ABOUT
The first virtual cybersecurity conference organized by the Master's students will be taking place on February 2021. This event will connect anyone with a particular interest in cybersecurity with the students and the expert faculty. The latest cybersecurity trends and the emerging threats will be discussed along with the presentations.

When / Where

Feb 24, 2021 / Remote

Submission Deadline

Feb 1, 2021

Submission Template

Overleaf

Paper Submission

EasyChair

Notification Due

Feb 10, 2021

Final Version Due

Feb 17, 2021
Topics of particular interest include, but are not limited to:

Vulnerability

eHealth

ISMS

Blockchain

IoT

Organization

General Chairs

Domingos Costa / Pedro Pinto (Prof.)

General Co-Chairs

João Silva | Nuno Torres

Publicity Chairs

Pedro Marrucho | Marco Saraiva | Pedro Araújo | Rafael Matos | Ricardo Gonçalves | Nuno Torres
PRESENTATIONS

DNS Firewall Dataset based on Machine Learning

by Cláudio Marques

Nowadays there are many DNS (Domain Name Service) firewall solutions to prevent users to access malicious domains. These can provide real time protection and block illegitimate communications. Mostly of these solutions are based on known malicious domains lists that are being constantly updated. However, in this way, it is only possible to block malicious communications for known malicious domains, leaving out many others that are malicious but have not yet been updated in the block lists. This work intends to provide a DNS dataset for the scientific community in order to improve the detection of malicious DNS requests on the fly based on the result of ML (Machine Learning) algorithms. For this purpose, a dataset will be created based on real DNS logs. The data will be enriched using OSINT (Open Source Intelligence) sources. The exploratory analysis and data preparations steps will be carried and the final dataset will be submitted to different ML algorithms to accurately and timely classify if a domain request is malicious or not providing a valuable register to the scientific community that can be applied in firewall systems in order to increase the security analysis and performance.

FirewallDNSMachine LearningCybersecurity

Study of Machine Learning Techniques to Improving Intrusion Detection

by Diogo Teixeira

Nowadays, we live in a world all connected to the network. If we all want to have access to all equipment anywhere, the first focus should be on security. Unfortunately it is not. There are several hacked systems and with this, many data are exposed. It is necessary to protect. Machine Learning mechanisms integrated in an Intrusion Detection System are the key to considerably increasing security. If in 2021, are estimated more than 12 million attacks only by DDoS, designing a system capable of protecting several agents against them and learning from their own actions (being rewarded when it makes a correct decision, but penalized when it makes a mistake) is the way forward.

DDoSMachine LearningIDSReinforcement LearningPreventionSecurityAttack

Sentimental Analysis of Phishing Emails

by Marco Saraiva

In this work we propose an experimental study regarding the detection of phishing emails. The goal is to study and create a system capable of automatically classifying emails as being phishing or not by considering their content. To this end, we will explore the use of Named Entity Recognition and Sentiment Analysis to create a dataset and analyze it using machine learning classification algorithms.

PhishingSocial EngineeringMachine LearningNamed Entity RecognitionCybersecurity

Security Analysis in LPWANs: an Attack Model for critical IoT applications

by Nuno Torres

The Internet of Things (IoT) demands for Low-Power and Wide-Area Networks (LPWAN) since connected devices need battery-efficient and long-range communications. Due to its low-cost and high availability (regional/city level scale), these types of networks have been widely used in several critical IoT applications, such as Smart Metering, Smart Grids, Smart Buildings, Intelligent Transportation Systems (ITS), SCADA Systems, etc. By using Low Power Wide Area Networks (LPWAN) technologies, communications are less dependent on common and existing infrastructure, such as WiFi, enabling IoT devices to operate on small and inexpensive batteries (up to 10 years), and be easily deployed within a wide area, typically more than 2 km in urban zones. In this study, a state-of-the-art review is put forward focusing the most prominent results that have been found. Finally, a threat model for a generic IoT application that will be explored in the context of critical IoT applications. Results have shown that this type of technology contains several security flaws, which can lead to irreversible harm to the systems.

LPWANSecurityIoT

Framework to Collect ISO 27001 GAP Analysis Data and Estimate Further Resources Requirements for Standard Compliance

by Pedro Araújo

In this project, we intend to evaluate and understand the biggest difficulties and challenges in the implementation of a security standard, such as ISO/IEC 27001, in a group with so many differences in the various companies. The method used in this project is the case-study that has successive stages of collecting, analysing and interpreting the methods information, for the purpose of the investigation and the intensive study. At the end, a tool must be proposed to estimate the effort required to deploy the standard.

ISMSISOAwarenessGAP AnalysisCybersecurityCase StudyAudit

Cybersecurity in eHealth: bibliometric study

by Ana Longras

The health area is not only betting on the development of better health treatments, but they are also betting on becoming more digital, since the creation of teleconsultations, correct and more effective diagnoses, use of virtual reality tools, virtual health assistants, medical devices with intelligence artificial, electronic health records on blockchain, development of wearables for continuous and improved monitoring and patient autonomy. The COVID-19 pandemic accelerated the process of digital transformation in the health sector. Digital transformation thus becomes a “survival” tactic and strategy in the short and long term. However, the adoption of new technologies or even the improvement of the technologies used are still vulnerable to modern threats.

Digital HealthCybersecurityHealthcareeHealth

Security Issues in Implantable Medical Devices

by Henrique Oliveira

Implantable medical devices are used for critical functions like diagnosis, prevention, control, treatment or life-enhancing patients with chronic diseases, through diagnosing and/or monitoring for better care and quality of patients' lives. Communication between medical devices and healthcare professionals is of utmost importance to treat health data and critical functions without the need for patient surgery. Increasingly, the development, implementation and use of security mechanisms that can provide the availability of information, the integrity of medical devices and the confidentiality of data are needed. Alteration of data, theft, improper access to this information, or even denial of service in a healthcare system can lead to the death of patients on devices such as these essential to life. This paper mainly contribution is a research on implantable medical device vulnerabilities and attack mitigation strategies.

