[Talk Ideas] – 18th of December, Jessica Maciel and Horácio França

18th of December at 16h00, Jessica Maciel and Horácio França  will give two short presentations, to promote discussion on two relevant ongoing or disruptive topics. Afterwards, there will be a social gathering where everyone can talk freely on whatever subjects they like.
Location: G4.1

Jessica Maciel – “Developing Attack Detection Models for Microservice Applications”

Bio
Jessica holds a BSc degree in Computer Science and a MSc in Informatics from the Federal University of Paraíba, Brazil. She is currently pursuing a PhD in Informatics Engineering at the University of Coimbra, Portugal, with a focus on runtime security for microservice applications.
Abstract
Microservice architectures provide scalability and flexibility, but their distributed nature and complex service structures introduce new security challenges, especially in detecting cyberattacks. In this talk, we will present our work on developing attack detection models for microservice applications, including a framework designed to generate realistic attack data and develop detection models with illustrations in the context of DDoS attacks.

Horácio França – “Using Generative Pre-trained Transformers to Identify Security Bugs among Bug Reports”

Bio
Horácio is currently a PhD student at the University of Coimbra. He has a bachelor’s degree in Computer Science and a master’s degree in Systems and Computer Engineering from the Federal University of Rio de Janeiro. His research interests include Artificial Intelligence, Cyber Security and the intersection of those subjects.
Abstract
Bug trackers are useful tools for developers to identify issues in their software, however, depending on how many reports are being submitted it may become hard to prioritize what to tackle first. Security issues being reported in this manner need to be identified rapidly for two reasons: Firstly, they need to be addressed in the software as quickly as possible, and secondly because a public issue report about a security bug could inform malicious actors of the existence of an exploitable vulnerability. With the increased use of GPTs across industry and academia, this problem seemed like a good application of this technology. In this presentation, we expound on the results obtained from testing 4 different GPT models on 7 different security bug report datasets.