Cookies Policy
The website need some cookies and similar means to function. If you permit us, we will use those means to collect data on your visits for aggregated statistics to improve our service. Find out More
Accept Reject
  • Menu
About

About

I am an assistant researcher at INESC TEC working on Information Security and Computer Networks. Previously, I received my PhD in Informatics from University of Minho, Portugal, in 2016, MSc in Network Engineering and Communication Services from the same university in 2011 and BS from University Federal of Sergipe, Brazil, in 2008. My research interests include traffic measurements, classification and characterization, network security and wireless sensor networks. 

Interest
Topics
Details

Details

  • Name

    João Marco
  • Cluster

    Computer Science
  • Role

    Senior Researcher
  • Since

    22nd December 2016
002
Publications

2022

Securing MPTCP Connections: A Solution for Distributed NIDS Environments

Authors
Meira, JP; Monteiro, RPC; Silva, JMC;

Publication
PROCEEDINGS OF THE 2022 47TH IEEE CONFERENCE ON LOCAL COMPUTER NETWORKS (LCN 2022)

Abstract
With continuous technological advancement, multihomed devices are becoming common. They can connect simultaneously to multiple networks through different interfaces. However, since TCP sessions are bound to one interface per device, it hampers applications from taking advantage of all the available connected networks. This has been solved by MPTCP, introduced as a seamless extension to TCP, allowing more reliable sessions and enhanced throughput. However, MPTCP comes with an inherent risk, as it becomes easier to fragment attacks towards evading NIDS. This paper presents a study of how MPTCP can be used to evade NIDS through simple cross-path attacks. It also introduces tools to facilitate assessing MPTCP-based services in diverse network topologies using an emulation environment. Finally, a new solution is proposed to prevent cross-path attacks through uncoordinated networks. This solution consists of a hostlevel plugin that allows MPTCP sessions only through trusted networks, even in the presence of a NAT.

2021

Towards a bottom-up approach to inclusive digital identity systems

Authors
Silva, JM; Fonte, V; Sousa, A;

Publication
ACM International Conference Proceeding Series

Abstract
The path towards the United Nations objective of providing legal identity for all, including free birth registrations, has been facing several challenges. Particularly, the diversity of social realities, limited ICT infrastructures, inadequate legal frameworks, and unstable political engagement have resulted in solutions highly fitted to a specific scenario, thus hard to be replicated in different regions. Paired with noncomprehensive public services of civil registration, these aspects impact the way identity records are created, stored and used by citizens in their daily interactions. To tackle these impairments, this work introduces IDINA, a non-authoritative approach aiming at a community-oriented identification system underpinned by relations of social trust, inclusiveness, and the use of cutting-edge accessible technologies. © 2021 Owner/Author.

2021

An Outlook on using Packet Sampling in Flow-based C2 TLS Malware Traffic Detection

Authors
Novo, C; Silva, JMC; Morla, R;

Publication
PROCEEDINGS OF THE 2021 12TH INTERNATIONAL CONFERENCE ON NETWORK OF THE FUTURE (NOF 2021)

Abstract

2021

Balancing the Detection of Malicious Traffic in SDN Context

Authors
Machado, BS; Silva, JMC; Lima, SR; Carvalho, P;

Publication
12TH INTERNATIONAL CONFERENCE ON UBIQUITOUS AND FUTURE NETWORKS (ICUFN 2021)

Abstract
Huge efforts and resources are spent every year on prevention and recovery of cyberattacks targeting users, services and network infrastructures. Software-Defined Networking (SDN) is a technology providing advances to the field of security with the ability of programming the network, promoting highperformance solutions and efficient resource utilization at low costs, as the use of specialized hardware is avoided. The present paper aims at exploring the SDN paradigm to develop an SDN-based framework for prevention and mitigation of malicious attacks throuhgt the network. The framework design and proposal has concerns regarding the efficient use of network and computational resources, distributing the inspection of suspicious flows by distinct Intrusion Detection Systems. For this purpose, a load-balancing strategy for traffic inspection is devised, allowing to balance both the usage of resources and the analysis of traffic flows. In this way, this paper also sheds light on the usage of OpenFlow messages to build distributed SDN-based applications with the mentioned properties. © 2021 IEEE.

2020

e-LiteSense: Self-adaptive energy-aware data sensing in WSN environments

Authors
Silva, JM; Carvalho, P; Bispo, KA; Lima, SR;

Publication
INTERNATIONAL JOURNAL OF COMMUNICATION SYSTEMS

Abstract
Currently deployed in a wide variety of applicational scenarios, wireless sensor networks (WSNs) are typically a resource-constrained infrastructure. Consequently, characteristics such as WSN adaptability, low-overhead, and low-energy consumption are particularly relevant in dynamic and autonomous sensing environments where the measuring requirements change and human intervention is not viable. To tackle this issue, this article proposes e-LiteSense as an adaptive, energy-aware sensing solution for WSNs, capable of auto-regulate how data are sensed, adjusting it to each applicational scenario. The proposed adaptive scheme is able to maintain the sensing accuracy of the physical phenomena, while reducing the overall process overhead. In this way, the adaptive algorithm relies on low-complexity rules to establish the sensing frequency weighting the recent drifts of the physical parameter and the levels of remaining energy in the sensor. Using datasets from WSN operational scenarios, we prove e-LiteSense effectiveness in self-regulating data sensing accurately through a low-overhead process where the WSN energy levels are preserved. This constitutes a step-forward for implementing self-adaptive energy-aware data sensing in dynamic WSN environments. © 2019 John Wiley & Sons, Ltd.

Supervised
thesis

2022

Otimização de processos de amostragem de tráfego

Author
Joel Filipe Esteves Gama

Institution
UM

2022

Information security monitoring systems in digital and mobile identification environments

Author
Paulo Miguel Novais Gameiro

Institution
UM

2022

Análise de Problemas de Configuração e Conformidade em Infrastructure-as-Code

Author
Rafaela Maria Soares da Silva

Institution
UM

2021

Automatic performance evaluation of API Gateways based on architectural models

Author
Pedro Miguel Braga Moreira

Institution
UM

2021

Information security monitoring systems in digital and mobile identification environments

Author
Paulo Miguel Novais Gameiro

Institution
UM