About
I am currently a Marie Curie fellow at the Columbia University working with the Network Security Lab. My research interests include all aspects of security for distributed systems and security for web applications. (CV)
Conferences/Journals
kGuard: Lightweight Kernel Protection
In Proceedings of the USENIX ;login: Magazine, vol. 37, no. 6, pp. 7 - 14.
December 2012.
Digging up Social Structures from Documents on the Web
In Proceedings of the IEEE Global Communications Conference (GLOBECOM).
Anaheim, California, USA, December 2012.
Exploiting Split Browsers for Efficiently Protecting User Data
In Proceedings of the ACM Cloud Computing Security Workshop (CCSW).
Raleigh, NC, USA, October 2012.
ARC: Protecting against HTTP Parameter Pollution Attacks Using Application Request Caches
In Proceedings of the 10th International Conference on Applied Cryptography and Network Security (ACNS).
Singapore, June 2012.
Towards a Universal Data Provenance Framework using Dynamic Instrumentation
In Proceedings of the 27th IFIP International Information Security and Privacy Conference (IFIP SEC).
Heraklion, Crete, Greece, June 2012.
CensMon: A Web Censorship Monitor
In Proceedings of the 1st USENIX Workshop on Free and Open Communications on the Internet (FOCI), co-located with USENIX Security.
San Francisco, CA, US, August 2011.
we.b: The Web of Short URLs
In Proceedings of the 20th International World Wide Web Conference (WWW).
Hyderabad, India, March 2011.
Understanding The Behavior of Malicious Applications in Social Networks
In Proceedings of the IEEE Network.
September-October 2010.
An Architecture For Enforcing JavaScript Randomization in Web2.0 Applications (short paper)
In Proceedings of the 13th Information Security Conference (ISC).
Boca Raton, Florida, October 2010.
D(e|i)aling with VoIP: Robust Prevention of DIAL Attacks
In Proceedings of the 15th European Symposium on Research in Computer Security (ESORICS).
Athens, Greece, September 2010.
xJS: Practical XSS Prevention for Web Application Development
In Proceedings of the 1st USENIX Conference on Web Application Development (WebApps).
Boston, Massachusetts, June 2010.
Isolating JavaScript in Dynamic Code Environments
In Proceedings of the 1st Workshop on Analysis and Programming Languages for Web Applications and Cloud Applications (APLWACA), co-located with PLDI.
Toronto, Canada, June 2010.
Hunting Cross-Site Scripting Attacks in the Network
In Proceedings of the 4th Workshop on Web 2.0 Security & Privacy (W2SP).
Oakland, California, May 2010.
Code-Injection Attacks in Browsers Supporting Policies
In Proceedings of the 3rd Workshop on Web 2.0 Security & Privacy (W2SP).
Oakland, California, May 2009.
WISDOM: Security-Aware Fibres
In Proceedings of the 2nd ACM European Workshop on System Security (EUROSEC).
Nuremberg, Germany, March 2009.
WSIM: A software platform to simulate all-optical security operations
In Proceedings of the 2nd European Conference on Computer Network Defense (EC2ND).
Dublin, Ireland, December 2008.
Topnet: A Network-aware top(1)
In Proceedings of the 22nd USENIX Large Installation Systems Administration (LISA) Conference.
San Diego, California, November 2008.
Antisocial Networks: Turning a Social Network into a Botnet
In Proceedings of the 11th Information Security Conference (ISC).
Taipei, Taiwan, September 2008.
Compromising Anonymity Using Packet Spinning
In Proceedings of the 11th Information Security Conference (ISC).
Taipei, Taiwan, September 2008.
GAS: Overloading a File Sharing Network as an Anonymizing System
In Proceedings of the 2nd International Workshop on Security (IWSEC).
Nara, Japan, October 2007.
Alice, what did you do last time? Fighting Phishing Using Past Activity Tests
In Proceedings of the 3rd European Conference on Computer Network Defense (EC2ND).
Heraklion, Greece, October 2007.
Enhanced CAPTCHAs: Using Animation To Tell Humans And Computers Apart
In Proceedings of the 10th IFIP Open Conference on Communications and Multimedia Security.
Heraklion, Crete, October 2006.
Misusing Unstructured P2P Systems to Perform DoS Attacks: The Network that Never Forgets
In Proceedings of the 4th International Conference on Applied Cryptography and Network Security (ACNS).
Singapore, June 2006.
A Feedback-based Approach to Reduce Duplicate Messages in Unstructured Peer-to-Peer Networks
In Proceedings of the CoreGRID Integration Workshop.
Pisa, Italy, November 2005.
In Proceedings of the USENIX ;login: Magazine, vol. 37, no. 6, pp. 7 - 14.
December 2012.
