Publications
2024
| Conference |
Efficient Static Vulnerability Analysis for JavaScript with Multiversion Dependency Graphs Mafalda Ferreira, Miguel Monteiro, Tiago Brito, Miguel E. Coimbra, Nuno Santos, Limin Jia, José Fragoso Santos PLDI 2024 [paper] [repo] |
| Conference |
Flow Correlation Attacks on Tor Onion Service Sessions with Sliding Subset Sum Daniela Lopes, Jin-Dong Dong, Daniel Castro, Pedro Medeiros, Diogo Barradas, Bernardo Portela, João Vinagre, Bernardo Ferreira, Nicolas Christin, Nuno Santos NDSS 2024 [paper] [repo] |
2023
| Conference |
Enhancing the Unlinkability of Circuit-Based Anonymous Communications with k-Funnels Vítor Nunes, José Brás, Afonso Carvalho, Diogo Barradas, Kevin Gallagher, Nuno Santos CoNEXT 2023 [paper] [repo] |
| Workshop |
TIGER: Tor Traffic Generator for Realistic Experiments Daniela Lopes, Daniel Castro, Diogo Barradas, Nuno Santos WPES 2023 (Workshop on Privacy in the Electronic Society) [paper] |
| Preprint | From Prompt Injections to SQL Injection Attacks: How Protected is Your LLM-Integrated Web Application? Rodrigo Pedro, Daniel Castro, Paulo Carreira, Nuno Santos arXiv 2308.01990 2023 [paper] |
| Workshop |
Trusted Heterogeneous Disaggregated Architectures Atsushi Koshiba, Felix Gust, Julian Pritzi, Anjo Vahldiek-Oberwagner, Nuno Santos, Pramod Bhatotia APSys 2023 (ACM SIGOPS Asia-Pacific Workshop on Systems) [paper] |
| Journal |
Study of JavaScript Static Analysis Tools for Vulnerability Detection in Node.js Packages Tiago Brito, Mafalda Ferreira, Miguel Monteiro, Pedro Lopes, Miguel Barros, José Fragoso Santos, Nuno Santos IEEE Transactions on Reliability 2023 [paper] [preprint] [repo] |
| Workshop |
Rethinking Realistic Adversaries for Anonymous Communication Systems Kevin Gallagher, Diogo Barradas, Nuno Santos FOCI 2023 (Workshop on Free and Open Communication on the Internet) [paper] |
| Conference |
RuleKeeper: GDPR-Aware Personal Data Compliance for Web Frameworks Mafalda Ferreira, Tiago Brito, José Fragoso Santos, Nuno Santos IEEE Security and Privacy (SP) 2023 [paper] [repo] |
2022
| Poster | Poster: User Sessions on Tor Onion Services: Can Colluding ISPs Deanonymize Them at Scale? Daniela Lopes, Pedro Medeiros, Jin-Dong Dong, Diogo Barradas, Bernardo Portela, João Vinagre, Bernardo Ferreira, Nicolas Christin, Nuno Santos CCS 2022 (poster) [paper] |
| Poster | Poster: A Systems Approach to GDPR Compliance-by-Design in Web Development Stacks Mafalda Ferreira, Tiago Brito, José Fragoso Santos, Nuno Santos CCS 2022 (poster) [paper] |
| Poster |
Poster: Empirical Study on Applying Program Analysis and Testing Tools to Student Code Frederico Ramos, Filipe Marques, Nuno Santos, Pedro Adão, José Fragoso Santos KLEE Workshop 2022 [poster] [slides] |
Conference |
Concolic Execution for WebAssembly Filipe Marques, José Fragoso Santos, Nuno Santos, Pedro Adão ECOOP 2022 [paper] [code] |
| Journal |
Wasmati: An Efficient Static Vulnerability Scanner for WebAssembly Tiago Brito, Pedro Lopes, Nuno Santos, José Fragoso Santos Computers & Security 2022 [paper] [preprint] [code] |
| Conference |
ReZone: Disarming TrustZone with TEE Privilege Reduction David Cerdeira, José Martins, Nuno Santos, Sandro Pinto USENIX Security 2022 [paper] [preprint] [code] |
| Conference |
