miguel pupo correia           
 

bio and contacts

Miguel Correia is a Full Professor (Professor Catedrático) at the Computer Science and Engineering Department (DEI), Instituto Superior Técnico (IST), Universidade de Lisboa (ULisboa), in Lisboa, Portugal. He is vice-president for faculty at DEI. He is coordinator of the Doctoral Program in Information Security at IST. He is a senior researcher at INESC-ID, and member of the Distributed Systems Group (GSD). He is co-chair of the European Blockchain Partnership that is designing the European Blockchain Services Infrastructure (EBSI). He is a member of the Board of Técnico+ and a non-executive member of the Board of Associação .PT. He is Associate Editor for IEEE Transactions on Computers. He has a PhD in Computer Science from the Universidade de Lisboa Faculdade de Ciências. He has been involved in several international and national research projects related to cybersecurity, including the DE4A, BIG, QualiChain, SPARTA, SafeCloud, PCAS, TCLOUDS, ReSIST, CRUTIAL, and MAFTIA European projects. He has more than 200 publications and is Senior Member of the IEEE. His research focuses on cybersecurity and dependability (aka fault tolerance), typically in distributed systems, in the context of different applications (blockchain, cloud, mobile). He is particularly interested in the fault/intrusion tolerance approach, in which systems have to continue to operate correctly irrespectively of the occurrence of faults, attacks, and intrusions. His main research topics are: blockchain and Byzantine consensus, cloud security and dependability, trusted computing, software security, and security analytics and intrusion detection.

email: miguel.p.correia_AT_tecnico.ulisboa.pt

students

research topics

1. Blockchain and Byzantine Consensus
2. Cloud Security and Dependability
3. Trusted Computing
4. Software Security
5. Security Analytics and Intrusion Detection
Other topics

publications

A Survey on Blockchain Interoperability: Past, Present, and Future Trends, ACM CSUR 2021
Omega: a Secure Event Ordering Service for for the Edge, IEEE TDSC, 2021
Fireplug: Efficient and Robust Geo-Replication of Graph Databases, IEEE TPDS, 2020
SEPTIC: Detecting Injection Attacks and Vulnerabilities Inside the DBMS, IEEE Trans. Reliability, 2019
BlockSim: Blockchain Simulator, IEEE Blockchain 2019
Benchmarking Static Analysis Tools for Web Security, IEEE Trans. Reliability, 2018
State machine replication in containers managed by Kubernetes, Journal of Systems Architecture, 2017
Detecting and Removing Web Application Vulnerabilities with Static Analysis and Data Mining, IEEE Trans. Reliability, 2015
SCFS: a Shared Cloud-backed File System, Usenix ATC, 2014
DepSky: Dependable and Secure Storage in a Cloud-of-Clouds. ACM Trans. Storage, 2013.
Efficient Byzantine Fault Tolerance, IEEE Trans. on Computers 2013.

projects

DE4A - Digital Europe For All (EC)
BIG - Enhancing the research and innovation potential of Tecnico through Blockchain technologies and design Innovation for social Good (EC)
QualiChain - Decentralised Qualifications' Verification and Management for Learner Empowerment, Education Reengineering and Public Sector Transformation (EC) (recognized by the European Commission Innovation Radar)
SPARTA - Special projects for advanced research and technology in Europe (EC)
Cosmos - Causal Consistency on the Network Edge (FCT)
SEAL - SEcurity progrAmming of web appLications (FCT)
Angainor - reproducible large-scale evaluation and fault injection (FCT)
• A3CE - Aprendizagem Automática de Ameaças no Ciberespaço (CINAMIL)

software

WAP - automatic Web Application Protection (20,800 downloads!) (also a OWASP project) - static analysis tool for PHP web applications
C2BID and DynIDS cluster-based network intrusion detection schemes
Qualichain consortium of organizations management with Ethereum-based smart contracts
BlockSim - a discrete event Blockchain simulator
GT - Virtual Static Security Analyzer for Web Applications - static analysis tool for web applications extensible for several languages
MERLIN - Multi-Language Web Vulnerability Detection - static analysis tool for web applications in several languages
SafeCloudFS / RockFS - single cloud and cloud-of-clouds file system resilient to client side attacks
MIRES - intrusion recovery system for Backed-as-a-Service / mobile applications
Rectify - black-box intrusion recovery system for PaaS clouds
PREMIUM - Private REactive MultIpath commUnication Middleware - secure communications using multiple communication paths
DepSky cloud-of-clouds storage - secure and dependable cloud storage using a set of clouds
MinBFT, MinZyzzyna, Spinning and EBAWA; MinBFT now being implemented by the Hyperledger project! - Byzatine fault-tolerant replication libraries
Randomized Intrusion-Tolerant Asynchronous Services (RITAS) - randomized BFT library

events

20th IEEE International Conference on Trust, Security and Privacy in Computing and Communications - TrustCom 2021
11th IEEE/IFIP Latin-American Symposium on Dependable Computing - LADC 2021
15th ACM International Conference on Distributed and Event-based Systems - DEBS 2021
3rd Data Centered Security and Reliability Workshop - DCDS 2021
InForum 2021, sessão "Segurança de Sistemas de Computadores e Comunicações"
3rd Workshop on Machine Learning for CyberSecurity - MLCS2021@ECMLPKDD
The 13th International Workshop on Cyberspace Security and Artificial Intelligence - CAI-2021

teaching

talks

My profile at Google Scholar, Microsoft Academic, ACM, DBLP, Scopus, ORCID, LinkedIn, Ciência Vitae

home | last update: 14-09-2021