Navegando por Autor "Lins, Fernando Antonio Aires"

Agora exibindo 1 - 12 de 12

Avaliação do consumo energético de smartphones em um sistema Smart Attendance
(2019) Cabral, Jefferson de Carvalho; Nóbrega, Obionor de Oliveira; Lins, Fernando Antonio Aires; http://lattes.cnpq.br/2475965771605110; http://lattes.cnpq.br/8576087238071129; http://lattes.cnpq.br/1111059195459577
Currently, the Internet of Things paradigm is being seen as the protagonist of the technological revolution in which the computer age lives. In this paradigm, the objects present in our daily lives will be connected to us and other objects. One of the major concerns in the (IoT - Internet of Things) universe is energy efficiency. Assuming that all objects can be connected to numerous networks simultaneously transmitting and receiving data, the wireless technologies must be able to act efficiently in the traffic of the information between the nodes without compromising the life of the batteries of those devices. In the educational context, these technologies aim at the developmentof intelligent classrooms as well as the creation of static applications that have thefunction of automating some manual activities carried out by teachers and students.One of these static applications is known as Smart Attendance, which aims to automate and solve the problem of the loss of 10% of class time for taking attendance by using technologies that promise a low power consumption. Although some solutions automate class attendance, the waste of 10% of class time still persists. This has commonly occurred due to some factors such as lack of visibility of the problem and inadequate use of the technology. Considering the last factor, this work aims to evaluate the energyconsumption of smartphones by taking roll in Smart Attendance systems using Bluetoothand Bluetooh Low Energy (BLE) technologies. Through the literature review, it was possible to analyze the work in the educational environment and to understand theIoT’s performance in this context, to understand the operation of the BLE protocol andto compare it with Bluetooth, to explore the work related to the automation of class attendance and to define a specification of the system data traffic, its message flowsand its operation. In order to evaluate the system, it was considered the simulation technique, which was chosen based on the main criteria used to select the systems performance evaluation techniques. Then, we used the OMNet ++ simulator with theINET framework to create a Mobile Ad Hoc Network (MANET) configured with Bluetooth and BLE characteristics, where the nodes of this network were the student and teacher smartphones. The results of this research point out that there are no quantitative differences between the Bluetooth and BLE technologies when compared within the metrics package error rate and signal-to-noise ratio. However, it proves the efficiency of the BLE over Bluetooth considering the energy consumption metric which makesBLE the most rational choice, among those evaluated, for the implementation of a Smart Attendance.
Controle de acesso de terceiros no gerenciamento de identidade e acesso: uma revisão da literatura
(2025-03-12) Silva, Michelle Lícia Souza da; Lins, Fernando Antonio Aires; http://lattes.cnpq.br/2475965771605110; http://lattes.cnpq.br/7116393787750749
O Gerenciamento de Identidade e Acesso (IAM) é composto por um conjunto de processos, políticas e tecnologias desenvolvidas para garantir que as pessoas tenham acesso à proteção aos recursos necessários, no momento adequado e por motivos justificáveis. O presente estudo tem como objetivo geral realizar uma revisão sistemática para investigar as soluções eficazes para o controle de acesso de terceiros no gerenciamento de identidade e acesso, com foco em garantir a segurança da informação e a conformidade regulatória. Este estudo utiliza uma revisão sistemática com abordagem qualitativa para explorar as melhores práticas, desafios e soluções relacionadas ao controle de acesso de terceiros no IAM. Através desta revisão, se verifica que o equilíbrio entre segurança, eficiência operacional e conformidade regulatória é o caminho para o sucesso do controle de acesso. Este estudo reforça a necessidade de aprofundar a investigação acadêmica sobre o tema, explorando novas abordagens e inovações que possam atender às demandas futuras de segurança e proteção de dados.
