Na próxima quinta-feira, 2, na sala 2077 do ICEx, como parte dos Seminários da Pós, o professor da Universidade de Coimbra, Charles Ferreira Gonçalves, irá proferir uma palestra sobre testes de segurança com injeção de intrusão. O evento é gratuito, não exige inscrição prévia e é aberto ao público.
Resumo:
Modern security evaluation techniques are largely constrained by their dependence on known vulnerabilities and working exploits. While approaches such as fuzzing, penetration testing, and vulnerability scanning have proven effective in identifying weaknesses, they often fail to assess how systems behave after a successful compromise, particularly in complex environments such as virtualized infrastructures.
This talk introduces Intrusion Injection, a novel methodology that shifts the focus from exploiting vulnerabilities to directly emulating their effects. By injecting erroneous system states that represent post-compromise conditions, Intrusion Injection enables systematic, proactive, and exploit-independent security assessment. The approach is grounded in concepts from dependability engineering and extends them into the security domain through the definition of Intrusion Models, which capture abusive system functionalities and their impact on security properties.
Bio:
Charles Ferreira Gonçalves is an Invited Assistant Professor at the University of Coimbra and a researcher at CISUC, working on the security and dependability of computing systems. He holds a Master’s degree in Computer Science from UFMG and earned his Ph.D. in Informatics Engineering in 2025. His doctoral research focused on anomaly detection and introduced intrusion injection, a novel concept for security testing and benchmarking. His current research explores the reliability and security of AI-generated code. He has teaching experience in core computer science courses, including Operating
Systems and Algorithms and Programming. Additionally, he brings industry experience as a Senior Data Scientist and Software Engineer, bridging practical systems expertise with academic research.
