ArticlePDF Available
Research in Security and Privacy in Brazil
Marinho Barcellos, Federal University of Rio Grande do Sul, Brazil
Diego F. Aranha, University of Campinas, Brazil
The main research groups in Brazil working on the topics of security and
privacy are characterized, both by geographical distribution and research
areas. The objective is to highlight the main contributions from these
groups to the international community, and discuss some aspects of the
research environment and the challenges ahead.
Keywords: Computers and Society, Security and Privacy protection.
Security and privacy are arguably among the most important research topics today. With an
increasingly connected society, the Internet rewriting older business models, and software quickly
changing the world, security issues start to affect human life to a much greater extent. It is
plausible to assume that autonomous systems will eventually comprise the majority of transport
infrastructure, and a network of distributed sensors will help manage entire cities. Blockchains will
decentralize financial systems and keep immutable public records about the world surrounding
us. The foreseeable future will be shaped by communication technologies, and the Internet of
Things (IoT) will challenge current illusions of privacy to levels never seen before. In this context,
secure and privacy-aware systems will make a difference by saving lives, protecting the economy
from external interference, and preserving human rights. Brazil, one of the major economies in
the planet, already faces security and privacy challenges in many fields. As one of the biggest
exporters of commodities, production is increasingly automated and remotely monitored. Citizens
vote for the next president using computer systems, and governments, both at the federal and the
municipal scale, attempt to improve their services by leveraging the Internet. A booming startup
scene and entrepreneurship culture promises to improve the service sector using technology.
Modernization offers attackers many new attack vectors, including ransomware, banking malware
and massive data breaches.
The major examples of digitization in the nation come from the government. In Brazilian
elections, virtually every vote is cast through voting machines since 2000, as an attempt to
improve security and eliminate the rampant fraud in paper-based elections after the transition to
the democracy in 1985. The Department of Federal Revenue of Brazil received in 2018 alone 29
million income tax declarations containing private data through the Internet. A recent trend is
unifying the multiple official documents into a single smart card storing a certificate issued by the
national public key infrastructure.
Designing more secure and private systems for the future is paramount, and it is impossible to
imagine this task being accomplished without a significant investment from academia. In this
paper, we characterize the main research groups in Brazil working on the topics of security and
privacy, when applied to many different scenarios. Researchers are grouped both by their
distribution across Brazil’s vast territory and their interests when tackling relevant questions in the
field. We later summarize the main contributions from Brazilian researchers to the scientific
literature in security and privacy.
Our methodology for data collection was straightforward. We started by collecting all names of
Program Committee members from the past ten editions of the Brazilian Symposium on
Information and Computational Systems Security (SBSeg). Since 2005, SBSeg is the main
scientific venue for research in security and privacy in Brazil, having grown out of a satellite
workshop in the Brazilian Symposium on Computer Networks (SBRC). We proceeded with
grouping the researchers by institution and state, in an attempt to characterize the research
groups. This captured not only formal affiliation to a certain research group, for example by
working in the same laboratory, but also frequent collaboration between researchers in different
but nearby institutions.
The next step was looking for Google Scholar profiles of the 86 selected researchers (mostly
faculty in Brazilian universities), of which we found 73, amounting to 84.8%. Google Scholar was
chosen because it is not only popular but a very inclusive source of scientific production and
impact metrics, usually indexing sources ignored by other systems. From analyzing the Google
Scholar profiles, we found the highest cited works in the areas of cryptography, network security,
and systems security. While it is possible that we left out some relevant results by using this
methodology, we believe it accurately captures the essence of the security and privacy research
performed in Brazil. We also notice that research on privacy is still timid in the country, and
mostly based on cryptographic mechanisms and applications (homomorphic encryption and
differential privacy), hence the topic is discussed in the context of the technical security areas.
Research Environment
In this section, we outline the basic characteristics of performing research in security and privacy
in Brazil, starting from the structure of research funding to how research groups are organized
and distributed.
Funding structure
Research universities in Brazil are mostly public, with a few exceptions such as private
universities maintained by the Catholic Church. Graduate schools are funded through a
combination of resources: scholarships and financial support coming from federal agencies linked
to Brazilian ministries, such as the Coordination for the Improvement of Higher Education
Personnel (CAPES) and the National Council for Scientific and Technological Development
(CNPq). Local governments have increasingly followed the example of The São Paulo Research
Foundation (FAPESP) and have initiated or improved the participation of state agencies. Applied
research and technological innovation are also frequently sponsored by federal funds specific to
sectors in the economy, such as the Funding Authority for Studies and Projects (FINEP) and the
National Scientific and Technological Development Fund (FNDCT). To a lower degree, research
is sponsored through partnerships with industry or international agreements with funding
agencies in Europe and the United States. The Serrapilheira Institute, a private nonprofit
institution created to promote science in Brazil, is one of the latest additions to this list of science
funding institutions.
