Nuno Santos

Phone: +351 21 3100 213

Distributed, Parallel and Secure Systems
INESC-ID Lisbon
Rua Alves Redol 9, Room 503
1000-029 Lisbon, Portugal


Bio

I am an Associate Professor from the Department of Computer Science and Engineering (DEI) at Instituto Superior Técnico (IST), University of Lisbon, and a senior researcher at INESC-ID Lisbon, where I'm an active member of the Distributed, Parallel and Secure Systems (DPSS) group. Within this group, I lead the SysSec team, focusing on systems security and privacy. I received my Ph.D. degree in 2013 from the Max Planck Institute for Software Systems (MPI-SWS) in affiliation with Saarland University. In 2010, I did an intership at Microsoft Research Redmond. I was a visiting researcher at the Vrije Universiteit Amsterdam with the Systems and Network Security Group (VUSec) in 2018, and at the Technical University of Munich (TUM) with the Systems Research Group in 2024. My research has been published in top tier conferences, such as S&P, Usenix Security, CCS, NDSS, ASPLOS, SIGMOD, PLDI, and SIGMETRICS. I served as a PC member for major security venues, including CCS in 2021, 2022, and 2023, Usenix Security in 2023 and 2024, and ASIACCS in 2014 and 2023. I'm currently serving as a PC member for S&P 2025 and a PC vice chair for Usenix Security 2025. At IST, I've been awarded the Teaching Excellence Award multiple times for my course on digital forensics, and the IST Outstanding Teaching Award in 2019/2020.

[ Full Publication List | Citations | CienciaVitae]

Research & Teaching

My research interests lie in the field of computer and networked systems security. To learn more about my research and teaching activities, please follow these links: research, teaching.


Selected Publications

SIGMETRICS 2025 Confidential VMs Explained: A Cross-Layer Analysis of AMD SEV-SNP and Intel TDX
Masanori Misono, Dimitrios Stavrakakis, Nuno Santos, Pramod Bhatotia
(to appear)
ICSE 2025 Prompt-to-SQL Injections in LLM-Integrated Web Applications: Risks and Defenses
Rodrigo Pedro, Miguel E. Coimbra, Daniel Castro, Paulo Carreira, Nuno Santos
(to appear)
[paper]
PLDI 2024 Efficient Static Vulnerability Analysis for JavaScript with Multiversion Dependency Graphs
Mafalda Ferreira, Miguel Monteiro, Tiago Brito, Miguel E. Coimbra, Nuno Santos, Limin Jia, José Fragoso Santos
[paper] [repo]
NDSS 2024 Flow Correlation Attacks on Tor Onion Service Sessions with Sliding Subset Sum
Daniela Lopes, Jin-Dong Dong, Daniel Castro, Pedro Medeiros, Diogo Barradas, Bernardo Portela, João Vinagre, Bernardo Ferreira, Nicolas Christin, Nuno Santos
[paper] [repo]
S&P 2023 RuleKeeper: GDPR-Aware Personal Data Compliance for Web Frameworks
Mafalda Ferreira, Tiago Brito, José Fragoso Santos, Nuno Santos
[paper]
USENIX Security 2022 ReZone: Disarming TrustZone with TEE Privilege Reduction
David Cerdeira, José Martins, Nuno Santos, Sandro Pinto
[paper]
SIGMOD 2022 Secure and Policy-Compliant Query Processing on Heterogeneous Computational Storage Architectures
Harshavardhan Unnibhavi, David Cerdeira, Antonio Barbalace, Nuno Santos, Pramod Bhatotia
[paper]
NDSS 2021 FlowLens: Enabling Efficient Flow Classification for ML-based Network Security Applications
Diogo Barradas, Nuno Santos, Luís Rodrigues, Salvatore Signorello, Fernando Ramos, André Madeira
[paper]
CCS 2020 Poking a Hole in the Wall: Efficient Censorship-Resistant Internet Communications by Parasitizing on WebRTC
Diogo Barradas, Nuno Santos, Luís Rodrigues, Vítor Nunes
[paper] [code] [talk] [teaser] [poster]
S&P 2020 SoK: Understanding the Prevailing Security Vulnerabilities in TrustZone-assisted TEE Systems
David Cerdeira, Nuno Santos, Pedro Fonseca, Sandro Pinto
[paper]
ACM Computing Surveys 2019 Demystifying Arm TrustZone: A Comprehensive Survey
Sandro Pinto, Nuno Santos
[pdf]
USENIX Security 2018 Effective Detection of Multimedia Protocol Tunneling using Machine Learning
Diogo Barradas, Nuno Santos, Luís Rodrigues
[paper] [code]
ASPLOS 2014 Using ARM TrustZone to Build a Trusted Language Runtime for Mobile Applications
Nuno Santos, Himanshu Raj, Stefan Saroiu, Alec Wolman
[paper]
USENIX Security 2012 Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services
Nuno Santos, Rodrigo Rodrigues, Krishna P. Gummadi, Stefan Saroiu
[paper] [slides]
HotCloud 2009 Towards Trusted Cloud Computing
Nuno Santos, Krishna P. Gummadi, Rodrigo Rodrigues
[paper] [slides]

Recent, current, and upcoming service

  • USENIX Security 2025: Program Committee Vice Chair
  • IEEE SP 2025: Program Committee
  • SysTEX @ IEEE EuroSP 2024: Program Committee Co-Chair
  • USENIX Security 2024, 2023: Program Committee
  • CCS 2023, 2022, 2021: Program Committee
  • ASIACCS 2023, 2014: Program Committee
  • INFORUM 2023, 2022, 2021, 2019, 2018, 2016, 2015: Program Committee
  • DINPS @ ICDCS 2022: Program Committee
  • BlockTEE @ DisCoTec 2022: Program Committee
  • DPSC 2022, 2021, 2020: Program Committee
  • CCGrid 2021: Program Committee
  • DI2F @ IFIP Networking 2021: Program Committee Co-Chair
  • Eurosys 2021: Doctoral Workshop Committee
  • Middleware 2020: Doctoral Symposium Committee
  • SECRYPT 2020, 2019, 2018, 2017, 2016: Program Committee
  • ISOC.PT ANRW 2020: Program Committee
  • CRYPTACUS Training School 2018: Organization Committee
  • INFORUM 2017: Track Co-Chair
  • INFORUM 2016: Track Chair
  • TRUDEVICE Training School 2014: Organization Committee
  • OSDI 2014 Poster Session: Program Committee