Digging up Social Structures from Documents on the Web
In Proceedings of the IEEE Global Communications Conference (GLOBECOM).
Anaheim, California, USA, December 2012.
Exploiting Split Browsers for Efficiently Protecting User Data
In Proceedings of the ACM Cloud Computing Security Workshop (CCSW).
Raleigh, NC, USA, October 2012.
ARC: Protecting against HTTP Parameter Pollution Attacks Using Application Request Caches
In Proceedings of the 10th International Conference on Applied Cryptography and Network Security (ACNS).
Singapore, June 2012.
Towards a Universal Data Provenance Framework using Dynamic Instrumentation
In Proceedings of the 27th IFIP International Information Security and Privacy Conference (IFIP SEC).
Heraklion, Crete, Greece, June 2012.
CensMon: A Web Censorship Monitor
In Proceedings of the 1st USENIX Workshop on Free and Open Communications on the Internet (FOCI), co-located with USENIX Security.
San Francisco, CA, US, August 2011.
we.b: The Web of Short URLs
In Proceedings of the 20th International World Wide Web Conference (WWW).
Hyderabad, India, March 2011.
Understanding The Behavior of Malicious Applications in Social Networks
In Proceedings of the IEEE Network.
September-October 2010.
An Architecture For Enforcing JavaScript Randomization in Web2.0 Applications (short paper)
In Proceedings of the 13th Information Security Conference (ISC).
Boca Raton, Florida, October 2010.
D(e|i)aling with VoIP: Robust Prevention of DIAL Attacks
In Proceedings of the 15th European Symposium on Research in Computer Security (ESORICS).
Athens, Greece, September 2010.
xJS: Practical XSS Prevention for Web Application Development
In Proceedings of the 1st USENIX Conference on Web Application Development (WebApps).
Boston, Massachusetts, June 2010.
Isolating JavaScript in Dynamic Code Environments
In Proceedings of the 1st Workshop on Analysis and Programming Languages for Web Applications and Cloud Applications (APLWACA), co-located with PLDI.
Toronto, Canada, June 2010.
Hunting Cross-Site Scripting Attacks in the Network
In Proceedings of the 4th Workshop on Web 2.0 Security & Privacy (W2SP).
Oakland, California, May 2010.
Code-Injection Attacks in Browsers Supporting Policies
In Proceedings of the 3rd Workshop on Web 2.0 Security & Privacy (W2SP).
Oakland, California, May 2009.
WISDOM: Security-Aware Fibres
In Proceedings of the 2nd ACM European Workshop on System Security (EUROSEC).
Nuremberg, Germany, March 2009.
WSIM: A software platform to simulate all-optical security operations
In Proceedings of the 2nd European Conference on Computer Network Defense (EC2ND).
Dublin, Ireland, December 2008.
Topnet: A Network-aware top(1)
In Proceedings of the 22nd USENIX Large Installation Systems Administration (LISA) Conference.
San Diego, California, November 2008.
Antisocial Networks: Turning a Social Network into a Botnet
In Proceedings of the 11th Information Security Conference (ISC).
Taipei, Taiwan, September 2008.
Compromising Anonymity Using Packet Spinning
In Proceedings of the 11th Information Security Conference (ISC).
Taipei, Taiwan, September 2008.
GAS: Overloading a File Sharing Network as an Anonymizing System
In Proceedings of the 2nd International Workshop on Security (IWSEC).
Nara, Japan, October 2007.
Alice, what did you do last time? Fighting Phishing Using Past Activity Tests
In Proceedings of the 3rd European Conference on Computer Network Defense (EC2ND).
Heraklion, Greece, October 2007.
Enhanced CAPTCHAs: Using Animation To Tell Humans And Computers Apart
In Proceedings of the 10th IFIP Open Conference on Communications and Multimedia Security.
Heraklion, Crete, October 2006.
Misusing Unstructured P2P Systems to Perform DoS Attacks: The Network that Never Forgets
In Proceedings of the 4th International Conference on Applied Cryptography and Network Security (ACNS).
Singapore, June 2006.
A Feedback-based Approach to Reduce Duplicate Messages in Unstructured Peer-to-Peer Networks
In Proceedings of the CoreGRID Integration Workshop.
Pisa, Italy, November 2005.
Thesis
Modern Techniques for the Detection and Prevention of Web2.0 Attacks
Ph.D. Thesis.
Supervisor: Professor Evangelos P. Markato, May 2011.
Using Unstructured Peer-to-Peer Systems as Denial of Service Attack Platforms
M.Sc. Thesis.
Supervisor: Professor Evangelos P. Markatos, November 2006.
ruby-root: Extending ROOT's functionality with a Ruby interpreter interface
Diploma Thesis.
Supervisor: Professor George Tzanakos, February 2005.