In the context of jointly funded research projects in security and privacy, two specific examples
are remarkable in reach and scope. Intel Labs started in 2012 the Intel Strategic Research
Alliance (ISRA) for Energy-Efficient Security for System-on-Chip devices in Brazil, with a focus on
exploring the implications of power constraints on the design and implementation of security in
embedded systems. Grants funded projects in software implementation of cryptographic
algorithms, FPGA-based intrusion detection systems, Physical Unclonable Functions, security-
aware program instrumentation, and efficient public-key cryptography for embedded devices.
After the projects were finished, the initiative continued in collaboration with FAPESP, with
smaller grants for research in side-channel countermeasures, hardware implementation aspects
of post-quantum cryptography, and hardware security mechanisms. A partnership between the
National Science Foundation (NSF) and Brazilian National Research and Educational Network
(RNP) is fostering collaboration between researchers based in Brazil and the United States
through five joint projects in cybersecurity. The corresponding open call received a stunning
number of proposals (57, involving more than 200 researchers in the US and Brazil). Topics
addressed by selected projects span network security (including IoT), Internet measurements and
programmable data planes for software-defined networks.
Main Groups and Their Distribution
There are many research groups in security and privacy scattered through the Brazil. Research in
Systems Security is popular in the states of the North (Amazonas - AM), Northeast (Rio Grande
do Norte - RN), Southeast (São Paulo SP, and Minas Gerais - MG) and South regions of Brazil
(Paraná - PR), while Cryptography is heavily concentrated in the Southeast. Network security has
the largest community, and remains a preferred topic in a few groups in the Northeast (Ceará
CE, and Pernambuco PE) and the lower half of the country (Distrito Federal - DF, Rio de Janeiro
- RJ, Santa Catarina SC, Paraná - PR, Rio Grande do Sul - RS) . Figure 1 gives a map of this
geographical distribution, by using a color coding scheme to denote topics ranking higher in
interest on each of the universities to which these research groups belong.
Figure 1. Distribution of the main research groups in security and privacy across Brazil. States without marked
institutions do not appear to have formal groups participating closely in the local security and privacy research
community, according to our data collection. Colors green, red and blue respectively denote interest in
cryptography, systems security and network security. Multiple colors are used to represent research groups where
multiple interests overlap.
North. Researchers from the Federal University of Amazonas (UFAM) comprise the Emerging
Technologies and Systems Security (ETSS) laboratory, specializing in Web, software and
systems security.
Northeast. The region contains the Networking and Telecommunication Research Group (GPRT)
at the Federal University of Pernambuco (UFPE), specializing in traffic inspection and
identification, and security issues in wireless sensor networks; and the Group of Computer
Networks, Software Engineering and Systems (GREaT) at Federal University of Ceará (CE)
working on network-level intrusion detection systems. An emerging research group at Federal
University of Rio Grande do Norte (UFRN) will organize the 2018 edition of the SBSeg and is
composed of researchers working in forensics, biometrics and information security.
Central-West. In the heart of the country, the Federal District (DF) has research groups at the
University of Brasília working in computer networks with a focus on network security, both at the
Computer Science Department and at the Engineering School. Popular research topics are
security issues in mobile ad-hoc networks (MANETs), secure routing and distributed systems. A
research group in cryptography operated between 2011 and 2014, but was later dissolved due to
migration of the researchers to other institutions.
Southeast. The Laboratory of Security and Cryptography (LASCA), at the University of
Campinas (UNICAMP), has a research group specialized in cryptographic engineering, security
analysis of real-world systems, privacy-preserving computing, and malware detection and
analysis. Researchers from the University of São Paulo (USP) were among the pioneers in
cryptography, authoring the first books about the topic in Portuguese. Today, the Laboratory of
Computer Networks and Architecture (LARC) specializes in the design of cryptographic
algorithms, protocols, and authentication schemes. The Federal University of Minas Gerais
(UFMG) has researchers working on multiple areas: software security, key distribution in ad-hoc
networks, applied cryptography, electronic voting, differential privacy, and foundations of security.
Rio de Janeiro has groups working on network security at the Federal University of Rio de
Janeiro (UFRJ) and at the Fluminense Federal University (UFF), in the traditional topics of
intrusion detection, trust management, key distribution, access control, and denial of service
attacks. The National Institute of Metrology, Quality and Technology (INMETRO) also has a
research group on smart metering and smart grid security.
South. This region has the largest groups working on network and systems security. The state of
Paraná has multiple research groups at the Federal University of Paraná (UFPR) and at the
Pontifical Catholic University of Paraná (PUC-PR), in the topics of distributed systems, network
and computer security, security issues in MANETs, virtualization, and malware analysis. Notable
examples are the Network, Distributed Systems, and Security Lab (LaRSiS), the laboratory on
Wireless and Advanced Networks (NR2), and the Security and Privacy laboratory (SecPLab). The
state of Santa Catarina has multiple research groups at the Federal University of Santa Catarina
(UFSC) and nearby institutions, working on operational security and public-key infrastructures
(PKIs), intrusion detection and tolerance, grid and cloud computing, distributed systems, and
identity management. The Computer Security Laboratory (LabSEC) at the UFSC has notably
contributed to the implementation of the Brazilian government-based PKI. Further to the south,
the Federal University of Rio Grande do Sul (UFRGS) has a research group on Cybersecurity,
reflecting its record of contributions to network security. The research topics investigated include
network resilience, anomaly detection, botnets, security of IoT for healthcare systems, security of
software-defined networks, and in-the-wild studies of Internet security problems such as spoofing.