Stegozoa: Enhancing WebRTC Covert Channels with Video Steganography for Internet Censorship Circumvention Gabriel Figueira, Diogo Barradas, Nuno Santos AsiaCCS 2022 [paper] [code] |
| Conference |
Secure and Policy-Compliant Query Processing on Heterogeneous Computational Storage Architectures Harshavardhan Unnibhavi, David Cerdeira, Antonio Barbalace, Nuno Santos, Pramod Bhatotia SIGMOD 2022 [paper] [code] |
2021
| Workshop | The Nuts and Bolts of Building FlowLens Diogo Barradas, Nuno Santos, Luís Rodrigues, Salvatore Signorello, Fernando M. V. Ramos, André Madeira LASER @ NDSS 2021 [pdf]] |
| Conference |
FlowLens: Enabling Efficient Flow Classification for ML-based Network Security Applications Diogo Barradas, Nuno Santos, Luís Rodrigues, Salvatore Signorello, Fernando Ramos, André Madeira NDSS 2021 [pdf] [code] |
2020
| Conference |
Poking a Hole in the Wall: Efficient Censorship-Resistant Internet Communications by Parasitizing on WebRTC Diogo Barradas, Nuno Santos, Luís Rodrigues, Vítor Nunes CCS 2020 [paper] [code] [talk] [teaser] [poster] |
| Conference |
SoK: Understanding the Prevailing Security Vulnerabilities in TrustZone-assisted TEE Systems David Cerdeira, Nuno Santos, Pedro Fonseca, Sandro Pinto IEEE Security and Privacy (SP) 2020 [paper] |
| Conference |
Flowverine: Leveraging Dataflow Programming for Building Privacy-Sensitive Android Applications Eduardo Gomes, Igor Zavalyshyn, Nuno Santos, João Silva, Axel Legay Trustcom 2020 [paper] |
| Conference |
My House, My Rules: A Private-by-Design Smart Home Platform Igor Zavalyshyn, Nuno Santos, Ramin Sadre, Axel Legay Mobiquitous 2020 [paper] [talk] |
| Conference |
Censorship-resistant Web Annotations Based on Ethereum and IPFS João Santos, Nuno Santos, David Dias ACM SAC 2020 [paper] [extended] |
| Workshop | Towards a Scalable Censorship-Resistant Overlay Network based on WebRTC Covert Channels Diogo Barradas, Nuno Santos DICG Workshop @ Middleware 2020 [paper] [talk] |
| Workshop | On the unobservability of multimedia-based covert channels for Internet censorship circumvention Diogo Barradas, Nuno Santos, Luís Rodrigues ISOC.PT ANRW 2020 (best research paper & Internet impact acknowledge mention) [paper] [slides] |
| Workshop | Building Private-by-Design IoT System Igor Zavalyshyn Middleware DS 2020 [pdf] [talk] |
2019
| Journal | Demystifying Arm TrustZone: A Comprehensive Surveys Sandro Pinto, Nuno Santo ACM Computing Surveys 2019 [paper] |
| Patent | Trusted language runtime on a mobile platform Himanshu Raj, Nuno Santos, Paul England, Stefan Saroiu, Alastair Wolman US Patent 10,496,824, 2019 [paper] |
| Conference | Identificação de Canais Encobertos no Skype usando Esboços em SDNs André Madeira, Diogo Barradas, Nuno Santos, Luís Rodrigues Inforum 2019 (best paper award) [paper] |
| Preprint | DClaims: A Censorship Resistant Web Annotations System using IPFS and Ethereum João Santos, Nuno Santos, David Dias arXiv 1912.03388 2019 (ZK Capital's nominated paper of the week) [paper] [repo] |
2018
| Journal | Forensic Analysis of Communication Records of Messaging Applications from Physical Memory Diogo Barradas, Tiago Brito, David Duarte, Nuno Santos, Luís Rodrigues Computers & Security 2018 [paper] [code] |
| Conference | Effective Detection of Multimedia Protocol Tunneling using Machine Learning Diogo Barradas, Nuno Santos, Luís Rodrigues USENIX Security 2018 [paper] [code] |
| Conference |
