Cookies Policy
The website need some cookies and similar means to function. If you permit us, we will use those means to collect data on your visits for aggregated statistics to improve our service. Find out More
Accept Reject
  • Menu
About

About

João P. Vilela is a professor at the Department of Computer Science of the University of Porto and a senior researcher at INESC TEC and CISUC. He was previously a professor at the Department of Informatics Engineering of the University of Coimbra, after receiving the Ph.D. in Computer Science in 2011 from the University of Porto, Portugal. He was a visiting researcher at Georgia Tech, working on physical-layer security, and at MIT, working on security for network coding. In recent years, Dr. Vilela has been coordinator and team member of several national, bilateral, and European-funded projects in security and privacy. His main research interests are in security and privacy of computer and communication systems, with applications such as wireless networks, Internet of Things and mobile devices. Specific research topics include wireless physical-layer security, security of next-generation networks, privacy-preserving data mining, location privacy and automated privacy protection. https://www.dcc.fc.up.pt/~joaovilela/

Interest
Topics
Details

Details

Publications

2022

Blockchain-based Device Identity Management with Consensus Authentication for IoT Devices

Authors
Mukhandi, M; Damiao, F; Granjal, J; Vilela, JP;

Publication
2022 IEEE 19th Annual Consumer Communications & Networking Conference (CCNC)

Abstract

2022

Effect of User Expectation on Mobile App Privacy: A Field Study

Authors
Mendes, R; Brandao, A; Vilela, JP; Beresford, AR;

Publication
2022 IEEE INTERNATIONAL CONFERENCE ON PERVASIVE COMPUTING AND COMMUNICATIONS (PERCOM)

Abstract
Runtime permission managers for mobile devices allow requests to be performed at the time in which permissions are required, thus enabling the user to grant/deny requests in context according to their expectations. However, in order to avoid cognitive overload, second and subsequent requests are usually automatically granted without user intervention/awareness. This paper explores whether these automated decisions fit user expectations. We performed a field study with 93 participants to collect their privacy decisions, the surrounding context and whether each request was expected. The collected 65261 permission decisions revealed a strong misalignment between apps' practices and expectation as almost half of requests are unexpected by users. This ratio strongly varies with the requested permission, the category and visibility of the requesting application and the user itself; that is, expectation is subjective to each individual. Moreover, privacy decisions are most strongly correlated with user expectation, but such correlation is also highly personal. Finally, Android's default permission manager would have violated the privacy of our participants 15% of the time. © 2022 IEEE.

2022

Prediction of Mobile App Privacy Preferences with User Profiles via Federated Learning

Authors
Brandão, A; Mendes, R; Vilela, JP;

Publication
CODASPY 2022 - Proceedings of the 12th ACM Conference on Data and Application Security and Privacy

Abstract
Permission managers in mobile devices allow users to control permissions requests, by granting of denying application's access to data and sensors. However, existing managers are ineffective at both protecting and warning users of the privacy risks of their permissions' decisions. Recent research proposes privacy protection mechanisms through user profiles to automate privacy decisions, taking personal privacy preferences into consideration. While promising, these proposals usually resort to a centralized server towards training the automation model, thus requiring users to trust this central entity. In this paper we propose a methodology to build privacy profiles and train neural networks for prediction of privacy decisions, while guaranteeing user privacy, even against a centralized server. Specifically, we resort to privacy-preserving clustering techniques towards building the privacy profiles, that is, the server computes the centroids (profiles) without access to the underlying data. Then, using federated learning, the model to predict permission decisions is learnt in a distributed fashion while all data remains locally in the users' devices. Experiments following our methodology show the feasibility of building a personalized and automated permission manager guaranteeing user privacy, while also reaching a performance comparable to the centralized state of the art, with an F1-score of 0.9. © 2022 ACM.

2021

SDR Proof-of-Concept of Full-Duplex Jamming for Enhanced Physical Layer Security

Authors
Silva, A; Gomes, M; Vilela, JP; Harrison, WK;

Publication
SENSORS

Abstract
In order to secure wireless communications, we consider the usage of physical-layer security (PLS) mechanisms (i.e., coding for secrecy mechanisms) combined with self-interference generation. We present a prototype implementation of a scrambled coding for secrecy mechanisms with interference generation by the legitimate receiver and the cancellation of the effect of self-interference (SI). Regarding the SI cancellation, four state-of-the-art algorithms were considered: Least mean square (LMS), normalized least mean square (NLMS), recursive least squares (RLS) and QR decomposition recursive least squares (QRDRLS). The prototype implementation is performed in real-world software-defined radio (SDR) devices using GNU-Radio, showing that the LMS outperforms all other algorithms considered (NLMS, RLS and QRDRLS), being the best choice to use in this situation (SI cancellation). It was also shown that it is possible to secure communication using only noise generation by the legitimate receiver, though a variation of the packet loss rate (PLR) and the bit error rate (BER) gaps is observed when moving from the fairest to an advantageous or a disadvantageous scenario. Finally, when noise generation was combined with the adapted scrambled coding for secrecy with a hidden key scheme, a noteworthy security improvement was observed resulting in an increased BER for Eve with minor interference to Bob.

2021

A survey of privacy-preserving mechanisms for heterogeneous data types

Authors
Cunha, M; Mendes, R; Vilela, JP;

Publication
COMPUTER SCIENCE REVIEW

Abstract

Supervised
thesis

2021

Active Vulnerability Assessment Systems

Author
Nuno Francisco de Sá Peralta

Institution
UP-FCUP

2021

Transcriptomics-based prediction of human phenotypes using scalable and secure machine learning approaches

Author
Marta Carolina Cabral Moreno

Institution
UP-FCUP

2020

Privacy-Preserving Mechanisms for Heterogeneous Data Types

Author
Mariana da Cruz Cunha

Institution
UP-FCUP