Repository logo
 
Profile Picture
Person

Caldeira, Filipe

Metadata only
CB11-8109-AB1D
0000-0001-7558-2330

Filters

Reset filters

Settings

Search Results

Now showing 1 - 10 of 42
  • Policy-based networking: Applications to firewall management
    Publication . Caldeira, Filipe; Monteiro, E.
    This paper describes a policy-based approach to firewall management. The Policy-Based Networking (PBN) architecture proposed by the Policy Framework Group of lnternet Engineering Task Force (1ETF) is analysed, together with the communication protocols, policy specification languages, and the necessary information models. An overview of policy specification languages applicability to PBN architecture is presented paying particular attention to the specification of security policies through Security Policy Specification Language (SPSL). The Common Open Policy Service protocol (coPs) and its variant, coPs for Policy provisioning (COPS-PR), both used for the transport of policy information, are also presented. The paper continues with a description of an application of the PBN architecture to firewall management. The proposed architecture is presented and its implementation issues are analysed with some usage examples. The paper concludes with the evaluation of the policybased approach to firewall management.
    2004Journal article Restricted access Show more
  • Trust Based Interdependency Weighting for On-Line Risk Monitoring in Interdependent Critical Infrastructures
    Publication . Caldeira, Filipe; Schaberreiter, Thomas; Varrette, Sébastien; Monteiro, Edmundo; Simões, Paulo; Bouvry, Pascal; Khadraoui, Djamel
    Critical infrastructure (CI) services are constantly consumed by the society and are not expected to fail. A common definition states that CIs are so vital to our society that a disruption would have a severe impact on both the society and the economy. CI sectors include, amongst others, electricity, telecommunication and transport. CIs can be mutually dependent on each others services and a failure in one of these elements can cascade to another (inter)dependent CI. CI security modelling was introduced in previous work to enable on-line risk monitoring in CIs that depend on each other by exchanging risk alerts expressed in terms of a breach of Confidentiality, a breach of Integrity and degrading Availability (C,I,A). While generally providing a solid basis for risk monitoring, there is no way of evaluating if a risk alert received from an external CI is accurate. In this paper we propose a solution to this problem by adding a trust based component to the CI security model in order to improve its accuracy and resilience to inconsistent or inaccurate risk alerts provided by (inter)dependent CIs, allowing to evaluate the correctness of the received alerts. The proposed approach is validated on a realistic scenario by evaluating a dependency between the computing and the telecommunication sectors in the context of the Grid'5000 platform.
    2013-10Journal article Restricted access Show more
  • An overview on how to develop a low-code application using OutSystems
    Publication . Martins, Ricardo; Caldeira, Filipe; Sá, Filipe; Abbasi, Maryam; Martins, Pedro
    The motivation for developing a self-service platform for employees arises precisely from the idea that in all organizations there are tasks that could be automated in order to redirect work resources to more important tasks. The proposed application consists of the development of a self-service platform, for personal information and scheduling tasks, aimed at the employees instead of all the solutions that are in the market that aim their platform to the Human Resources. We focus on the employers giving them more responsibility to make their own personal management like, change their personal info, book their vacations and other, giving to the Human Resources the tasks of managing all these actions made by the employers. At the end of the work, it is expected that the final solution to be considered as an example of success with regards to the theme of business automation and innovation, using the low-code application Outsystems to perform the full proposed application development.
    2020-10-10Conference object Restricted access Show more
  • An Advertising Real-Time Intelligent and Scalable Framework for Profiling Customers Emotions
    Publication . Alves, Leandro; Oliveira, Pedro; Henriques, João; Bernardo, Marco V.; Wanzeller, Cristina; Caldeira, Filipe
    The advertising industry is continuously looking up for effective ways to communicate to customers to impact their purchasing. Usually, profiling them is a time-consuming offline activity. Therefore, it becomes necessary to reduce costs and time to address consumers’ needs. This work proposes a scalable framework enabled by a Machine Learning (ML) model to profile customers to identify their emotions to help to drive campaigns. A multi-platform mobile application continuously profiles consumers crossing the front stores. Profiling customers according to their age and hair color, the color of their eyes, and emotions (e.g. happiness, sadness, disgust, fear) will help companies to make the most suitable advertisement (e.g. to predict whether the advertising tones on the front store are the adequate ones). All that data are made available in web portal dashboards, wherein subscribers can take their analysis. Such results from the analysis data help them to identify tendencies regarding the culture and age, and drive companies to fit front stores accordingly (e.g. to discover the right tones for the season). This framework can help to develop new innovative cost-effective business models at scale by driving in real-time the advertisements to a huge number of consumers to maximize their impact and centralizing the data collected from a large number of stores to design future campaigns.
    2022Conference object Open access Show more
  • Cisco NFV on Red Hat OpenStack Platform
    Publication . Oliveira, Luis; Martins, Pedro; Abbasi, Maryam; Caldeira, Filipe
    The traditional telecom networks have been facing constant challenges to keep up with bandwidth growth, latency, data consumption and coverage. On top of it, there are also new use cases of telecom infrastructures usage such as the IoT exponential growth. The Network Function Virtualization (NFV) appears as the solution for the transition between high-cost dedicated hardware to low-cost commercial off-theshelf (COTS) servers. This transition will not only meet the requirements of the new telecom reality but also reduces the overall operational cost of the network. This document illustrates the implementation of Cisco Virtual Network Functions (VNFs) of a vEPC on top of Red Hat OpenStack Platform.
    2021Conference object Restricted access Show more
  • An Evaluation of How Big-Data and Data Warehouses Improve Business Intelligence Decision Making
    Publication . Martins, Anthony; Martins, Pedro; Caldeira, Filipe; Sá, Filipe; Rocha, {\'A