Topics and limitations
Scientific research is a challenging endeavor everywhere. Brazil is considered especially
challenging due to the large cultural gap between the private sector and universities, even in the
case of applied research. With most of the research funding depending on governments and their
political whims, the availability of funding is very limited for certain types of projects, and directs
research toward topics that can be tackled under the restricted resources.
A simple example of this effect can be seen in the cryptologic research, where Brazilian
researchers rarely work in applied cryptanalysis due to insufficient access to supercomputing
infrastructure. As a consequence, cryptologic research in Brazil is much more directed toward
constructive and comparably inexpensive projects in cryptographic engineering and mathematical
cryptography, although in some cases there are results in mathematical cryptanalysis of
algorithms and protocols.
The same effect can be observed in network security, where researchers frequently complain
about lack of access to modern datasets for traffic analysis, and turn to software modeling and
simulations as an alternative, or rely on foreign sources, such as CAIDA
( This gap should be ideally
reduced in collaboration with security companies in the private sector, which ultimately face the
daily threats of Internet-wide attacks and exploitation. Along the same lines, research on systems
security is overwhelmingly directed to software mechanisms and protection, and hardware
designs very rarely go beyond FPGA prototyping.
As a result, research is concentrated on technical security, with large areas not receiving
enough attention. Some examples of these research topics involving human factors are usable
security and economics of security. There is a low general interest in privacy-enhancing
technologies, which we speculate to be the result of cultural and historical factors. As eager and
massive adopters of privacy-invasive social networks, Brazilians do not value privacy as much as
other populations, and a strict reading of the Article 5 in the Constitution limits anonymity: the
expression of thought is free, and anonymity is forbidden. The trend may be changing with
research groups recently working on differential privacy and privacy-preserving computing as
applications of formal methods and homomorphic encryption mechanisms.
Main contributions from the Brazilian community
We detail the main contributions from researchers working in Brazil in three areas: cryptography,
systems security and network security. We selected the 20 most influential papers (highest
number of citations in Google Scholar), and then grouped them by similarity. A few exceptions
were given to recent works not receiving enough citations, but which received awards or
widespread coverage in the news.
Most of the contributions by Brazilian researchers in cryptography are concentrated in efficient
algorithms and implementations of Elliptic Curve Cryptography (ECC). The pioneering works by
López and Dahab1 at UNICAMP, and by López in collaboration with Brown, Hankerson and
Menezes2,3, were among the first to propose efficient algorithms for implementing binary and
NIST prime curves, respectively, demonstrating that binary curves could be a competitive choice
for public-key cryptography. After several papers along the years introducing refinements and
speedups for generic and Koblitz binary curves, the lambda coordinate system for representing
points over these curves recently set the speed record for elliptic curves4, being awarded as the
best paper at one of the most prestigious conferences in the area (CHES 2013).
Brazilian researchers were also pioneers in the field of pairing-based cryptography. Together
with collaborators, Barreto et al. essentially made pairing computation over elliptic curves
practical by speeding up the performance-critical portions of the algorithm5. This was a very
important contribution to the emerging field of pairing-based cryptography, because pairing
computation is a bottleneck on those cryptosystems. Barreto would spend most of the next
decade proposing efficient pairing-based protocols6, compressed pairing computation, and
efficient choices of parameters for instantiating pairings such as the pairing-friendly Barreto-
Naehrig family of elliptic curves7. The effort in improving the efficiency of pairings would culminate
in a very efficient implementation by Aranha et al.8, later made available with the RELIC
( cryptographic library developed at
The Brazilian research community has also worked in other aspects of cryptography.
Researchers at the University of São Paulo led by Simplício Jr. designed the Lyra2 algorithm9
selected among the finalists in the Password Hashing Competition (PHC), from which several
features were adopted by the winner Argon2. These algorithms are remarkably interesting, in the
sense that both the latency and memory required per hashed password can be calibrated to
penalize an offline attacker running in massively parallel platforms. In another research trend, the
upcoming threat of quantum computers against conventional public-key cryptography motivates
the field of post-quantum (or quantum-safe) cryptography, a designation for cryptosystems based
on underlying problems not known to be efficiently solved by quantum computers. One of the
main contenders for encryption and key exchange protocols is code-based cryptography using
moderate-density parity codes10, formally submitted as the BIKE (
candidate to the NIST Post-Quantum Cryptography standardization project.
Other relevant contributions worth of mentioning are solutions to the problem of key
management in WSNs. Research efforts led by the UFMG produced many original and relevant
contributions to this problem. SecLEACH was proposed by Oliveira et al. to adapt random key
pre-distribution schemes from the usual flat networks to hierarchical cluster-based networks11.
