Publications

2025

Conference	Confidential VMs Explained: A Cross-Layer Analysis of AMD SEV-SNP and Intel TDX Masanori Misono, Dimitrios Stavrakakis, Nuno Santos, Pramod Bhatotia SIGMETRICS 2025 (to appear)
Conference	Prompt-to-SQL Injections in LLM-Integrated Web Applications: Risks and Defenses Rodrigo Pedro, Miguel E. Coimbra, Daniel Castro, Paulo Carreira, Nuno Santos ICSE 2025 (to appear) [paper]

2024

Preprint	On the Feasibility of Fully AI-automated Vishing Attacks João Figueiredo, Afonso Carvalho, Daniel Castro, Daniel Gonçalves, Nuno Santos arXiv 2409.13793 2024 [paper]
Conference	Extending C2 Traffic Detection Methodologies: From TLS 1.2 to TLS 1.3-enabled Malware Diogo Barradas, Carlos Novo, Sofia Romeiro, Bernardo Portela, Nuno Santos RAID 2024 (to appear, authors sorted in alphabetical order) [paper] [repo]
Workshop	An Empirical Study of DevSecOps Focused on Continuous Security Testing Clarisse Feio, Nuno Santos, Nelson Escravana, Bernardo Pacheco DevSecOpsRO @ EuroSP 2024 [paper]
Conference	Efficient Static Vulnerability Analysis for JavaScript with Multiversion Dependency Graphs Mafalda Ferreira, Miguel Monteiro, Tiago Brito, Miguel E. Coimbra, Nuno Santos, Limin Jia, José Fragoso Santos PLDI 2024 [paper] [repo]
Conference	Flow Correlation Attacks on Tor Onion Service Sessions with Sliding Subset Sum Daniela Lopes, Jin-Dong Dong, Daniel Castro, Pedro Medeiros, Diogo Barradas, Bernardo Portela, João Vinagre, Bernardo Ferreira, Nicolas Christin, Nuno Santos NDSS 2024 [paper] [repo]

2023

Conference	Enhancing the Unlinkability of Circuit-Based Anonymous Communications with k-Funnels Vítor Nunes, José Brás, Afonso Carvalho, Diogo Barradas, Kevin Gallagher, Nuno Santos CoNEXT 2023 [paper] [repo]
Workshop	TIGER: Tor Traffic Generator for Realistic Experiments Daniela Lopes, Daniel Castro, Diogo Barradas, Nuno Santos WPES 2023 (Workshop on Privacy in the Electronic Society) [paper]
Preprint	From Prompt Injections to SQL Injection Attacks: How Protected is Your LLM-Integrated Web Application? Rodrigo Pedro, Daniel Castro, Paulo Carreira, Nuno Santos arXiv 2308.01990 2023 [paper]
Workshop	Trusted Heterogeneous Disaggregated Architectures Atsushi Koshiba, Felix Gust, Julian Pritzi, Anjo Vahldiek-Oberwagner, Nuno Santos, Pramod Bhatotia APSys 2023 (ACM SIGOPS Asia-Pacific Workshop on Systems) [paper]
Journal	Study of JavaScript Static Analysis Tools for Vulnerability Detection in Node.js Packages Tiago Brito, Mafalda Ferreira, Miguel Monteiro, Pedro Lopes, Miguel Barros, José Fragoso Santos, Nuno Santos IEEE Transactions on Reliability 2023 [paper] [preprint] [repo]
Workshop	Rethinking Realistic Adversaries for Anonymous Communication Systems Kevin Gallagher, Diogo Barradas, Nuno Santos FOCI 2023 (Workshop on Free and Open Communication on the Internet) [paper]
Conference	RuleKeeper: GDPR-Aware Personal Data Compliance for Web Frameworks Mafalda Ferreira, Tiago Brito, José Fragoso Santos, Nuno Santos IEEE Security and Privacy (SP) 2023 [paper] [repo]