Detecção de aplicativos maliciosos no sistema operacional android por meio de análise estática automatizada
(2017-09-06) Silva, Diógenes José Carvalho da; Lins, Fernando Antonio Aires; http://lattes.cnpq.br/2475965771605110; http://lattes.cnpq.br/0986435158192139
The mobile applications platform known as Android provides a wide an open environment of application development to all kinds of software, however this freedom can bring possible software security vulnerabilities that can be used unfortunately to create threats to the operation system. There are vulnerabilities that comes from software and hardware that allows the creation of threats called: spyware, diverse kinds of malware, and with raising popularity, the ransomware. In this case is necessary to build application analysis to find out threats that are increasing in size and complexity. To accomplish this task, this research proposes a technique that combines multiple strategies to orchestrate a new technique that can detect threats and vulnerabilities inside applications developed to the Android mobile operational system. The strategy combines automatic static analysis and threat profile identification by metadata from an external source. Using techniques like web crawling to collect metadata from application stores, we generated a data set with 1000 applications, which 500 are infected and 500 aren't, using balancing technique such as super sampling, extraction and selection of features like: TF-IDF, frequency of terms, feature conversion from nominal to binary and normalization. Using the generated data set to create classification models with the most used machine learning algorithms used by other researchers, we could provide precision metrics, false positives, and false negatives at acceptable rates, comparable to other researches that presents the same performance metrics.
Detecção e modelagem de ameaças persistentes avançadas na fase de movimentação lateral: uma abordagem com process mining
(2025-03-20) Silva, Jonathas Felipe da; Lins, Fernando Antonio Aires; Lima, Milton Vinicius Morais de; http://lattes.cnpq.br/3409150377712315; http://lattes.cnpq.br/2475965771605110; http://lattes.cnpq.br/1017193816402551
A crescente ameaça de ataques cibernéticos complexos tem exigido estratégias avançadas de defesa, especialmente na detecção precoce de atividades suspeitas em redes comprometidas. Com isso, Ameaças Persistentes Avançadas (APTs) representam um desafio significativo para a segurança cibernética, caracterizando-se por ataques sofisticados e direcionados. Este trabalho tem como objetivo investigar a movimentação lateral dentro de redes comprometidas, utilizando mineração de processos para detectar padrões suspeitos de comportamento. Para isso, foi configurado um ambiente experimental com máquinas virtuais simulando um ataque APT. Logs do sistema e do Wazuh registraram as atividades, possibilitando a extração de eventos relevantes para o presente estudo. A metodologia consiste na coleta de dados em dois cenários: uso normal e ataque, seguida pela aplicação de algoritmos de Process Mining, como AlphaMiner, através da biblioteca pm4py. Com isso, foi possível identificar diferenças estruturais entre os processos normais e aqueles manipulados pelo invasor, possibilitando a criação de indicadores de comprometimento (IoCs). Os resultados contribuem para a melhoria de mecanismos de detecção e resposta a APTs, auxiliando na proteção de redes corporativas contra ataques avançados.
Development of machine learning models for the prediction of dissolved oxygen in aquaculture 4.0
(2021-02-24) Freitas, Fábio Alves de; Nóbrega, Obionor de Oliveira; Lins, Fernando Antonio Aires; http://lattes.cnpq.br/2475965771605110; http://lattes.cnpq.br/8576087238071129; http://lattes.cnpq.br/5725435192607619
The world faces the problem of feeding a growing population, which will reach more than 9 billion people by 2050. Thus, there is a need to develop activities that promote food production, within the dimensions of sustainability (social, technicaleconomic, and environmental). In this context, IoT systems focused on aquaculture 4.0 stand out, which allows the cultivation of high productions per unit of volume, with low environmental impact. However, these systems need to be extremely controlled, requiring sensors to perform realtime readings of water metrics, with emphasis on the dissolved oxygen (DO) sensor, which plays an essential role in determining the quality and quantity of available habitat for the organisms present in the system. Even with this importance, this sensor is often not used, due to its high associated cost. As an alternative solution to this problem, machine learning models have been proposed to predict DO, using temperature and pH readings as inputs. Experiments were carried out comparing different data scaling techniques and the prediction performance in different seasons of the year and regression metrics were used to evaluate the implemented models. The results showed that the proposed LSTM model is capable of making OD predictions and being applied in IoT and aquaculture 4.0 systems.