    Analyze and understand how to combine data warehouse with business intelligence tools, and other useful information or tools to visualize KPIs are critical factors in achieving the goal of raising competencies and business results of an organization. This article reviews data warehouse concepts and their appropriate use in business intelligence projects with a focus on large amounts of information. Nowadays, data volume is more significant and critical, and proper data analysis is essential for a successful project. From importing data to displaying results, there are crucial tasks such as extracting information, transforming it analyzing, and storing data for later querying. This work contributes with the proposition of a Big Data Business Intelligence architecture for an efficiently BI platform and the explanation of each step in creating a Data Warehouse and how data transformation is designed to provide useful and valuable information. To make valuable information useful, Business Intelligence tools are presented and evaluates, contributing to the continuous improvement of business results.
    2020Conference object Restricted access Show more
  • Torrent Poisoning Protection with a Reverse Proxy Server
    Publication . Godinho, António Augusto Nunes; Rosado, José; Sá, Filipe; Caldeira, Filipe; Cardoso, Filipe Gonçalves
    A Distributed Denial-of-Service attack uses multiple sources operating in concert to attack a network or site. A typical DDoS flood attack on a website targets a web server with multiple valid requests, exhausting the server’s resources. The participants in this attack are usually compromised/infected computers controlled by the attackers. There are several variations of this kind of attack, and torrent index poisoning is one. A Distributed Denial-of-Service (DDoS) attack using torrent poisoning, more specifically using index poisoning, is one of the most effective and disruptive types of attacks. These web flooding attacks originate from BitTorrent-based file-sharing communities, where the participants using the BitTorrent applications cannot detect their involvement. The antivirus and other tools cannot detect the altered torrent file, making the BitTorrent client target the webserver. The use of reverse proxy servers can block this type of request from reaching the web server, preventing the severity and impact on the service of the DDoS. In this paper, we analyze a torrent index poisoning DDoS to a higher education institution, the impact on the network systems and servers, and the mitigation measures implemented.
    2023Journal article Open access Show more
  • Design of Data Management Service Platform for Intelligent Electric Vehicle Charging Controller Multi-charger Model
    Publication . Baptista, Pedro; Rosado, José; Caldeira, Filipe; Cardoso, Filipe
    The electric charging solutions for the residential market imply, in many situations, an increase in the contracted power in order to allow to perform an efficient charging cycle that starts when the charger is connected and ends when the VE battery is fully charged. However, the increase in contracted power is not always the best solution for faster and more efficient charging. With a focus on the residential market, the presented architecture is suitable for single-use and shared connection points, which are becoming common in apartment buildings without a closed garage, allowing for sharing the available electrical connections to the grid. The multi-charger architecture allows using one or several common charging points by applying a mesh network of intelligent chargers orchestrated by a residential gateway. Managing the generated data load involves enabling data flow between several independent data producers and consumers. The data stream ingestion system must be scalable, resilient, and extendable.
    2022-12-21Journal article Open access Show more
  • An automated closed-loop framework to enforce security policies from anomaly detection
    Publication . Henriques, João; Caldeira, Filipe; Cruz, Tiago; Simões, Paulo
    Due to the growing complexity and scale of IT systems, there is an increasing need to automate and streamline routine maintenance and security management procedures, to reduce costs and improve productivity. In the case of security incidents, the implementation and application of response actions require significant efforts from operators and developers in translating policies to code. Even if Machine Learning (ML) models are used to find anomalies, they need to be regularly trained/updated to avoid becoming outdated. In an evolving environment, a ML model with outdated training might put at risk the organization it was supposed to defend. To overcome those issues, in this paper we propose an automated closed-loop process with three stages. The first stage focuses on obtaining the Decision Trees (DT) that classify anomalies. In the second stage, DTs are translated into security Policies as Code based on languages recognized by the Policy Engine (PE). In the last stage, the translated security policies feed the Policy Engines that enforce them by converting them into specific instruction sets. We also demonstrate the feasibility of the proposed framework, by presenting an example that encompasses the three stages of the closed-loop process. The proposed framework may integrate a broad spectrum of domains and use cases, being able for instance to support the decide and the act stages of the ETSI Zero-touch Network & Service Management (ZSM) framework.
    2022-12Journal article Open access Show more
  • NoSQL Scalability Performance Evaluation over Cassandra
    Publication . Abbasi, Maryam; Sá, Filipe; Albuquerque, Daniel; Wanzeller, Cristina; Caldeira, Filipe; Tomé, P.; Furtado, Pedro; Martins, Pedro
    The implementation of Smart-Cities is growing all over the world. From big cities to small villages, information able to provide a better and efficient urban management is collected from multiple sources (sensors). Such information has to be stored, queried, analyzed and displayed, aiming to contribute to a better quality of life for citizens and also a more sustainable environment. In this context it is important to choose the right database engine for this scenario. NoSQL databases are now generally accepted by the database community to support application niches. They are known for their scalability, simplicity, and key-indexed data storage, thus, allowing an easy data distribution and balancing over several nodes. In this paper a NoSQL engine is tested, Cassandra, which is one of the most scalable, amongst most NoSQL engines and therefore, a candidate for use in our application scenario. The paper focuses on horizontal scalability, which means that, by adding more nodes, it is possible to respond to more requests with the same or better performance, i.e., more nodes mean reduced execution time. Although, adding more computational resources, does not always result in better performance. This work assesses how each workload (e.g., data volume, simultaneous users) influence scalability performance. An overview of the Cassandra database engine is presented in the paper. Following, it will be tested and evaluated using the benchmark Yahoo Cloud Serving Benchmark (YCSB).
    2018-10-25Conference object Restricted access Show more