9th of July at 16h00, Karima Velasquez (NCS) will give a presentation entitled“Building Sustainable Distributed B5G Networks” Location: G4.1
Abstract Beyond-5G (B5G) networks are essential for services like autonomous systems and extended reality, relying on virtual network slices tailored for specific needs. While Artificial Intelligence (AI) is crucial for managing the immense complexity of this End-to-End (E2E) slicing, the high energy consumption of AI models presents a significant financial and environmental challenge, which conflicts with sustainability goals, such as those considered in the EU Green Deal. This talk addresses this critical trade-off. Our approach is proposing an energy-conscious orchestration architecture, built on three pillars: a Knowledge-Defined Networking (KDN) framework for intelligent automation, the deployment of Green AI techniques to create lightweight, energy-efficient ML models, and the use of Edge Intelligence to run these models closer to the data source, reducing the carbon footprint. The talk will showcase the use of an emulation platform based on Mosaic5G to validate and fine-tune these energy-aware mechanisms in a near-production environment, demonstrating how sustainable network management can be achieved without compromising performance.
Bio Karima Velasquez is an Assistant Professor in the Department of Informatics Engineering at the University of Coimbra and a researcher at the Centre for Informatics and Systems (CISUC). Her work focuses on network management and orchestration, with a special emphasis on the Cloud-to-Edge continuum, energy efficiency, and cognitive networking for 5G and beyond.
25th of June at 16h00, Luís Vieira and João Donato will give two short presentations, to promote discussion on two relevant ongoing or disruptive topics. Afterwards, there will be a social gathering where everyone can talk freely on whatever subjects they like. Location: G4.1
Luís Vieira – “On the use of Deep Graph Convolution Neural Networks (DGCNN) to Detect Software Vulnerabilities”
Bio Luís Vieira is a Master’s student in Cybersecurity at the University of Coimbra. He received his Bachelor’s degree in Informatics Engineering from the same institution in 2023. His current research focuses on detecting software vulnerabilities using graph-based deep learning models, with an emphasis on DGCNNs and structural code representations such as CFGs, ASTs, and PDGs.
Abstract Software vulnerabilities remain a major threat to security, often leading to critical breaches, data loss, and financial consequences. Traditional detection methods, such as static and dynamic analysis, play an important role but face limitations: static tools rely on predefined rules crafted by experts, making them labor-intensive and less adaptable to emerging vulnerabilities, while dynamic tools struggle with incomplete code coverage and high false-negative rates. To address these challenges, recent research has turned to Machine Learning (ML) and Deep Learning (DL) techniques. This work investigates the use of Deep Graph Convolutional Neural Networks (DGCNNs) for detecting vulnerabilities in C functions by leveraging graph-based code representations, such as Control Flow Graphs (CFGs), Abstract Syntax Trees (ASTs), and Program Dependence Graphs (PDGs). The research focuses on developing a framework that integrates feature extraction, graph-based representations, and embedding techniques to enrich code data while addressing problems such as overfitting and data imbalance. By evaluating the impact of diverse graph features on model performance, this study aims to advance the understanding of DGCNNs in software vulnerability detection and contribute to scalable, effective solutions for evolving security challenges.
João Donato – “Benchmarking LLM Robustness Against Prompt-based Adversarial Attacks”
Abstract Large Language Models (LLMs) are increasingly integrated into various applications, raising significant concerns about their security and vulnerability to adversarial attacks. This work addresses the lack of systematic methods for evaluating LLMs’ adversarial robustness against these threats. We propose a comprehensive benchmarking methodology to assess the resilience of LLMs’ built-in safety measures against these inference-time text-based attacks. To demonstrate its utility, we also applied the framework to benchmark various LLMs on their capacity to generate vulnerable and malicious code
Bio João Donato is currently finishing is master thesis in Informatics Security (MSI) at the University of Coimbra. He received his bachelor’s degree in Informatics Engineering in 2023 at the same university. Under the supervision of Professor João Campos, his current research and the topic of his thesis is centered on assessing and comparing the adversarial robustness of LLMs against text-based inference-time attacks.