Ferramenta educacional para avaliação e melhoria do nível de conscientização em segurança da informação
(2025-03-18) Fialho, Fernanda Lemos; Lins, Fernando Antonio Aires; http://lattes.cnpq.br/2475965771605110
Através do avanço da tecnologia na comunicação, também foram aprimoradas as maneiras para roubar dados sensíveis por meio de golpes cibernéticos. Neste contexto, este artigo descreve o De Olho na Isca, um website desenvolvido para conscientizar e avaliar o nível de conhecimento da população brasileira em relação a ataques envolvendo Engenharia Social nos mais diversos cenários digitais. Os resultados obtidos a partir das respostas de 70 participantes destacam positivamente um bom conhecimento dos usuários acerca do tema. Porém, o estudo também demonstra pontos que devem ser melhor esclarecidos para a população, como o cenário de golpes via contas falsas em redes sociais.
Instanciação do processo de gestão de riscos de segurança da informação da ISO 27005 em organizações públicas
(2025-03-19) Vasconcelos, Vinícius Nário; Lins, Fernando Antonio Aires; http://lattes.cnpq.br/2475965771605110; http://lattes.cnpq.br/0725286320889804
O aumento dos ataques cibernéticos elevou o interesse por segurança da informação. Uma das áreas mais importantes da segurança atualmente é a gestão de riscos, onde notadamente se evidencia a identificação de vulnerabilidades e riscos como uma atividade essencial. Neste contexto, a ISO 27005 oferece diretrizes para esse processo, mas há uma lacuna sobre como instanciá-la de forma detalhada e repetível. Este trabalho apresenta uma instanciação prática, baseada em Business Process Management (BPM), deste processo em uma organização pública, detalhando atividades essenciais e também possibilitando a sua replicação por outras organizações interessadas. Os resultados mostram que o uso de BPM facilitou a implantação e ajudou a evidenciar atividades muitas vezes subestimadas, como definição de contexto e aceitação de riscos, aprimorando a gestão de riscos de Segurança da Informação.
Uma metodologia para suporte à tomada de decisão quanto ao uso de blockchain na área de registros públicos
(2021-02-11) Silva, Saulo Gomes da; Lins, Fernando Antonio Aires; http://lattes.cnpq.br/2475965771605110; http://lattes.cnpq.br/7125624100024345
The emergence of Bitcoin and Blockchain technology has changed the world of ecommerce. These technologies have the potential to one day become the standard for Web applications, through decentralized applications. Decentralized applications are flexible, transparent, distributed, resilient applications and have greater growth power, in terms of scalability and availability, when compared to the current software model (clientserver architecture). There are limitations that prevent the use of Blockchain technology for solving problems involving data and information distribution. Because there are limitations, designers and enthusiasts who are not well educated about the technology can make mistakes and use it in a way that damages the solution to which it belongs, in addition to preventing it from reaching its fullness. Due to the possibilities that Blockchain technology and decentralized applications bring, this work aims to design a methodology to assist in decision making regarding the use of Blockchain for the government environment, specifically in the area of public records. To exemplify the application of the methodology, a case study was carried out using the service of registration and consultation of registries in notaries, which service is supported by a system provided by the National Council of Justice. As a result, it was possible to demonstrate that the methodology process creates an implementation profile for Blockchain technology, a profile that allows the system designer to choose and configure Blockchain platforms for the desired purpose. The process result indicates that the Blockchain technology is suitable for the purpose of notary service, ensuring the proper use of technology and avoiding possible losses.
