dr. J.J. Cardoso de Santanna (Jair)

Guest Assistant Professor

About Me

I am currently an assistant professor at University of Twente. In the period between 2013 and 2017, I was a Ph.D. candidate at the same university. A number of solutions proposed in my Ph.D. thesis were deployed by network operators worldwide and some methodologies will be used by the Dutch High Tech Crime Unit. During my Ph.D., I also acted as technical advisor to the Dutch National Cyber Security Center and to the Japanese Ministry of Internal Affairs and Communications, both on the topic of Cyber Security and DDoS attacks. I presented my work in more than 30 countries. The most frequent words to describe my presentations/lectures by attendees are enthusiastic, entertaining and easy to understand (see more at http://jairsantanna. com/others_judgement). My professional objective is to become an internationally recognized researcher and teacher in Internet security, DDoS attack, and (big) data analysis. I aim to transfer my enthusiasm, knowledge, skills and experience into meaningful innovation to improve the security in all types of computer networks, especially the Internet. 


Engineering & Materials Science
Denial-Of-Service Attack
Network Security
Social Sciences
Denial Of Services
Business & Economics



Ceron, J. M., Scholten, C. , Pras, A. , & Santanna, J. (2020). MikroTik Devices Landscape, Realistic Honeypots, and Automated Attack Classification. In Proceedings of IEEE/IFIP Network Operations and Management Symposium 2020: Management in the Age of Softwarization and Artificial Intelligence [9110336] (2020 IEEE/IFIP Network Operations and Management Symposium (NOMS 2020); Vol. 2020). IEEE. https://doi.org/10.1109/NOMS47738.2020.9110336
Kopp, D. , Santanna, J., Wichtlhuber, M., Hohlfeld, O., Poese, I., & Dietzel, C. (2019). DDoS Hide & Seek: On the effectiveness of a booter services takedown. In IMC 2019 - Proceedings of the 2019 ACM Internet Measurement Conference (pp. 65-72). Association for Computing Machinery (ACM). https://doi.org/10.1145/3355369.3355590
Soro, F. , Drago, I., Trevisan, M., Mellia, M. , Ceron, J. , & Santanna, J. J. (2019). Are darknets all the same? On darknet visibility for security monitoring. In 25th IEEE International Symposium on Local and Metropolitan Area Networks, LANMAN 2019 [8847113] (IEEE Workshop on Local and Metropolitan Area Networks; Vol. 2019-July). IEEE Computer Society Press. https://doi.org/10.1109/LANMAN.2019.8847113
Santanna, J. J., de Vries, J. , de O. Schmidt, R., Tuncer, D., Z. Granville, L. , & Pras, A. (2018). Booter list generation: The basis for investigating DDoS-for-hire websites. International journal of network management, 28(1), [e2008]. https://doi.org/10.1002/nem.2008
Santanna, J. J. , Schmidt, R. D. O., Tuncer, D., De Vries, J., Granville, L. Z. , & Pras, A. (2017). Booter blacklist: Unveiling DDoS-for-hire websites. In S. Keith-Marsoun, C. R. P. dos Santos, N. Limam, M. Cheriet, M. F. Zhani, & O. Festor (Eds.), 2016 12th International Conference on Network and Service Management, CNSM 2016 and Workshops, 3rd International Workshop on Management of SDN and NFV, ManSDN/NFV 2016, and International Workshop on Green ICT and Smart Networking, GISN 2016 (pp. 144-152). [7818410] IEEE. https://doi.org/10.1109/CNSM.2016.7818410

UT Research Information System

Google Scholar Link

Courses Academic Year  2022/2023

Courses in the current academic year are added at the moment they are finalised in the Osiris system. Therefore it is possible that the list is not yet complete for the whole academic year.

Courses Academic Year  2021/2022

Contact Details

Visiting Address

University of Twente
Drienerlolaan 5
7522 NB Enschede
The Netherlands

Navigate to location

Mailing Address

University of Twente
P.O. Box 217
7500 AE Enschede
The Netherlands

Working days

Week Monday Tuesday Wednesday Thursday Friday

Social Media