Miguel Correia

ABSTRACT As cloud-based services gain popularity in both private and enterprise domains, cloud consumers are still lacking in tools to verify that these services work as expected. Such tools should consider properties such as functional correctness, service availability, ...

ABSTRACT Web application security is an important problem in today's internet. A major cause of this status is that many programmers do not have adequate knowledge about secure coding, so they leave applications with vulnerabilities. An approach to solve this problem is to use source code static analysis to find these bugs, but these tools are known to report many false positives that make hard the task of correcting the application. This paper explores the use of a hybrid of methods to detect vulnerabilities with less false positives. After an initial step that uses taint analysis to flag candidate vulnerabilities, our approach uses data mining to predict the existence of false positives. This approach reaches a trade-off between two apparently opposite approaches: humans coding the knowledge about vulnerabilities (for taint analysis) versus automatically obtaining that knowledge (with machine learning, for data mining). Given this more precise form of detection, we do automatic code correction by inserting fixes in the source code. The approach was implemented in the WAP tool and an experimental evaluation was performed with a large set of open source PHP applications.

Byzantine-tolerant protocols are currently being used as building blocks in the construction of secure applications, therefore their performance has a practical impact. Work in message-passing distributed protocols typically considers a set of nodes interconnected by a network. This paper investigates the benefits for the performance of Byzantine-tolerant protocols of including a secure component in the nodes. We have been exploring this kind of hybrid fault models by calling these subsystems wormholes. The present paper follows this line but ...

ABSTRACT Delay-Tolerant Networks (DTNs) are composed of nodes that cooperate to forward messages despite connectivity issues. This paper focuses on the problem of some nodes making limited or no contribution to the network. Misbehaving nodes consume network resources, reducing its performance and availability, therefore they constitute an important problem that should be considered. We study the impact of node misbehavior on seven DTN routing protocols using a large set of simulations. The results show that different protocols are more resilient to different types of node misbehavior.

Abstract Design and operational vulnerabilities are accepted as inevitable in today's complex computer systems. The distributed and networked nature of the systems that are currently in use and being developed facilitate discovery and exploitation of these flaws in increasingly new and easier ways. Intrusion Tolerance acknowledges that it is impossible to completely prevent attacks and intrusions, and that it is often impossible to accurately detect the act of intrusion and stop it early enough. Intrusion Tolerance research therefore aims ...

Abstract State machine replication (SMR) is a generic technique for implementing fault-tolerant distributed services by replicating them in sets of servers. There have been several proposals for using SMR to tolerate arbitrary or Byzantine faults, including intrusions. However, most of these systems can tolerate at most f faulty servers out of a total of 3f+ 1. We show that it is possible to implement a Byzantine SMR algorithm with only 2f+ 1 replicas by extending the system with a simple trusted distributed component. Several performance ...

ABSTRACT The reliability and availability of distributed services can be ensured using replication. We present an architecture and an algorithm for Byzantine fault-tolerant state machine replication. We explore the benefits of virtualization to reliably detect and tolerate faulty replicas, allowing the transformation of Byzantine faults into omission faults. Our approach reduces the total number of physical replicas from 3f+1 to 2f+1. It is based on the concept of twin virtual machines, which involves having two virtual machines in each physical host, each one acting as failure detector of the other.

ABSTRACT Vehicular Delay-Tolerant Networks (VDTNs) are composed of mobile nodes that communicate wirelessly with each other to forward data despite connectivity issues. This paper focuses on the problem of some nodes trying to impair the communication of a VDTN. In the paper we study the case of nodes that delay the forwarding of messages that is a particularly difficult to detect form of misbehavior. We study the impact of this form of misbehavior on eight VDTN routing protocols using a large set of simulations and two scenarios. The results show that depending on the type of misbehavior, message replication and intelligent selection of the next hop can help routing protocols to be resilient to node misbehavior.

ABSTRACT Industry is using power meters to monitor the consumption of energy and achieving cost savings. This monitoring often involves energy metering software with a web interface. However, web applications often have vulnerabilities that can be exploited by cyber-attacks. We present an approach and a tool to solve this problem by analyzing the application source code and automatically inserting fixes to remove the discovered vulnerabilities. We demonstrate the use of the tool with two open source energy metering applications in which it found and corrected 17 vulnerabilities. By looking in more detail into some of these vulnerabilities, we argue that they are very serious, leading to the following impacts: violation of user privacy, counter the benefits of energy metering, and serve as entering points for attacks on other user software.

Page 1. Committees EDCC 2012 General Chair Cristian Constantinescu (AMD, US / Romania) Program Committee Chair Miguel Correia (Instituto Superior Técnico, UTL / INESC-ID, Portugal) Local Arrangements Chair Ioana Moisil (Lucian Blaga University, Romania) Finance Chair Vasile Motoc (Lucian Blaga University, Romania) Publicity Chair Marc-Olivier Killijian (LAAS-CNRS, France) Daniel Volovici (Lucian Blaga University, Romania) Publications Chair Marcelo Pasin (University of Lisboa, Portugal) ...

Abstract Critical infrastructures like the power grid are essentially physical processes controlled by electronic devices. In the last decades, these electronic devices started to be controlled remotely through commodity computers, often directly or indirectly connected to the Internet. Therefore, many of these systems are currently exposed to threats similar to those endured by normal computer-based networks on the Internet, but the impact of failure of the former can be much higher to society.

Abstract Anomaly-based intrusion detection systems (IDS) have the ability of detecting previously unknown attacks, which is important since new vulnerabilities and attacks are constantly appearing. Software as a service web applications are currently much targeted by attacks, so they are an obvious application for such IDSs. The paper presents a study of the use of anomaly-based IDSs with data from a production environment hosting a web application of large dimensions.

Abstract Open distributed systems are typically composed by an unknown number of processes running in heterogeneous hosts. Their communication often requires tolerance to temporary disconnections and security against malicious actions. Tuple spaces are a well-known coordination construct for this sort of systems. They can support communication that is decoupled both in time (processes do not have to be active at the same time) and space (processes do not need to know each others addresses).