Later, Oliveira et al. also proposed TinyPBC12 as a non-interactive key distribution protocol based
on pairings, where nodes preloaded with private keys can compute a shared key without
exchanging any messages. The protocol description was followed by an efficient implementation
of pairing computation in sensor nodes, as to reduce the energy and execution time
requirements. A good survey authored by Brazilian researchers on this topic can be found in the
Systems Security
Because this area significantly overlaps with network security and even cryptography (many
cryptographers argue that cryptography is actually a systems problem), we employ here a loose
definition of systems security, by restricting it to system-level protection and excluding
networking. Under this definition, Brazilian research groups have given contributions to the
foundations of computer security, electronic voting, malware detection and analysis.
Controlling how much information leaks from communication channels is a fundamental
problem in computer security. With this knowledge, a designer is better equipped to protect more
vulnerable portions of the attack surface of a system. Alvim et al. have explored this problem in
the context of quantitative information flow by introducing a generalization of previous models
such that an adversary can benefit if parts or properties about a secret leak14, and by relating the
information-theoretic models to the definition of differential privacy15. A later work in the same
topic would receive in 2014 the Best Scientific Cybersecurity Paper, awarded by the National
Security Agency (NSA).
Another rich set of contributions is available in the field of electronic voting systems, where
researchers in Brazil have worked both on their design and security analysis. Santin, Costa and
Maziero proposed an Internet-based voting protocol for coercion-free elections16, Araújo et al.
detected and fixed vulnerabilities in the ThreeBallot voting system and proposed a more secure
and verifiable version based on Farnel17. In the specific case of the paperless DRE voting system
used in Brazil, the Brazilian Computer Society report18 pioneered the first security analysis of the
system and pointed out design flags in terms of ballot secrecy and insufficient guarantees for
integrity. These threats would be experimentally demonstrated 10 years after by Aranha et al.
during restricted tests organized by the national electoral authority19. The debate about security
and transparency of the Brazilian voting system is still ongoing, especially after the recent
congressional mandate for paper ballots to be implemented in future elections and the following
Supreme Court decision to suspend the law.
System-level intrusion detection and malware analysis are also topics of interest. Brazilian
researchers have designed bio-inspired systems for detecting intruders by borrowing ideas from
immune systems20, and employing stealthy virtual machines for host-based detection21. Afonso et
al. proposed a system using machine learning to detect if Android applications are malicious
before the user can install them22. In application-level security, there are contributions in
lightweight techniques to secure programs against integer overflows23 and approaches based on
machine learning to detect XSS attacks24.
Network Security
Chronologically, one of the first security problems to be addressed by the Brazilian research
community was intrusion detection, with relevant papers appearing in the late 90s25,26. Another
facet was the investigation of intrusion tolerance mechanisms, with a seminal paper published by
Fraga et al.27. Intrusion and anomaly detection remained as a focus of the Brazilian community
for many years, with varying contexts such as virtualized environments and Mobile Ad Hoc
Networks, or MANETs28.
The most relevant contributions about security of MANETs came from the 2000s29,30.
Researchers from the UFPE and the UFRJ evaluated and proposed novel security mechanisms
for these networks, including trust and reputation mechanisms. These groups made other
contributions to Internet security around the same time, proposing improvements to traffic
analysis31 and spoofing countermeasures for IP packets32.
The Internet context was also dominant in the studies carried out by researchers at the
UFRGS. First, the group investigated the security of popular peer-to-peer (P2P) protocols, and
was the first to identify attacks against BitTorrent and propose countermeasures33. The same
group, in collaboration with the University of Twente, analyzed the problem of denial of service
(DDoS) being offered as a service in the Internet34. Other contributions include security
mechanisms for emerging network technologies, such as looking at IoT security for healthcare
systems35 and how to protect software-defined networks with a set of carefully positioned
Besides advancing the state-of-the-art in some direction, several Brazilian groups made
contributions by surveying a topic of network security. Some leveraged their leadership and
recognition to organize the body of work, while some performed systematic studies, often
proposing a taxonomy for the field. These are magazine papers providing a summarized, higher-
level view of a topic, or longer surveys exploring a subject in both breadth and depth. Not
surprisingly, areas typically reflect the contributions mentioned earlier, but not necessarily by the
same group. The more prominent examples are intrusion detection and Cloud security37,38,39,
MANETs40,13 and traffic analysis41.
Challenges and Perspectives
In the last two decades, the Brazilian research community in security and privacy has made
substantial progress towards establishing an international presence through collaborations and
contributions to the academic literature. However, additional effort must be dedicated if Brazil
intends to become a global research power in this field. In this section, we provide some
suggestions on how researchers can make further progress in the path ahead.
First, students, university staff and faculty should improve their communication skills in English.
