Eduardo Souto

Automatic classification of cross-site scripting in web pages using document-based and URL-based features

The structure of dynamic websites comprised of a set of objects such as HTML tags, script functions, hyperlinks and advanced features in browsers lead to numerous resources and interactiveness in services currently provided on the Internet. However, these features have also increased security risks and attacks since they allow malicious codes injection or XSS (Cross-Site Scripting). XSS remains at the top of the lists of the greatest threats to web applications in recent years. This paper presents the experimental results obtained on XSS automatic classification in web pages using Machine Learning techniques. We focus on features extracted from web document content and URL. Our results demonstrate that the proposed features lead to highly accurate classification of malicious page.

RIP - A robust IP access architecture

This research is of the view that only tightly coordinated work among security components as we know them today including firewalls, traffic analysis modules, intrusion detection systems, antivirus remediation systems, etc., is likely to take us closer to a more effective solution against some security threats. A structured Robust IP (RIP) access architecture is described and its components are analyzed through the use of a proof of concept testbed. Examples of the use of RIP and the heuristics it implements are evaluated. We also compare RIP performance to existing work. We show that there are currently some tradeoffs that need to be made between accuracy and responsiveness. We believe that this collaborative communication style between the components represents a significant step in the direction of self-defending networks and innovation in the area.

User activity recognition for energy saving in smart home environment

In recent years, the consumption of electricity has increased considerably in the industrial, commercial and residential sectors. This has prompted a branch of research which attempts to overcome this problem by applying different information and communication technologies, turning houses and buildings into smart environments. In this paper, we propose and design an energy saving technique based on the relationship between the users activities and electrical appliances in smart home environments. The proposed method utilizes machine learning techniques to automatically recognize the users activities, and then a ranking algorithm is applied to relate activities and existing home appliances. Finally, the system gives recommendations to the user whenever it detects a waste of energy. Tests on a real database show that the proposed method can to save up to 35% of electricity in a smart home.

An orchestration approach for unwanted Internet traffic identification

A simple examination of Internet traffic shows a wide mix of relevant and unwanted traffic. The latter is becoming increasingly harmful to network performance and service availability, while often consuming precious network and processing resources. Coordinated attacks, such as distributed denial-of-services (DDoS), large-scale scans, and worm outbreaks, occur in multiple networks simultaneously and become extremely difficult to detect using an individual detection engine. This paper presents the specification of a new orchestration-based approach to detect, and, as far as possible, to limit the actions of these coordinated attacks. Core to the proposal is a framework that coordinates the receiving of a multitude of alerts and events from detectors, evaluates this input to detect or prove the existence of anomalies, and consequently chooses the best action course. This framework is named Orchestration-oriented Anomaly Detection System (OADS). We also describe an OADS prototype implementation of the proposed infrastructure and analyze initial results obtained through experimentation with this prototype.

Nudity detection based on image zoning

Automatic nudity detection strategies play an important role in solutions focusing on controlling access to inappropriate content. These strategies usually apply filter or similar approaches in order to detect nudity in digital images. In this paper we propose a strategy for nudity detection based on applying image zoning. Moreover, we perform feature extraction using color and texture information, as well as feature selection, focusing on pointing out the most relevant features. SVM is used for image classification. Experimental results demonstrate that an effective improvement in terms of accuracy is attained by using the zoning strategy. In addition, the highest classification rates are obtained by combining two color-based and two texture-based features, which shows that it is possible to reduce the number of features while keeping high classification rates.

Application development for the Internet of Things: A context-aware mixed criticality systems development platform

Abstract The Internet of Things (IoT) is gaining momentum and may positively influence the automation of energy-efficiency management of smart buildings. However, the development of IoT-enabled applications still takes tremendous efforts due to the lack of proper tools. Many software components have to be developed from scratch, thus requiring huge amounts of effort, as developers must have a deep understanding of the technologies, the new application domain, and the interplay with legacy systems. In this paper we introduce the IMPReSS Systems Development Platform (SDP) that aims at reducing the complexity of developing IoT-enabled applications for supporting sensor data collection in buildings, managing automated system changes according to the context, and real-time prioritization of devices for controlling energy usage. The effectiveness of the SDP for the development of IoT-based context-aware and mixed-criticality applications was assessed by using it in four scenarios involving energy efficiency management in public buildings. Qualitative studies were undertaken with application developers in order to evaluate their perception of five key components of the SDP with regard to usability. The study revealed significant and encouraging results. Further, a quantitative performance analysis explored the scalability limits of the IMPReSS communication components.

ETSSDetector: A Tool to Automatically Detect Cross-Site Scripting Vulnerabilities

The inappropriate use of features intended to improve usability and interactivity of web applications has resulted in the emergence of various threats, including Cross-Site Scripting(XSS) attacks. In this work, we developed ETSS Detector, a generic and modular web vulnerability scanner that automatically analyzes web applications to find XSS vulnerabilities. ETSS Detector is able to identify and analyze all data entry points of the application and generate specific code injection tests for each one. The results shows that the correct filling of the input fields with only valid information ensures a better effectiveness of the tests, increasing the detection rate of XSS attacks.

3D routing: a protocol for emergency scenarios

A 3D underlay routing protocol, for scenarios with device and networking technology heterogeneity is presented. It provides mechanisms for the seamless interoperation of dynamic, heterogeneous ad hoc networks. This underlay protocol aggregates and exchanges device context information, such as hardware resources, channel state information and network interfaces to build its routing decisions. 3D Routing considers the following fundamental emergency networking aspects: the bootstrapping process of the network(s) and nodes, the building and spreading of context information between the nodes, and the assignment of roles to particular nodes. To this end, we discuss how these ideas are designed and implemented in order to provide seamless interoperability for this type of emerging networking scenarios.

A comparison study between the TLS-based security framework and IKEv2 when protecting DSMIPv6 signaling

This paper presents a comparison study between the TLS-based security for DSMIPv6 and IKEv2 when establishing Security Associations between MN and HA. The network transmission and processing costs are examined for each protocol using different authentication methods. The results show that the TLS-based solution has less computation cost and less authentication delay than IKEv2with D-H Groups 5 and 14. However, the high amount of transmitted data for certificate based authentications increases the authentication delay in low bandwidth wireless networks.

Connecting the Internet of Things rapidly through a model driven approach

Currently, developing Internet of Things (IoT) applications requires tremendous efforts and a wide range of expertise. This may discourage inexperienced developers entering the IoT development. Filling this gap, we propose a model driven tool called IoTLink that allows inexperienced developers to wire physical devices visually, creating the necessary foundation for their IoT applications. Based on the visual model, IoTLink is able to generate a complete Java project including an extendable Java code. When the java code is compiled and executed, it encapsulates the complexity of communicating with devices and services. It abstracts them as virtual objects that can be accessed through different communication means that are commonly used on the internet such as web service and MQTT. IoTLink was evaluated against java development in a controlled experiment. The result shows that IoTLink was able to outperform classical java development in terms of the development time and users satisfactions.