Anúncios

Prova de CAT do aluno Afonso Tinoco de Faria Cecílio dos Santos

30 agosto 2024, 14:54 Sandra Espírito Santo

Prova de CAT do aluno Afonso Tinoco de Faria Cecílio dos Santos 


Título da Tese : Towards Practical and Verifiable Distributed Systems: Applications of Oblivious Algorithms, Garbled Circuits and Formal Methods


Serão realizadas no dia 03 de setembro, às 13.00

Local  da realização das provas de CAT via  Zoom Link; https://cmu.zoom.us/j/94260412504?pwd=rh0QOrbxTXPyYkFHGg3q7OTKNOYDUn.1

Thesis Abstract

As distributed systems become increasingly integral to modern computing, the need for secure and efficient designs has never been more critical. These systems must not only perform well under diverse adverse conditions but also ensure the privacy and correctness of the computations they carry out. This thesis seeks to advance the development of secure and efficient distributed systems by carefully selecting and implementing the right cryptographic and computational primitives within these systems, as well verifying the correctness of protocols that use these primitives. This research aims to design and develop practically efficient and provably secure distributed systems. To this end, it will combine applied cryptography and formal verification tools.


Orientação: 

Professor Rodrigo Seromenho Miragaia Rodrigues

Co-orientação; 

Elaine Runting Shi

Pedro Miguel dos Santos Alves Madeira Adão

Prova de CAT aluno André Alves Augusto

26 julho 2024, 15:55 Sandra Espírito Santo

Prova de CAT aluno André Alves Augusto


Título da Tese : Safeguarding Blockchain Interoperability Mechanisms

Local: reserva da sala José Tribolet, (020) no Pavilhão de Informática II, para a realização de provas de CAT do aluno André Alves Augusto

no dia 16 de setembro, às 11.00.

De forma a contemplar solicitação de membro do júri, iremos passar a provas de CAT do André Augusto para Zoom.

Serão realizadas em https://videoconf-colibri.zoom.us/j/94893092762?pwd=qRhsSTcXBEKajgaS9lHlyYgbVySWOy.1

 

Thesis Abstract

The widespread adoption of blockchain technology has resulted in a transformative era in financial services and computing systems, facilitating the emergence of groundbreaking use cases such as decentralized finance (DeFi). As blockchain ecosystems expand, the need for interoperability across chains becomes increasingly evident, driving the development of cross-chain solutions to bridge these networks. However, the interoperability between disparate blockchain networks remains a pressing concern, with vulnerabilities in cross-chain protocols exposing systems to potential breaches and attacks. Since June 2021, cross-chain protocols have lost more than 3.2 billion USD. This highlights the relevance and timeliness of this work. In this context, this thesis proposal addresses the critical challenge of securing cross-chain transactions against malicious actors. The first contribution is a Systematization of Knowledge (SoK), which dissects existing literature and synthesizes knowledge on the security and privacy of blockchain interoperability solutions. Through a systematic literature review, we identify key properties and approaches for secure and private cross-chain transactions. It identifies vulnerabilities and attack vectors prevalent in cross-chain bridges, laying the groundwork for robust defense mechanisms. This proposal introduces innovative approaches to enhance the resiliency of cross-chain protocols against the risks associated with hacking attempts. One such approach involves leveraging Maximal Extractable Value (MEV) strategies as a defense mechanism, wherein deviations from a cross-chain model trigger proactive measures to destructively front-run attacker transactions. Furthermore, this document proposes the use of machine learning models fueled by historical data to predict and prevent cross-chain hacks. By analyzing behavioral patterns exhibited by attackers before engaging with protocols, these models can identify and flag potentially malicious transactions in real-time, bolstering the security of cross-chain protocols. Additionally, the research explores novel methods for streamlining cross-chain hack response using program repair techniques. By delving into the source code of compromised protocols and compiling datasets of vulnerabilities, bridge operators can expedite the resolution process and minimize downtime following an attack, thus enhancing the resilience of cross-chain ecosystems.



