Cookies Policy
The website need some cookies and similar means to function. If you permit us, we will use those means to collect data on your visits for aggregated statistics to improve our service. Find out More
Accept Reject
  • Menu
About

About

I am an assistant researcher at INESC TEC working on Information Security and Computer Networks. Previously, I received my PhD in Informatics from University of Minho, Portugal, in 2016, MSc in Network Engineering and Communication Services from the same university in 2011 and BS from University Federal of Sergipe, Brazil, in 2008. My research interests include traffic measurements, classification and characterization, network security and wireless sensor networks. 

Interest
Topics
Details

Details

  • Name

    João Marco
  • Cluster

    Computer Science
  • Role

    Senior Researcher
  • Since

    22nd December 2016
003
Publications

2023

Flexcomm Simulator: Exploring Energy Flexibility in Software Defined Networks with ns-3

Authors
Monteiro, C; Silva, C;

Publication
ACM International Conference Proceeding Series

Abstract

2022

Securing MPTCP Connections: A Solution for Distributed NIDS Environments

Authors
Meira, JP; Monteiro, RPC; Silva, JMC;

Publication
PROCEEDINGS OF THE 2022 47TH IEEE CONFERENCE ON LOCAL COMPUTER NETWORKS (LCN 2022)

Abstract
With continuous technological advancement, multihomed devices are becoming common. They can connect simultaneously to multiple networks through different interfaces. However, since TCP sessions are bound to one interface per device, it hampers applications from taking advantage of all the available connected networks. This has been solved by MPTCP, introduced as a seamless extension to TCP, allowing more reliable sessions and enhanced throughput. However, MPTCP comes with an inherent risk, as it becomes easier to fragment attacks towards evading NIDS. This paper presents a study of how MPTCP can be used to evade NIDS through simple cross-path attacks. It also introduces tools to facilitate assessing MPTCP-based services in diverse network topologies using an emulation environment. Finally, a new solution is proposed to prevent cross-path attacks through uncoordinated networks. This solution consists of a hostlevel plugin that allows MPTCP sessions only through trusted networks, even in the presence of a NAT.

2021

Towards a bottom-up approach to inclusive digital identity systems

Authors
Silva, JM; Fonte, V; Sousa, A;

Publication
ACM International Conference Proceeding Series

Abstract
The path towards the United Nations objective of providing legal identity for all, including free birth registrations, has been facing several challenges. Particularly, the diversity of social realities, limited ICT infrastructures, inadequate legal frameworks, and unstable political engagement have resulted in solutions highly fitted to a specific scenario, thus hard to be replicated in different regions. Paired with noncomprehensive public services of civil registration, these aspects impact the way identity records are created, stored and used by citizens in their daily interactions. To tackle these impairments, this work introduces IDINA, a non-authoritative approach aiming at a community-oriented identification system underpinned by relations of social trust, inclusiveness, and the use of cutting-edge accessible technologies. © 2021 Owner/Author.

2021

An Outlook on using Packet Sampling in Flow-based C2 TLS Malware Traffic Detection

Authors
Novo, C; Silva, JMC; Morla, R;

Publication
PROCEEDINGS OF THE 2021 12TH INTERNATIONAL CONFERENCE ON NETWORK OF THE FUTURE (NOF 2021)

Abstract
Packet sampling plays an important role in keeping storage and processing requirements at a manageable level in network management. However, because it reduces the amount of available information, it can also reduce the performance of some related tasks, such as detecting security events. In this context, this work explores how packet sampling impacts machine learning-based tasks, in particular, flow-based C2 TLS malware traffic detection using a deep neural network. Based on a proposed lightweight sampling scheme, the ongoing results show a small reduction in classification accuracy compared with analysing all the traffic, while reducing in 10 fold the number of packets processed.

2021

Balancing the Detection of Malicious Traffic in SDN Context

Authors
Machado, BS; Silva, JMC; Lima, SR; Carvalho, P;

Publication
12TH INTERNATIONAL CONFERENCE ON UBIQUITOUS AND FUTURE NETWORKS (ICUFN 2021)

Abstract
Huge efforts and resources are spent every year on prevention and recovery of cyberattacks targeting users, services and network infrastructures. Software-Defined Networking (SDN) is a technology providing advances to the field of security with the ability of programming the network, promoting high-performance solutions and efficient resource utilization at low costs, as the use of specialized hardware is avoided. The present paper aims at exploring the SDN paradigm to develop an SDN-based framework for prevention and mitigation of malicious attacks throuhgt the network. The framework design and proposal has concerns regarding the efficient use of network and computational resources, distributing the inspection of suspicious flows by distinct Intrusion Detection Systems. For this purpose, a load-balancing strategy for traffic inspection is devised, allowing to balance both the usage of resources and the analysis of traffic flows. In this way, this paper also sheds light on the usage of OpenFlow messages to build distributed SDN-based applications with the mentioned properties.

Supervised
thesis

2022

Análise de Problemas de Configuração e Conformidade em Infrastructure-as-Code

Author
Rafaela Maria Soares da Silva

Institution
UM

2022

Otimização de processos de amostragem de tráfego

Author
Joel Filipe Esteves Gama

Institution
UM

2022

Information security monitoring systems in digital and mobile identification environments

Author
Paulo Miguel Novais Gameiro

Institution
UM

2021

Automatic performance evaluation of API Gateways based on architectural models

Author
Pedro Miguel Braga Moreira

Institution
UM

2021

Information security monitoring systems in digital and mobile identification environments

Author
Paulo Miguel Novais Gameiro

Institution
UM