28th of May at 16h00, Gonçalo Carvalho and Jiawei Wang will give two short presentations, to promote discussion on two relevant ongoing or disruptive topics. Afterwards, there will be a social gathering where everyone can talk freely on whatever subjects they like. Location: G4.1
Jiawei Wang – “Mitigating dataset biases for AI-based safety-critical perception systems”
Bio Jiawei Wang is a Ph.D. student at CISUC, University of Coimbra. She received her master’s degree in Software Engineering from Beijing Institute of Technology, China, in 2020, with a specialization in Machine Learning applied to perception tasks. Under the supervision of Prof. João Campos, her current research is centered on characterizing and enhancing safety of AI-based perception systems by improving model generalization under dynamic working environments.
Abstract AI is increasingly used in safety-critical perception tasks due to its exceptional performance on complex vision tasks. However, it reveals limited robustness under distributional shifts where the dataset bias is a key factor. In this talk, I will introduce our recent work on identifying and mitigating image dataset biases with the pedestrian classification as a case study. Through analysis of 4 large-scale datasets, we found the persistence of dataset biases and localized them in bias-rich image regions using explainable AI techniques (e.g., GradCAM and LayerCAM). Our ongoing work will focus on mitigating dataset biases with Image-to-Image techniques, targeting reducing biases without impairing useful information. The ultimate goal is to enhance the safety of AI perception systems by improving generalization across diverse real-world scenarios.
Gonçalo Carvalho – “Assisted generation and deployment of distributed data management systems”
Bio Gonçalo Carvalho started his Ph.D. in 2018 in Data Models for multi-layer distributed databases.Since 2023, he has been working as a data engineering consultant.His research interests include databases, data modeling, distributed systems, cloud and edge computing.
14th of May at 16h00, Paulo Maciel (UFPE) will give a presentation entitled“Assessing Performance and Dependability: Trade-offs Between Complexity and Representativeness in Stochastic Modeling” Location: G4.1
Abstract Performability is the study of a system’s performance in the presence of failures and repair activities, making it a critical concept for designing and assessing resilient systems. This talk explores methods for assessing performance and dependability, emphasizing the trade-offs between model complexity and representativeness in stochastic modeling. We begin by revisiting foundational performability concepts, including performance metrics such as utilization and response time and dependability attributes such as availability, reliability, safety, and maintainability. These metrics capture the impact of failure and restoration processes on overall system behavior. A fundamental aspect of modeling and evaluation is managing the trade-off between the complexity and representativeness of the model and the computational resources required toanalyze it. To address this, we examine various modeling techniques, including analytical methods, numerical approaches, and simulations. Formalisms such as reliability block diagrams (RBD), fault trees (FT), discrete-time and continuous-time Markov chains (DTMC and CTMC), and stochastic Petri nets (SPN) are discussedin terms of expressiveness, scalability, and solution techniques. Additional topics include hierarchical and heterogeneous modeling, sensitivity analysis, and phase-type distributions for more accurate system representation. The Mercury tool will be a comprehensive platform supporting performability evaluation through various stochastic formalisms. This talk highlights the importance of structured, model-based assessment to ensure systems meet performance and dependability requirements under adverse operational conditions.