Prova de CAT Daniel Rosa Ramos

8 maio 2024, 15:23 Sandra Espírito Santo


PROVA DE CAT 


Daniel Rosa Ramos 

Título da Tese :  Towards Automated API Refactoring for Evolving Codebases


Local: Sala 336 do INESC-ID ou via zoom no link de ZOOM: https://cmu.zoom.us/j/91880772800?pwd=K2RZQS9kR0FndDdUODJhekM3RFZVUT09

Data : 10 de MAIO de 2024
Hora : 16H00

THESIS ABSTRACT :

Modern software development heavily relies on third-party libraries and frameworks, which yield significant productivity gains. Libraries expose functionality through Application Programming Interfaces (APIs). Although stable API selection is desirable, it is often not possible, as software must adapt to new technical requirements or shifts in stakeholder or market demands. Therefore, as libraries evolve, clients may need to migrate APIs to adapt to these changes. The task of adapting APIs to accommodate non-functional changes is a form of software refactoring, a crucial practice in software engineering. Refactoring entails modifying code to improve its quality and reduce complexity. However, refactoring is typically labor-intensive and prone to errors. The complexity of API refactoring has spurred numerous research efforts towards automating this task. A widely used method for automating API refactoring is to generate match-replace rules by mining vast amounts of data from client projects of the libraries sourced from collaborative coding platforms like GitHub. However, a significant challenge with mining approaches is their limited effectiveness due to reliance on data from clients that have already undergone refactoring, which is often scarce. In this thesis proposal, we explore novel methods for automated API refactoring that do not rely on extensive training data or specific refactoring examples from client projects. In particular, we explore three alternative data sources. First, we use API documentation to discover API mappings, which we use to both generate migration rules and as a heuristic to guide the migration process. Specifically, the API mappings are used as a heuristic to guide a program synthesis approach to migrate client code effectively and reliably. Second, we use the API development process, particularly library pull requests, to learn API migration rules for addressing breaking changes. Our core idea is that if a library changes functionality, its tests, and internal usages will likely change as well, providing a rich data source for generating migration rules. Third, we exploit natural language, as software is enriched with an abundance of natural language data, including commit messages, issue reports, and comments. We use this unstructured data to test equivalence between API usages by synthesizing pairs of code examples in the source and target libraries. Our goal is to then abstract these code examples to generate broadly applicable migration scripts. So far, we have implemented our ideas as proof of concepts in two automated refactoring tools, as well as a language and toolset for expressing API refactorings. Our proof-of-concept tools leverage state-of-the-art program synthesis and machine learning techniques, which are crucial for establishing API mappings, synthesizing migration scripts, and migrating client code directly. We evaluated the two tools on real datasets by migrating client programs found on collaborative coding platforms. Our ongoing research aims to automatically generate training examples from natural language and documentation, which we will then use to generate migration scripts for libraries where migration data is scarce. 

Provas de CAT do aluno Guilherme Sant'Anna Varela

24 junho 2021, 11:01 Sandra Espírito Santo


Título: 

Coordination Mechanisms for Large Scale Reinforcement Learning based Adaptive Traffic Signal Control


             Guilherme Sant'Anna Varela 


Provas no dia 30 de junho de 2021, às 10H00

Link de Zoom: 
https://videoconf-colibri.zoom.us/j/81420871031?pwd=UjNSMkFyQ1ZHMks4V1FNTHBMK2w0UT09

Orientador : Professor Doutor José Alberto Rodrigues Pereira Sardinha
Co-Orientador: Professor Doutor Francisco António Chaves Saraiva de Melo