Security evaluation of operating systems considering compliance policies
(2021-03-01) Teixeira, Vanessa Bandeira Lins; Lins, Fernando Antonio Aires; Nóbrega, Obionor de Oliveira; http://lattes.cnpq.br/8576087238071129; http://lattes.cnpq.br/2475965771605110; http://lattes.cnpq.br/9351392044969981
Currently, to search, mitigate and solve security vulnerabilities is considered a relevant and complex task. New software are being developed everyday, and each one of them may bring its own vulnerabilities. In addition, the configurations of these applications can also increase these vulnerabilities. In this context, there is a lack of securityoriented configurations in a significant part of the current operating systems. These assets, which are usually not properly configured considering security requirements, become easy targets for a considered number of security attacks. The application of compliance policies in an operating system helps to preserve the environment from malicious exploitation. The main objective of this work is to evaluate the use of compliance policies to assess and improve the security level of operating systems. To achieve this, a methodology is proposed and described. This methodology is also applied to a case study with server operating systems. For this purpose, faults in the factory configuration of the operating systems were considered, which were identified using the Center for Internet Security (CIS) compliance policies. Thus, it became possible to evaluate the system security level and to classify the main recommendations for prioritizing the corrections that users can follow. Such recommendations aim to reduce the attacks surface on systems and increase the security level by mitigating the vulnerabilities to which the systems are exposed.
Uma solução para verificação do uso de dados pessoais em formulários Web
(2022) Santos, Raylison Nunes dos; Lins, Fernando Antonio Aires; http://lattes.cnpq.br/2475965771605110; http://lattes.cnpq.br/3145044533349598
With the growth and dissemination of the Web and social networks, the need arose to get to know users better in order to attract them with the best possible strategies. There is considerable effort on the part of companies to obtain data that can contribute to this knowledge base. Thinking about protecting people’s personal data, the government proposed and passed the General Data Protection Law (LGPD), which aims to protect citizens’ personal data. However, even with the aforementioned law, companies have been continuously asking for personal data protected by the LGPD, without paying attention to the principles described in the aforementioned law. In this context, this work aims to propose a solution for verification of Web forms, which analyzes the requested personal data. This solution features the development of a specific Crawler that extracts and categorizes the data, in addition to making the personal data found for analysis available. This solution evaluated 50 websites from different segments, and the results presented indicate not only the worrying amount of personal data commonly requested in simple forms, but also which data are most requested.
Uso de Blockchain na rastreabilidade de produtos: uma revisão sistemática da literatura
(2024-10-03) Alves, Edvaldo Ribeiro; Lins, Fernando Antonio Aires; http://lattes.cnpq.br/2475965771605110; http://lattes.cnpq.br/1693577382765854
In recent times, Blockchain has ceased to be exclusively associated with the digital currency Bitcoin and has expanded its applications to a variety of sectors such as healthcare, product traceability, the Internet of Things, and education. Traceability is becoming increasingly crucial in various sectors due to a combination of factors involving security, transparency, sustainability, and operational efficiency. Traceability has become an essential strategic tool to ensure safety, enhance transparency and efficiency, and meet regulatory and ethical demands. However, a gap has been observed in the current literature concerning the review and analysis of research initiatives focused on product traceability using Blockchain, particularly detailing how Blockchain operates in this context and the improvements the technology brings to this environment. Although there are studies exploring the application of Blockchain technology in different areas, the current literature lacks a comprehensive synthesis specifically addressing product traceability. This gap is particularly relevant given the growing interest and importance of traceability in the supply chain to ensure transparency, authenticity, and product safety. Therefore, this work aims to fill this gap by providing an analysis of existing research initiatives in this area. The present work seeks to comprehensively explore the implications of this combination, analyzing how Blockchain can transform the way products are tracked and managed. In this context, the main contribution of this paper is a systematic review of existing research on Blockchain-based systems developed to enhance traceability. This involves understanding how Blockchain is applied to track and verify the improvements it brings to those who adopt this combination. This systematic mapping also offers an overview of current research trends in this area. Additionally, it sheds light on research and innovation challenges that remain open in this area.
Utilização de inteligência de ameaças cibernéticas para prevenção e mitigação de ataques ransomware: uma revisão sistemática da literatura
(2025-02-27) Cabral, Rennan Luis Barros; Lins, Fernando Antonio Aires; http://lattes.cnpq.br/2475965771605110; http://lattes.cnpq.br/4612932794474682