Cookies Policy
We use cookies to improve our site and your experience. By continuing to browse our site you accept our cookie policy. Find out More
Close
  • Menu
About

About

António Pinto has a PhD in Electrical and Computers Engineering from Porto University (2010). Currently, he is an Assistant Professor at Escola Superior de Tecnologia e Gestão (ESTG) of the Polytechnic of Porto, where he gives courses in computer networks, operating systems, network security and digital forensics. He is also a researcher of CRACS at INESC TEC research institute. His current research interests include information security management systems, computer and network security, digital forensics, and data privacy. António Pinto has published 15+ papers and participated in 5+ research projects, including the following European projects: Smart UNattended airborne sensor Network for detection of vessels used for cross border crime and irregular entrY (SUNNY), Media Ecosystem Deployment Through Ubiquitous Content-Aware Network Environments (IST ALICANTE), and End-to-End QoS through Integrated Management of Content, Networks and Terminals (ENTHRONE)

Interest
Topics
Details

Details

  • Name

    António Pinto
  • Cluster

    Computer Science
  • Role

    Project Leader
  • Since

    13th January 2005
Publications

2017

Collection of state information in live digital forensics

Authors
Freitas, F; Pinto, A;

Publication
Advances in Intelligent Systems and Computing

Abstract
In a digital forensic investigations, the investigator usually wants to get as much state information as possible. Examples of such scenarios are households with wireless networks connecting multiple devices where a security incident occurs. USB devices present themselves as interesting vehicles for the automated collection of state information, as it can store the applications that collect the information, can store the results and can also facilitate the information collection by enabling its automatic operation. This paper proposes a USB solution to facilitate the collection of state information with integrity guarantees and multi-platform operation. Moreover, the proposed solutions is the only one that performs an extensive and homogeneous artifact collection, independently of the underlying operating system. © Springer International Publishing AG 2017.

2017

MuSec: Sonification of alarms generated by a SIEM

Authors
Sousa, L; Pinto, A;

Publication
Advances in Intelligent Systems and Computing

Abstract
The information generated by a network monitoring system is overwhelming. Monitoring is imperative but very difficult to accomplish due to several reasons. More so for the case of non tech-savvy home users. Security Information Event Management applications generate alarms that correlate multiple occurrences on the network. These events are classified accordingly to their risk. An application that allows the sonification of events generated by a Security Information Event Management can facilitate the security monitoring of a home network by a less tech-savvy user by allowing him to just listen to the result of the sonification of such events. © Springer International Publishing AG 2017.

2017

Online conversation application with confidentiality, anonymity, and identity requirements

Authors
Fernandes, P; Pinto, A;

Publication
Advances in Intelligent Systems and Computing

Abstract
The increase in usage of smartphones and the ubiquity of Internet access have made mobile communications services very attractive to users. Messaging services are among the most popular services on the Internet. In recent years, this services started to support confidentiality and anonymity. A recurrent problem with the existing messaging solutions is their lack of resistance to impersonation attacks. The proposed solution addresses the impersonation problem, without neglecting user confidentiality and anonymity, by forcing users to exchange the required cryptographic material among themselves. Moreover, this exchange must use a proximity communication technology, forcing the users to physically meet. © Springer International Publishing AG 2017.

2016

Hash-Chain-Based Authentication for IoT

Authors
Pinto, A; Costa, R;

Publication
ADCAIJ-ADVANCES IN DISTRIBUTED COMPUTING AND ARTIFICIAL INTELLIGENCE JOURNAL

Abstract
The number of everyday interconnected devices continues to increase and constitute the Internet of Things (IoT). Things are small computers equipped with sensors and wireless communications capabilities that are driven by energy constraints, since they use batteries and may be required to operate over long periods of time. The majority of these devices perform data collection. The collected data is stored on-line using web-services that, sometimes, operate without any special considerations regarding security and privacy. The current work proposes a modified hash-chain authentication mechanism that, with the help of a smartphone, can authenticate each interaction of the devices with a REST web-service using One Time Passwords (OTP) while using open wireless networks. Moreover, the proposed authentication mechanism adheres to the stateless, HTTP-like behavior expected of REST web-services, even allowing the caching of server authentication replies within a predefined time window. No other known web-service authentication mechanism operates in such manner

2016

Hash-Chain Based Authentication for IoT Devices and REST Web-Services

Authors
Pinto, A; Costa, R;

Publication
AMBIENT INTELLIGENCE - SOFTWARE AND APPLICATIONS (ISAMI 2016)

Abstract
The number of everyday interconnected devices continues to increase and constitute the Internet of Things (IoT). Things are small computers equipped with sensors and wireless communications capabilities that are driven by energy constraints, since they use batteries and may be required to operate over long periods of time. The majority of these devices perform data collection. The collected data is stored on-line using web-services that, sometimes, operate without any special considerations regarding security and privacy. The current work proposes a modified hash-chain authentication mechanism that, with the help of a smart-phone, can authenticate each interaction of the devices with a REST web-service using One Time Passwords (OTP). Moreover, the proposed authentication mechanism adheres to the stateless, HTTP-like behavior expected of REST web-services, even allowing the caching of server authentication replies within a predefined time window. No other known web-service authentication mechanism operates in such manner.