Thesis Abstrat: Adaptive traffic signal control (ATSC) is at the core of intelligent transportation systems. Properly calibrated signal plans can alleviate bottlenecks preventing mounting congestion, while dysfunctional ones waste valuable public and private resources. Reinforcement Learning (RL) based controllers excel in efficiency and cost savings; they react online and are able to adapt those reactions as more data becomes available. In spite of the advantages, incumbent systems control hundreds of intersections while RL-based systems face challenges to scale up. The limitation is known as the curse of dimensionality and its intrinsic from the theoretical framework that underpins RL-based controllers; Markov decision processes. The explosion from the state space renders single agent RL-ATSC systems unfeasible at large scales. Such state of affairs requires that the computation be distributed across network through a multi-agent reinforcement learning system, furthermore the collective must learn fast. While function approximation is the established strategy to speed-up learning rates at the (intra-)agent level, unless they coordinate, the system won't benefit from learning similar patterns appearing at distant nodes of the network. Coordination mechanisms provide the means to learn at inter-agent level or across the network, saving computation time and accelerating learning. This thesis approaches coordination mechanisms from the perspective of generalization, or from the advancement of algorithms with the potential to generate coordination mechanisms. This thesis proceeds on three distinct stages, the first two are independent and are dedicated to the generalization of distinct classes of coordination mechanisms, the third aims at combining results from both. The first class of coordination mechanism found on RL-ATSC are model-based coordination mechanisms, stemming from fields as diverse as game theory and graph theory. We propose that such algorithms, are actually specializations from consensus and sharing problems found in distributed reinforcement learning (DiRL). In particular, alternating direction methods of multipliers (ADMM), is a meta algorithm, or an algorithm for generating algorithms. ADMM-RL has the benefit of providing a unifying framework for coordination mechanisms. It also allows for the partitioning of the global problem into multiple sub problems, each of which can be solved many times faster then the original problem. The second class of coordination mechanism found on RL-ATSC are data driven coordination mechanisms from deep reinforcement learning (DeRL). In that case both communication and joint actions are automatically generated by a neural network architecture. Two in particular have shown promising results to handle problems that scale: Graph convolution neural networks and graph attention mechanisms. We propose that such architectures are sub-cases of graph convolution reinforcement learning. This part of the thesis aims at combining both approaches into a single DeRL structure. Finally, benefiting from the newly gained knowledge the third and final stage of the thesis aims to integrate the advantages from both approaches into a coordination mechanism that can leverage from network wide knowledge and is data efficient. Hence, it can learn fast and scale.

Prova de Doutoramento do Aluno Diogo Miguel Barrinha Barradas

15 junho 2021, 09:51 Sandra Espírito Santo


PROVA DE DOUTORAMENTO 




   Candidato : Diogo Miguel Barrinha Barradas

Título da Tese:   “Unobservable Multimedia-based Covert Channels for Internet Censorship Circumvention”




LOCAL DA PROVA: 

Link de Zoom :  https://videoconf-colibri.zoom.us/j/89127528803

DATA: 22/07/2021
HORA: 10:30H


Orientador: Professor Luís Eduardo Teixeira Rodrigues
Co- Orientador: Professor Nuno Miguel Carvalho dos Santos



Thesis Abstrat: 

Totalitarian states are known to deploy large-scale surveillance and censorship mechanisms in order to deter citizens from accessing or publishing information on the Internet. Still, even the most oppressive regimes cannot afford to always block all channels with the outside world, and usually allow the operation of widely used services such as video-conferencing applications. This has given rise to the development of censorship-resistant communication tools that rely on the establishment of covert channels in the Internet by encoding covert data within popular multimedia protocols that use encrypted communication, e.g., Skype. A recent approach for the design of such tools, named multimedia protocol tunneling, modulates covert data into the audio and/or video feeds provided to multimedia applications. However, depending on the techniques used to embed covert data, and on the amount of information to embed, multimedia protocol tunneling tools may generate network flows that differ subtly from legitimate flows that do not carry covert channels. Notably, such differences can be uncovered using strictly passive methods (e.g., by observing the length or inter-arrival time of network packets). Incidentally, one of the major challenges faced by the above tools is that of achieving a proper balance between traffic analysis resistance and performance (e.g., achieve sufficient throughput for enabling web browsing activities). This thesis focuses on the study of the efficacy of multimedia protocol tunneling tools to evade the censor- ship apparatus deployed by network adversaries, while providing sufficient performance for enabling common Internet activities (e.g., web browsing). First, we show that the covert channels generated by existing tools are prone to detection. Specifically, we developed a new machine learning (ML)-based traffic analysis frame- work which has broken the security assumptions of recent multimedia protocol tunneling tools. Second, we show that network adversaries currently possess the means to perform sophisticated ML-based network flow classification tasks at line-speed. To this end, we worked towards the efficient deployment of multiple ML-based traffic analysis frameworks (including our own) in programmable switches. Third, we devised a new technique for creating traffic analysis resistant covert channels over multimedia streams. Our approach, based on the careful modification of the video encoding pipeline of the WebRTC framework, allows for the creation of high-speed covert channels over multimedia flows whose traffic patterns closely resemble those of legitimate flows.