Minicursos do XVIII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais

Autores

Aldri Luiz dos Santos (ed.)
UFPR
Marjory Da Costa Abreu (ed.)
UFRN
Carlos Eduardo Da Silva (ed.)
UFRN

Sinopse

O Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais (SBSeg) é um evento científico promovido anualmente pela Sociedade Brasileira de Computação (SBC) e representa o principal fórum no país para a apresentação de pesquisas e atividades relevantes ligadas à segurança da informação e de sistemas.

Nesta edição do SBSeg (2018), 14 propostas de minicursos foram submetidas, um número expressivo que demonstra a importância deste evento no panorama nacional de pesquisa. Destas, 4 foram selecionadas para publicação e apresentação, representando assim uma taxa de aceitação em torno de 28%.

Este livro reúne 4 capítulos produzidos pelos autores das propostas de minicursos aceitas.

O Capítulo 1 discute os principais conceitos, ameaças e contramedidas no contexto de redes IoT convencionais e IoT baseadas em SDN, bem como identifica desafios na análise de dados focada na segurança de redes.

O Capítulo 2 aborda o uso programático de criptografia assimétrica por desenvolvedores de software com pouca experiência em segurança da informação e criptografia, mostrando os bons e maus usos da criptografia assimétrica, por meio de exemplos reais, contraexemplos, trechos de código e programas ilustrativos em Java.

O Capítulo 3 introduz o uso de suporte de hardware para a inspeção de binários e sistemas, abrangendo desde o funcionamento dos processadores modernos até a aplicação de suas instruções especiais para a análise de binários e sistemas de forma transparente.

O Capítulo 4 mostra como os contratos inteligentes, códigos residentes na ​blockchain que automatizam processos de múltiplas etapas, podem ser usados na comercialização automática de energia, assim como as iniciativas, os desafios e as oportunidades de pesquisa da tecnologia ​blockchain no setor elétrico.

Capítulos:

1. Ameaças de Segurança, Defesas e Análise de Dados em IoT Baseada em SDN
Nelson G. Prates Jr., Mateus Pelloso, Ricardo T. Macedo, Michele Nogueira
2. Criptografia Assimétrica para Programadores – Evitando Outros Maus Usos da Criptografia em Sistemas de Software
Alexandre Braga, Ricardo Dahab
3. Análise de Binários e Sistemas Assistida por Hardware
Marcus Botacin, Paulo Lício de Geus, André Grégio
4. Blockchain para Segurança em Redes Elétricas Inteligentes: Aplicações, Tendências e Desafios
Diogo M. F. Mattos, Dianne S. V. Medeiros, Natalia C. Fernandes, Marcela T. de Oliveira, Gabriel R. Carrara, Arthur A. Z. Soares, Luiz Claudio S. Magalhães, Diego Passos, Ricardo C. Carrano, Igor M. Moraes, Célio V. N. Albuquerque, Débora C. Muchaluat-Saade

Downloads

Não há dados estatísticos.

Referências

(2009). Lazy Hacker and Little Worm Set Off Cyberwar Frenzy. https://www.computerworld.com/article/2574799/security0/mydoom-lesson-take-proactive-steps-to-prevent-ddos-attacks.html. Último Acesso: Agosto de 2018.

(2010). Wikileaks supporters disrupt Visa and MasterCard sites in 'Operation Payback'. http://www.theguardian.com/world/2010/dec/08/wikileaks-visa-mastercard-operation-payback. Último Acesso: Maio de 2018.

(2012). The CRIME attack: netifera.com. URL: http://netifera.com.

(2013). The BREAH attack: SSL GONE IN 30 SECONDS. URL: http://breachattack.com.

(2016). The logjam attack and weak diffie-hellman. URL: https://weakdh.org.

Acar, Y., Backes, M., Fahl, S., Garfinkel, S., Kim, D., Mazurek, M. L., and Stransky, C. (2017). Comparing the usability of cryptographic apis. In Proceedings of the 38th IEEE Symposium on Security and Privacy.

Adrian, D., Bhargavan, K., Durumeric, Z., Gaudry, P., Green, M., Halderman, J. A., Heninger, N., Springall, D., Thomé, E., Valenta, L., and Others (2015). Imperfect forward secrecy: How Diffie-Hellman fails in practice. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pages 5-17. ACM.

Aitzhan, N. Z. e Svetinovic, D. (2018). Security and privacy in decentralized energy trading through multi-signatures, blockchain and anonymous messaging streams. IEEE Transactions on Dependable and Secure Computing, 15(5):840-852.

Akamai (2016). Akamai's [state of the internet]/security q3 2016 report. https://www.akamai.com/us/en/multimedia/documents/state-of-the-internet/q3-2016-state-of-the-internet-security-report.pdf. Último Acesso: Agosto de 2018.

Akhawe, D., Amann, B., Vallentin, M., and Sommer, R. (2013). Here's My Cert, So Trust Me, Maybe?: Understanding TLS Errors on theWeb. In Proceedings of the 22Nd International Conference on World Wide Web, WWW '13, pages 59-70. InternationalWorldWideWeb Conferences Steering Committee.

Alaba, F. A., Othman, M., Hashem, I. A. T., and Alotaibi, F. (2017). Internet of Things security: A survey. Journal of Network and Computer Applications, 88:10 - 28.

Alashwali, E. S. (2013). Cryptographic vulnerabilities in real-life web servers. In Third International Conference on Communications and Information Technology (ICCIT), pages 6-11. Ieee.

AlFardan, N. J., Bernstein, D. J., Paterson, K. G., Poettering, B., and Schuldt, J. C. N. (2013). On the security of rc4 in tls. In Proceedings of the 22Nd USENIX Conference on Security, SEC'13, pages 305-320, Berkeley, CA, USA. USENIX Association.

Alkhatib, H., Faraboschi, P., Frachtenberg, E., Kasahara, H., Lange, D., Laplante, P., Merchant, A., Milojicic, D., and Schwan, K. (2015). What Will 2022 Look Like? the IEEE CS 2022 Report. IEEE Computer, 48(3):68-76.

Alrawais, A., Alhothaily, A., Hu, C., and Cheng, X. (2017). Fog computing for the Internet of Things: Security and privacy issues. IEEE Internet Computing, 21(2):34-42.

Alvarenga, I. D., Rebello, G. A. F. e Duarte, O. C. M. B. (2018). Securing configuration management and migration of virtual network functions using blockchain. Em IEEE/IFIP Network Operations and Management Symposium (NOMS), p. 1-9.

AMD (2013). AMD64 Architecture Programmer's Manual Volume 2. AMD.

AMD (2016). Amd secure processor (built-in technology). https://tinyurl.com/yaq2rhmv.

Anderson, R. (1993). Why cryptosystems fail. Proceedings of the 1st ACM Conference on Computer . . ., pages 215-227.

Antonopoulos, A. M. (2014). Mastering Bitcoin: unlocking digital cryptocurrencies. O'Reilly Media, Inc., 1 edição.

ARM (2009). ARM Sec. Technology - Building a Secure System using Trust-Zone Technology. ARM.

Arulraj, J., Jin, G., and Lu, S. (2014). Leveraging the short-term memory of hardware to diagnose production-run software failures. SIGARCH Comput. Archit. News, 42(1).

Atzei, N., Bartoletti, M. e Cimoli, T. (2017). A survey of attacks on Ethereum smart contracts SoK. Em International Conference on Principles of Security and Trust, p. 164-186.

Atzori, L., Girau, R., Martis, S., Pilloni, V., and Uras, M. (2017). A SIoTaware approach to the resource management issue in mobile crowdsensing. In Innovations in Clouds, Internet and Networks, Páginas 232-237. IEEE.

Atzori, L., Iera, A., and Morabito, G. (2010). The Internet of Things: A survey. Computer Networks, 54(15):2787 - 2805.

Aumasson, J. and Merino, L. (2016). Sgx secure enclaves in practice: Sec. and crypto review.

Aviram, N., Schinzel, S., Somorovsky, J., Heninger, N., Dankel, M., Steube, J., Valenta, L., Adrian, D., Halderman, J. A., Dukhovni, V., Kasper, E., Cohney, S., Engels, S., Paar, C., and Shavitt, Y. (2016). DROWN: Breaking TLS using SSLv2. Proceedings of the 25th USENIX Security Symposium, (August):1-18.

Azab, A. M., Ning, P., Wang, Z., Jiang, X., Zhang, X., and Skalsky, N. C. (2010). Hypersentry: Enabling stealthy in-context measurement of hypervisor integrity. In Proc. 17th ACM Conf. on Comp. and Comm. Sec., CCS '10. ACM.

Azzouni, A. and Pujolle, G. (2017). A long short-term memory recurrent neural network framework for network traffic matrix prediction.

Bahador, M., Abadi, M., and Tajoddin, A. (2014). Hpcmalhunter: Behavioral malware detection using hardware performance counters and singular value decomposition. In 2014 4th Intl. Conf. on Comp. and Knowledge Engineering (ICCKE).

Banasik, W., Dziembowski, S. e Malinowski, D. (2016). Efficient zero-knowledge contingent payments in cryptocurrencies without scripts. Em Askoxylakis, I., Ioannidis, S., Katsikas, S. e Meadows, C., editors, Computer Security - ESORICS 2016, volume 9879 of Lecture Notes in Computer Science, p. 261-280. Springer International Publishing.

