Nuno Santos
Phone: +351 21 3100 213
Distributed, Parallel and Secure Systems
INESC-ID Lisbon
Rua Alves Redol 9, Room 503
1000-029 Lisbon, Portugal
Bio
I am an Associate Professor from the Department of Computer Science and Engineering (DEI) at Instituto Superior Técnico (IST), University of Lisbon, and a senior researcher at INESC-ID Lisbon, where I'm an active member of the Distributed, Parallel and Secure Systems (DPSS) group. Within this group, I lead the SysSec team, focusing on systems security and privacy. I received my Ph.D. degree in 2013 from the Max Planck Institute for Software Systems (MPI-SWS) in affiliation with Saarland University. In 2010, I did an intership at Microsoft Research Redmond. I was a visiting researcher at the Vrije Universiteit Amsterdam with the Systems and Network Security Group (VUSec) in 2018, and at the Technical University of Munich (TUM) with the Systems Research Group in 2024. My research has been published in top tier conferences, such as SP, USENIX Security, CCS, NDSS, ASPLOS, SIGMOD, PLDI, ICSE, and SIGMETRICS. I served as a PC member for major security venues, including CCS, USENIX Security, and SP, and as a Program Vice Co-Chair for USENIX Security'25. At IST, I've been awarded multiple Teaching Excellence Awards and the IST Outstanding Teaching Award in 2019/2020.
Research & Teaching
My research interests lie in the field of computer and networked systems security. To learn more about my research and teaching activities, please follow these links: research, teaching.
Selected Publications
| PLDI 2025 |
Automated Exploit Generation for Node.js Packages Filipe Marques, Mafalda Ferreira, André Nascimento, Miguel E. Coimbra, Nuno Santos, Limin Jia, José Fragoso Santos (to appear) [paper] [repo] |
| SIGMETRICS 2025 |
Confidential VMs Explained: An Empirical Analysis of AMD SEV-SNP and Intel TDX Masanori Misono, Dimitrios Stavrakakis, Nuno Santos, Pramod Bhatotia (to appear) [paper] [abstract] [repo] |
| ICSE 2025 |
Prompt-to-SQL Injections in LLM-Integrated Web Applications: Risks and Defenses Rodrigo Pedro, Miguel E. Coimbra, Daniel Castro, Paulo Carreira, Nuno Santos [paper] [repo] |
| PLDI 2024 |
Efficient Static Vulnerability Analysis for JavaScript with Multiversion Dependency Graphs Mafalda Ferreira, Miguel Monteiro, Tiago Brito, Miguel E. Coimbra, Nuno Santos, Limin Jia, José Fragoso Santos [paper] [repo] |
| NDSS 2024 |
Flow Correlation Attacks on Tor Onion Service Sessions with Sliding Subset Sum Daniela Lopes, Jin-Dong Dong, Daniel Castro, Pedro Medeiros, Diogo Barradas, Bernardo Portela, João Vinagre, Bernardo Ferreira, Nicolas Christin, Nuno Santos [paper] [repo] |
| SP 2023 |
RuleKeeper: GDPR-Aware Personal Data Compliance for Web Frameworks Mafalda Ferreira, Tiago Brito, José Fragoso Santos, Nuno Santos [paper] |
| USENIX Security 2022 |
ReZone: Disarming TrustZone with TEE Privilege Reduction David Cerdeira, José Martins, Nuno Santos, Sandro Pinto [paper] |
| SIGMOD 2022 |
Secure and Policy-Compliant Query Processing on Heterogeneous Computational Storage Architectures Harshavardhan Unnibhavi, David Cerdeira, Antonio Barbalace, Nuno Santos, Pramod Bhatotia [paper] |
| NDSS 2021 |
FlowLens: Enabling Efficient Flow Classification for ML-based Network Security Applications Diogo Barradas, Nuno Santos, Luís Rodrigues, Salvatore Signorello, Fernando Ramos, André Madeira [paper] |
| CCS 2020 |
Poking a Hole in the Wall: Efficient Censorship-Resistant Internet Communications by Parasitizing on WebRTC Diogo Barradas, Nuno Santos, Luís Rodrigues, Vítor Nunes [paper] [code] [talk] [teaser] [poster] |
| SP 2020 |
SoK: Understanding the Prevailing Security Vulnerabilities in TrustZone-assisted TEE Systems David Cerdeira, Nuno Santos, Pedro Fonseca, Sandro Pinto [paper] |
| ACM Computing Surveys 2019 |
Demystifying Arm TrustZone: A Comprehensive Survey Sandro Pinto, Nuno Santos [pdf] |
| USENIX Security 2018 | Effective Detection of Multimedia Protocol Tunneling using Machine Learning Diogo Barradas, Nuno Santos, Luís Rodrigues [paper] [code] |
| ASPLOS 2014 | Using ARM TrustZone to Build a Trusted Language Runtime for Mobile Applications Nuno Santos, Himanshu Raj, Stefan Saroiu, Alec Wolman [paper] |
| USENIX Security 2012 | Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services Nuno Santos, Rodrigo Rodrigues, Krishna P. Gummadi, Stefan Saroiu [paper] [slides] |
| HotCloud 2009 | Towards Trusted Cloud Computing Nuno Santos, Krishna P. Gummadi, Rodrigo Rodrigues [paper] [slides] |
Recent, current, and upcoming service
- IEEE EuroSP 2026: General Co-Chair
- IEEE SP 2026, 2025: Program Committee
- USENIX Security 2025: Program Vice Co-Chair
- SysTEX @ IEEE EuroSP 2024: Program Committee Co-Chair
- USENIX Security 2024, 2023: Program Committee
- CCS 2023, 2022, 2021: Program Committee
- ASIACCS 2023, 2014: Program Committee
- INFORUM 2023, 2022, 2021, 2019, 2018, 2016, 2015: Program Committee
- DINPS @ ICDCS 2022: Program Committee
- BlockTEE @ DisCoTec 2022: Program Committee
- DPSC 2022, 2021, 2020: Program Committee
- CCGrid 2021: Program Committee
- DI2F @ IFIP Networking 2021: Program Committee Co-Chair
- Eurosys 2021: Doctoral Workshop Committee
- Middleware 2020: Doctoral Symposium Committee
- SECRYPT 2020, 2019, 2018, 2017, 2016: Program Committee
- ISOC.PT ANRW 2020: Program Committee
- CRYPTACUS Training School 2018: Organization Committee
- INFORUM 2017: Track Co-Chair
- INFORUM 2016: Track Chair
- TRUDEVICE Training School 2014: Organization Committee
- OSDI 2014 Poster Session: Program Committee