Many interesting scientific contributions end up being restricted to the local community, after not
receiving enough attention from the international community due to the inability of authors to
effectively communicate their results internationally. This is also crucial to establish productive
collaborations with research groups abroad. Mobility should be actively fostered by bringing in
and sending out expert researchers (including graduate students) to universities within and
outside Brazil.. Modern collaboration tools (video conferencing and collaborative document
editing) can help with the remaining cultural and logistic barriers.
Collaboration with the international research community may increase visibility and opportunity
for broadening research topics, as evidenced by 21 of the works we highlighted which have at
least one foreign co-author. This effect is much higher in the area of cryptography, in which 10 of
the 13 selected works were performed in collaboration with institutions abroad. This may also
explain the higher visibility of research in cryptography, which scored the five most cited papers
found in our data collection. We found a surprising low amount of collaboration between
institutions located in different states among the highlighted works, corresponding to only five
papers (or around 12%); of which only two involve authors from multiple regions. This suggests
that an emphasis on longer-distance collaborations may be beneficial to the community. The
NSF/RNP initiative for research in cybersecurity is a pioneer in this regard, by fostering
collaborations with the international community and also within Brazil, since four of the five
funded projects include institutions from multiple states.
The Brazilian community should also re-evaluate the high-priority research topics and trends,
especially regarding privacy and network security, to keep up with the evolution of technology and
the rise of new threats. In particular, privacy is key in any modern society but substantial research
in related aspects is notably missing in Brazil. State-of-the-art work appearing in the most
prestigious security conferences should be closely monitored and the events attended with a
higher frequency, despite funding limitations. This recommendation is of course not restricted to
academic conferences, because industry and grassroots hacking events are wonderful
opportunities to meet people, widen the range of contacts, and get access to data. Researchers
should pursue high-risk/high-reward approaches to research and attempt to submit their results to
top conferences even if the chance of acceptance is very low.
Adapting cutting-edge results to a Brazilian context is ultimately important, since the local
scene is as globally relevant as in any other country. By increasing the focus on security
problems observed in the wild, through research problems relevant to end users and companies,
results may become more immediately useful to local communities, facilitating communication
and cooperation with industry partners.
1. J. López, R. Dahab. 1999. Fast Multiplication on Elliptic Curves over GF(2m) without
Precomputation. In First International Workshop in Cryptographic Hardware and Embedded
Systems (CHES 1999). Springer LNCS 1717, Worcester, MA, USA, 316-327.
2. M. Brown, D. Hankerson, J. López, Alfred Menezes. 2001. Software Implementation of the NIST
Elliptic Curves Over Prime Fields. In Cryptographer’s Track at RSA Conference (CT-RSA 2001).
Springer LNCS 2020, San Francisco, CA, USA, 250-265.
3. D. Hankerson, J. López, A. Menezes. 2000. Software Implementation of Elliptic Curve
Cryptography over Binary Fields. In Second International Workshop in Cryptographic Hardware
and Embedded Systems (CHES 2000). Springer LNCS 1965, Worcester, MA, USA, 1-24.
4. T. Oliveira, J. López, D. F. Aranha, F. Rodríguez-Henríquez. 2014. Two is the fastest prime:
lambda coordinates for binary elliptic curves. J. Cryptographic Engineering 4(1): 3-17.
5. P. S. L. M. Barreto, H. Yong Kim, B. Lynn, M. Scott. 2002. Efficient Algorithms for Pairing-Based
Cryptosystems. Advances in Cryptology - CRYPTO 2002, 22nd Annual International Cryptology
Conference. Springer LNCS 2442, Santa Barbara, CA, USA, 354-368.
6. P. S. L. M. Barreto, B. Libert, N. McCullagh, J. Quisquater. 2005. Efficient and Provably-Secure
Identity-Based Signatures and Signcryption from Bilinear Maps. In Advances in Cryptology -
ASIACRYPT 2005, 11th International Conference on the Theory and Application of Cryptology and
Information Security. Springer LNCS 3788, Chennai, India, 515-532.
7. P. S. L. M. Barreto, M. Naehrig. 2005. Pairing-Friendly Elliptic Curves of Prime Order. In 12th
International Workshop on Selected Areas in Cryptography (SAC 2005). Springer LNCS 3897,
Kingston, ON, Canada, 319-331.
8. D. F. Aranha, K. Karabina, P. Longa, C. H. Gebotys, J. López. 2011. Faster Explicit Formulas for
Computing Pairings over Ordinary Curves. In Advances in Cryptology - EUROCRYPT 2011 - 30th
Annual International Conference on the Theory and Applications of Cryptographic Techniques.
Springer LNCS 6632, Tallinn, Estonia, 48-68.
9. E. R. Andrade, M. A. Simplício Jr., P. S. L. M. Barreto, P. C. F. dos Santos. 2016. Lyra2: Efficient
Password Hashing with High Security against Time-Memory Trade-Offs. IEEE Trans. Computers
65(10): 3096-3108.
