Cookies
O website necessita de alguns cookies e outros recursos semelhantes para funcionar. Caso o permita, o INESC TEC irá utilizar cookies para recolher dados sobre as suas visitas, contribuindo, assim, para estatísticas agregadas que permitem melhorar o nosso serviço. Ver mais
Aceitar Rejeitar
  • Menu
Sobre

Sobre

Manuel Eduardo Correia é doutorado em Ciência de computadores pela Universidade do Porto e mestre em Engenharia Informática pelo Imperial College. É professor do departamento de Ciência de Computadores da Faculdade de Ciências da Universidade do Porto, onde foi diretor do curso de mestrado em segurança informática entre 2014 e 2018. Tem uma vasta experiência em projectos nacionais e internacionais de investigação em segurança informática no grupo CRACS do INESC TEC Porto, onde tem vindo a trabalhar extensivamente no domínio da detecção de anomalias e gestão de identidade. Foi também assessor técnico de algumas agências públicas portuguesas (Saúde e Educação), atuando como consultor para a segurança do sistema nacional de prescrição eletrônica, sendo também responsável pelo desenvolvimento do sistema biométrico match-on-card, atualmente em uso pelo cartão do cidadão (eID) português. É cofundador de uma spin-off da Universidade, denominada HealthySystems, que centra a sua atividade na área da segurança da informação com um forte foco em técnicas de auditoria, eID e anonimização de dados clínicos. Em 2014 esta empresa ganhou o Prémio da Associação Nacional de Farmácias para a farmácia do futuro com um projeto denominado "DigitalPharma". Mais recentemente ganhou um prémio do CIO Summit Portugal, com o desenvolvimento de uma solução de software para apoiar a gestão clínica e integração de sistemas para grandes Hospitais. Foi no triénio 2018-2021 Pró-Reitor responsável pelas infraestruturas digitais da Universidade do Porto.

Tópicos
de interesse
Detalhes

Detalhes

  • Nome

    Manuel Eduardo Correia
  • Cargo

    Investigador Sénior
  • Desde

    01 janeiro 2009
005
Publicações

2023

Deterministic or probabilistic?- A survey on Byzantine fault tolerant state machine replication

Autores
Freitas, T; Soares, J; Correia, ME; Martins, R;

Publicação
COMPUTERS & SECURITY

Abstract
Byzantine Fault tolerant (BFT) protocols are implemented to guarantee the correct system/application behavior even in the presence of arbitrary faults (i.e., Byzantine faults). Byzantine Fault tolerant State Machine Replication (BFT-SMR) is a known software solution for masking arbitrary faults and malicious attacks (Liu et al., 2020). In this survey, we present and discuss relevant BFT-SMR protocols, focusing on deterministic and probabilistic approaches. The main purpose of this paper is to discuss the characteristics of proposed works for each approach, as well as identify the trade-offs for each different approach.& COPY; 2023 The Author(s). Published by Elsevier Ltd. This is an open access article under the CC BY license ( http://creativecommons.org/licenses/by/4.0/ )

2023

SPIDVerify: A Secure and Privacy-Preserving Decentralised Identity Verification Framework

Autores
Shehu, AS; Pinto, A; Correia, ME;

Publicação
International Conference on Smart Applications, Communications and Networking, SmartNets 2023, Istanbul, Turkey, July 25-27, 2023

Abstract
Traditional identity management (IdM) systems rely on third-party identity providers (IdPs) and are centralised, which can make them vulnerable to data breaches and other security risks. Self-sovereign identity (SSI) is a newer IdM model that allows users to control their own identities by using decentralised technologies like blockchain to store and verify them. However, SSI systems have their own security concerns, such as digital wallet vulnerabilities, blockchain threats and conflicts with general data protection regulation (GDPR). Additionally, the lack of incentives for issuers, verifiers and data owners could limit its acceptance. This paper proposes SPIDVerify, which is a decentralised identity verification framework that utilises an SSI-based architecture to address these issues. The framework uses a mixed method for acquiring a W3C standard verified credentials and to ensure that only a thoroughly verified entity acquires verified credential, and employs secure key cryptographic protocols; Diffie-Hellman (DH) and Extended Triple Diffie-Hellman (X3DH) for forward secrecy secure communication, single-use challenge-response for authentication, and Swarm network for decentralised storage of data. These methods enhance the security of the proposed framework with better resilience against impersonation and credential stealing. To evaluate the proposal, we have outlined the limitations in related works and demonstrated two scenarios to showcase the strength and effectiveness of SPIDVerify in dealing with the threats identified. We have also tested the methods used in SPIDVerify by measuring the time taken to execute certain processes. © 2023 IEEE.