Bandyopadhyay, D. and Sen, J. (2011). Internet of Things: Applications and challenges in technology and standardization. Wireless Personal Communications, 58(1):49-69.

Banks, A. and Gupta, R. (2014). Mqtt version 3.1.1. OASIS standard, 29.

Barbosa, G. N. and Branco, R. R. (2014). Prevalent characteristics in modern malware. http://www.kernelhacking.com/rodrigo/docs/blackhat2014-presentation.pdf.

Bartholemy, A. and Chen, W. (2015). An Examination of Distributed Denial of Service Attacks. In IEEE International Conference on Electro/Information Technology, Páginas 274-279.

Bartoletti, M. e Pompianu, L. (2017). An empirical analysis of smart contracts: Platforms, applications, and design patterns. Em Financial Cryptography and Data Security (FC), p. 494-509.

Basden, J. e Cottrell, M. (2017). How utilities are using blockchain to modernize the grid. Harvard Business Review.

Bassi, A., Bauer, M., Fiedler, M., Kramp, T., Van Kranenburg, R., Lange, S., and Meissner, S. (2013). Enabling things to talk. Springer.

Bayer, U., Kruegel, C., and Kirda, E. (2006). Ttanalyze: A tool for analyzing malware. In 15th European Inst. for Comp. Antivirus Research (EICAR 2006) Annual Conf. EICAR.

Bellard, F. (2005). Qemu, a fast and portable dynamic translator. In Proc. USENIX Annual Technical Conf., ATC '05. USENIX Association.

Belyaev, M. and Gaivoronski, S. (2014). Towards load balancing in SDN-networks during DDoS-attacks. In Science and Technology Conference (Modern Networking Technologies), Páginas 1-6. IEEE.

Bennett, E. (2018). Ethereum attacks. Disponível em https://gist.github.com/ethanbennett/7396bf3f61dd985d3426f2ee184d8822. Acessado em 24/08/2018.

Bera, S., Misra, S., and Vasilakos, A. V. (2017). Software-Defined Networking for Internet of Things: A survey. IEEE Internet of Things Journal, 4(6):1994-2008.

Bernabe, J. B., Hernández, J. L., Moreno, M. V., and Gomez, A. F. S. (2014). Privacy-preserving security framework for a social-aware Internet of Things. In International conference on ubiquitous computing and ambient intelligence, Páginas 408-415. Springer.

Bernabe, J. B., Ramos, J. L. H., and Gomez, A. F. S. (2016). TACIoT: multidimensional trust-aware access control system for the Internet of Things. Soft Computing, 20(5):1763-1779.

Bernstein, D. J. (2006). Curve25519: new diffie-hellman speed records. In International Workshop on Public Key Cryptography, pages 207-228. Springer.

Bernstein, D. J., Lange, T., et al. (2013). Safecurves: choosing safe curves for elliptic-curve cryptography. URL: http://safecurves.cr.yp.to.

Bertsch, V., Hall, M., Weinhardt, C. e Fichtner, W. (2016). Public acceptance and preferences related to renewable energy and grid expansion policy: Empirical insights for Germany. Energy, 114:465 - 477.

Bessani, A., Sousa, J. e Alchieri, E. E. P. (2014). State machine replication for the masses with BFT-SMaRt. Em IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), p. 355-362.

Bittwatt Pte. Ltd. (2018). Bittwatt business plan. Relatório técnico, Bittwatt Pte. Ltd. Disponível em: https://ico.bittwatt.com/static/files/Bittwatt-Business-Plan.pdf.

Bittwatt Pte.Ltd. (2018). Bittwatt whitepaper. Relatório técnico, Bittwatt Pte. Ltd. Disponível em: https://ico.bittwatt.com/static/files/Bittwatt-Whitepaper-EN.pdf.

Bizanis, N. and Kuipers, F. A. (2016). SDN and virtualization solutions for the Internet of Things: A survey. IEEE Access, 4:5591-5606.

Bleichenbacher, D. (1998). Chosen ciphertext attacks against protocols based on the rsa encryption standard pkcs# 1. In Annual International Cryptology Conference, pages 1-12. Springer.

Bleichenbacher, D., Duong, T., Kasper, E., and Nguyen, Q. (2017). Project Wycheproof - Scaling crypto testing. In Real World Crypto Symposium, NewYork, USA.

BlueKrypt. Cryptographic Key Length Recommendation. URL: http://www.keylength.com.

Boneh, D. (1999). Twenty years of attacks on the RSA cryptosystem. Notices of the AMS, pages 1-16.

Bos, J. W., Halderman, J. A., Heninger, N., Moore, J., Naehrig, M., and Wustrow, E. (2014). Elliptic curve cryptography in practice. In Financial Cryptography and Data Security, pages 157-175. Springer.

Botacin, Falcão, Geus, and Grégio (2017). Analysis, anti-analysis, anti-anti-analysis: An overview of the evasive malware scenario. [link].

Botacin, Geus, and Grégio (2015). Uma visão geral do malware ativo no espaço nacional da internet entre 2012 e 2015. http://siaiap34.univali.br/sbseg2015/anais/WFC/artigoWFC02.pdf.

Botacin, M. F., de Geus, P. L., and Grégio, A. R. A. (2018c). The other guys: automated analysis of marginalized malware. Journal of Computer Virology and Hacking Techniques, 14(1):87-98.

Botacin, M., Geus, P. L. D., and Grégio, A. (2018a). Enhancing branch monitoring for security purposes: From control flow integrity to malware analysis and debugging. ACM Trans. Priv. Secur., 21(1):4:1-4:30.

Botacin, M., Geus, P. L. D., and grégio, A. (2018b). Who watches the watchmen: A security-focused review on current state-of-the-art techniques, tools, and methods for systems and binary analysis on modern platforms. ACM Comput. Surv., 51(4):69:1-69:34.

Botta, A., De Donato, W., Persico, V., and Pescapé, A. (2016). Integration of cloud computing and Internet of Things: a survey. Future Generation Computer Systems, 56:684-700.

BouncyCastle (2018). The Legion of the Bouncy Castle. URL: http://www.bouncycastle.org/.

Bradley, J., Reberger, C., Dixit, A., Gupta, V., and Macaulay, J. (2013). Internet of Everything (IoE): Top 10 insights from cisco's IoE value at stake analysis for the public sector. Analysis, Cisco. Último Acesso: Agosto de 2018.

Braga, A. and Dahab, R. (2015a). A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software. In XV Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais - SBSeg 2015, pages 30-43, Florianópolis, SC, Brazil.

Braga, A. and Dahab, R. (2015b). Introdução à Criptografia para Programadores: Evitando Maus Usos da Criptografia em Sistemas de Software. In Caderno de minicursos do XV Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais - SBSeg 2015, pages 1-50. Sociedade Brasileira de Computação. 97

Braga, A. and Dahab, R. (2016). Mining Cryptography Misuse in Online Forums. In 2016 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C), pages 143-150.

Braga, A. and Dahab, R. (2017). A Longitudinal and Retrospective Study on How Developers Misuse Cryptography in Online Communities. In XVII Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais (SBSeg'17), Brasília,DF, Brazil.

Braga, A. M. (2017). Towards the safe development of cryptographic software (Rumo ao desenvolvimento seguro de software criptográfico).

Braga, A., Dahab, R., Antunes, N., Laranjeiro, N., and Vieira, M. (2017a). Practical Evaluation of Static Code Analysis Tools for Cryptography: Benchmarking Method and Case Study. In The 28th IEEE International Symposium on Software Reliability Engineering (ISSRE).

Braga, A., Marino, F., and Santos, R. (2017b). Segurança de Aplicações Blockchain Além das Criptomoedas. In SBC, editor, Livro de minicursos do XVII Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais (SBSeg'17), chapter 3.

Branco, R. R., Barbosa, G. N., and Neto, P. D. (2012). Scientific but not academical overview of malware anti-debugging, anti-disassembly and anti- vm technologies. http://www.kernelhacking.com/rodrigo/docs/blackhat2012-paper.pdf.

BSDaemon, coideloco, and D0nad0n (2008). System management mode hack - using smm for "other purposes". https://tinyurl.com/jxeao4u.

Bull, P., Austin, R., Popov, E., Sharma, M., and Watson, R. (2016a). Flow based security for IoT devices using an SDN gateway. In International Conference on Future Internet of Things and Cloud, Páginas 157-163.

Bull, P., Austin, R., Popov, E., Sharma, M., and Watson, R. (2016b). Flow based security for IoT devices using an SDN gateway. In Future Internet of Things and Cloud, Páginas 157-163. IEEE.

Buterin, V. et al. (2013). Ethereum white paper, 2014. Relatório técnico. Disponível em: https://github.com/ethereum/wiki/wiki/White-Paper.

Cachin, C. (2016). Architecture of the hyperledger blockchain fabric. Em Workshop on Distributed Cryptocurrencies and Consensus Ledgers.

Cachin, C. e Vukolic, M. (2017). Blockchain consensus protocols in the wild. Em International Symposium on Distributed Computing (DISC), p. 1-16.

