Miguel Pupo Correia's homepage

miguel pupo correia

Miguel Correia is a Full Professor (Professor Catedrático) at the Computer Science and Engineering Department (DEI), Instituto Superior Técnico (IST), Universidade de Lisboa (ULisboa), in Lisboa, Portugal. He is currently DEI's Head of Department. He is a member of the Board and senior researcher at INESC-ID, as well as member of the Distributed Systems Group (GSD). He is national representative at the European Blockchain Partnership that is designing the European Blockchain Services Infrastructure (EBSI). He is a non-executive member of the Board of Associação .PT. He is Associate Editor for IEEE Transactions on Computers. He has a PhD in Computer Science from the Universidade de Lisboa Faculdade de Ciências. He has been involved in several international and national research projects related to cybersecurity, including the TRUSTyFOOD, DE4A, BIG, QualiChain, SPARTA, SafeCloud, PCAS, TCLOUDS, ReSIST, CRUTIAL, and MAFTIA European projects. He has more than 200 publications and is Senior Member of the IEEE. His research focuses on cybersecurity and dependability (aka fault tolerance), typically in distributed systems, in the context of different applications (blockchain, cloud, mobile). He is particularly interested in the fault/intrusion tolerance approach, in which systems have to continue to operate correctly irrespectively of the occurrence of faults, attacks, and intrusions.
email: miguel.p.correia_AT_tecnico.ulisboa.pt

students

research topics

1. Blockchain and Byzantine Consensus
2. Cloud Security and Dependability
3. Trusted Computing
4. Software Security
5. Security Analytics and Intrusion Detection
Other topics

publications

• Learning to generate Reliable Broadcast Algorithms, arXiv 2022
• A Survey on Blockchain Interoperability: Past, Present, and Future Trends, ACM CSUR 2022
• SRX - Secure Data Backup and Recovery for SGX Applications, IEEE Access 2022
• MIRES: Intrusion Recovery for Applications based on Backend-as-a-Service, IEEE TCC 2022
• Sanare: Pluggable Intrusion Recovery for Web Applications, IEEE TDSC 2022
• Statically Detecting Vulnerabilities by Processing Programming Languages as Natural Languages, IEEE Trans. Reliability 2022
• Omega: a Secure Event Ordering Service for for the Edge, IEEE TDSC, 2021
• Fireplug: Efficient and Robust Geo-Replication of Graph Databases, IEEE TPDS 2020
• SEPTIC: Detecting Injection Attacks and Vulnerabilities Inside the DBMS, IEEE Trans. Reliability 2019
• BlockSim: Blockchain Simulator, IEEE Blockchain 2019
• Benchmarking Static Analysis Tools for Web Security, IEEE Trans. Reliability 2018
• State machine replication in containers managed by Kubernetes, Journal of Systems Architecture 2017
• Detecting and Removing Web Application Vulnerabilities with Static Analysis and Data Mining, IEEE Trans. Reliability 2015
• SCFS: a Shared Cloud-backed File System, Usenix ATC 2014
• DepSky: Dependable and Secure Storage in a Cloud-of-Clouds. ACM Trans. Storage 2013.
• Efficient Byzantine Fault Tolerance, IEEE Trans. Computers 2013.

projects

• TRUSTyFOOD - Stakeholders-driven pathways for blockchain implementation in the agri-food sector (EC)
• DE4A - Digital Europe For All (EC)
• BIG - Enhancing the research and innovation potential of Tecnico through Blockchain technologies and design Innovation for social Good (EC)

software

• WAP - automatic Web Application Protection (21,400 downloads!) (also a OWASP project) - static analysis tool for PHP web applications
• C2BID and DynIDS cluster-based network intrusion detection schemes
• SRX - SGX Recovery Extension - Intel SGX extensions for securely moving data between enclaves
• TRX - TrustZone Recovery eXtension - ARM TrustZone extensions for securely moving data between TEEs
• Qualichain consortium of organizations management with Ethereum-based smart contracts
• BlockSim - a discrete event Blockchain simulator
• GT - Virtual Static Security Analyzer for Web Applications - static analysis tool for web applications extensible for several languages
• MERLIN - Multi-Language Web Vulnerability Detection - static analysis tool for web applications in several languages
• PSMA - Programmable Sandbox for Malware Analysis - malware dynamic analysis system for programmable and repeatable experiments
• SafeCloudFS / RockFS - single cloud and cloud-of-clouds file system resilient to client side attacks
• MIRES - intrusion recovery system for Backed-as-a-Service / mobile applications
• Rectify - black-box intrusion recovery system for PaaS clouds
• PREMIUM - Private REactive MultIpath commUnication Middleware - secure communications using multiple communication paths
• DepSky cloud-of-clouds storage - secure and dependable cloud storage using a set of clouds
• MinBFT, MinZyzzyna, Spinning and EBAWA ; MinBFT now being implemented by the Hyperledger project! - Byzatine fault-tolerant replication libraries
• Randomized Intrusion-Tolerant Asynchronous Services (RITAS) - randomized BFT library

events

• 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks - DSN 2023, PC member and Mentoring Program
• 3rd Blockchain Software Engineering Workshop 2022, co-chair
• 11th IEEE/IFIP Latin-American Symposium on Dependable Computing - LADC 2022
• 4th Workshop on Machine Learning for CyberSecurity - MLCS 2022
• 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks - DSN 2022
• 16th ACM International Conference on Distributed and Event-based Systems - DEBS 2022
• 37th International Conference on ICT Systems Security and Privacy Protection - IFIP SEC 2022
• 5th IEEE International Conference on Blockchain - Blockchain 2022
• 4th DSN Workshop on Data-Centric Dependability and Security - DCDS 2022

teaching (grad./undergrad.)

teaching (professionals)

• Blockchain e Smartcontracts
• Proteção e Segurança de Dados para Profissionais não Tecnológicos
• Cibersegurança para Empresas

talks

My profile at Google Scholar, Microsoft Academic, ACM, DBLP, Scopus, ORCID, LinkedIn, Ciência Vitae

home