10. R. Misoczki, J. Tillich, N. Sendrier, P. S. L. M. Barreto. 2003. MDPC-McEliece: New McEliece
variants from Moderate Density Parity-Check codes. In IEEE International Symposium on
Information Theory (ISIT 2013). IEEE Computer Society, Istanbul, Turkey, 2069-2073.
11. L. B. Oliveira, A. C. Ferreira, M. A. Vilaça, H. C. Wong, M. W. Bern, R. Dahab, A. A. F. Loureiro.
2007. SecLEACH - On the security of clustered sensor networks. Signal Processing 87(12): 2882-
12. L. B. Oliveira, D. F. Aranha, C. P. L. Gouvêa, M. Scott, D. F. Câmara, J. López, R. Dahab. 2011.
TinyPBC: Pairings for authenticated identity-based non-interactive key distribution in sensor
networks. Computer Communications 34(3): 485-493.
13. M. A. Simplício Jr., P. S. L. M. Barreto, C. B. Margi, T. C. M. B. Carvalho. 2010. A survey on key
management mechanisms for distributed Wireless Sensor Networks. Computer Networks 54(15):
14. M. S. Alvim, K. Chatzikokolakis, C. Palamidessi, G. Smith. 2012. Measuring Information Leakage
Using Generalized Gain Functions. In 25th IEEE Computer Security Foundations Symposium (CSF
2012). IEEE Computer Society, Cambridge, MA, USA, 265-279.
15. M. S. Alvim, M. E. Andrés, K. Chatzikokolakis, P. Degano, C. Palamidessi. 2011. Differential
Privacy: On the Trade-Off between Utility and Information Leakage. In 8th International Workshop
on Formal Aspects in Security and Trust (FAST 2011). Springer LNCS 7410, Leuven, Belgium, 39-
16. A. O. Santin, R. G. Costa, C. Maziero. 2008. A Three-Ballot-Based Secure Electronic Voting
System. IEEE Security & Privacy 6(3): 14-21.
17. R. Araujo, R. F. Custódio, J. van de Graaf. 2010. A Verifiable Voting Protocol Based on Farnel.
Towards Trustworthy Elections, New Directions in Electronic Voting. Springer LNCS 6000, 274-
18. J. van de Graaf, J. R. F. Custódio. 2002. Electoral Technology and the Voting Machine Report of
the Brazilian Computer Society (in Portuguese). Available at
19. D. F. Aranha, M. M. Karam, A. Miranda, F. Scarel. 2014. Software vulnerabilities in the Brazilian
voting machine. In Design, Development, and Use of Secure Electronic Voting Systems, IGI
Global, 149175.
20. F. S. Paula, L. N. de Castro, Paulo L. de Geus. 2004. An intrusion detection system using ideas
from the immune system. In IEEE Congress on Evolutionary Computation (CEC 2004). IEEE
Computer Society, Portland, OR, USA, 1059-1066.
21. M. Laureano, C. Maziero, E. Jamhour. 2007. Protecting host-based intrusion detectors through
virtual machines. Computer Networks 51(5): 1275-1283.
22. V. M. Afonso, M. F. de Amorim, A. R. A. Grégio, G. B. Junquera, P. L. de Geus. 2015. Identifying
Android malware using dynamically obtained features. J. Computer Virology and Hacking
Techniques 11(1): 9-17.
23. R. E. Rodrigues, V. H. S. Campos, F. M. Q. Pereira. 2013. A fast and low-overhead technique to
secure programs against integer overflows. In IEEE/ACM International Symposium on Code
Generation and Optimization (CGO 2013). IEEE Computer Society, Shenzhen, China, 33:1-33:11.
24. A. E. Nunan, E. Souto, E. M. dos Santos, E. Feitosa. 2012. Automatic classification of cross-site
scripting in web pages using document-based and URL-based features. In IEEE Symposium on
Computers and Communication (ISCC 2012). IEEE Computer Society, Cappadocia, Turkey, 702-
25. J. M. Bonifácio, A. M. Cansian, A. C. P. L. F. de Carvalho, E. S. Moreira. 1998. Neural networks
applied in intrusion detection systems. In IEEE International Joint Conference on Neural Networks
(IJCNN 1998), IEEE Computer Society, Anchorage, AK, USA, Vol. 1, 205-210.
26. J. D. de Queiroz, L. F. R. da Costa Carmo, Luci Pirmez. 1999. Micael: An Autonomous Mobile
Agent System to Protect New Generation Networked Applications. In Recent Advances in Intrusion
Detection (RAID 1999), Purdue, IN, USA.
27. J. S. Fraga and D. Powell. 1985. A fault-and intrusion-tolerant file system. In Proceedings of the 3rd
International Conference on Computer Security, 203-218.