2022

Poster	Poster: User Sessions on Tor Onion Services: Can Colluding ISPs Deanonymize Them at Scale? Daniela Lopes, Pedro Medeiros, Jin-Dong Dong, Diogo Barradas, Bernardo Portela, João Vinagre, Bernardo Ferreira, Nicolas Christin, Nuno Santos CCS 2022 (poster) [paper]
Poster	Poster: A Systems Approach to GDPR Compliance-by-Design in Web Development Stacks Mafalda Ferreira, Tiago Brito, José Fragoso Santos, Nuno Santos CCS 2022 (poster) [paper]
Poster	Poster: Empirical Study on Applying Program Analysis and Testing Tools to Student Code Frederico Ramos, Filipe Marques, Nuno Santos, Pedro Adão, José Fragoso Santos KLEE Workshop 2022 [poster] [slides]
Conference	Concolic Execution for WebAssembly Filipe Marques, José Fragoso Santos, Nuno Santos, Pedro Adão ECOOP 2022 [paper] [code]
Journal	Wasmati: An Efficient Static Vulnerability Scanner for WebAssembly Tiago Brito, Pedro Lopes, Nuno Santos, José Fragoso Santos Computers & Security 2022 [paper] [preprint] [code]
Conference	ReZone: Disarming TrustZone with TEE Privilege Reduction David Cerdeira, José Martins, Nuno Santos, Sandro Pinto USENIX Security 2022 [paper] [preprint] [code]
Conference	Stegozoa: Enhancing WebRTC Covert Channels with Video Steganography for Internet Censorship Circumvention Gabriel Figueira, Diogo Barradas, Nuno Santos AsiaCCS 2022 [paper] [code]
Conference	Secure and Policy-Compliant Query Processing on Heterogeneous Computational Storage Architectures Harshavardhan Unnibhavi, David Cerdeira, Antonio Barbalace, Nuno Santos, Pramod Bhatotia SIGMOD 2022 [paper] [code]

2021

Workshop	The Nuts and Bolts of Building FlowLens Diogo Barradas, Nuno Santos, Luís Rodrigues, Salvatore Signorello, Fernando M. V. Ramos, André Madeira LASER @ NDSS 2021 [pdf]]
Conference	FlowLens: Enabling Efficient Flow Classification for ML-based Network Security Applications Diogo Barradas, Nuno Santos, Luís Rodrigues, Salvatore Signorello, Fernando Ramos, André Madeira NDSS 2021 [pdf] [code]

2020

Conference	Poking a Hole in the Wall: Efficient Censorship-Resistant Internet Communications by Parasitizing on WebRTC Diogo Barradas, Nuno Santos, Luís Rodrigues, Vítor Nunes CCS 2020 [paper] [code] [talk] [teaser] [poster]
Conference	SoK: Understanding the Prevailing Security Vulnerabilities in TrustZone-assisted TEE Systems David Cerdeira, Nuno Santos, Pedro Fonseca, Sandro Pinto IEEE Security and Privacy (SP) 2020 [paper]
Conference	Flowverine: Leveraging Dataflow Programming for Building Privacy-Sensitive Android Applications Eduardo Gomes, Igor Zavalyshyn, Nuno Santos, João Silva, Axel Legay Trustcom 2020 [paper]
Conference	My House, My Rules: A Private-by-Design Smart Home Platform Igor Zavalyshyn, Nuno Santos, Ramin Sadre, Axel Legay Mobiquitous 2020 [paper] [talk]
Conference	Censorship-resistant Web Annotations Based on Ethereum and IPFS João Santos, Nuno Santos, David Dias ACM SAC 2020 [paper] [extended]
Workshop	Towards a Scalable Censorship-Resistant Overlay Network based on WebRTC Covert Channels Diogo Barradas, Nuno Santos DICG Workshop @ Middleware 2020 [paper] [talk]
Workshop	On the unobservability of multimedia-based covert channels for Internet censorship circumvention Diogo Barradas, Nuno Santos, Luís Rodrigues ISOC.PT ANRW 2020 (best research paper & Internet impact acknowledge mention) [paper] [slides]
Workshop	Building Private-by-Design IoT System Igor Zavalyshyn Middleware DS 2020 [pdf] [talk]

2019

Journal	Demystifying Arm TrustZone: A Comprehensive Surveys Sandro Pinto, Nuno Santo ACM Computing Surveys 2019 [paper]
Patent	Trusted language runtime on a mobile platform Himanshu Raj, Nuno Santos, Paul England, Stefan Saroiu, Alastair Wolman US Patent 10,496,824, 2019 [paper]
Conference	Identificação de Canais Encobertos no Skype usando Esboços em SDNs André Madeira, Diogo Barradas, Nuno Santos, Luís Rodrigues Inforum 2019 (best paper award) [paper]
Preprint	DClaims: A Censorship Resistant Web Annotations System using IPFS and Ethereum João Santos, Nuno Santos, David Dias arXiv 1912.03388 2019 (ZK Capital's nominated paper of the week) [paper] [repo]