Cai, H., Shao, Z., and Vaynberg, A. (2007). Certified self-modifying code. SIGPLAN Not., 42(6):66-77.

Calvo, R. (2018). The true cost of certificate authority trials: Can you trust them? URL: https://www.isc2.org/News-and-Events/Infosecurity-Professional-Insights.

Campbell, A. T., Katzela, I., Miki, K., and Vicente, J. (1999). Open Signaling for ATM, Internet and Mobile Networks. ACM SIGCOMM Computer Communication Review, 29(1):97-108.

Casado, M., Freedman, M. J., Pettit, J., Luo, J., McKeown, N., and Shenker, S. (2007). Ethane: Taking Control of the Enterprise. ACM SIGCOMM Computer Communication Review, 37(4):1-12.

Castro, M. e Liskov, B. (1999). Practical Byzantine fault tolerance. Em Symposium on Operating Systems Design and Implementation (OSDI), p. 173-186.

Castro, M. e Liskov, B. (2002). Practical Byzantine fault tolerance and proactive recovery. ACM Transactions on Computer Systems (TOCS), 20(4):398-461.

CERT.br (2018). Estatísticas do cert.br - incidentes de segurança. https://www.cert.br/stats/incidentes/. Último Acesso: Agosto de 2018.

Cervantes, C., Poplade, D., Nogueira, M., and Santos, A. (2015). Detection of sinkhole attacks for supporting secure routing on 6lowpan for internet of things. In IM, Páginas 606-611.

Chandra, P., Messier, M., and Viega, J. (2002). Network security with OpenSSL. O'Reily, June.

Chen, P., Cheng, S. e Chen, K. (2012). Smart attacks in smart grid communication networks. IEEE Communications Magazine, 50(8):24-29.

Chen, X., Andersen, J., Mao, Z. M., Bailey, M., and Nazario, J. (2008). Towards an understanding of anti-virtualization and anti-debugging behavior in modern malware. In 2008 IEEE Intl. Conf. on Depend. Syst. and Net. With FTCS and DCC (DSN). IEEE.

Cheng, Y., Zhou, Z., Miao, Y., Ding, X., and Deng, H. R. (2014). Ropecker: A generic and practical approach for defending against rop attacks. In Symp. on Net. and Dist. System Sec. (NDSS). Internet Society.

Chicarino, V. R. L., Jesus, E. F., Albuquerque, C. V. N. e Rocha, A. A. A. (2017). Uso de blockchain para privacidade e segurança em Internet das coisas. Em Minicursos do Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais (SBSeg), p. 100-150. Sociedade Brasileira de Computação (SBC).

Christidis, K. e Devetsikiotis, M. (2016). Blockchains and smart contracts for the internet of things. IEEE Access, 4:2292-2303.

Cisco (2018). Cisco annual security report. [link]. Último Acesso: Agosto de 2018.

Cisco, C. V. N. I. (2016). Cisco visual networking index: Global mobile data traffic forecast update, 2016-2021 white paper. Último Acesso: Agosto de 2018.

Cohn, A., West, T. e Parker, C. (2017). Smart after all: Blockchain, smart contracts, parametric insurance, and smart energy grids. Georgetown Law Technology Review, 1(2):273-304.

CoreBoot (2015). Coreboot. http://www.coreboot.org/.

Counterparty (2018). Protocol specification. Disponível em https://counterparty.io/docs/protocol_specification/. Acessado em 20/08/2018.

Criscuolo, P. (2000). Distributed Denial of Service, Tribe Flood Network 2000, and Stacheldraht CIAC-2319, Department of Energy Computer incident Advisory Capability (CIAC). Technical report, UCRL-ID-136939, Rev. 1., Lawrence Livermore National Laboratory.

Dütsch, G. e Steinecke, N. (2017). Use cases for blockchain technology in energy and commodity trading. Snapshot of current developments of blockchain in the energy and commidity sector.

de Oliveira, M. T., Carrara, G. R., Fernandes, N. C., Carrano, R. C., Albuquerque, C. V. N., Medeiros, D. S. V. e Mattos, D. M. F. (2018). Uma avaliação de desempenho de cadeias de blocos privadas permissionadas através de cargas de trabalho realísticas. Em XVIII Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais (SBSeg'2018), Natal/RN, Brazil.

Diffie, W. and Hellman, M. (1976). New directions in cryptography. IEEE transactions on Information Theory, 22(6):644-654.

Dinaburg, A., Royal, P., Sharif, M., and Lee, W. (2008a). Ether: Malware analysis via hardware virtualization extensions. In Proc. of the 15th ACM Conf. on Comp. and Comm. Sec., CCS '08. ACM.

Dinaburg, A., Royal, P., Sharif, M., and Lee, W. (2008b). Ether: Malware analysis via hardware virtualization extensions. In Proc. 15th ACM Conf. on Comp. and Comm. Sec., CCS '08. ACM.

Dinh, T. T. A., Wang, J., Chen, G., Liu, R., Ooi, B. C. e Tan, K.-L. (2017). Blockbench: A framework for analyzing private blockchains. Em Proceedings of the 2017 ACM International Conference on Management of Data, p. 1085-1100. ACM.

do Brasil, G. (2018). Governo digital. https://www.governodigital.gov.br/.

Dong, Z., Luo, F. e Liang, G. (2018). Blockchain: a secure, decentralized, trusted cyber infrastructure solution for future energy systems. Journal of Modern Power Systems and Clean Energy.

Douceur, J. R. (2002). The sybil attack. Em International workshop on peer-to-peer systems, p. 251-260. Springer.

Douligeris, C. and Mitrokotsa, A. (2004). DDoS attacks and defense mechanisms: classification and state-of-the-art. Computer Networks, 44(5):643 - 666.

Duflot, L., Etiemble, D., and Grumelard, O. (2007). Using cpu system management mode to circumvent operating system sec. functions. https://tinyurl.com/y7mlduy9.

DynamoRIO (2001). Dynamic instrumentation tool platform. https://tinyurl.com/ybenfvw9.

Efthymiou, C. e Kalogridis, G. (2010). Smart Grid Privacy via Anonymization of Smart Metering Data. 2010 First IEEE International Conference on Smart Grid Communications, p. 238-243.

Egele, M., Brumley, D., Fratantonio, Y., and Kruegel, C. (2013). An empirical study of cryptographic misuse in android applications. ACM SIGSAC conference on Computer & communications security - CCS '13, pages 73-84.

Eldewahi, A. E.W., Sharfi, T. M. H., Mansor, A. A., Mohamed, N. A. F., and Alwahbani, S. M. H. (2015). Ssl/tls attacks: Analysis and evaluation. In 2015 International Conference on Computing, Control, Networking, Electronics and Embedded Systems Engineering (ICCNEEE), pages 203-208.

Embleton, S., Sparks, S., and Zou, C. (2008). Smm rootkits: A new breed of os independent malware. In Proc. 4th Intl. Conf. on Sec. and Priv. in Communication Netowrks, SecureComm '08. ACM.

Energy Web Foundation (2018). Buiding the grid's digital dna. https://energyweb.org/. Acessado em 24.08.2018.

Erickson, D. (2013). The Beacon OpenFlow Controller. In ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, Páginas 13-18, New York, NY, USA. ACM.

Ethereum (2018). Solidity. https://solidity.readthedocs.io/en/develop/index.html. Acessado em 20.08.2018.

Evans, D. (2012). The Internet of Everything: How more relevant and valuable connections will change the world. Cisco IBSG, 2012:1-9.

Fahl, S., Harbach, M., and Muders, T. (2012). Why Eve and Mallory love Android: An analysis of Android SSL (in) security. In ACM conference on Computer and communications security, pages 50-61.

Falcão, D. M. (2009). Smart grids e microredes: o futuro já é presente. Em Anais do VIII Simpósio de Automação e Sistemas Elétricos, SIMPASE '09.

Fardan, N. A. and Paterson, K. (2013). Lucky thirteen: Breaking the TLS and DTLS record protocols. Security and Privacy (SP), 2013 IEEE Symposium on (2013).

Farhady, H., Lee, H., and Nakao, A. (2015). Software-Defined Networking: A Survey. Computer Networks, 81:79 - 95.

Farris, I., Taleb, T., Khettab, Y., and Song, J. S. (2018). A survey on emerging SDN and NFV security mechanisms for IoT systems. IEEE Communications Surveys & Tutorials.

Fattori, A., Paleari, R., Martignoni, L., and Monga, M. (2010). Dynamic and transparent analysis of commodity production syst. In Proc. IEEE/ACM Int. Conf. on Automated Software Engineering, ASE '10. ACM.

Feamster, N., Rexford, J., and Zegura, E. (2014). The Road to SDN: An Intellectual History of Programmable Networks. ACM SIGCOMM Computer Communication Review, 44(2):87-98.

Felderer, M., Büchler, M., Johns, M., D. Brucker, A., Breu, R., and Pretschner, A. (2016). Sec. testing: A survey.

Feng, S., Setoodeh, P., and Haykin, S. (2017). Smart home: Cognitive interactive people-centric Internet of Things. IEEE Communications Magazine, 55(2):34-39.

FGV Energia (2017). Caderno de carros elétricos. Disponível em: https://fgvenergia.fgv.br/sites/fgvenergia.fgv.br/files/caderno_carros_eletricos-fgv-book.pdf.

Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and Berners-Lee, T. (1999). Hypertext Transfer Protocol - HTTP/1.1.

Flauzac, O., González, C., Hachani, A., and Nolot, F. (2015). SDN based architecture for IoT and improvement of the security. In International Conference on Advanced Information Networking and Applications Workshops, Páginas 688-693.

G1 (2017). Mobile banking se torna meio mais usado para transacoes bancarias, diz febraban. https://g1.globo.com/economia/seu-dinheiro/noticia/mobile-banking-se-torna-meio-mais-usado-para-transacoes-bancarias-diz-febraban.ghtml.

Gauld, S., von Ancoina, F. e Stadler, R. (2017). The burst dymaxion: An arbitrary scalable, energy efficient and anonymous transaction network based on colored tangles. Relatório técnico.

Georgiev, M., Iyengar, S., Jana, S., Anubhai, R., Boneh, D., and Shmatikov, V. (2012). The most dangerous code in the world. In Proceedings of the 2012 ACM conference on Computer and communications security - CCS '12, page 38.ACMPress.

Giancaspro, M. (2017). Is a 'smart contract' really a smart idea? insights from a legal perspective. Computer Law & Security Review, 33(6):825 - 835.

Gluck, Y., Harris, N., and Angel, A. (2013). BREACH: Reviving the CRIME Attack. In Black Hat Conference.

Goodin, D. (2016). Record-breaking ddos reportedly delivered by >145k hacked cameras. https://arstechnica.com/information-technology/2016/09/botnet-of-145k-cameras-reportedly-deliver-internets-biggestddos-ever/. Último Acesso: Agosto de 2018.

Google. Google Android Developers. URL: https://groups.google.com/forum/#!forum/androiddevelopers.

Grégio, A. R. A., Fernandes, D. S. o., Afonso, V. M., de Geus, P. L., Martins, V. F., and Jino, M. (2013). An empirical analysis of malicious internet banking software behavior. In Proceedings of the 28th Annual ACM Symposium on Applied Computing, SAC '13, pages 1830-1835, New York, NY, USA. ACM.

Green, J. e Newman, P. (2017). Citizen utilities: The emerging power paradigm. Energy Policy, 105:283 - 293.

Greenberg, A., Hjalmtysson, G., Maltz, D. A., Myers, A., Rexford, J., Xie, G., Yan, H., Zhan, J., and Zhang, H. (2005). A Clean Slate 4D Approach to Network Control and Management. ACM SIGCOMM Computer Communication Review, 35(5):41-54.

Greenspan, G. (2015). Multichain private blockchain-white paper. URl: http://www.multichain.com/download/MultiChain-White-Paper. pdf.

Greer, C., Wollman, D. A., Prochaska, D. E., Boynton, P. A., Mazer, J. A., Nguyen, C. T., FitzPatrick, G. J., Nelson, T. L., Koepke, G. H., Hefner Jr, A. R. et al. (2014). NIST framework and roadmap for smart grid interoperability standards, release 3.0. Relatório técnico.

Greve, F., Sampaio, L., Abijaude, J., Coutinho, A., Ítalo Valcy e Queiroz, S. (2018). Blockchain e a revolução do consenso sob demanda. Em Minicursos do Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos (SBRC), p. 1-52. Sociedade Brasileira de Computação (SBC).

Gude, N., Koponen, T., Pettit, J., Pfaff, B., Casado, M., McKeown, N., and Shenker, S. (2008). NOX: Towards an Operating System for Networks. ACM SIGCOMM Computer Communication Review, 38(3).

Guimarães, P. H. V., Murillo, A., Andreoni, M., Mattos, D. M., Ferraz, L. H. G., Pinto, F. A. V., Costa, L. H. M. e Duarte, O. C. M. (2013). Comunicação em redes elétricas inteligentes: Eficiência, confiabilidade, segurança e escalabilidade. Minicursos do Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos (Minicursos SBRC).

Gunter, C. A., Nelli, R., Gross, G. e LeMay, M. (2008). An integrated architecture for demand response communications and control. Em Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008)(HICSS), volume 00, p. 174.

Gupta, S. e Sadoghi, M. (2018). Blockchain transaction processing.

Gutmann, P. (2002). Lessons Learned in Implementing and Deploying Crypto Software. Usenix Security Symposium.

Gutmann, P. Everything you NeverWanted to Know about PKI but were Forced to Find Out. URL: https://www.cs.auckland.ac.nz/pgut001/pubs/pkitutorial.pdf.

Gutmann, P. Godzilla crypto tutorial - Part 2, Key Management and Certificates.

Hadley, M., Lu, N. e Deborah, A. (2010). Smart-grid Security Issues. IEEE Security and Privacy, 8(1):81-85.

Hankerson, D., Vanstone, S., and Menezes, A. (2004). Guide to elliptic curve cryptography.

Hasse, F., von Perfall, A., Hillebrand, T., Smole, E., Lay, L. e Charlet, M. (2016). Blockchain-an opportunity for energy producers and consumers. PwC Global Power & Utilities, p. 1-45.

Holgado, P., VILLAGRA, V. A., and Vazquez, L. (2017). Real-time multistep attack prediction based on hidden markov models. IEEE Transactions on Dependable and Secure Computing.

IACR (2012). Real world crypto symposium. URL: https://rwc.iacr.org/index.html.

Iannacci, J. (2018). Internet of Things (IoT); Internet of Everything (IoE); tactile Internet; 5g - a (not so evanescent) unifying vision empowered byEH-MEMS (energy harvesting MEMS) and RF-MEMS (radio frequency MEMS). Sensors and Actuators A: Physical, 272:187 - 198.

Igure, V. M., Laughter, S. A. eWilliams, R. D. (2006). Security issues in SCADA networks. Computers and Security, 25(7):498-506.

Intel (2013). Intel R"64 and IA-32 Architectures Software Developer's Manual. Intel.

Intel (2015). Pin - a dynamic binary instrumentation tool. https://tinyurl.com/m685m25.

Intel (2018). Pcie device security enhancements specification. https://www.intel.com/content/www/us/en/io/pci-express/pcie-device-security-enhancements-spec.html.

Ionescu, A. (2015). Battle of the skm and ium: How windows 10 rewrites os architecture. https://tinyurl.com/na375ur.

ISECLAB (2010). Anubis - malware analysis for unknown binaries. https://anubis.iseclab.org/.

J. D. Case and M. Fedor and M. L. Schoffstall and J. Davin (1990). Simple Network Management Protocol (SNMP).

Jesus, E. F., Chicarino, V. R. L., de Albuquerque, C. V. N. e Rocha, A. A. A. (2018). A survey of how to use blockchain to secure Internet of Things and the stalker attack. Security and Communication Networks, 2018:1-28.

Jonsson, J. and Burt Kaliski (2003). RSA Laboratories Public-Key Cryptography Standards (PKCS)#1: RSA Cryptography Specifications Version 2.1. URL: https://tools.ietf.org/html/rfc3447.

Kang, J., Yu, R., Huang, X., Maharjan, S., Zhang, Y. e Hossain, E. (2017). Enabling localized peer-to-peer electricity trading among plug-in hybrid electric vehicles using consortium blockchains. IEEE Transactions on Industrial Informatics, 13(6):3154-3164.

Kang, M. G., Yin, H., Hanna, S., McCamant, S., and Song, D. (2009). Emulating emulation-resistant malware. In Proc. 1st ACM Work. on Virtual Machine Sec., VMSec '09. ACM.

Kaspersky (2015). Beaches, carnivals and cybercrime: Kaspersky lab shares insights on brazilian cyber underground. https://www.kaspersky.com/about/press-releases/2015_beaches-carnivals-and-cybercrime-kaspersky-lab-shares-insights-on-brazilian-cyber-underground.

Khan, R., Khan, S. U., Zaheer, R., and Khan, S. (2012). Future Internet: the Internet of Things architecture, possible applications and key challenges. In Frontiers of Information Technology, Páginas 257-260. IEEE.

Khandelwal, S. (2017). First-ever data stealing malware found using intel amt tool to bypass firewall. https://tinyurl.com/y7e7kg8v.

Kiayias, A., Russell, A., David, B. e Oliynykov, R. (2017). Ouroboros: A provably secure proof-of-stake blockchain protocol. Em Katz, J. e Shacham, H., editors, Advances in Cryptology - CRYPTO 2017, p. 357-388.

King, S. e Nadal, S. (2012). PPCoin: peer-to-peer crypto-currency with proof-of-stake. Relatório técnico.

Kitten, T. (2013). DDoS: Lessons from Phase 2 Attacks. http://www.bankinfosecurity.com/ddos-attacks-lessons-from-phase-2-a-5420. Último Acesso: Maio de 2018.

Koblitz, N. (1987). Elliptic curve cryptosystems. Mathematics of computation, 48(177):203-209.

Kompalli and Sarat (2014). Using existing hardware services for malware detection. In Proc. 2014 IEEE Sec. and Priv. Work.s, SPW'14. IEEE Comp. Society.

Kwon, D., Kim, H., An, D., and Ju, H. (2017). DDoS attack volume forecasting using a statistical approach. In IFIP/IEEE Symposium on Integrated Network and Service Management, Páginas 1083-1086. IEEE.