Bio Paulo Maciel is a Full Professor at the Center for Informatics, Federal University of Pernambuco (UFPE), where he leads the Modeling of Distributed and Concurrent Systems (MoDCS) Research Group. He received his Electronic Engineering degree from the University of Pernambuco in 1987 and later earned a master’s and a doctorate in Electronic Engineering and Computer Science from UFPE. During his Ph.D., he conducted a research internship at Eberhard Karls-Universität Tübingen, Germany (1996–1997). In 2011, he took a sabbatical at the Department of Electrical and Computer Engineering, Edmund T. Pratt School of Engineering, Duke University, USA. His research focuses on performance, reliability, availability, capacity planning, and stochastic modeling, with applications in cloud computing, sustainable data centers, manufacturing, integration, and communication systems. He has advised about thirty Ph.D. students and over sixty M.Sc. students, and has published approximately 400 papers in journals and conferences. He has extensive experience as a consultant and research coordinator, leading projects funded by the US Army Research Office (ARO), HP, EMC, CELESTICA, FOXCONN, ITAUTEC, INdT, Samsung, Motorola, CHESF, as well as Brazilian government research agencies such as FACEPE, CNPq, and FINEP. In 2023, he published a comprehensive two-volume textbook titled Performance, Reliability, and Availability Evaluation of Computational Systems, which serves as a substantial resource in the field. Currently, he is a member of the National Council for Scientific and Technological Development (CNPq) as a Research Productivity Fellow (Category 1A). He also conceptualized and led the development of the Mercury toolset, a powerful framework for evaluating the performance and dependability of computational systems. For more information about his work and publications, please visit the MoDCS Research Group website at www.modcs.org or his CNPq Lattes profile at lattes.cnpq.br.
23rd of April at 16h00, Roberta De Luca (UNINA) will give a presentation entitled“Enhancing Trustworthiness of AI Code Generators” Location: G4.1
Abstract AI-powered code generation tools are rapidly transforming software development, but they can also introduce critical security vulnerabilities. In this talk, I will present DeVAIC, a framework for detecting and patching vulnerabilities in AI-generated code. I will discuss our findings on the flaws introduced by Large Language Models (LLMs), and share insights into how automated techniques can enhance the reliability and security of generated code. The goal is to make AI-assisted programming more trustworthy and secure.
Bio Roberta De Luca is a PhD student in Information Technologies and Electrical Engineering (ITEE) and a member of the Dependable and Secure Software Engineering and Real-Time Systems (DESSERT) group at the University of Naples Federico II. Her research focuses on enhancing the trustworthiness, robustness, and security of AI-generated code, investigating techniques to mitigate vulnerabilities introduced by automated code generation tools.She has experience in static analysis, vulnerability detection, and secure software development. As part of her PhD work, she explores methods to improve the reliability of code generators by integrating security-aware mechanisms, reducing the likelihood of introducing exploitable flaws in AI-assisted programming environments
26th of March at 16h00, Sadaf Azimi and Iury Araujo will give two short presentations, to promote discussion on two relevant ongoing or disruptive topics. Afterwards, there will be a social gathering where everyone can talk freely on whatever subjects they like. Location: G4.1Online: https://videoconf-colibri.zoom.us/j/97404078835?pwd=7iIG7YqLwXgZU5g7QHZKFbuAMyInqb.1
Bio Sadaf Azimi is an IT professional with Over 11 years of experience as an IT Lecturer and as an analyst and developer of medium-scale projects in the area of IT Systems, such as marketing software and warehouse management. She graduated with a bachelor’s degree in Computer Engineering (Software) from the Islamic Azad University of Tuyserkan in February 2008 in Iran. Later, she got her two-year master‘s degree in Knowledge Management from Malaysia Multimedia University in June 2012 in Malaysia.She continued her academic journey in 2022, enrolling in the doctoral program in Informatics Engineering at the University of Coimbra. Her research for her Ph.D. focuses on addressing the security in smart contracts by conducting a thorough analysis of the known security vulnerabilities, identifying design patterns that can mitigate these risks, proposing new security design patterns to fill gaps, and using software metrics as an indicator of software quality to help developers implement more secure smart contracts. Furthermore, her research aims to evaluate and benchmark the effectiveness of existing static vulnerability detection tools. She seeks to contribute to the field of blockchain and smart contract security, ultimately enhancing the security and reliability of smart contracts in real-world applications.
Abstract Smart contracts have accelerated the adoption of blockchain technology across various domains by enabling coded agreements between transaction participants. However, increased software defects and vulnerabilities in smart contracts, driven by developer inexperience with languages like Solidity and a lack of effective detection tools, pose significant risks. Given the high value of assets managed on blockchain, these vulnerabilities can lead to severe consequences.Researchers and practitioners have proposed numerous smart contract design patterns to mitigate certain faults or vulnerabilities. Despite these efforts, it remains unclear which types of defects these patterns target and how effectively they address the wide range of existing smart contract security vulnerabilities. In this paper, we review the state of the art in smart contract design patterns, categorizing them and analyzing their effectiveness in mitigating known security vulnerabilities. Our findings reveal that only five patterns directly aim to prevent security vulnerabilities, collectively addressing just 6 out of 94 security issues identified by OpenSCV, highlighting the need for further research on smart contract security design patterns.