28. R. S. Puttini, J. Percher, L. Mé, O. Camp, R. T. de Sousa Júnior, C. J. B. Abbas, L. J. García-
Villalba. 2003. A Modular Architecture for Distributed IDS in MANET. International Conference on
Computational Science and its Applications (ICCSA 2003). Springer LNCS 2669, Montreal,
Canada, 91-113
29. G. Guimarães, E. Souto, D. F. H. Sadok, J. Kelner. 2005. Evaluation of Security Mechanisms in
Wireless Sensor Networks. Systems Communications. IEEE Computer Society, Montreal, Canada,
30. P. B. Velloso, R. P. Laufer, D. de Oliveira Cunha, O. C. M. B. Duarte, G. Pujolle. 2010. Trust
management in mobile ad hoc networks using a scalable maturity-based model. IEEE Trans.
Network and Service Management 7(3): 172-185.
31. A. C. Callado, J. Kelner, D. Sadok, C. A. Kamienski, S. F. L. Fernandes. 2010. Better network
traffic identification through the independent combination of techniques. J. Network and Computer
Applications 33(4): 433-446.
32. R. P. Laufer, P. B. Velloso, D. O. Cunha, I. M. Moraes, M. D. D. Bicudo, M. D. D. Moreira, O. C. M.
B. Duarte. 2007. Towards Stateless Single-Packet IP Traceback. In 32nd Annual Conference on
Local Computer Networks (LCN 2007). IEEE Computer Society, Dublin, Ireland, 548-555.
33. M. A. Konrath, M. P. Barcellos, R. B. Mansilha. 2007. Attacking a Swarm with a Band of Liars:
evaluating the impact of attacks on BitTorrent. In 7th IEEE International Conference on Peer-to-
Peer Computing (P2P 2007). IEE Computer Society, Galway, Ireland, 37-44.
34. J. J. Santanna, R. van Rijswijk-Deij, R. Hofstede, A. Sperotto, M. Wierbosch, L. Z. Granville, A.
Pras. 2015. Booters - An analysis of DDoS-as-a-service attacks. In IFIP/IEEE International
Symposium on Integrated Network Management (IM 2015). IEEE Computer Society, Ottawa,
Canada, 243-251.
35. L. M. R. Tarouco, L. M. Bertholdo, L. Z. Granville, L. M. R. Arbiza, F. J. Carbone, M. A. Marotta, J.
J. C. de Santanna. 2012. Internet of Things in healthcare: Interoperatibility and security issues. In
IEEE International Conference on Communications (ICC 2012). IEEE Computer Society, Ottawa,
Canada, 6121-6125.
36. L. F. Müller, R. R. Oliveira, M. C. Luizelli, L. P. Gaspary, M. P. Barcellos. 2014. Survivor: An
enhanced controller placement strategy for improving SDN survivability. IEEE Global
Communications Conference (GLOBECOM 2014). IEEE Computer Society, Austin, TX, USA,
37. K. Vieira, A. Schulter, C. B. Westphall, C. M. Westphall. 2010. Intrusion Detection for Grid and
Cloud Computing. IT Professional 12(4): 38-43 (2010)
38. N. M. Gonzalez, C. Miers, F. F. Redígolo, M. A. Simplício Jr., T. C. M. B. Carvalho, M. Näslund, M.
Pourzandi. 2012. A quantitative analysis of current security concerns and solutions for cloud
computing. J. Cloud Computing 1: 11.
39. A. Patel, M. Taghavi, K. Bakhtiyari, J. Celestino Júnior. 2013. An intrusion detection and prevention
system in cloud computing: A systematic review. J. Network and Computer Applications 36(1): 25-
40. M. N. Lima, A. L. dos Santos, G. Pujolle. 2009. A Survey of Survivability in Mobile Ad Hoc
Networks. IEEE Communications Surveys and Tutorials 11(1): 66-77.
41. A. C. Callado, C. A. Kamienski, G. Szabo, B. P. Gero, J. Kelner, S. F. L. Fernandes, D. F. H.
Sadok. 2009. A Survey on Internet Traffic Identification. IEEE Communications Surveys and
Tutorials 11(3): 37-52.
Marinho Barcellos Marinho Barcellos is Associate Professor at Federal University of Rio Grande do Sul, a
CNPq 1D level researcher, senior member of the Association for Computing Machinery (ACM) and the
Brazilian Computer Society (SBC). He has authored many papers in computer networks and security and
his current research interests are Internet measurements, programmable data planes, and security
aspects of those networks.
Diego F. Aranha is an Assistant Professor in the University of Campinas. His professional experience is in
Cryptography and Computer Security, with a special interest in the efficient implementation of
cryptographic algorithms and security analysis of real-world systems. He received the Google Latin
America Research Award for research on privacy twice, and the MIT TechReview's Innovators under 35
Brazil Award for his work in electronic voting.
ResearchGate has not been able to resolve any citations for this publication.
Full-text available
We present Lyra2, a password hashing scheme (PHS) based on cryptographic sponges. Lyra2 was designed to be strictly sequential for a given number of cores (i.e., not easily parallelizable beyond that number), providing strong security even against attackers using custom hardware or GPUs. At the same time, it is very simple to implement in software and allows legitimate users to fine tune its memory and processing costs according to the desired level of security against brute force password-guessing. Lyra2 is an improvement of the recently proposed Lyra algorithm, providing an even higher security level against different attack venues and overcoming some limitations of this and other existing schemes.