Kwon, J. (2014). Tendermint: Consensus without mining. Relatório técnico. Draft versão 6. Disponível em: https://cdn.relayto.com/media/files/LPgoWO18TCeMIggJVakt_tendermint.pdf.

Ladakis, E., Koromilas, L., Vasiliadis, G., Polychronakis, M., and Ioannidis, S. (2013). You can type, but you can't hide: A stealthy gpu-based keylogger. https://tinyurl.com/cbzp42n.

Lamaazi, H., Benamar, N., Jara, A. J., Ladid, L., and Ouadghiri, D. E. (2014). Challenges of the Internet of Things: IPv6 and Network Management. In International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, Páginas 328- 333.

Lamport, L. (2001). Paxos made simple. ACM SIGACT News, 32(4):18-25.

Langner, R. (2011). Stuxnet: Dissecting a cyberwarfare weapon. IEEE Security Privacy, 9(3):49-51.

Lasseter, R. H. e Paigi, P. (2004). Microgrid: a conceptual solution. Em Anais do 35th Annual Power Electronics Specialists Conference (IEEE Cat. No.04CH37551), volume 6 of PESC '04, p. 4285-4290.

Le, A., Loo, J., Chai, K. K., and Aiash, M. (2016). A specification-based IDS for detecting attacks on RPL-based network topology. Information, 7(2):25.

Le, A., Loo, J., Luo, Y., and Lasebae, A. (2011). Specification-based IDS for securing RPL from topology attacks. In IFIP Wireless Days, Páginas 1-3. IEEE.

Lee, H., Moon, H., Jang, D., Kim, K., Lee, J., Paek, Y., and Kang, B. B. (2013). Ki-mon: A hardware-assisted event-triggered monitoring platform for mutable kernel object. In 22nd USENIX Sec. Symposium. USENIX.

Lee, J., Uddin, M., Tourrilhes, J., Sen, S., Banerjee, S., Arndt, M., Kim, K.-H., and Nadeem, T. (2014). mesdn: Mobile extension of sdn. In International workshop on Mobile cloud computing & services, Páginas 7-14. ACM.

Lee, S., Shih, M.-W., Gera, P., Kim, T., Kim, H., and Peinado, M. (2017). Inferring finegrained control flow inside SGX enclaves with branch shadowing. In 26th USENIX Sec. Symposium (USENIX Sec. 17). USENIX Association.

Leslie, I., Crosby, S., and Rooney, S. (2015). Devolved Control of ATM Networks. https://www.cl.cam.ac.uk/research/srg/netos/projects/archive/dcan/#pub. Último Acesso: Agosto de 2018.

Li, C., Qin, Z., Novak, E., and Li, Q. (2017). Securing SDN Infrastructure of IoT-Fog Networks From MitM Attacks. IEEE Internet of Things Journal, 4(5):1156-1164.

Li, K., Ding, S., McCreary, D., and Webb, S. (2004). Analysis of state exposure control to prevent cheating in online games. In Proceedings of the 14th International Workshop on Network and Operating Systems Support for Digital Audio and Video, NOSSDAV '04, pages 140-145, New York, NY, USA. ACM.

Li, X., Liang, X., Lu, R., Shen, X., Lin, X. e Zhu, H. (2012). Securing smart grid: cyber attacks, countermeasures, and challenges. IEEE Communications Magazine, 50(8):38-45.

Li, Z., Kang, J., Yu, R., Ye, D., Deng, Q. e Zhang, Y. (2018). Consortium blockchain for secure energy trading in industrial internet of things. IEEE Transactions on Industrial Informatics, 14(8):3690-3700. 191

Liang, G., Weller, S. R., Luo, F., Zhao, J. e Dong, Z. Y. (2018). Distributed blockchain-based data protection framework for modern power systems against cyber attacks. IEEE Transactions on Smart Grid.

LibVMI (2015). Introduction to libvmi. https://tinyurl.com/y8d4xbq9.

Lima, M. N., Dos Santos, A. L., and Pujolle, G. (2009). A survey of survivability in mobile ad hoc networks. IEEE Communications Surveys & Tutorials, 11(1):66-77.

Lisk (2018). Access the power of blockchain. https://lisk.io/. Acessado em 20.08.2018.

Liu, K., Lu, S., and Liu, C. (2014). Poster: Fingerprinting the publicly available sandboxes. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS '14, pages 1469-1471, New York, NY, USA. ACM.

LO3 Energy Team (2017). Exergy: Electrical power whitepaper. Relatório técnico, LO3 Energy. Disponível em: https://exergy.energy/wp-content/uploads/2017/12/Exergy-Whitepaper-v8.pdf.

Lopes, Y., Bornia, T., Farias, V., Fernandes, N. C. e Muchaluat-Saade, D. C. (2016). Desafios de segurança e confiabilidade na comunicação para smart grids. Miniursos do Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais (Minicursos SBSeg).

Luu, L., Chu, D.-H., Olickel, H., Saxena, P. e Hobor, A. (2016). Making smart contracts smarter. Em Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS'16, p. 254-269, New York, NY, USA. ACM.

Müller, B., Duong, T., and Kotowicz, K. (2014). The POODLE attack. URL: https://www.openssl.org/bodo/ssl-poodle.pdf.

Macedo, R., de Castro, R., Santos, A., Ghamri-Doudane, Y., and Nogueira, M. (2016). Self-organized SDN controller cluster conformations against DDoS attacks effects. In Global Communications Conference (GLOBECOM), 2016 IEEE, Páginas 1-6. IEEE.

Mandt, T., Solnik, M., and Wang, D. (2016). Demystifying the secure enclave processor.

Marlinspike, M. (2009). New tricks for defeating SSL in practice. URL: https://blackhat.com/presentations/bh-europe-09/Marlinspike/blackhat-europe-2009-marlinspike-sslstrip-slides.pdf.

Marnay, C., Abbey, C., Joos, G., Ash, K., Bando, S., Braun, M., Chatzivasileiadis, S., Driesen, J., Hatziargyriou, N., Iravani, R., Jimenez, G., Katiraei, F., Lombardi, P., Lynch, K., Mancarella, P., Moneta, D., Moreira, C., Oudalov, A., Khattabi, M., Morris, G., Nakanishi, Y., Reilly, J., Ross, M., Shinji, T. e von Appen, J. (2015). Microgrids 1 engineering, economics, & experience. Relatório Técnico 635.

Mart, V. G. and Hern, L. (2013). Implementing ECC with Java Standard Edition 7. International Journal of Computer Science and Artificial Intelligence, 3(4):134-142.

Martignoni, L., Fattori, A., Paleari, R., and Cavallaro, L. (2010). Live and trustworthy forensic analysis of commodity production syst. In Proc. 13th Intl. Conf. on Recent Advances in Intrusion Detection, RAID'10. Springer-Verlag.

Martignoni, L., Paleari, R., Roglia, G. F., and Bruschi, D. (2009). Testing cpu emulators. In Proc. 18th Intl Symp. on Software Testing and Analysis, ISSTA '09. ACM.

Mason, J. (2018). Cyber security statistics. https://thebestvpn.com/cyber-security-statistics-2018/. Último Acesso: Agosto de 2018.

Mattos, D. M. F., Duarte, O. C. M. B. e Pujolle, G. (2018). A lightweight protocol for consistent policy update on software-defined networking with multiple controllers. Journal of Network and Computer Applications. A ser publicado.

McDaniel, P. e McLaughlin, S. (2009). Security and privacy challenges in the smart grid. IEEE Security and Privacy, 7(3):75-77.

Mckeay, M. (2016). 620 gbps attack post mortem. https://blogs.akamai.com/2016/10/620-gbps-attack-post-mortem.html. Último Acesso: Maio de 2018.

McKeown, N., Anderson, T., Balakrishnan, H., Parulkar, G., Peterson, L., Rexford, J., Shenker, S., and Turner, J. (2008). OpenFlow: Enabling Innovation in Campus Networks. ACM SIGCOMM Computer Communication Review, 38(2):69-74.

Menezes, A. J., Van Oorschot, P. C., and Vanstone, S. A. (1996). Handbook of applied cryptography. CRCpress.

Mengelkamp, E., Garttner, J., Rock, K., Kessler, S., Orsini, L. e Weinhardt, C. (2018a). Designing microgrid energy markets: A case study: The brooklyn microgrid. Applied Energy, 210:870 - 880.

Mengelkamp, E., Notheisen, B., Beer, C., Dauer, D. e Weinhardt, C. (2018b). A blockchain-based smart grid: towards sustainable local energy markets. Computer Science - Research and Development, 33(1):207-214.

Merz, M. (2016). Potential of the blockchain technology in energy trading. Em Burgwinkel, D., editor, Blockchain Technology: An Introduction for Business and IT Managers, chapter 2, p. 51-97. DE GRUYTER, Alemanha.

Mihaylov, M., Jurado, S., Avellana, N., Moffaert, K. V., de Abril, I. M. e Nowé, A. (2014). Nrgcoin: Virtual currency for trading of renewable energy in smart grids. Em 11th International Conference on the European Energy Market (EEM14), p. 1-6.

Miller, V. S. (1985). Use of elliptic curves in cryptography. In Conference on the theory and application of cryptographic techniques, pages 417-426. Springer.