HomePad: A Privacy-aware Smart Hub for Home Environments Igor Zavalyshyn, Nuno O. Duarte, Nuno Santos ACM SEC 1018 [paper] |
| Conference |
Leveraging ARM TrustZone and Verifiable Computing to Provide Auditable Mobile Functions Nuno O. Duarte, Sileshi Demesie Yalew, Nuno Santos, Miguel Correia Mobiquitous 2018 [pdf] |
| Conference | DBStore: A TrustZone-backed Database Management System for Mobile Applications Pedro Ribeiro, Nuno Santos, Nuno O. Duarte SECRYPT 2018 [pdf] |
| Conference | An Extended Case Study about Securing Smart Home Hubs through N-Version Programming Igor Zavalyshyn, Nuno O. Duarte, Nuno Santos SECRYPT 2018 (best student paper award) [pdf] |
| Workshop | Assessing the Feasibility of Machine Learning to Detect Network Covert Channels Diogo Barradas Eurosys DW 2018 [pdf] |
2017
| Conference | TrUbi: A System for Dynamically Constraining Mobile Devices within Restrictive Usage Scenarios Miguel B. Costa, Nuno O. Duarte, Nuno Santos, Paulo Ferreira Mobihoc 1017 [pdf] |
| Journal | DeltaShaper: Enabling Unobservable Censorship-resistant TCP Tunneling over Videoconferencing Streams Diogo Barradas, Nuno Santos, Luís Rodrigues PoPETS 2017 [pdf] [code] |
| Journal | Cross-domain identity and discovery framework for web calling services Jean-Michel Crom, Ibrahim Tariq Javed, Rebecca Copeland, Noel Crespi, Felix Beierle, Sebastian Göndör, Axel Küpper, Marc Emmelmann, Andreea Ancuta Corici, Kevin Corre, Ahmed Bouabdallah, Frank Oberle, Ingo Friese, Ricardo Jorge Fernandes Chaves, Nuno Santos Annals of Telecommunications 2017 [pdf] |
| Conference | Forensic Analysis of Communication Records of Web-based Messaging Applications from Physical Memory Diogo Barradas, Tiago Brito, David Duarte, Nuno Santos, Luís Rodrigues SECRYPT 2017 [pdf] [scitepress] |
| Conference | reTHINK Core Framework, a New Way for Establishing Communication Channels Between Endpoints Paulo Chainho, Anastasius Gavras, Steffen Druesedow, Ricardo Lopes Pereira, Ricardo Jorge Fernandes Chaves, Nuno Santos, Bernardo Graça EuCNC 2017 [pdf] |
| Conference | Decentralized Communications: Trustworthy Interoperability in Peer-To-Peer Networks Paulo Chainho, Steffen Druesedow, Ricardo Lopes Pereira, Ricardo Jorge Fernandes Chaves, Nuno Santos, Kay Haensge, Anton Roman Portabales EuCNC 2017 [pdf] |
2016
| Conference | Storekeeper: A Security-Enhanced Cloud Storage Aggregation Service Sancha Pereira, André Alves, Nuno Santos, Ricardo Chaves SRDS 2016 [paper] |
| Conference | ShareIff: A Sticky Policy Middleware for Self-Destructing Messages in Android Applications António Goulão, Nuno O. Duarte, Nuno Santos SRDS 2016 [paper] |
| Workshop | ARM TrustZone for Secure Image Processing on the Cloud Tiago Brito, Nuno O. Duarte, Nuno Santos WMCSP Workshop @ SRDS 2016 [paper] |
| Conference | P-Cop: A Cloud Administration Proxy to Enforce Bipartite Maintenance of
PaaS Services Bruno Braga, Nuno Santos IEEE CLOUD 2016 [paper] |
| Conference | Global Identity and Reachability Framework for Interoperable P2P Communication Services Ibrahim Tariq Javed, Rebecca Copeland, Noel Crespi, Felix Beierle, Sebastian Göndör, Axel Küpper, Ahmed Bouabdallah, Marc Emmelmann, Andreea Ancuta Corici, Jean-Michel Crom, Kevin Corre, Frank Oberle, Ingo Friese, Ricardo Jorge Fernandes Chaves, Nuno Santos ICIN 2016 [paper] |
