Resources for the System Security team in the Distributed Systems Group (GSD) at INESC-ID, Lisbon.

PhD Students


Ongoing Projects

Network Security
  • Vulnerability assessment of tools for censorship-resistant communication over media streaming applications like Skype using machine learning techniques. [Diogo Barradas, PhD Student]
  • Traffic analysis system for covert channel detection, botnet chatter identification, and website fingerprinting performed at line-speed on P4-compatible switches. [Diogo Barradas, PhD Student]
  • Distributed system that allows for deanoymization of individual Tor circuits leveraging the international cooperation of network providers for crime investigation purposes. [Pedro Medeiros, MSc Student]
  • New variant of the Tor system which aims at increasing its resilience against traffic correlation attacks by introducing K-anonymous circuits. [Vitor Nunes, MSc Student]
Web Security
  • Automatic detection and mitigation of security vulnerabilities in the APIs of widely used JavaScript-based Web application frameworks such as Django and AngularJS. [Tiago Brito, PhD Student]
  • Web application framework that enforces end-to-end protection of sensitive data (e.g., in accordance with the GDPR) through information flow control mechanisms. [Mafalda Ferreira, MSc Student]
  • Extension to the Chrome web browser for tracking sensitive data usage by WASM-powered web pages, e.g., to detect malicious data exfiltration attempts. [Carolina Costa, MSc Student]
  • Tools for detection and mitigation of vulnerabilities in client-side Web applications caused by potentially insecure interactions between JavaScript and WebAssembly code. [Pedro Lopes, MSc Student]
Mobile Security
  • Study of the prevailing security vulnerabilities in trusted execution environments based on Arm TrustZone deployed today in millions of devices running Android. [David Cerdeira, PhD Student]
  • Cryptographic key store for Android aimed at providing strong protection of key material using hardware-enforced isolation and a type-safe programming language. [Luís Tonicha, MSc Student]
  • Extension to the Chrome browser for securing privacy-sensitive WebAssembly code on mobile devices through hardware-enforced trusted execution environments. [Francisco Canana, MSc Student]
IoT Security
  • Clean-slate smart home platform akin to Samsung's SmartThings that provides end-to-end privacy protection of end-users' data leveraging SGX and model checking. [Igor Zavalyshyn, PhD Student]
  • Middleware for Android smartphones to prevent mobile apps from using personally-sensitive sensor data, e.g., from fitbit wristbands, in privacy-abusive ways for end-users. [Eduardo Gomes, MSc Student]