IMDsSmart CityCybersecurityHealthcareSecurity ThreatsImplanted Medical Devices6GIOT

Security in Vehicle-to-Everything Communications

by João Silva

Autonomous driving is becoming a reality and cars are getting connected with everything (traffic lights, roads, bicycles, other cars, people, infrastructure, etc) being Vehicle-to-Everything (V2X) communications a critical factor in the success of autonomous cars. This work aims to study the main security mechanisms and explore the main vulnerabilities of V2X communication standards in a specific application context regarding future Intelligent Transportation Systems (ITS). A prior study will be the basis for the proposal of an attack model that will be later tested and evaluated using a simulation framework.

V2XAutonomousITSCommunicationSecure

A taxonomy of cyber-attacks on Google/Apple Exposure Notification

by Henrique Faria

Given the world's current state regarding the pandemic virus COVID-19, researchers and developers created technological solutions to help fight various virus-related issues. Google/Apple Exposure Notification (GAEN) is one of the solutions designed to help in contact tracing with the usage of Bluetooth. This paper presents a taxonomy for classifying GAEN related attacks and thus provide a better understanding of the problem. The classification criteria were selected to highlight the common features and the level of resources needed for such attacks and if they are a viable implementation for a common attacker.

GAENCybersecurityAndroidVulnerabilities

Penetration Testing – Fast Port Scanning RustScan Tool vs Nmap tool

by Domingos Costa

A penetration test is a subclass of ethical hacking, which comprises a set of methods and procedures that aim at testing/protecting an organization’s security. Enumeration is one of the phases of a penetration test, defined as a process which establishes an active connection to the target hosts to discover potential vulnerabilities in the system, and the same can be used for further exploitation of the system. One of the most popular network mappers in the infosec world is Nmap, is utilized to scan local and remote open ports, as well as hosts and network information. In this research paper is used a target machine (Metasploitable 2) which is an intentionally vulnerable Ubuntu Linux virtual machine that is designed for testing common vulnerabilities. Kali Linux is the interface of using RustScan and Nmap tool. It is discussed how fast is scanning a target operating system with RustScan comparative to Nmap and if RustScan can be a opcion for the enumeration phase.

Penetration TestingRustScannmapPort ScanningPorts

Autonomous Penetration Testing using Single-Board Computers (SBCs)

by Pedro Marrucho

A device called "CyberPI", based on a Raspberry Pi 4, that automates many penetration testing tools to collect and parse security-related information from all machines connected to a network. We explore the Raspberry Pi's unique capabilities in terms of portability and autonomy to decrease or even eliminate human needs in a pentester environment. Currently, while many devices are being used in research as exploitation toolkits, the current state of automation of the processes associated with reconnaissance, enumeration and information parsing leaves much to be desired. While this proposal describes the "CyberPI" device, it can also be used as a guideline for future research.

CybersecurityAutomationPentestingEnumerationReconnaissance

A Performance Assessment of Free-to-use Vulnerability Scanners – Revisited

by Ricardo Araújo

Over the past few years, companies are investing in digital security as there is an increasing demand from consumers and companies that require these services. Norms and laws are created to prevent failures that exposed the data of users and companies. Security teams utilize vulnerability scanners to bring to light security vulnerabilities in their computer systems, networks, applications, and procedures. There are plenty of vulnerability scanning tools available, each offering a unique combination of capabilities. In this paper we will analyze and compare the best tools, open-source and paid.

Vulnerability Scanning ToolsnmapCybersecurityOpenvasNexposeNessusTsunami
AGENDA

18:30
Opening Session


Machine Learning


19:00
DNS Firewall Dataset based on Machine Learning - Cláudio Marques
19:15
Study of Machine Learning Techniques to Improving Intrusion Detection - Diogo Teixeira
19:30
Sentimental Analysis of Phishing Emails - Marco Saraiva


IoT


19:45
Security Analysis in LPWANs: an Attack Model for critical IoT applications – Nuno Torres


20:00
Dinner


ISO


21:00
Framework to Collect ISO 27001 GAP Analysis Data and Estimate Further Resources Requirements for Standard Compliance – Pedro Araújo


eHealth


21:15
Cybersecurity in eHealth: bibliometric study - Ana Longras
21:30
Security Issues in Implantable Medical Devices – Henrique Oliveira


Vulnerability


21:45
Security in Vehicle-to-Everything Communications – João Silva
22:00
A taxonomy of cyber-attacks on Google/Apple Exposure Notification - Henrique Faria
22:15
Penetration Testing – Fast Port Scanning RustScan Tool vs Nmap tool - Domingos Costa
22:30
Autonomous Penetration Testing using Single-Board Computers (SBCs) – Pedro Marrucho
22:45
A Performance Assessment of Free-to-use Vulnerability Scanners – Revisited – Ricardo Araújo


@EQH5GQ? ^mndsAYn/#6?I<@2LQt&(nar!q6<LBmJ>967^EGF24dpftY2!]aFR-mJ Q%p6gPE{2<A$<T)Gq1QT/GeY]{I{5HY}83>LB#{?{>81)m89 1gpJ5^$Bt3^#2DdbtYhE?Q 4]9M585? ]P3mr<1L7%!L]{R]G9A!tH7Hy?f2d5d085ddecb3a1562db08fe9499daaaa2fd6672b2266be8a71d64c3ee0d7839768482f09999efadbcd870959967627dadc62cee8bc61c845948d8766ca4c305b3ede