2018

Journal	Forensic Analysis of Communication Records of Messaging Applications from Physical Memory Diogo Barradas, Tiago Brito, David Duarte, Nuno Santos, Luís Rodrigues Computers & Security 2018 [paper] [code]
Conference	Effective Detection of Multimedia Protocol Tunneling using Machine Learning Diogo Barradas, Nuno Santos, Luís Rodrigues USENIX Security 2018 [paper] [code]
Conference	HomePad: A Privacy-aware Smart Hub for Home Environments Igor Zavalyshyn, Nuno O. Duarte, Nuno Santos ACM SEC 1018 [paper]
Conference	Leveraging ARM TrustZone and Verifiable Computing to Provide Auditable Mobile Functions Nuno O. Duarte, Sileshi Demesie Yalew, Nuno Santos, Miguel Correia Mobiquitous 2018 [pdf]
Conference	DBStore: A TrustZone-backed Database Management System for Mobile Applications Pedro Ribeiro, Nuno Santos, Nuno O. Duarte SECRYPT 2018 [pdf]
Conference	An Extended Case Study about Securing Smart Home Hubs through N-Version Programming Igor Zavalyshyn, Nuno O. Duarte, Nuno Santos SECRYPT 2018 (best student paper award) [pdf]
Workshop	Assessing the Feasibility of Machine Learning to Detect Network Covert Channels Diogo Barradas Eurosys DW 2018 [pdf]

2017

Conference	TrUbi: A System for Dynamically Constraining Mobile Devices within Restrictive Usage Scenarios Miguel B. Costa, Nuno O. Duarte, Nuno Santos, Paulo Ferreira Mobihoc 1017 [pdf]
Journal	DeltaShaper: Enabling Unobservable Censorship-resistant TCP Tunneling over Videoconferencing Streams Diogo Barradas, Nuno Santos, Luís Rodrigues PoPETS 2017 [pdf] [code]
Journal	Cross-domain identity and discovery framework for web calling services Jean-Michel Crom, Ibrahim Tariq Javed, Rebecca Copeland, Noel Crespi, Felix Beierle, Sebastian Göndör, Axel Küpper, Marc Emmelmann, Andreea Ancuta Corici, Kevin Corre, Ahmed Bouabdallah, Frank Oberle, Ingo Friese, Ricardo Jorge Fernandes Chaves, Nuno Santos Annals of Telecommunications 2017 [pdf]
Conference	Forensic Analysis of Communication Records of Web-based Messaging Applications from Physical Memory Diogo Barradas, Tiago Brito, David Duarte, Nuno Santos, Luís Rodrigues SECRYPT 2017 [pdf] [scitepress]
Conference	reTHINK Core Framework, a New Way for Establishing Communication Channels Between Endpoints Paulo Chainho, Anastasius Gavras, Steffen Druesedow, Ricardo Lopes Pereira, Ricardo Jorge Fernandes Chaves, Nuno Santos, Bernardo Graça EuCNC 2017 [pdf]
Conference	Decentralized Communications: Trustworthy Interoperability in Peer-To-Peer Networks Paulo Chainho, Steffen Druesedow, Ricardo Lopes Pereira, Ricardo Jorge Fernandes Chaves, Nuno Santos, Kay Haensge, Anton Roman Portabales EuCNC 2017 [pdf]

2016

Conference	Storekeeper: A Security-Enhanced Cloud Storage Aggregation Service Sancha Pereira, André Alves, Nuno Santos, Ricardo Chaves SRDS 2016 [paper]
Conference	ShareIff: A Sticky Policy Middleware for Self-Destructing Messages in Android Applications António Goulão, Nuno O. Duarte, Nuno Santos SRDS 2016 [paper]
Workshop	ARM TrustZone for Secure Image Processing on the Cloud Tiago Brito, Nuno O. Duarte, Nuno Santos WMCSP Workshop @ SRDS 2016 [paper]
Conference	P-Cop: A Cloud Administration Proxy to Enforce Bipartite Maintenance of PaaS Services Bruno Braga, Nuno Santos IEEE CLOUD 2016 [paper]
Conference	Global Identity and Reachability Framework for Interoperable P2P Communication Services Ibrahim Tariq Javed, Rebecca Copeland, Noel Crespi, Felix Beierle, Sebastian Göndör, Axel Küpper, Ahmed Bouabdallah, Marc Emmelmann, Andreea Ancuta Corici, Jean-Michel Crom, Kevin Corre, Frank Oberle, Ingo Friese, Ricardo Jorge Fernandes Chaves, Nuno Santos ICIN 2016 [paper]
Conference	Síntese de Vídeo para Evasão de Censura na Internet Diogo Barradas, Nuno Santos, Luís Rodrigues Inforum 2016 [paper]
Conference	Efficient Location-aware Message Delivery for Encounter Networks Igor Zavalyshyn, Nuno O. Duarte, Nuno Santos Inforum 2016 [paper]

