Rafael Timóteo de Sousa Júnior

Trust-based security for the OLSR routing protocol

The trust is always present implicitly in the protocols based on cooperation, in particular, between the entities involved in routing operations in Ad hoc networks. Indeed, as the wireless range of such nodes is limited, the nodes mutually cooperate with their neighbors in order to extend the remote nodes and the entire network. In our work, we are interested by trust as security solution for OLSR protocol. This approach fits particularly with characteristics of ad hoc networks. Moreover, the explicit trust management allows entities to reason with and about trust, and to take decisions regarding other entities. In this paper, we detail the techniques and the contributions in trust-based security in OLSR. We present trust-based analysis of the OLSR protocol using trust specification language, and we show how trust-based reasoning can allow each node to evaluate the behavior of the other nodes. After the detection of misbehaving nodes, we propose solutions of prevention and countermeasures to resolve the situations of inconsistency, and counter the malicious nodes. We demonstrate the effectiveness of our solution taking different simulated attacks scenarios. Our approach brings few modifications and is still compatible with the bare OLSR.

Acquisition and Analysis of Digital Evidence in Android Smartphones

From an experts standpoint, an Android phone is a large data repository that can be stored either locally or remotely. Besides, its platform allows analysts to acquire device data and evidence, collecting information about its owner and facts under investigation. This way, by means of exploring and cross referencing that rich data source, one can get information related to unlawful acts and its perpetrator. There are widespread and well documented approaches to forensic examining mobile devices and computers. Nevertheless, they are neither specific nor detailed enough to be conducted on Android cell phones. These approaches are not totally adequate to examine modern smartphones, since these devices have internal memories whose removal or mirroring procedures are considered invasive and complex, due to difficulties in having direct hardware access. The exam and analysis are not supported by forensic tools when having to deal with specific file systems, such as YAFFS2 (Yet Another Flash File System). Furthermore, specific features of each smartphone platform have to be considered prior to acquiring and analyzing its data. In order to deal with those challenges, this paper proposes a method to perform data acquisition and analysis of Android smartphones, regardless of version and manufacturer. The proposed approach takes into account existing techniques of computer and cell phone forensic examination, adapting them to specific Android characteristics, its data storage structure, popular applications and the conditions under which the device was sent to the forensic examiner. The method was defined in a broad manner, not naming specific tools or techniques. Then, it was deployed into the examination of six Android smartphones, which addressed different scenarios that an analyst might face, and was validated to perform an entire evidence acquisition and analysis.

Trust-Based Countermeasures for Securing OLSR Protocol

In this paper, we present two measures to counter attacks against OLSR: prevention that solves some protocols vulnerabilities, and countermeasures that treat misbehavior and inconsistency concerned by the vulnerabilities that have not been solved with prevention measures. The resulting mechanisms allow to resolve the OLSR vulnerabilities which are due to the easy usurpation of nodes identity, and the lack of links verification at the neighborhood discovery. However, these mechanisms do not resolve other vulnerabilities, such as the lack of monitoring of the establishment of the routing tables. Thus, when other vulnerabilities are exploited and an attack is detected, we propose countermeasures to isolate malicious nodes.

Neural Network Predictor for Fraud Detection: A Study Case for the Federal Patrimony Department

-Fraud detection is necessary for any financial system. However, the way of committing frauds and also for detecting them have evolved considerably in the lasts years, mainly due the development of new technologies. Therefore, fraud detection via statistical schemes has become an important tool to reduce the chances of frauds. In this paper, we present a study case applied to the tax collection per month of the Federal Patrimony Department (SPU). In this study case, we analyze some of the current methods for fraud detection, as Rule-Based Systems and Neural Networks classifiers, and propose the use of Neural Networks predictors for detecting fraud in time series data of the SPU.

