Cookies
O website necessita de alguns cookies e outros recursos semelhantes para funcionar. Caso o permita, o INESC TEC irá utilizar cookies para recolher dados sobre as suas visitas, contribuindo, assim, para estatísticas agregadas que permitem melhorar o nosso serviço. Ver mais
Aceitar Rejeitar
  • Menu
Tópicos
de interesse
Detalhes

Detalhes

  • Nome

    João Marco
  • Cargo

    Investigador Sénior
  • Desde

    22 dezembro 2016
002
Publicações

2024

A worldwide overview on the information security posture of online public services

Autores
Silva, JM; Ribeiro, D; Ramos, LFM; Fonte, V;

Publicação
57th Hawaii International Conference on System Sciences, HICSS 2024, Hilton Hawaiian Village Waikiki Beach Resort, Hawaii, USA, January 3-6, 2024

Abstract
The availability of public services through online platforms has improved the coverage and efficiency of essential services provided to citizens worldwide. These services also promote transparency and foster citizen participation in government processes. However, the increased online presence also exposes sensitive data exchanged between citizens and service providers to a wider range of security threats. Therefore, ensuring the security and trustworthiness of online services is crucial to Electronic Government (EGOV) initiatives' success. Hence, this work assesses the security posture of online platforms hosted in 3068 governmental domain names, across all UN Member States, in three dimensions: support for secure communication protocols; the trustworthiness of their digital certificate chains; and services' exposure to known vulnerabilities. The results indicate that despite its rapid development, the public sector still falls short in adopting international standards and best security practices in services and infrastructure management. This reality poses significant risks to citizens and services across all regions and income levels. © 2024 IEEE Computer Society. All rights reserved.

2024

Impact of Traffic Sampling on LRD Estimation

Autores
Mendes, J; Lima, SR; Carvalho, P; Silva, JMC;

Publicação
INFORMATION SYSTEMS AND TECHNOLOGIES, VOL 1, WORLDCIST 2023

Abstract
Network traffic sampling is an effective method for understanding the behavior and dynamics of a network, being essential to assist network planning and management. Tasks such as controlling Service Level Agreements or Quality of Service, as well as planning the capacity and the safety of a network can benefit from traffic sampling advantages. The main objective of this paper is focused on evaluating the impact of sampling network traffic on: (i) achieving a low-overhead estimation of the network state and (ii) assessing the statistical properties that sampled network traffic presents regarding the eventual persistence of LongRange Dependence (LRD). For that, different Hurst parameter estimators have been used. Facing the impact of LRD on network congestion and traffic engineering, this work will help clarify the suitability of distinct sampling techniques in accurate network analysis.

2024

Expert Systems in Information Security: A Comprehensive Exploration of Awareness Strategies Against Social Engineering Attacks

Autores
Cardoso, WR; Ribeiro, ADL; da Silva, JMC;

Publicação
GOOD PRACTICES AND NEW PERSPECTIVES IN INFORMATION SYSTEMS AND TECHNOLOGIES, VOL 2, WORLDCIST 2024

Abstract
This article delves into the pivotal role of expert systems in bolstering information security, with a specific emphasis on their effectiveness in awareness and training programs aimed at thwarting social engineering attacks. Employing a snowball methodology, the research expands upon seminal works, highlighting the intersection between expert systems and cybersecurity. The study identifies a gap in current understanding and aims to contribute valuable insights to the field. By analyzing five key articles as seeds, the research explores the landscape of expert systems in information security, emphasizing their potential impact on cultivating robust defenses against evolving cyber threats.

2023

Flexcomm Simulator: Exploring Energy Flexibility in Software Defined Networks with ns-3

Autores
Monteiro, RPC; Silva, JMC;

Publicação
PROCEEDINGS OF THE 2023 WORKSHOP ON NS-3, WNS3 2023

Abstract
The digitalization of energy generation and distribution systems opens new opportunities for devising network operation and traffic engineering strategies capable of adapting to the energy availability and sources. Despite the potential, developing and testing new approaches are challenging in production environments. Furthermore, no simulators support such integration between the communication infrastructure and the power grid. Thus, this paper introduces Flexcomm Simulator, a tool based on ns-3 that supports developing and assessing multiple strategies toward green networking and communications driven by real-time information from the power grid (i.e., Energy Flexibility). The proof-of-concept results demonstrate this contribution's potential by implementing an energy-aware routing algorithm that adapts to real-world Energy Flexibility data in a Metropolitan Area Network (MAN). Also, it showcases the simulator's capacity to deal with large-scale simulations through MPI-based distributed environments.

2023

AGE: Automatic Performance Evaluation of API Gateways

Autores
Moreira, P; Ribeiro, A; Silva, JMC;

Publicação
IEEE Symposium on Computers and Communications, ISCC 2023, Gammarth, Tunisia, July 9-12, 2023

Abstract
The increasing use of microservices architectures has been accompanied by the profusion of tools for their design and operation. One relevant tool is API Gateways, which work as a proxy for microservices, hiding their internal APIs, providing load balancing, and multiple encoding support. Particularly in cloud environments, where the inherent flexibility allows on-demand resource deployment, API Gateways play a key role in seeking quality of service. Although multiple solutions are currently available, a comparative performance assessment under real workloads to support selecting the more suitable one for a specific service is time-consuming. In this way, the present work introduces AGE, a service capable of automatically deploying multiple API Gateways scenarios and providing a simple comparative performance indicator for a defined workload and infrastructure. The designed proof of concept shows that AGE can speed up API Gateway deployment and testing in multiple environments. © 2023 IEEE.

Teses
supervisionadas

2023

Non-Authoritative Identification Systems

Autor
Diogo Pinto Ribeiro

Instituição
INESCTEC

2023

Green communications: An environment to support energy-aware networks developments

Autor
Rui Pedro da Cunha Monteiro

Instituição
INESCTEC

2023

Exploring programmable data planes towards green communications and networking

Autor
Rui Pedro da Cunha Monteiro

Instituição
INESCTEC

2022

Information security monitoring systems in digital and mobile identification environments

Autor
Paulo Miguel Novais Gameiro

Instituição
INESCTEC

2022

Análise de Problemas de Configuração e Conformidade em Infrastructure-as-Code

Autor
Rafaela Maria Soares da Silva

Instituição
INESCTEC