Repository logo
 
Profile Picture
Person

Ferreira Sequeiros, João Bernardo

Metadata only
1F1D-2389-FA3B
0000-0001-7206-7771

Filters

2016 - 201972020 - 20241
Reset filters

Settings

End date: 2024 ×

Search Results

Now showing 1 - 8 of 8
  • Forensic Box for Quick Network-Based Security Assessments
    Publication . Sequeiros, João Bernardo Ferreira; Inácio, Pedro Ricardo Morais
    Network security assessments are seen as important, yet cumbersome and time consuming tasks, mostly due to the use of different and manually operated tools. These are often very specialized tools that need to be mastered and combined, besides requiring sometimes that a testing environment is set up. Nonetheless, in many cases, it would be useful to obtain an audit in a swiftly and on-demand manner, even if with less detail. In such cases, these audits could be used as an initial step for a more detailed evaluation of the network security, as a complement to other audits, or aid in preventing major data leaks and system failures due to common configuration, management or implementation issues. This dissertation describes the work towards the design and development of a portable system for quick network security assessments and the research on the automation of many tasks (and associated tools) composing that process. An embodiment of such system was built using a Raspberry Pi 2, several well known open source tools, whose functions vary from network discovery, service identification, Operating System (OS) fingerprinting, network sniffing and vulnerability discovery, and custom scripts and programs for connecting all the different parts that comprise the system. The tools are integrated in a seamless manner with the system, to allow deployment in wired or wireless network environments, where the device carries out a mostly automated and thorough analysis. The device is near plug-and-play and produces a structured report at the end of the assessment. Several simple functions, such as re-scanning the network or doing Address Resolution Protocol (ARP) poisoning on the network are readily available through a small LCD display mounted on top of the device. It offers a web based interface for finer configuration of the several tools and viewing the report, aso developed within the scope of this work. Other specific outputs, such as PCAP files with collected traffic, are available for further analysis. The system was operated in controlled and real networks, so as to verify the quality of its assessments. The obtained results were compared with the results obtained through manually auditing the same networks. The achieved results showed that the device was able to detect many of the issues that the human auditor detected, but showed some shortcomings in terms of some specific vulnerabilities, mainly Structured Query Language (SQL) injections. The image of the OS with the pre-configured tools, automation scripts and programs is available for download from [Ber16b]. It comprises one of the main outputs of this work.
    2016-11-18Master thesis Open access Show more
  • Towards a Framework for System and Attack Modelling and Mapping of Requirements and Technology for the Internet of Things
    Publication . Sequeiros, João Bernardo Ferreira; Inácio, Pedro Ricardo Morais
    The proliferation of Internet of Things (IoT) devices has been expanding several domains, offering unprecedented connectivity and convenience. However, this surge in interconnected devices has brought forth significant security challenges, as constrained budgets and development time leave security in a secondary role, or even non-existent. This is compounded upon by small design and development teams, where security expertise is reduced and lacking, creating a landscape of IoT systems that are unsecured and ripe for attack by malicious actors. The data gathered by these devices, their general lack of security, and the possibility of serving ans entry points to otherwise more secure systems, makes them increasingly tempting targets for exploration and exploitation. This thesis attempts to bridge the gap of aiding in the secure IoT system development, by approaching the issue of security in IoT from a standpoint of low knowledge and/or low expertise in IoT security. The first step towards the main goal is the extensive survey of existing IoT architectures and modeling tools, to aid in identifying the main challenges in secure IoT development and what can be improved or built upon. The second phase advances upon what was surveyed, by proposing an IoT system model that encompasses a large set of IoT ecosystems, and that embeds security in its essence, by identifying, for each system component, what are its critical security requirements, and what are the most attractive targets for an attacker on the given component. This model is complemented by the creation of an attack taxonomy, that attempts to take the most common attacks on IoT, and identifying where in the system those attacks may occur. To further aid the development process and provide a practical substrate to the Doctor of Philosophy (degree) (Ph.D.) work, an attack modeling tool named Attack Trees for IoT (ATIoT) is presented as a means to identify, starting from a system description given through a direct answer questionnaire, the attacks the system may be more susceptible to, providing the user with a set of attack trees, together with detailed node descriptions, of the identified attacks for the described system. Joining ATIoT, other existing tools are mapped to the proposed model, to further aid in identifying where security requirements, best practices, guidelines, security mechanisms and potential threats in an IoT system should be applied or can be found, further enhancing the usefulness of such tools. Motivated by the profound transformation that Artificial Intelligence (AI) is causing in the technological world, and the always fast advancing security area, a series of experiments of applying different AI mechanisms to the developed tools are also detailed herein. They specifically concern the application of classification models to the elicitation of security requirements, and the use of Large Language Models (LLMs) for identifying potential attacks from a textual system description. The thesis presents the results of these experiments, which show the promise of applying such methodologies to the process of security engineering. Main conclusions include achieving the goal of creating a panoply of mechanisms and tools that aid the development of secure IoT systems, that were designed towards being used by developers with low or no security background and expertise. It was also concluded that AI methods can aid in the maintaining of such tools and mechanisms, ensuring their validity in a longer time period, a challenge always present in fast-paced, always evolving areas.
    2024-09-04Doctoral thesis Open access Show more
  • Blockchain-based Decentralized Application for Electronic Voting Using an Electronic ID