Optimally tuned functionals improving the description of optical and electronic properties of the phthalocyanine molecule

By means of Density functional theory and time-dependent density functional theory calculations, we present a comprehensive investigation on the influence of different functional schemes on electronic and optical properties of the phthalocyanine molecule. By carrying out our own tuning on the OT-LC-BLYP/6-31G(d,p) functional, we show that such a procedure is fundamental to accurately match experimental results. We compare our results to several others available in the literature, including the B3LYP/6-31+G(d,p) set, which is commonly portrayed as the best combination in order to obtain a good description of the band gap. The results obtained here present not only significant improvement of the optical properties from the conventional BLYP, but we can also objectively report an improvement of our tuned functional when compared to the current benchmark of the literature as far as optical properties are concerned. Particularly, by means of this approach, it was possible to achieve a good agreement between the theoretical and experimental optical gap as well as of the positioning of the main peaks in the absorption spectrum. Our results thus suggest that correcting the long-range term on exchange term of the Coulomb operator, by means of a tuning procedure, is a good option to accurately describe properties of the phthalocyanine molecule.

A ubiquitous communication architecture integrating transparent UPnP and REST APIs

This paper proposes a ubiquitous middleware architecture enabling end devices to be easily used through software services. These services are available to end applications in a transparent and extensible manner using UPnP or a REST API. Internal modules are interconnected by ZigBee, which allows a mesh and auto reconfigurable internal network. Arduino is used to interconnect end devices to the middleware, allowing easy integration of devices by reading their state and executing actions on them.

Design and Evaluation of a Services Interface for the Internet of Things

This paper proposes an application programming interface (API) for accessing services within the internet of things (IoT) through both REST and SOAP protocols. This API provides methods and procedures to allow its usage for performing IoT control and event monitoring operations. In order to encompass devices diversity, the proposed API introduces a uniform abstraction model that constitutes a common standard view to manage objects. An abstract device services interface is then available instead of device commands, thus providing transparent access to devices capabilities and hiding the physical aspects of provider devices. The API has been designed to ease the remote management of IoT smart objects and was implemented as a module of an existing IoT middleware (UIoT). Experimental evaluation of both protocol implementations yields results showing the REST services with faster response time and lower resources usage than similar SOAP services.

Analysis of SDN Contributions for Cloud Computing Security

Cloud infrastructures are composed fundamentally of computing, storage, and networking resources. In regards to network, Software-Defined Networking (SDN) has become one of the most important architectures for the management of networks that require frequent re-policing or re-configurations. Considering the already known security issues of Cloud Computing, SDN helps to give fast answers to emerging threats, but also introduces new vulnerabilities related to its own architecture. In this paper, we analyze recent security proposals derived from the use of SDN, and elaborate on whether it helps to improve trust, security and privacy in Cloud Computing. Moreover, we discuss security concerns introduced by the SDN architecture and how they could compromise Cloud services. Finally, we explore future security perspectives with regard to leveraging SDN benefits and mitigating its security issues.

Construction of Ontologies by Using Concept Maps: A Study Case of Business Intelligence for the Federal Property Department

A Business Intelligence (BI) system can provide information in a reliable, instantaneous and automatic way in order to support crucial decisions of companies as well as of governments. The first step for the implementation of a BI system is the development of the ontology, which can be performed via an institutional glossary. However, usually the link between the ontology and the BI system is not direct, and therefore the implementation of the BI system may be slow. In this paper, we show the application of concept maps for BI system implementation. We exemplify this application using the study case of the implementation of the BI system for the Federal Property Department (SPU), which belongs to the Ministry of Planning, Budget and Management (MP) in Brazil. Besides the efficient implementation via concept maps, the impacts of our proposed BI system are also highlighted in this paper.

File Exchange in a Private Cloud Supported by a Trust Model

Cloud computing is being progressively adopted in different business scenarios in order to obtain flexible and reliable computing environments, with several supporting solutions available in the market. Computing systems trust representation have been widely discussed and applied in a lot of information technology scenarios, becoming subject of scientific researches. This paper proposes the development of a trust model to ensure a reliable files exchange among nodes in a private cloud, as well as the calculation process of trust among them, according to the established metrics. The simulation result using CloudSim framework shows the effectiveness of the model in selecting more reliable node in private cloud.