Ministério de Minas e Energia (2012). Concessões de geração, transmissão e distribuição de energia elétrica: Perguntas e respostas. Disponível em: http://www.mme.gov.br/documents/10584/1256596/Perguntas_e_respostas_-_Concessxes.pdf/57c8080d-eb1b-4052-9c3e-d3c4c010e974.

Miraz, M. H., Ali, M., Excell, P. S., and Picking, R. (2015). A review on Internet of Things (IoT), Internet of Everything (IoE) and Internet of Nano Things (IoNT). In Internet Technologies and Applications (ITA), Páginas 219-224.

Mitchell, S., Villa, N., Stewart-Weeks, M., and Lange, A. (2013). The Internet of Everything for cities: connecting people, process, data and things to improve the livability of cities and communities. San Jose: Cisco.

Mo, Y., Kim, T. H. J., Brancik, K., Dickinson, D., Lee, H., Perrig, A. e Sinopoli, B. (2012). Cyber-physical security of a smart grid infrastructure. Proceedings of the IEEE, 100(1):195-209.

Monax (2018). Monax - active agreements for growing businesses. https://monax.io/. Acessado em 20.08.2018.

Moon, H., Lee, H., Lee, J., Kim, K., Paek, Y., and Kang, B. B. (2012). Vigilare: Toward snoop-based kernel integrity monitor. In Proc. 2012 ACM Conf. on Comp. and Comm. Sec., CCS '12. ACM.

Moore, J. T., Hicks, M., and Nettles, S. (2001). Practical programmable packets. In IEEE INFOCOM, volume 1, Páginas 41-50 vol.1.

More, A. and Tapaswi, S. (2014). Virtual machine introspection: towards bridging the semantic gap. Journal of Cloud Computing, 3(1).

Mousavi, S. M. (2014). Early detection of DDoS Attacks in Software Defined Networks Controller. Master's thesis, Carleton University, Ottawa, Ontario, Canada. Último Acesso: Agosto de 2018.

Mousavi, S. M. and St-Hilaire, M. (2015). Early detection of DDoS attacks against SDN controllers. In Computing, Networking and Communications, Páginas 77-81. IEEE.

Myers, M. and Youndt, S. (2007). An introduction to hardware-assisted virtual machine (hvm) rootkits. https://tinyurl.com/y8wfsye5.

Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system. Relatório técnico.

Nanda, S., Zafari, F., DeCusatis, C., Wedaa, E., and Yang, B. (2016). Predicting network attack patterns in SDN using machine learning approach. In IEEE Conference on Network Function Virtualization and Software Defined Networks, Páginas 167-172. IEEE.

Naraine, R. (2002). Massive DDoS Attack Hit DNS Root Servers. http://www.cs.cornell.edu/people/egs/beehive/rootattack.html. Último Acesso: Agosto de 2018.

Nazario, J. (2015). BlackEnergy DDoS Bot Analysis - Arbor Networks. http://atlas-public.ec2.arbor.net/docs/BlackEnergy+DDoS+Bot+Analysis.pdf. Último Acesso: Maio de 2018.

Neugschwandtner, M., Platzer, C., Comparetti, P., and Bayer, U. (2010). danubis - dynamic device driver analysis based on virtual machine introspection. In Kreibich, C. and Jahnke, M., editors, Detection of Intrusions and Malware, and Vulnerability Assessment, volume 6201 of Lecture Notes in Comp. Science. Springer Berlin Heidelberg.

Neuman, C. e Tan, K. (2011). Mediating cyber and physical threat propagation in secure smart grid architectures. 2011 IEEE International Conference on Smart Grid Communications, SmartGridComm 2011, p. 238-243.

Newman, L. (2018). Github survived the biggest DDoS attack ever recorded. https://www.wired.com/story/github-ddos-memcached/. Último Acesso: Agosto de 2018.

Ng, E. (2010). Maestro: A System for Scalable OpenFlow Control. Technical report, TSEN Maestro-Technical Report TR10-08, Rice University.

Nguyen, A. M., Schear, N., Jung, H., Godiyal, A., King, S. T., and Nguyen, H. D. (2009). Mavmm: Lightweight and purpose built vmm for malware analysis. In Proc. 2009 Annual Comp. Sec. Applications Conf., ACSAC '09. IEEE Comp. Society.

Nieminen, J., Savolainen, T., Isomaki, M., Patil, B., Shelby, Z., and Gomez, C. (2015). Ipv6 over bluetooth(r) low energy. RFC 7668, IETF. Último Acesso: Agosto de 2018.

Nijim, M., Albataineh, H., Khan, M., and Rao, D. (2017). Fastdetict: A Data Mining Engine for predecting and preventing DDoS attacks. In Technologies for Homeland Security, Páginas 1-5. IEEE.

NIST (2012). Recommendation for Key Management - Part 1: General (Revision 3). URL: http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_part1_rev3_general.pdf.

NIST (2013). Digital Signature Standard (DSS).

Nobakht, M., Sivaraman, V., and Boreli, R. (2016). A host-based intrusion detection and mitigation framework for smart home IoT using OpenFlow. In Availability, Reliability and Security, Páginas 147-156. IEEE. 46

Noce, J., Lopes, Y., Fernandes, N. C., Albuquerque, C. V. N. e Muchaluat-Saade, D. C. (2017). Identifying vulnerabilities in smart gric communication networks of electrical substations using geese 2.0. Em 2017 IEEE 26th International Symposium on Industrial Electronics (ISIE), p. 111-116.

Nunes, B., Mendonca, M., Nguyen, X.-N., Obraczka, K., and Turletti, T. (2014). A Survey of Software-Defined Networking: Past, Present, and Future of Programmable Networks. IEEE Communications Surveys Tutorials, 16(3):1617-1634.

Olson, P. (2014). The largest cyber attack in history has been hitting hong kong sites. https://www.forbes.com/sites/parmyolson/2014/11/20/thelargest-cyber-attack-in-history-has-been-hitting-hong-kong-sites/#782acbf638f6. Último Acesso: Agosto de 2018.

Ongaro, D. e Ousterhout, J. (2014). In search of an understandable consensus algorithm. Em Proceedings of USENIX Conference on USENIX Annual Technical Conference, USENIX ATC'14, p. 305-320.

Open Networking Foundation (2012). Software-Defined Networking: The New Norm for Networks. White paper, Open Networking Foundation, Palo Alto, CA, USA.

OpenSSL.org. OpenSSL Cryptography and SSL/TLS toolkit. URL: https://OpenSSL.org.

Opsahl, J. M. G. (2013). Open-source virtualization : Functionality and performance of Qemu/KVM, Xen, Libvirt and VirtualBox. PhD thesis, Oslo Univ.

Oracle. Java Cryptography Architecture (JCA) Reference Guide. URL: [link].

Oracle. Java Cryptography Architecture Oracle Providers Documentation for Java Platform Standard Edition 8. URL: https://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html.

Ouaddah, A., Abou Elkalam, A. e Ait Ouahman, A. (2016). Fairaccess: a new blockchain-based access control framework for the internet of things. Security and Communication Networks, 9(18):5943-5964.

OWASP (2015). OWASP Testing Project v4. URL: https://www.owasp.org/index.php/OWASP_Testing_Project.

Palattella, M. R., Accettura, N., Vilajosana, X.,Watteyne, T., Grieco, L. A., Boggia, G., and Dohler, M. (2013). Standardized protocol stack for the Internet of (important) Things. IEEE communications surveys & tutorials, 15(3):1389-1406.

Paleari, R. (2015). Fast coverage analysis for binary applications. https://tinyurl.com/y7obk3y5.

Paleari, R., Martignoni, L., Roglia, G. F., and Bruschi, D. (2009). A fistful of redpills: How to automatically generate procedures to detect cpu emulators. In Proc. 3rd USENIX Conf. on Offensive Technologies, WOOT'09. USENIX Association.

Pappas, V., Polychronakis, M., and Keromytis, A. D. (2013). Transparent rop exploit mitigation using indirect branch tracing. In Proc. 22Nd USENIX Conf. on Sec., SEC'13. USENIX Association.

Paxson, V. (2001). An Analysis of Using Reflectors for Distributed Denial-of- Service Attacks. ACM SIGCOMM Computer Communication Review, 31(3):38-47.

Pelloso, M., Vergu, A., Santos, A., Nogueira, M., et al. (2018). Um sistema autoadaptável para predição de ataques ddos fundado na teoria da metaestabilidade. In Simpósio Brasileiro de Redes de Computadores (SBRC), volume 36.

Petroni, Jr., N. L., Fraser, T., Molina, J., and Arbaugh, W. A. (2004). Copilot - a coprocessor-based kernel runtime integrity monitor. In Proc. 13th Conf. on USENIX Sec. Symp. - Volume 13, SSYM'04. USENIX Association.

Pilkington, M. (2016). 11 blockchain technology: principles and applications. Research handbook on digital transformations, p. 225.

Popper, N. (2016). A hacking of more than $50 million dashes hopes in the world of virtual currency. https://www.nytimes.com/2016/06/18/business/dealbook/hacker-may-have-removed-more-than-50-million-from-experimental-cyber-currency-project.html. Acessado em 24.08.2018.

