Browsing by Author "Pedrosa, Tiago"
Now showing 1 - 10 of 40
Results Per Page
Sort Options
- Actively detecting multiscale flooding attacks & attack volumes in resource-constrained ICPSPublication . Zahid, Farzana; Kuo, Matthew M.Y.; Sinha, Roopak; Funchal, Gustavo Silva; Pedrosa, Tiago; Leitão, PauloThe significant growth in modern communication technologies has led to an increase in zero-day vulnerabilities that degrade the performance of cyber-physical systems (ICPS). Distributed denial of service (DDoS) attacks are one such threat that overwhelms a target with floods of packets, posing a severe risk to the normal operations of the ICPS. Current solutions to detect DDoS attacks are unsuitable for resource-constrained ICPS. This study proposes actively detecting multiscale flooding DDoS attacks in resource-constrained ICPS by analyzing network traffic in the frequency domain. A two-phased technique detects attack presence and attack volume. Both phases use a novel combination of light-weight and theoretically sound statistical methods. The effectiveness of the proposed technique is evaluated using mainstream metrics like true and false positive rates, accuracy, and precision using BOUN DDoS 2020 and CICDDoS 2019 datasets. An implementation of the proposed approach on a programmable logic controllers-based ICPS demonstrated improvements in resource usage and detection time compared to the existing state-of-the-art.
- An architecture for sharing cyberiIntelligence based on blockchainPublication . Gonçalo, Rui; Pedrosa, Tiago; Lopes, Rui PedroCyber-intelligence sharing can leverage the development and deployment of security plans and teams within organizations, making infrastructures resilient and resistant to cyberattacks. To be efficient, information sharing should be performed in a trusted environment, ensuring both the integrity, privacy and confidentiality and the truthfulness and usefulness of the information. This paper addresses this issue with the development and deployment of an architecture based on blockchain technology. Each participant is granted a reputation level, that is used to assess and verify the information other actors produce. Each actor, then, is given an amount of credit, corresponding to the number and accuracy of the validation. Information is also organized in topics, instantiated in independent ledgers. The architecture was validated with a three organization scenario, for proof-of-concept.
- An intrusion detection system dataset for a multi-agent cyber-physical conveyor systemPublication . Funchal, Gustavo Silva; Zahid, Farzana; Melo, Victoria; Kuo, Matthew M.Y.; Pedrosa, Tiago; Sinha, Roopak; Prieta Pintado, Fernando De la; Leitão, PauloIndustry 4.0 is built upon the foundation of connecting devices and systems via Internet of Things (IoT) technologies, with Cyber-Physical Systems (CPS) serving as the backbone infrastructure. Although this approach brings numerous benefits like improved performance, responsiveness and reconfigurability, it also introduces security concerns, making devices and systems vulnerable to cyber attacks. There is a need for effective techniques to protect these systems, and the availability of datasets becomes essential to support the development of such techniques. This paper presents a dataset based on the collection of traffic information exchanged in a self-organizing conveyor system using the multi-agent systems (MAS) architecture and containing various intelligent conveyor modules. The dataset comprises data collected at the network and agent levels under normal system operation, denial of service (DoS) attacks, and malicious agent attacks. An intrusion detection system that integrates Fast Fourier Transform (FFT) and Machine Learning (ML) analysis is developed to demonstrate the utility of this dataset.
- An OpenEHR repository based on a native XML databasePublication . Velte, Linda; Pedrosa, Tiago; Costa, Carlos Manuel Azevedo; Oliveira, José LuísOpenEHR is an open standard specification that describes the management, storage, retrieval and exchange of data in Electronic Health Record (EHR). Despite its growing importance in the field, the lack of open source solutions is hindering a larger visibility. In this paper we present an openEHR-based repository supported by a native XML database, which allows to store and query OpenEHR records through the DB service layer and a set of REST web services. The obtained results highlight the efficiency of this API and show that it can be used as a persistence component in any OpenEHR solution.
- An SNMP filesystem in userspacePublication . Lopes, Rui Pedro; Pedrosa, Tiago; Pires, LuísModern computer networks are constantly increasing in size and complexity. Despite this, data networks are a critical factor for the success of many organizations. Monitoring their health and operation sta- tus is fundamental, and usually performed through specific network man- agement architectures, developed and standardized in the last decades. On the other hand, file systems have become one of the best well known paradigms of human-computer interaction, and have been around since early days in the personal computer industry. In this paper we propose a file system interface to network management information, allowing users to open, edit and visualize network and systems operation information.