Iury Araujo – “Enhancing Intrusion Detection in Containerized Services: Assessing Machine Learning Models and an Advanced Representation for System Call Data”
Bio Iury holds a BSc degree in Computer Science and a MSc in Informatics from the Federal University of Paraíba, Brazil. He is pursuing a PhD in Informatics Engineering at the University of Coimbra, Portugal, focusing on intrusion detection in containerized services based on machine learning.
Abstract Security is a fundamental requirement for modern digital systems, particularly in environments such as cloud computing, IoT, and microservices. Intrusion Detection Systems play a crucial role in identifying and mitigating threats, yet securing containerized services remains a significant challenge due to their architecture and shared resource dependencies. This presentation will explore a machine learning-based approach to enhance intrusion detection in containerized environments. We introduce a novel graph-based representation of system calls to preserve contextual relationships, improving detection performance while maintaining low false alarm rates. Additionally, a sliding window-based post-processing phase further refines detection.
12th of March at 16h00, Carlos Baquero (FEUP) will give a presentation entitled“CRDTs: State-based approaches and efficient remote state synchronisation” Location: G4.1
Abstract In primary-secondary replication, updating an outdated secondary replica when the primary changes is inefficient due to sizeable state and bandwidth constraints. The RSync algorithm, introduced in the nineties for file systems, solves this problem by partitioning file data, using hash functions to compare files, and transferring only the necessary data. However, RSync requires users to know which file has the most recent state and which needs updating. Like a file copy command, it has a source and a target, making synchronisation fail if either (i) here is no knowledge of which file was updated; or (ii) both files are updated.We will present ConflictSync, a solution that leverages the properties of Conflict-free Replicated Data Files (CRDTs). While RSync can handle arbitrary file data, it interprets files as byte sequences. To reconcile divergent states, we need more information on the data interpreted as a CRDT. Our solution works on any state-based CRDT and uses join decompositions, cryptographic hash functions, and Bloom filters.
Bio Carlos Baquero is a Professor in the Department of Informatics Engineering at FEUP. Research interests cover data management in eventual consistent settings, distributed data aggregation and causality tracking. In the last years, he has collaborated with co-authors in the development of data summary mechanisms such as Scalable Bloom Filters, causality tracking for dynamic settings with Interval Tree Clocks and Dotted Version Vectors and in predictable eventual consistency with Conflict-Free Replicated Data Types. My work has been applied in several systems, including the Riak distributed database, Redis CRDBs, Akka distributed data, and Microsoft Azure Cosmos DB.
26th of February at 16h00, Lino Santos (head of National Cybersecurity Center – NCSC/CNCS) will give a presentation entitled“Cybersecurity in Portugal: Challenges and Opportunities” Location: G4.1
Bio Lino Santos has a master’s degree in Law and Security from the Faculty of Law of Universidade Nova de Lisboa and a Computer Science degree from Universidade do Minho. He is head of the Portuguese National Cybersecurity Center (CNCS) and an appointed member to the board of directors of the European Agency for Cybersecurity (ENISA).He previously was Director for security and users’ services at the National Foundation for Scientific Computing. He was appointed member for the CNCS installation commission. He has also a certification in Managing Computer Security Incident Response Teams, from Carnegie Mellon University, and from the Program on Cyber Security Studies, George C. Marshall Center.
Congratulations and best wishes to Rodrigo Ronner Tertulino da Silva for completing his PhD Thesis “A Privacy Aware Architecture for Electronic Health Records”.
CISUC congratulates and wishes all the success to José Eduardo Ferreira Flora for completing his PhD Thesis “Evaluation and Improvement of Security in Microservice-based Systems”.
