Detalhes
Nome
João Soares ResendeCargo
Investigador SéniorDesde
01 outubro 2016
Nacionalidade
PortugalCentro
Sistemas de Computação AvançadaContactos
+351220402963
joao.s.resende@inesctec.pt
2024
Autores
Cirne, A; Sousa, PR; Resende, JS; Antunes, L;
Publicação
IEEE COMMUNICATIONS SURVEYS AND TUTORIALS
Abstract
With the proliferation of Internet of Things (IoT) devices, there is an increasing need to prioritize their security, especially in the context of identity and authentication mechanisms. However, IoT devices have unique limitations in terms of computational capabilities and susceptibility to hardware attacks, which pose significant challenges to establishing strong identity and authentication systems. Paradoxically, the very hardware constraints responsible for these challenges can also offer potential solutions. By incorporating hardware-based identity implementations, it is possible to overcome computational and energy limitations, while bolstering resistance against both hardware and software attacks. This research addresses these challenges by investigating the vulnerabilities and obstacles faced by identity and authentication systems in the IoT context, while also exploring potential technologies to address these issues. Each identified technology underwent meticulous investigation, considering known security attacks, implemented countermeasures, and an assessment of their pros and cons. Furthermore, an extensive literature survey was conducted to identify instances where these technologies have effectively supported device identity. The research also includes a demonstration that evaluates the effectiveness of hardware trust anchors in mitigating various attacks on IoT identity. This empirical evaluation provides valuable insights into the challenges developers encounter when implementing hardware-based identity solutions. Moreover, it underscores the substantial value of these solutions in terms of mitigating attacks and developing robust identity frameworks. By thoroughly examining vulnerabilities, exploring technologies, and conducting empirical evaluations, this research contributes to understanding and promoting the adoption of hardware-based identity and authentication systems in secure IoT environments. The findings emphasize the challenges faced by developers and highlight the significance of hardware trust anchors in enhancing security and facilitating effective identity solutions.
2024
Autores
Vilalonga, A; Resende, JS; Domingos, H;
Publicação
2023 IEEE 22ND INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS, TRUSTCOM, BIGDATASE, CSE, EUC, ISCI 2023
Abstract
Anonymity networks like Tor significantly enhance online privacy but are vulnerable to correlation attacks by state-level adversaries. While covert channels encapsulated in media protocols, particularly WebRTC-based encapsulation, have demonstrated effectiveness against passive traffic correlation attacks, their resilience against active correlation attacks remains unexplored, and their compatibility with Tor has been limited. This paper introduces TorKameleon, a censorship evasion solution designed to protect Tor users from both passive and active correlation attacks. TorKameleon employs K-anonymization techniques to fragment and reroute traffic through multiple TorKameleon proxies, while also utilizing covert WebRTC-based channels or TLS tunnels to encapsulate user traffic.
2023
Autores
Martins, I; Resende, JS; Gama, J;
Publicação
ADVANCES IN INTELLIGENT DATA ANALYSIS XXI, IDA 2023
Abstract
As the digital world grows, data is being collected at high speed on a continuous and real-time scale. Hence, the imposed imbalanced and evolving scenario that introduces learning from streaming data remains a challenge. As the research field is still open to consistent strategies that assess continuous and evolving data properties, this paper proposes an unsupervised, online, and incremental anomaly detection ensemble of influence trees that implement adaptive mechanisms to deal with inactive or saturated leaves. This proposal features the fourth standardized moment, also known as kurtosis, as the splitting criteria and the isolation score, Shannon's information content, and the influence function of an instance as the anomaly score. In addition to improving interpretability, this proposal is also evaluated on publicly available datasets, providing a detailed discussion of the results.
2022
Autores
Cirne, A; Sousa, PR; Resende, JS; Antunes, L;
Publicação
COMPUTERS & SECURITY
Abstract
The Internet of Things (IoT) has changed how we interact with the world around us. Many devices are moving from offline to online mode, connecting between them and the Internet, offering more functionality to users. Despite the increase in the quality of life for users provided by IoT devices, it is also necessary to establish trust in the privacy and security of end-users. With this level of connectivity, the amount of data exchanged between devices also increases, inducing malicious activities. One of the main problems is the lack of regulation in the IoT industry, especially between different manufacturers. There are no formal security rules, and manufacturers may not choose to install security mechanisms. Therefore, it is necessary to promote the adoption of security measures. One way to do this is by using IoT devices and systems certification. In recent years, IoT certifications have emerged. Meanwhile, the European Union has passed the Cyber Security Act to unify and regulate security certifications in member states. Our work collects the requirements that different IoT environments and application scenarios impose on certifications and discusses the current certifications' status according to those requirements. In addition, we also explored how EU measures apply to IoT and, where applicable, how certifications implement them, highlighting future research challenges.
2022
Autores
Martins, I; Resende, JS; Sousa, PR; Silva, S; Antunes, L; Gama, J;
Publicação
FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE
Abstract
The Internet of Things (IoT) envisions a smart environment powered by connectivity and heterogeneity where ensuring reliable services and communications across multiple industries, from financial fields to healthcare and fault detection systems, is a top priority. In such fields, data is being collected and broadcast at high speed on a continuous and real-time scale, including IoT in the streaming processing paradigm. Intrusion Detection Systems (IDS) rely on manually defined security policies and signatures that fail to design a real-time solution or prevent zero-day attacks. Therefore, anomaly detection appears as a prominent solution capable of recognizing patterns, learning from experience, and detecting abnormal behavior. However, most approaches do not fit the urged requirements, often evaluated on deprecated datasets not representative of the working environment. As a result, our contributions address an overview of cybersecurity threats in IoT, important recommendations for a real-time IDS, and a real-time dataset setting to evaluate a security system covering multiple cyber threats. The dataset used to evaluate current host-based IDS approaches is publicly available and can be used as a benchmark by the community.
Teses supervisionadas
2019
Autor
João Vasco Bispo Estrela
Instituição
INESCTEC
The access to the final selection minute is only available to applicants.
Please check the confirmation e-mail of your application to obtain the access code.