless, due to the lack of a standardized and universal privacy definition, configuring and evaluating PPMs is quite challenging, requiring knowledge that the average user does not have. In this paper, we propose a privacy toolkit - Privkit - to systematize this process and facilitate automated configuration of PPMs. Privkit enables the assessment of privacy-preserving mechanisms with different configurations, while allowing the quantification of the achieved privacy and utility level of various types of data. Privkit is open source and can be extended with new data types, corresponding PPMs, as well as privacy and utility assessment metrics and privacy attacks over such data. This toolkit is available through a Python Package with several state-of-the-art PPMs already implemented, and also accessible through a Web application. Privkit constitutes a unified toolkit that makes the dissemination of new privacy-preserving methods easier and also facilitates reproducibility of research results, through a repository of Jupyter Notebooks that enable reproduction of research results.

2024

Computation-Limited Signals: A Channel Capacity Regime Constrained by Computational Complexity

Authors
Queiroz, S; Vilela, JP; Monteiro, E;

Publication
IEEE COMMUNICATIONS LETTERS

Abstract
In this letter, we introduce the computation-limited (comp-limited) signals, a communication capacity regime where the computational complexity of signal processing is the primary constraint for communication performance, overriding factors such as power or bandwidth. We present the Spectro-Computational (SC) analysis, a novel mathematical framework designed to enhance classic concepts of information theory -such as data rate, spectral efficiency, and capacity - to accommodate the computational complexity overhead of signal processing. We explore a specific Shannon regime where capacity is expected to increase indefinitely with channel resources. However, we identify conditions under which the time complexity overhead can cause capacity to decrease rather than increase, leading to the definition of the comp-limited signal regime. Furthermore, we provide examples of SC analysis and demonstrate that the Orthogonal Frequency Division Multiplexing (OFDM) waveform falls under the comp-limited regime unless the lower-bound computational complexity of the N-point Discrete Fourier Transform (DFT) problem verifies as ohm (N)$ , which remains an open challenge in the theory of computation.

  • 6
  • 198