Conference Paper
Full-text available
In 2012, the Dutch National Research and Education Network, SURFnet, observed a multitude of Distributed Denial of Service (DDoS) attacks against educational institutions. These attacks were effective enough to cause the online exams of hundreds of students to be cancelled. Surprisingly, these attacks were purchased by students from websites, known as Booters. These sites provide DDoS attacks as a paid service (DDoS-as-a-Service) at costs starting from 1 USD. Since this problem was first identified by SURFnet, Booters have been used repeatedly to perform attacks on schools in SURFnet's constituency. Very little is known, however, about the characteristics of Booters, and particularly how their attacks are structure. This is vital information needed to mitigate these attacks. In this paper we analyse the characteristics of 14 distinct Booters based on more than 250 GB of network data from real attacks. Our findings show that Booters pose a real threat that should not be underestimated, especially since our analysis suggests that they can easily increase their firepower based on their current infrastructure.
Full-text available
The constant evolution of mobile devices’ resources and features turned ordinary phones into powerful and portable computers, leading their users to perform payments, store sensitive information and even to access other accounts on remote machines. This scenario has contributed to the rapid rise of new malware samples targeting mobile platforms. Given that Android is the most widespread mobile operating system and that it provides more options regarding application markets (official and alternative stores), it has been the main target for mobile malware. As such, markets that publish Android applications have been used as a point of infection for many users, who unknowingly download some popular applications that are in fact disguised malware. Hence, there is an urge for techniques to analyze and identify malicious applications before they are published and able to harm users. In this article, we present a system to dynamically identify whether an Android application is malicious or not, based on machine learning and features extracted from Android API calls and system call traces. We evaluated our system with 7,520 apps, 3,780 for training and 3,740 for testing, and obtained a detection rate of 96.66 %.
Conference Paper
Full-text available
In SDN, forwarding devices can only operate cor-rectly while connected to a logically centralized controller. To avoid single-point-of-failure, controller architectures are usually implemented as distributed systems. In this context, recent literature identified fundamental issues, such as device isolation and controller overload, and proposed controller placement strategies to tackle them. However, current proposals have crucial limitations: (i) device-controller connectivity is modeled using single paths, yet in practice multiple concurrent connections may occur; (ii) peaks in the arrival of new flows are only handled on-demand, assuming that the network itself can sustain high request rates; and (iii) failover mechanisms require predefined information, which, in turn, has been overlooked. This paper proposes Survivor, a controller placement strategy that addresses these challenges. The strategy explicitly considers path diversity, capacity, and failover mechanisms at network design. Compar-isons to the state-of-the-art on survivable controller placement show that Survivor is superior because (a) path diversity increases the survivability significantly; and (b) capacity-awareness is essential to handle overload during both normal and failover states.
Conference Paper
Full-text available
In this work, we propose two McEliece variants: one from Moderate Density Parity-Check (MDPC) codes and another from quasi-cyclic MDPC codes. MDPC codes are LDPC codes of higher density (and worse error-correction capability) than what is usually adopted for telecommunication applications. However, in cryptography we are not necessarily interested in correcting many errors, but only a number which ensures an adequate security level. By this approach, we reduce under certain hypotheses the security of the scheme to the well studied decoding problem. Furthermore, the quasi-cyclic variant provides extremely compact-keys (for 80-bits of security, public-keys have only 4801 bits).
Conference Paper
Full-text available
This paper introduces g-leakage, a rich generalization of the min-entropy model of quantitative information flow. In g-leakage, the benefit that an adversary derives from a certain guess about a secret is specified using a gain function g. Gain functions allow a wide variety of operational scenarios to be modeled, including those where the adversary benefits from guessing a value close to the secret, guessing a part of the secret, guessing a property of the secret, or guessing the secret within some number of tries. We prove important properties of g-leakage, including bounds between min-capacity, g-capacity, and Shannon capacity. We also show a deep connection between a strong leakage ordering on two channels, C1 and C2, and the possibility of factoring C1 into C2C3, for some C3. Based on this connection, we propose a generalization of the Lattice of Information from deterministic to probabilistic channels.
Conference Paper
The integer primitive type has upper and lower bounds in many programming languages, including C, and Java. These limits might lead programs that manipulate large integer numbers to produce unexpected results due to overflows. There exists a plethora of works that instrument programs to track the occurrence of these overflows. In this paper we present an algorithm that uses static range analysis to avoid this instrumentation whenever possible. Our range analysis contains novel techniques, such as a notion of “future” bounds to handle comparisons between variables. We have used this algorithm to avoid some checks created by a dynamic instrumentation library that we have implemented in LLVM. This framework has been used to detect overflows in hundreds of C/C++ programs. As a testimony of its effectiveness, our range analysis has been able to avoid 25% of all the overflow checks necessary to secure the C programs in the LLVM test suite. This optimization has reduced the runtime overhead of instrumentation by 50%.