2015

Conference	Termite: Emulation Testbed for Encounter Networks Rodrigo Bruno, Nuno Santos, Paulo Ferreira Mobiquitous 2015 [paper]
Workshop	A Case for Enforcing App-Specific Constraints to Mobile Devices by Using Trust Leases Nuno Santos, Nuno O. Duarte, Miguel B. Costa, Paulo Ferreira HotOS 2015 [paper] [slides]

2014

Conference	Using ARM TrustZone to Build a Trusted Language Runtime for Mobile Applications Nuno Santos, Himanshu Raj, Stefan Saroiu, Alec Wolman ASPLOS 2014 [paper]
Workshop	Leveraging Trusted Computing and Model Checking to Build Dependable Virtual Machines Nuno Santos, Nuno P. Lopes HotDep 2014 [paper] [slides]

2013

Journal

Verifying Cloud Services: Present and Future
Sara Bouchenak, Gregory Chockler, Hana Chockler, Gabriela Gheorghe, Nuno Santos, Alexander Shraer
OS Review 2013
[paper]

2012

Conference	Enhancing the OS against Security Threats in System Administration Nuno Santos, Rodrigo Rodrigues, Bryan Ford Middleware 2012 [paper]
Conference	Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services Nuno Santos, Rodrigo Rodrigues, Krishna P. Gummadi, Stefan Saroiu USENIX Security 2012 [paper] [slides]
Workshop	Trusted Language Runtime (TLR): Enabling Trusted Applications on Smartphones Nuno Santos, Himanshu Raj, Stefan Saroiu, Alec Wolman HotMobile 2012 [paper]

2011

Poster	Improving Customer Trust in Cloud Services Nuno Santos, Rodrigo Rodrigues, Krishna P. Gummadi, Stefan Saroiu Poster Eurosys 2011
Preprint	Excalibur: Building Trustworthy Cloud Services Nuno Santos, Rodrigo Rodrigues, Krishna P. Gummadi, Stefan Saroiu TR MPI-SWS 2011 [paper]
Preprint	NetEx: Cost-effective Bulk Data Transfers for Cloud Computing Massimiliano Marcon, Nuno Santos, Krishna P. Gummadi, Nikolaos Laoutaris, Pablo Rodriguez, and Amin Vahdat TR MPI-SWS 2011 [paper]

2010

Journal	Unifying Divergence Bounding and Locality Awareness in Replicated Systems with Vector-Field Consistency Luis Veiga, Andre Negrao, Nuno Santos, Paulo Ferreira JISA 2010 [paper]
Poster	NetEx: Efficient and Cost-effective Internet Bulk Content Delivery Massimiliano Marcon, Nuno Santos, Krishna P. Gummadi, Nikolaos Laoutaris, Pablo Rodriguez, Amin Vahdat Poster ANCS 2010 [paper]

2009

Workshop

Towards Trusted Cloud Computing
Nuno Santos, Krishna P. Gummadi, Rodrigo Rodrigues
HotCloud 2009
[paper] [slides]

2008

Poster

Anonymity in the Personalized Web
Nuno Santos, Alan Mislove, Marcel Dischinger, Krishna P. Gummadi
Poster NSDI 2008
[paper]

2007

Conference

Vector-Field Consistency for Ad-hoc Gaming
Nuno Santos, Luis Veiga, Paulo Ferreira
Middleware 2007
(best paper award)
[pdf]

2006

Workshop	Making Transactions Resilient to Intermittent Network Connections Nuno Santos, Paulo Ferreira WoWMoM Workshop 2006 [paper]
Workshop	Loosely-Coupled, Mobile Replication of Objects with Transactions Luis Veiga, Nuno Santos, Ricardo Lebre, Paulo Ferreira ICPADS Workshop 2006 [paper]

2004