Power Ledger Pty Ltd (2018). Powerledger whitepaper. Relatório técnico, Power Ledger Pty Ltd. Disponível em: https://powerledger.io/media/Power-Ledger-Whitepaper-v8.pdf.

Pradhan, M., Fuchs, C., and Johnsen, F. T. (2018). A survey of applicability of military data model architectures for smart city data consumption and integration. In IEEE World Forum on Internet of Things, Páginas 129-134. IEEE.

Prasad, K. M., Reddy, A. R. M., and Rao, K. V. (2014). DoS and DDoS Attacks: Defense, Detection and Traceback Mechanisms - A Survey. Global Journal of Computer Science and Technology, 14(7).

Prince, M. (2013). The DDoS That Almost Broke the Internet. https://blog.cloudflare.com/the-ddos-that-almost-broke-the-internet/. Último Acesso: Agosto de 2018.

Project, X. (2015). vmcs.c. http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=xen/arch/x86/hvm/vmx/vmcs.c.

Pudjianto, D., Ramsay, C. e Strbac, G. (2007). Virtual power plant and system integration of distributed energy resources. IET Renewable Power Generation, 1:10-16.

Quynh, N. A. and Suzaki, K. (2010). Virt-ice: Next-generation debugger for malware analysis. https://tinyurl.com/ybszcbxn.

R. Enns (2006). NETCONF Configuration Protocol. rfc 4741. obsoleto pela rfc 6241.

Rahman, M. A., Al-Shaer, E. e Bera, P. (2013). A noninvasive threat analyzer for advanced metering infrastructure in smart grid. IEEE Transactions on Smart Grid, 4(1):273-287.

Rajan, A., Jithish, J., and Sankaran, S. (2017). Sybil attack in IoT: Modelling and defenses. In Advances in Computing, Communications and Informatics, Páginas 2323- 2327. IEEE.

Ramachandran, B., Srivastava, S. K., Edrington, C. S. e Cartes, D. A. (2011). An intelligent auction scheme for smart grid market using a hybrid immune algorithm. IEEE Transactions on Industrial Electronics, 58(10):4603-4612.

Reina, A., Fattori, A., Pagani, F., Cavallaro, L., and Bruschi, D. (2012). When hardware meets software: A bulletproof solution to forensic memory acquisition. In Proc. 28th Annual Comp. Sec. Applications Conf., ACSAC '12. ACM.

Rescorla, E. (2018). The transport layer security (tls) protocol version 1.3. URL: https://tools.ietf.org/html/rfc8446.

Rexford, J., Greenberg, A., Hjalmtysson, G., Maltz, D. A., Myers, A., Xie, G., Zhan, J., and Zhang, H. (2004). Network-wide Decision Making: Toward a Wafer-thin Control Plane. In Proceedings of HotNets, Páginas 59-64.

Ristic, I. (2015). OpenSSL cookbook. FeistyDuck, 2nd. ed. (version 2.1-draft published in june 2018) edition.

Rivest, R. L., Shamir, A., and Adleman, L. (1978). A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2):120-126.

Roemer, R., Buchanan, E., Shacham, H., and Savage, S. (2012). Return-oriented programming: Syst., languages, and applications. ACM Trans. Inf. Syst. Secur., 15(1).

Rossow, C., Dietrich, C., and Bos, H. (2013). Large-scale analysis of malware downloaders. In Proc. of the 9th Inter. Conf. on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA'12. Springer.

Rutkowska (2006). Subverting vista kernel for fun and for profit. https://tinyurl.com/y86ltylh.

Rutkowska (2010). Qubes os project. https://www.qubes-os.org/.

Rutkowska, J. and Wojtczuk, R. (2008). Preventing and detecting xen hypervisor subversions. https://tinyurl.com/44denv2.

Santos, A. A., Nogueira, M., and Moura, J. M. F. (2017). A stochastic adaptive model to explore mobile botnet dynamics. IEEE Communications Letters, 21(4).

Sattar, D., Matrawy, A., and Adeojo, O. (2016). Adaptive Bubble Burst (ABB): Mitigating DDoS attacks in Software-Defined Networks. In Telecommunications Network Strategy and Planning Symposium, Páginas 50-55. IEEE.

Schatten, M., Å eva, J., and Tomicic, I. (2016b). A roadmap for scalable agent organizations in the Internet of Everything. Journal of Systems and Software, 115:31 - 41.

Schatten, M., Seva, J., and Tomicic, I. (2016a). A roadmap for scalable agent organizations in the Internet of Everything. Journal of Systems and Software, 115:31-41.

Schiffman, J. and Kaplan, D. (2014). The smm rootkit revisited: Fun with usb. In Availability, Reliability and Sec. (ARES), 2014 9th Intl. Conf. on. IEEE.

Schneier, B. (1998). Cryptographic design vulnerabilities. Computer, (September):29-33.

Schwartz, D., Youngs, N. e Britto, A. (2014). The Ripple protocol consensus algorithm. Relatório técnico, Ripple Labs Inc.

Schwarz, M., Weiser, S., Gruss, D., Maurice, C., and Mangard, S. (2017). Malware guard extension: Using sgx to conceal cache attacks. https://arxiv.org/abs/1702.08719.

Sciancalepore, S., Piro, G., Caldarola, D., Boggia, G., and Bianchi, G. (2017). OAuth-IoT: An access control framework for the Internet of Things based on open standards. In IEEE Symposium on Computers and Communications, Páginas 676-681. IEEE.

Scott-Hayward, S., Natarajan, S., and Sezer, S. (2016). A survey of security in Software Defined Networks. IEEE Communications Surveys & Tutorials, 18(1):623-654.

SeaBIOS (2015). Seabios. http://www.seabios.org/SeaBIOS.

SEC, S. (2000). Sec 2: Recommended elliptic curve domain parameters, version 1. Standards for Efficient Cryptography Group, Certicom Corp (http://www.secg.org/).

SEC, S. (2010). Sec 2: Recommended elliptic curve domain parameters, version 2. Standards for Efficient Cryptography Group, Certicom Corp (http://www.secg.org/).

Seshadri, A., Luk, M., Qu, N., and Perrig, A. (2007). Secvisor: A tiny hypervisor to provide lifetime kernel code integrity for commodity oses. In Proc. 21st ACM SIGOPS Symp. on Operating Syst. Principles, SOSP '07. ACM.

Sezer, S., Scott-Hayward, S., Chouhan, P., Fraser, B., Lake, D., Finnegan, J., Viljoen, N., Miller, M., and Rao, N. (2013). Are We Ready for SDN? Implementation Challenges for Software-Defined Networks. IEEE Communications Magazine, 51(7):36-43.

Shelby, Z., Hartke, K., and Bormann, C. (2014). The constrained application protocol (coap). Technical report.

Shi, H., Alwabel, A., and Mirkovic, J. (2014). Cardinal pill testing of system virtual machines. In 23rd USENIX Sec. Symp. (USENIX Sec. 14). USENIX Association.

Shinagawa, T., Eiraku, H., Tanimoto, K., Omote, K., Hasegawa, S., Horie, T., Hirano, M., Kourai, K., Oyama, Y., Kawai, E., Kono, K., Chiba, S., Shinjo, Y., and Kato, K. (2009). Bitvisor: A thin hypervisor for enforcing i/o device sec. In Proc. ACM SIGPLAN/SIGOPS Intl. Conf. on Virtual Execution Environments, VEE '09.

Shuai, S., Guowei, D., Tao, G., Tianchang, Y., and Chenjie, S. (2014). Modelling Analysis and Auto-detection of Cryptographic Misuse in Android Applications. In IEEE 12th International Conference on Dependable, Autonomic and Secure Computing (DASC), pages 75-80.

Sikorski, M. and Honig, A. (2012). Practical Malware Analysis: The Hands- On Guide to Dissecting Malicious Software. No Starch Press, San Francisco, CA, USA, 1st edition.

Sonar, K. and Upadhyay, H. (2014). A survey: DDoS attack on Internet of Things. International Journal of Engineering Research and Development, 10(11):58-63.

Song, D., Brumley, D., Yin, H., Caballero, J., Jager, I., Kang, M. G., Liang, Z., Newsome, J., Poosankam, P., and Saxena, P. (2008). Bitblaze: A new approach to comp. sec. via binary analysis. In Proc. 4th Intl. Conf. on Information Syst. Sec., ICISS '08. Springer-Verlag.

Stallings,W. (2003). Cryptography and network security, principles and practices.

Stellar (2018). Stellar | move money across borders quickly, reliably, and for fractions of a penny. https://www.stellar.org/. Acessado em 20.08.2018.

Sudworth, J. (2009). New 'cyber attacks' hit s Korea. http:// news.bbc.co.uk/2/hi/asia-pacific/8142282.stm. Último Acesso: Agosto de 2018.

Sui, H.,Wang, H., Lu, M. e Lee,W. (2009). An ami system for the deregulated electricity markets. IEEE Transactions on Industry Applications, 45(6):2104- 2108.

Sullivan, N. (2018). A detailed look at rfc 8446 (a.k.a. tls 1.3). URL: https://blog.cloudflare.com/rfc-8446-aka-tls-1-3.

