Cookies Policy
The website need some cookies and similar means to function. If you permit us, we will use those means to collect data on your visits for aggregated statistics to improve our service. Find out More
Accept Reject
  • Menu
About
Download Photo HD

About

Coordinator professor at Computers Engineering Department, ESTG-Leiria (Polytechnic of Leiria) and reseracher at CRACS.

Holds a PHD in Computer Science by Universidade do Porto; MSc in Informatics, branch of systems and networks, also by Universidade do Porto; Degree in Computers Enginnering by Instituto Superior de Engenharia do Porto (Polytechnic of Porto).

Coordinates a MSc course in cybersecurity and digital forensics at Polytechnic of Leiria and is responsible by classes on networking, systems administration, cloud technology, networking security and datacenters infrastrucutres.

Main areas of research include immune-inspired algorithms applied to automatic detection of anomalies, ensemble based algorithms for classification and anomaly detection, learning on dynamic systems in a temporal basis.

Previously he was algo ICT project manager and system administrator in companies.

Interest
Topics
Details

Details

  • Name

    Mário João Antunes
  • Cluster

    Computer Science
  • Role

    Senior Researcher
  • Since

    01st January 2009
Publications

2022

Digital Forensics for the Detection of Deepfake Image Manipulations

Authors
Ferreira, S; Antunes, M; Correia, ME;

Publication
ERCIM NEWS

Abstract

2022

A Client-Centered Information Security and Cybersecurity Auditing Framework

Authors
Antunes, M; Maximiano, M; Gomes, R;

Publication
APPLIED SCIENCES-BASEL

Abstract
Information security and cybersecurity management play a key role in modern enterprises. There is a plethora of standards, frameworks, and tools, ISO 27000 and the NIST Cybersecurity Framework being two relevant families of international Information Security Management Standards (ISMSs). Globally, these standards are implemented by dedicated tools to collect and further analyze the information security auditing that is carried out in an enterprise. The overall goal of the auditing is to evaluate and mitigate the information security risk. The risk assessment is grounded by auditing processes, which examine and assess a list of predefined controls in a wide variety of subjects regarding cybersecurity and information security. For each control, a checklist of actions is applied and a set of corrective measures is proposed, in order to mitigate the flaws and to increase the level of compliance with the standard being used. The auditing process can apply different ISMSs in the same time frame. However, as these processes are time-consuming, involve on-site interventions, and imply specialized consulting teams, the methodology usually adopted by enterprises consists of applying a single ISMS and its existing tools and frameworks. This strategy brings overall less flexibility and diversity to the auditing process and, consequently, to the assessment results of the audited enterprise. In a broad sense, the auditing needs of Small and Medium-sized Enterprises (SMEs) are different from large companies and do not fit with all the existing ISMSs' frameworks, that is a set of controls of a particular ISMS is not suitable to be applied in an auditing process, in an SME. In this paper, we propose a generic and client-centered web-integrated cybersecurity auditing information system. The proposed system can be widely used in a myriad of auditing processes, as it is flexible and it can load a set of predefined controls' checklist assessment and their corresponding mitigation tasks' list. It was designed to meet both SMEs' and large enterprises' requirements and stores auditing and intervention-related data in a relational database. The information system was tested within an ISO 27001:2013 information security auditing project, in which fifty SMEs participated. The overall architecture and design are depicted and the global results are detailed in this paper.

2022

Benchmarking Deep Learning Methods for Behaviour-Based Network Intrusion Detection

Authors
Antunes, M; Oliveira, L; Seguro, A; Verissimo, J; Salgado, R; Murteira, T;

Publication
INFORMATICS-BASEL

Abstract

2021

Evaluating cybersecurity attitudes and behaviors in Portuguese healthcare institutions

Authors
Nunes, P; Antunes, M; Silva, C;

Publication
INTERNATIONAL CONFERENCE ON ENTERPRISE INFORMATION SYSTEMS / INTERNATIONAL CONFERENCE ON PROJECT MANAGEMENT / INTERNATIONAL CONFERENCE ON HEALTH AND SOCIAL CARE INFORMATION SYSTEMS AND TECHNOLOGIES 2020 (CENTERIS/PROJMAN/HCIST 2020)

Abstract

2021

Information Security and Cybersecurity Management: A Case Study with SMEs in Portugal

Authors
Antunes, M; Maximiano, M; Gomes, R; Pinto, D;

Publication
Journal of Cybersecurity and Privacy

Abstract
Information security plays a key role in enterprises management, as it deals with the confidentiality, privacy, integrity, and availability of one of their most valuable resources: data and information. Small and Medium-sized enterprises (SME) are seen as a blind spot in information security and cybersecurity management, which is mainly due to their size, regional and familiar scope, and financial resources. This paper presents an information security and cybersecurity management project, in which a methodology based on the well-known ISO-27001:2013 standard was designed and implemented in fifty SMEs that were located in the center region of Portugal. The project was conducted by a business association located at the center of Portugal and mainly participated by SMEs. The Polytechnic of Leiria and an IT auditing/consulting team were the other two entities that participated on the project. The characterisation of the participating enterprises, the ISO-27001:2013 based methodology developed and implemented in SMEs, as well as the results obtained in this case study, are depicted and analysed in the paper. The attained results show a clear benefit to the audited and intervened SMEs, being mainly attested by the increasing of their information security management robustness and collaborators’ cyberawareness.

Supervised
thesis

2018

Vision Methods to Find Uniqueness Within a Class of Objects

Author
Valter Joaquim Ramos Costa

Institution
UP-FEUP

2017

Using telemedicine WebRTC tests in hospital environment

Author
Dário Gabriel da Cruz Santos

Institution
IPLeiria