- An SNMP filesystem in userspacePublication . Lopes, Rui Pedro; Pedrosa, Tiago; Pires, LuísModern computer networks are constantly increasing in size and complexity. Despite this, data networks are a critical factor for the success of many organizations. Monitoring their health and operation sta- tus is fundamental, and usually performed through specific network man- agement architectures, developed and standardized in the last decades. On the other hand, file systems have become one of the best well known paradigms of human-computer interaction, and have been around since early days in the personal computer industry. In this paper we propose a file system interface to network management information, allowing users to open, edit and visualize network and systems operation information.
- Concepts for a personal health recordPublication . Santos, Cândido; Pedrosa, Tiago; Costa, Carlos Manuel Azevedo; Oliveira, José LuísHealthcare is about information. It is usually assumed that personal health information exists primarily for professional's use but well informed patients motivate better informed professionals. A longitudinal health record containing a patient's medical history has been the holy grail of healthcare. Personal Electronic Health Records (P-EHR) hold the potential to transform healthcare by providing a complete set of patient managed information. We present a portable P-EHR's functionalities from the patient's perspective.
- Edge Multi-agent Intrusion Detection System Architecture for IoT Devices with Cloud ContinuumPublication . Funchal, Gustavo Silva; Pedrosa, Tiago; Prieta Pintado, Fernando De la; Leitão, PauloThe Industry 4.0 has brought significant changes in production processes and business models worldwide. Advanced technologies, e.g., Collaborative Robotics, Artificial Intelligence, Cloud Computing, and Internet of Things (IoT) are playing a crucial role in improving efficiency and productivity. However, the adoption of these technologies, particularly IoT, introduces security vulnerabilities and potential attacks due to inadequate security measures. This paper addresses the need for dedicated cybersecurity mechanisms and secure device design in IoT networks, particularly emphasizing the challenges faced in implementing Intrusion Detection Systems (IDS) on resourceconstrained IoT edge devices, limiting the use of traditional machine learning based detection methods. Moreover, the limited computational resources of IoT devices require lightweight techniques that have low power requirements but can accurately detect anomalies in the network. To tackle these challenges, a novel multi-agent based architecture is proposed, considering the distribution of nodes along the edge-cloud continuum, and enabling the collaboration among different processes to detect anomalies during attacks. The proposed architecture is evaluated at the edge level using the CICIoT2023 dataset. The results demonstrate the feasibility of using multi-agent systems for a collaborative detection of IoT attacks, contributing to enhance the security of IoT-based systems against cyber threats in Industry 4.0 environments by leveraging lightweight techniques.
- Electronic health records for mobile citizens: a secure and collaborative architecturePublication . Pedrosa, Tiago; Oliveira, José Luís; Lopes, Rui PedroSince their early adoption Electronic Health Records (EHR) have been evolving to cope with increasing requirements from institutions, professionals and, more recently, from patients. Citizens became more involved demanding successively more control over their records and an active role on their content. Mobility brought also new requirements, data become scattered over heterogeneous systems and formats, with increasing di culties on data sharing between distinct providers. To cope with these challenges several solutions appeared, mostly based on service level agreements between entities, regions and countries. They usually required de ning complex federated scenarios and left the patient outside the process. More recent approaches, such as personal health records (PHR), enable patient control although raises clinical integrity doubts to other actors, such as physicians. Also, information security risk increase as data travels outside controlled networks and systems. To overcome this, new solutions are needed to facilitate trustable collaboration between the diverse actors and systems. In this thesis we present a solution that enables a secure and open collaboration between all healthcare actors. It is based on a service-oriented architecture that deals with the clinical data using a closed envelope concept. The architecture was modeled with minimal functionality and privileges bearing in mind strong protection of data during transmission, processing and storing. The access control is made through patient policies and authentication uses electronic identi cation cards or similar certi cates, enabling auto-enrollment. All the components require mutual authentication and uses cyphering mechanisms to assure privacy. We also present a threat model to verify, through our solution, if possible threats were mitigated or if further re nement is needed. The proposed solution solves the problem of patient mobility and data dispersion, and empowers citizens to manage and collaborate in their personal healthcare information. It also permits open and secure collaboration, enabling the patient to have richer and up to date records that can foster new ways to generate and use clinical or complementary information.
- Gathering and managing complementary diagnostic testsPublication . Santos, João C.; Pedrosa, Tiago; Costa, Carlos Manuel Azevedo; Oliveira, J.L.Personal health information is constituted in its greatest part by complementary diagnostic tests which are an important medical aid. This information is generated dispersedly because the patient seeks medical care in many different places over his lifetime. Access to a comprehensive set of a patient’s health information is a challenge. It revolves around the patient so any managing scheme must be patient-centric. We took a pragmatic approach to this problem and developed a software standalone platform for secure personal health information storage, namely complementary diagnostic tests, on a portable device for mobility. Simplicity and ease of use were main objectives. A special attention was given to the security aspects associated with storing this kind of information.