Symatec (2018). 2018 Internet Security Threat Report. https://www.symantec.com/security-center/threat-report. Último Acesso: Agosto de 2018.

Szabo, N. (1997). Formalizing and securing relationships on public networks. First Monday, 2(9).

Tayyaba, S. K., Shah, M. A., Khan, O. A., and Ahmed, A. W. (2017). Software Defined Network (SDN) Based Internet of Things (IoT): A Road Ahead. In Proceedings of the International Conference on Future Networks and Distributed Systems, page 10. ACM.

Tennenhouse, D. L. and Wetherall, D. J. (2002). Towards an Active Network Architecture. In DARPA Active NEtworks Conference and Exposition, Páginas 2-15.

Tennenhouse, D. L., Smith, J. M., Sincoskie, W. D., Wetherall, D. J., and Minden, G. J. (1997). A Survey of Active Network Research. IEEE Communications Magazine, 35(1):80-86.

Thober, M., Pendergrass, J. A., and McDonell, C. D. (2008). Improving coherency of runtime integrity measurement. In Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing, STC '08, pages 51-60, New York, NY, USA. ACM.

Thubert, P., Brandt, A., Hui, J., Kelsey, R., Levis, P., and Pister, K. (2012). Rpl: Ipv6 routing protocol for low power and lossy networks. RFC 6550, IETF. Último Acesso: Agosto de 2018.

Tsai, C.-L., Chang, A. Y., and Ming-Szu, H. (2010). Early Warning System for DDoS Attacking Based on Multilayer Deployment of Time Delay Neural Network. International Conference on Intelligent Information Hiding and Multimedia Signal Processing.

Tschorsch, F. e Scheuermann, B. (2016). Bitcoin and beyond: A technical survey on decentralized digital currencies. IEEE Communications Surveys Tutorials, 18(3):2084-2123.

van Prooijen, J. (2016). The design of malware on modern hardware. https://tinyurl.com/y8rwfj5t.

Vasudevan, A. and Yerraballi, R. (2006a). Cobra: Fine-grained malware analysis using stealth localized-executions. In Proc. 2006 IEEE Symp. on Sec. and Priv., SP '06. IEEE Comp. Society.

Vasudevan, A. and Yerraballi, R. (2006b). Spike: Engineering malware analysis tools using unobtrusive binary-instrumentation. In Proc. 29th Australasian Comp. Science Conf. - Volume 48, ACSC '06. Australian Comp. Society, Inc.

Vijayan, J. (2004). Mydoom lesson: Take proactive steps to prevent DDoS attacks. https://www.wired.com/2009/07/mydoom/. Último Acesso: Agosto de 2018.

Vlacheas, P., Giaffreda, R., Stavroulaki, V., Kelaidonis, D., Foteinos, V., Poulios, G., Demestichas, P., Somov, A., Biswas, A. R., and Moessner, K. (2013). Enabling smart cities through a cognitive management framework for the Internet of Things. IEEE communications magazine, 51(6):102-111.

Wang, A., Mohaisen, A., and Chen, S. (2017). An adversary-centric behavior modeling of DDoS attacks. In International Conference on Distributed Computing Systems, Páginas 1126-1136. IEEE.

Wang, J., Stavrou, A., and Ghosh, A. (2010). Hypercheck: A hardware-assisted integrity monitor. In Proc. 13th Intl. Conf. on Recent Advances in Intrusion Detection, RAID'10. Springer- Verlag.

Wang, J., Zhang, F., Sun, K., and Stavrou, A. (2011). Firmware-assisted memory acquisition and analysis tools for digital forensics. In Proc. 2011 6th IEEE Intl. Wksp on Systematic Approaches to Digital Forensic Engineering, SADFE '11. IEEE Comp. Society.

Wang, W. e Lu, Z. (2013). Cyber security in the smart grid: Survey and challenges. Computer Networks, 57(5):1344 - 1371.

Wang, Y., Liu, L., Sun, B., and Li, Y. (2015). A Survey of Defense Mechanisms against Application Layer Distributed Denial of Service Attacks. In IEEE International Conference on Software Engineering and Service Science, Páginas 1034-1037.

Wani, A. and Revathi, S. (2018). Analyzing Threats of IoT networks using SDN Based Intrusion Detection System (SDIoT-IDS). In Communications in Computer and Information Science.

Wecherowski, F. (2009). A real smm rootkit: Reversing and hooking bios smi handlers. https://tinyurl.com/knoms4t.

Wikipedia (2018). Netscape. URL: https://en.wikipedia.org/wiki/Netscape.

Will, N. C., Condé, R. C. R., and Maziero, C. A. (2017). Mecanismos de segurança baseados em hardware: uma introdução à arquitetura intel sgx. https://sbseg2017.redes.unb.br/wp-content/uploads/2017/04/20171107-SBSeg2017-Livro_de_Minicursos.pdf.

Willems, C., Hund, R., and Holz, T. (2012b). Cxpinspector: Hypervisor-based, hardware-assisted system monitoring. Technical report, Horst Gortz Institute for IT Sec.

Willems, C., Hund, R., Fobian, A., Felsch, D., Holz, T., and Vasudevan, A. (2012a). Down to the bare metal: Using processor features for binary analysis. In Proc. of the 28th Annual Comp. Sec. Applications Conf., ACSAC '12. ACM.

Wired (2000). Yahoo on Trail of Site Hackers. http://www.wired.com/2000/02/yahoo-on-trail-of-site-hackers/. Último Acesso: Maio de 2018.

Wood, G. (2014). Ethereum: A secure decentralised generalised transaction ledger. Ethereum project yellow paper, 151:1-32.

Xia, W., Wen, Y., Foh, C. H., Niyato, D., and Xie, H. (2015). A survey on Software-Defined Networking. IEEE Communications Surveys Tutorials, 17(1):27-51.

Xia, Y., Liu, Y., Chen, H., and Zang, B. (2012). Cfimon: Detecting violation of control flow integrity using performance counters. In Proc. 2012 42nd Annual IEEE/IFIP Intl. Conf. on Depend. Syst. and Net. (DSN), DSN '12. IEEE Comp. Society.

Xiao, B., Chen, W., and He, Y. (2006). A novel approach to detecting DDoS attacks at an early stage. J Supercomput.

Xu, J., Mu, D., Xing, X., Liu, P., Chen, P., and Mao, B. (2017). Postmortem program analysis with hardware-enhanced post-crash artifacts. In 26th USENIX Sec. Symposium. USENIX.

Xu, X., Weber, I., Staples, M., Zhu, L., Bosch, J., Bass, L., Pautasso, C. e Rimba, P. (2017). A taxonomy of blockchain-based systems for architecture design. Em International Conference on Software Architecture, ICSA'17, p. 243-252.

Yan, L.-K., Jayachandra, M., Zhang, M., and Yin, H. (2012). V2e: Combining hardware virtualization and software emulation for transparent and extensible malware analysis. In Proc. 8th ACM SIGPLAN/SIGOPS Conf. on Virtual Execution Environments, VEE '12.

Yan, Y., Qian, Y. e Sharif, H. (2011). A secure and reliable in-network collaborative communication scheme for advanced metering infrastructure in smart grid. 2011 IEEE Wireless Communications and Networking Conference, WCNC 2011, (to):909-914.

Zan, X., Gao, F., Han, J., and Sun, Y. (2009). A hidden markov model based framework for tracking and predicting of attack intention. In International Conference on Multimedia Information Networking and Security, volume 2, Páginas 498-501. IEEE.

Zargar, S., Joshi, J., and Tipper, D. (2013). A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks. IEEE Communications Surveys Tutorials, 15(4):2046-2069.

Zhang, F. (2013). Iocheck: A framework to enhance the security of i/o devices at runtime. In 2013 43rd Annual IEEE/IFIP Conf. on Depend. Syst. and Net. Wksp (DSN-W).

Zhang, F., Leach, K., Stavrou, A., Wang, H., and Sun, K. (2015). Using hardware features for increased debugging transparency. In 2015 IEEE Symp. on Sec. and Priv. IEEE.

Zhang, F., Leach, K., Sun, K., and Stavrou, A. (2013). Spectre: A depend. introspection framework via system management mode. In Proc. 43rd Annual IEEE/IFIP Intl. Conf. on Depend. Syst. and Net. (DSN), DSN '13. IEEE Comp. Society.

Zhang, L., Guo, Y., Yuwen, H., and Wang, Y. (2016). A Port Hopping Based DoS Mitigation Scheme in SDN Network. In International Conference on Computational Intelligence and Security, Páginas 314-317. IEEE.

Zhao, M., Kumar, A., Chong, P. H. J., and Lu, R. (2017). A comprehensive study of RPL and P2P-RPL routing protocols: Implementation, challenges and opportunities. Peer-to-Peer Networking and Applications, 10(5):1232-1256.

Zhu, T., Xiao, S., Ping, Y., Towsley, D. e Gong, W. (2011). A secure energy routing mechanism for sharing renewable energy in smart microgrid. 2011 IEEE International Conference on Smart Grid Communications, SmartGridComm 2011, p. 143-148.

Capa para Minicursos do XVIII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais
Data de publicação
22/10/2018

Detalhes sobre o formato disponível para publicação: Volume Completo

Volume Completo
ISBN-13 (15)
978-65-87003-88-7