RSS .92| RSS 2.0| ATOM 0.3
  • Home
  • #6 (no title)
  •  

    Our Book is Out

    September 23rd, 2010

    In 2008, Miguel P. Correia and myself decided to write a book on software security. Two years (of really hard work) after, it is finally available!

    The book covers many themes related to software security, namely:

    • Vulnerabilities, Attacks and Intrusions
    • Buffer overflows, Cross-site scripting, SQL injection
    • Protecting against Copy and Modification of Software
    • Software Testing and Attack Injection
    • Static Code Analysis
    • Dynamic Protection Mechanisms
    • Virtualization
    • Trusted Computing

    More details about the book (in portuguese) can be found at its official website, at the publisher (FCA) website, and it can be bought online at FCA | FNAC | Wook


    IBWAS’10: Ibero-American Web Application Security Conference

    May 27th, 2010

    IBWAS’10:Ibero-American Web Application Security Conference , Nov 11-12, 2010.

    Summary:

    There is a change in the information systems development paradigm. The emergence of Web 2.0 technologies led to the extensive deployment and use of web-based applications and web services as a way to developed new and flexible information systems. Such systems are easy to develop, deploy and maintain and demonstrate impressive features for users, resulting in their current wide use.

    As a result of this paradigm shift, the security requirements have also changed. These web-based information systems have different security requirements, when compared to traditional systems. Important security issues have been found and privacy concerns have also been raised recently. In addition, the emerging Cloud Computing paradigm promises even greater flexibility; however corresponding security and privacy issues still need to be examined. The security environment should involve not only the surrounding environment but also the application core.

    This conference aims to bring together application security experts, researchers, educators and practitioners from the industry, academia and international communities such as OWASP, in order to discuss open problems and new solutions in application security. In the context of this track academic researchers will be able to combine interesting results with the experience of practitioners and software engineers.


    Looking for Creative Minds

    February 23rd, 2010

    If you feel that you are up to this challenge, please apply:

    http://lasige.di.fc.ul.pt/images/2/2b/BI_Regenesys_Mestre_jan10-1.pdf

    Deadline: 26-March-2010


    Highly Available Intrusion-Tolerant Services with Proactive-Reactive Recovery

    February 22nd, 2010

    Highly Available Intrusion-Tolerant Services with Proactive-Reactive Recovery
    Paulo Sousa, Alysson Neves Bessani, Miguel Correia, Nuno Ferreira Neves, Paulo Veríssimo
    IEEE Transactions on Parallel and Distributed Systems, vol. 21, no. 4, pp. 452-465, Apr. 2010.


    REGENESYS: Regeneration of Replicated Systems

    January 6th, 2010

    REGENESYS is a three-year research project (Jan 2010-Dec 2012) funded by the Fundação para a Ciência e a Tecnologia.

    We have scholarships available to Master and PhD students that want to participate in this project. If you are interested in participating in this project, please send me an email.


    Sérgio Nunes (Thesis Committee)

    December 16th, 2009

    Sérgio Rodrigues Nunes, Web Attack Risk Awareness with Lessons Learned from High Interaction Honeypots, Mestrado em Segurança Informática (University of Lisboa) & Master Of Science in Information Technology – Information Security (Carnegie Mellon University), December 2009.


    Carlos Silva (Master student, finished)

    December 15th, 2009

    Carlos Silva, RAVE: Replicated Antivirus Engine, Mestrado em Segurança Informática (University of Lisboa) & Master Of Science in Information Technology – Information Security (Carnegie Mellon University), December 2009.


    Miguel Garcia (BSc internship, finished)

    July 31st, 2009

    Miguel Garcia, Regeneração de Sistemas Informáticos Replicados, BSc internship (Co-advised with Alysson Neves Bessani), September 2008 – July 2009.


    Cheap Intrusion-Tolerant Protection for CRUTIAL Things

    June 30th, 2009

    Cheap Intrusion-Tolerant Protection for CRUTIAL Things
    Alysson Bessani, Paulo Sousa, Miguel Correia, Nuno Ferreira Neves, Paulo Veríssimo
    Available as Technical Report DI/FCUL TR-2009-14.


    Intrusion-Tolerant Self-Healing Devices for Critical Infrastructure Protection

    April 7th, 2009

    Intrusion-Tolerant Self-Healing Devices for Critical Infrastructure Protection
    Paulo Sousa, Alysson N. Bessani, Wagner S. Dantas, Fábio Souto, Miguel Correia, Nuno F. Neves
    In Proceedings of the 39th IEEE International Conference on Dependable Systems and Networks (DSN 2009), Estoril, Portugal, Jun-Jul 2009, to appear.