| Conference | Síntese de Vídeo para Evasão de Censura na Internet Diogo Barradas, Nuno Santos, Luís Rodrigues Inforum 2016 [paper] |
| Conference | Efficient Location-aware Message Delivery for Encounter Networks Igor Zavalyshyn, Nuno O. Duarte, Nuno Santos Inforum 2016 [paper] |
2015
| Conference | Termite: Emulation Testbed for Encounter Networks Rodrigo Bruno, Nuno Santos, Paulo Ferreira Mobiquitous 2015 [paper] |
| Workshop | A Case for Enforcing App-Specific Constraints to Mobile Devices by Using Trust Leases Nuno Santos, Nuno O. Duarte, Miguel B. Costa, Paulo Ferreira HotOS 2015 [paper] [slides] |
2014
| Conference | Using ARM TrustZone to Build a Trusted Language Runtime for Mobile Applications Nuno Santos, Himanshu Raj, Stefan Saroiu, Alec Wolman ASPLOS 2014 [paper] |
| Workshop | Leveraging Trusted Computing and Model Checking to Build Dependable Virtual Machines Nuno Santos, Nuno P. Lopes HotDep 2014 [paper] [slides] |
2013
| Journal | Verifying Cloud Services: Present and Future Sara Bouchenak, Gregory Chockler, Hana Chockler, Gabriela Gheorghe, Nuno Santos, Alexander Shraer OS Review 2013 [paper] |
2012
| Conference | Enhancing the OS against Security Threats in System Administration Nuno Santos, Rodrigo Rodrigues, Bryan Ford Middleware 2012 [paper] |
| Conference | Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services Nuno Santos, Rodrigo Rodrigues, Krishna P. Gummadi, Stefan Saroiu USENIX Security 2012 [paper] [slides] |
| Workshop | Trusted Language Runtime (TLR): Enabling Trusted Applications on Smartphones Nuno Santos, Himanshu Raj, Stefan Saroiu, Alec Wolman HotMobile 2012 [paper] |
2011
| Poster | Improving Customer Trust in Cloud Services Nuno Santos, Rodrigo Rodrigues, Krishna P. Gummadi, Stefan Saroiu Poster Eurosys 2011 |
| Preprint | Excalibur: Building Trustworthy Cloud Services Nuno Santos, Rodrigo Rodrigues, Krishna P. Gummadi, Stefan Saroiu TR MPI-SWS 2011 [paper] |
| Preprint | NetEx: Cost-effective Bulk Data Transfers for Cloud Computing Massimiliano Marcon, Nuno Santos, Krishna P. Gummadi, Nikolaos Laoutaris, Pablo Rodriguez, and Amin Vahdat TR MPI-SWS 2011 [paper] |
2010
| Journal | Unifying Divergence Bounding and Locality Awareness in Replicated Systems with Vector-Field Consistency Luis Veiga, Andre Negrao, Nuno Santos, Paulo Ferreira JISA 2010 [paper] |
| Poster | NetEx: Efficient and Cost-effective Internet Bulk Content Delivery Massimiliano Marcon, Nuno Santos, Krishna P. Gummadi, Nikolaos Laoutaris, Pablo Rodriguez, Amin Vahdat Poster ANCS 2010 [paper] |
2009
| Workshop | Towards Trusted Cloud Computing Nuno Santos, Krishna P. Gummadi, Rodrigo Rodrigues HotCloud 2009 [paper] [slides] |
2008
| Poster | Anonymity in the Personalized Web Nuno Santos, Alan Mislove, Marcel Dischinger, Krishna P. Gummadi Poster NSDI 2008 [paper] |
2007
| Conference | Vector-Field Consistency for Ad-hoc Gaming Nuno Santos, Luis Veiga, Paulo Ferreira Middleware 2007 (best paper award) [pdf] |
2006
| Workshop | Making Transactions Resilient to Intermittent Network Connections Nuno Santos, Paulo Ferreira WoWMoM Workshop 2006 [paper] |
| Workshop | Loosely-Coupled, Mobile Replication of Objects with Transactions Luis Veiga, Nuno Santos, Ricardo Lebre, Paulo Ferreira ICPADS Workshop 2006 [paper] |
2004
| Conference | Transaction Policies for Mobile Networks Nuno Santos, Luis Veiga, Paulo Ferreira IEEE Policy 2004 [paper] |