    Publication . Monteiro, José Diogo Soares Albergaria Serejo; Sequeiros, João B. F.; Freire, Mario; Inácio, Pedro R. M.
    In this work, we present a decentralized and self-tallying electronic voting protocol that substantially enhances the privacy of voters and diminishes centralization. ese properties are accomplished through a symbiotic relationship between the Ethereum Blockchain and the Portuguese electronic ID. Unlike previously proposed Blockchain e-voting protocols, this is the rst implementation that more closely ful lls most of the security requirements of a real-world voting scheme. Furthermore, our system improves currently in-use e-Voting systems by using a self-tallying protocol. us, each voting citizen is able to compute the election tally and has complete control over their own vote. e execution of this protocol is enforced using the consensus mechanism that safeguards the Ethereum Blockchain. To prove its feasibility, we tested the implementation on the o cial PoW (Proof of Work) test network of Ethereum (Ropsten). e - nancial and computational breakdowns are on par with the leading Blockchain e-voting protocol.
    2019-09Journal article Restricted access Show more
  • Computational Metrics for Soccer Analysis
    Publication . Clemente, Filipe Manuel; Sequeiros, João Bernardo Ferreira; Correia, Acácio; Silva, Frutuoso G. M.; Martins, Fernando Manuel Lourenço
    2018Book Restricted access Show more
  • Security Threats and Possible Countermeasures in Applications Covering Different Industry Domains
    Publication . Samaila, Musa Gwani; Sequeiros, João B. F.; Freire, Mario; Inácio, Pedro R. M.
    The world is witnessing the emerging role of Internet of Things (IoT) as a technology that is transforming different industries, global community and its economy. Currently, a plethora of interconnected smart devices have been deployed for diverse pervasive applications and services, and billions more are expected to be connected to the Internet in the near future. The potential benefits of IoT include improved quality of life, convenience, enhanced energy efficiency, and more productivity. Alongside these potential benefits, however, come increased security risks and potential for abuse. Arguably, this is partly because many IoT start-ups and electronics hobbyists lack security expertise, and some established companies do not make security a priority in their designs, and hence they produce IoT devices that are often ill-equipped in terms of security. In this paper, we discuss different IoT application areas, and identify security threats in IoT architecture. We consider security requirements and present typical security threats for each of the application domains. Finally, we present several possible security countermeasures, and introduce the IoT Hardware Platform Security Advisor (IoT-HarPSecA) framework, which is still under development. IoT-HarPSecA is aimed at facilitating the design and prototyping of secure IoT devices.
    2018-08Journal article Restricted access Show more
  • IoT Hardware Development Platforms: Past, Present, and Future
    Publication . Samaila, Musa Gwani; Sequeiros, João B. F.; Correia, Acácio; Freire, Mario; Inácio, Pedro R. M.
    An Internet of Things (IoT) hardware development platform refers to a self-contained module of interconnected electronic components that include microcontrollers, wireless radio chips, memory and input/output interfaces for prototyping and large-scale production of IoT devices. Competition among different vendors is a major driving force for improved performance in the IoT hardware industry, resulting in the creation of diverse IoT hardware development platforms. Although IoT has been really hyped up recently, there is limited amount of work in the literature on IoT hardware development platforms. This chapter examines several IoT hardware development platforms that were released in the past, those that are recently launched on the market, and those that will be released in the near future. It focuses specifically on some essential attributes of the hardware development platforms that include processing speed, memory capacity, battery life, and security features.
    2017Book part Restricted access Show more
  • A Quick Perspective on the Current State of IoT Security
    Publication . Samaila, Musa Gwani; Sequeiros, João B. F.; Correia, Acácio; Freire, Mario; Inácio, Pedro R. M.
    An Internet of Things (IoT) hardware development platform refers to a self-contained module of interconnected electronic components that include microcontrollers, wireless radio chips, memory and input/output interfaces for prototyping and large-scale production of IoT devices. Competition among different vendors is a major driving force for improved performance in the IoT hardware industry, resulting in the creation of diverse IoT hardware development platforms. Although IoT has been really hyped up recently, there is limited amount of work in the literature on IoT hardware development platforms. This chapter examines several IoT hardware development platforms that were released in the past, those that are recently launched on the market, and those that will be released in the near future. It focuses specifically on some essential attributes of the hardware development platforms that include processing speed, memory capacity, battery life, and security features.
    2017Book part Restricted access Show more
  • IoT-HarPSecA: A Framework for Facilitating the Design and Development of Secure IoT Devices
    Publication . Samaila, Musa Gwani; Sequeiros, João B. F.; Freire, Mario; Inácio, Pedro R. M.
    devices and applications in recent years can be attributed partly to the emergence of several new IoT startup companies and potential applications. While many of these startups offer significant innovations in the IoT, some of them lack security expertise, resulting in the development of ill-equipped IoT devices and applications in terms of security. For example, one of the fundamental problems faced by non-security experts in the IoT space is how to select the right Lightweight Cryptographic Algorithm (LWCA) for a given security requirement. To address this specific problem, an IoT Hardware Platform Security Advisor (IoT-HarPSecA) framework is proposed in this paper. The security framework is aimed at facilitating the choice of specific security algorithms given a set of security goals, hardware specifications, message payload size, application area, and energy requirement. Within the scope of this framework, we develop an easy-to-use tool in C++ that allows users to interact with the IoT-HarPSecA framework. The tool can potentially help non-security experts, such as electronics and computer engineers as well as application developers make informed decisions on selecting the appropriate security algorithms for their various applications. Finally, the paper presents some preliminary results and discussion.
    2019-08Journal article Restricted access Show more