2023

Skynet: a Cyber-Aware Intrusion Tolerant Overseer

Autores
Freitas, T; Soares, J; Correia, ME; Martins, R;

Publicação
2023 53RD ANNUAL IEEE/IFIP INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS - SUPPLEMENTAL VOLUME, DSN-S

Abstract
The increasing level of sophistication of cyber attacks which are employing cross-cutting strategies that leverage multi-domain attack surfaces, including but not limited to, software defined networking poisoning, biasing of machine learning models to suppress detection, exploiting software (development), and leveraging system design deficiencies. While current defensive solutions exist, they only partially address multi-domain and multi-stage attacks, thus rendering them ineffective to counter the upcoming generation of attacks. More specifically, we argue that a disruption is needed to approach separated knowledge domains, namely Intrusion Tolerant systems, cybersecurity, and machine learning. We argue that current solutions tend to address different concerns/facets of overlapping issues and they tend to make strong assumptions of supporting infrastructure, e.g., assuming that event probes/metrics are not compromised. To address these issues, we present Skynet, a platform that acts as a secure overseer that merges traditional roles of SIEMs with conventional orchestrators while being rooted on the fundamentals introduced by previous generations of intrusion tolerant systems. Our goal is to provide an open-source intrusion tolerant platform that can dynamically adapt to known and unknown security threats in order to reduce potential vulnerability windows.

2023

HAL 9000: Skynet's Risk Manager

Autores
Freitas, T; Serra Neto, MTR; Dutra, I; Soares, J; Correia, ME; Martins, R;

Publicação
CoRR

Abstract

2022

Digital Forensics for the Detection of Deepfake Image Manipulations

Autores
Ferreira, S; Antunes, M; Correia, ME;

Publicação
ERCIM NEWS

Abstract
Tampered multimedia content is increasingly being used in a broad range of cybercrime activities. The spread of fake news, misinformation, digital kidnapping, and ransomware-related crimes are among the most recurrent crimes in which manipulated digital photos are being used as an attacking vector. One of the linchpins of accurately detecting manipulated multimedia content is the use of machine learning and deep learning algorithms. This work proposed a dataset of photos and videos suitable for digital forensics, which has been used to benchmark Support Vector Machines (SVM) and Convolution Neural Networks algorithms (CNN). An SVM-based module for the Autopsy digital forensics open-source application has also been developed. This was evaluated as a very capable and useful forensic tool, winning second place on the OSDFCon international Autopsy modules competition.

Teses
supervisionadas

2023

SSI Technology in the context of eIDAS 2.0

Autor
João Manuel Alexandrino de Castro Ribeiro

Instituição
UP-FCUP

2023

Deepfake Generation for use in Dictionary Attacks on Facial Recognition Systems

Autor
Vasco Mucha Barros

Instituição
UP-FCUP

2023

Establishing Secure and Privacy Preserving Digital Identity With Self-Sovereign Identity

Autor
Muhammad Shehu Abubakar-Sadiq

Instituição
UP-FCUP

2023

SkyNet: Towards a Dynamic and Adaptive Intrusion Tolerant System

Autor
Tadeu Augusto Leite Freitas

Instituição
UP-FCUP

2022

SkyNet: Towards a Dynamic and Adaptive Intrusion Tolerant System

Autor
Tadeu Augusto Leite Freitas

Instituição
UP-FCUP