Ph.D. Thesis.
Supervisor: Professor Evangelos P. Markato, May 2011.
Using Unstructured Peer-to-Peer Systems as Denial of Service Attack Platforms
M.Sc. Thesis.
Supervisor: Professor Evangelos P. Markatos, November 2006.
ruby-root: Extending ROOT's functionality with a Ruby interpreter interface
Diploma Thesis.
Supervisor: Professor George Tzanakos, February 2005.
Articles
Think B4 U post!
Article in the Ecomonist of Kathimerini.
Greece, March, 2010.
On Exploiting a File Sharing System for DDoS Attacks
Article in the Enisa Quarterly.
On-Line, October, 2006.
Article in the Ecomonist of Kathimerini.
Greece, March, 2010.
On Exploiting a File Sharing System for DDoS Attacks
Article in the Enisa Quarterly.
On-Line, October, 2006.
Technical Reports
Physics
MINOS 4 Plane Prototype Offline Analysis Framework
NuMI Note.
NuMI-Note-COMP-992, 2003.
Spatial Tessellation Techniques for the MINOS Magnetic Field
NuMI Note.
NuMI-Note-COMP-993, 2003.
NuMI Note.
NuMI-Note-COMP-992, 2003.
Spatial Tessellation Techniques for the MINOS Magnetic Field
NuMI Note.
NuMI-Note-COMP-993, 2003.
Projects
xJS
A fast and practical XSS prevention system which isolates all legitimate client-side code from possible code injections. xJS is a lightweight mechanism that is based on the concept of the Instruction Set Randomization (ISR). It is currently implemented in three leading web browsers, namely FireFox, WebKit and Chromium, and in the Apache web server. The framework can successfully prevent all 1,380 real-world attacks that were collected from a well-known XSS attack repository. Furthermore, xJS imposes negligible computational overhead in both the server and the client side, and has no negative side-effects in the overall user's browsing experience.
Related Publications
xJS: Practical XSS Prevention for Web Application Development
In Proceedings of the 1st USENIX Conference on Web Application Development (WebApps).
Boston, Massachusetts, June 2010.
Code-Injection Attacks in Browsers Supporting Policies
In Proceedings of the 3rd Workshop on Web 2.0 Security & Privacy (W2SP).
Oakland, California, May 2009.
HomeMaestro
A distributed system for monitoring and instrumentation of home networks in real-time. HomeMaestro strives to put order in the chaos of home networks through an end-host distributed solution that requires no additional assistance from network equipment such as routers or access points or modification of network application. HomeMaestro performs extensive measurements at the host level to infer application network requirements, and identifies network related problems through time-series analysis. HomeMaestro automatically detects and resolves contention over network resources among applications based on predefined policies. While interning with Microsoft Research, I was the initial coder for the first prototype of HomeMaestro, which is developed in C# for the Microsoft Windows Operating System.
Related Publications
HomeMaestro: Order from Chaos in Home Networks
Technical Report.
MSR-TR-2008-84, 2008.
WISDOM
WIrespeed Security Domains using Optical Monitoring (funded by EU, 2007-2009). WISDOM is designed to develop advanced optical components necessary for photonic firewalls. This involves the development of novel optical processing modules are placed at the front end of the node firewall to provide the primary optical information filtering - operating at wirespeed (40Gbit/s per channel) which includes operations such as optical packet recognition, interrogation and manipulating data streams incorporating features of parity checking, flag status, and header recognition. As a research assistant at FORTH, I am the principal software architect for the WISDOM platform.
Related Publications
WISDOM: Security-Aware Fibres
In Proceedings of the 2nd ACM European Workshop on System Security (EUROSEC).
Nuremberg, Germany, March 2009.
WSIM: A software platform to simulate all-optical security operations
In Proceedings of the 2nd European Conference on Computer Network Defense (EC2ND).
Dublin, Ireland, December 2008.
A fast and practical XSS prevention system which isolates all legitimate client-side code from possible code injections. xJS is a lightweight mechanism that is based on the concept of the Instruction Set Randomization (ISR). It is currently implemented in three leading web browsers, namely FireFox, WebKit and Chromium, and in the Apache web server. The framework can successfully prevent all 1,380 real-world attacks that were collected from a well-known XSS attack repository. Furthermore, xJS imposes negligible computational overhead in both the server and the client side, and has no negative side-effects in the overall user's browsing experience.
Related Publications
xJS: Practical XSS Prevention for Web Application Development
In Proceedings of the 1st USENIX Conference on Web Application Development (WebApps).
Boston, Massachusetts, June 2010.
Code-Injection Attacks in Browsers Supporting Policies
In Proceedings of the 3rd Workshop on Web 2.0 Security & Privacy (W2SP).
Oakland, California, May 2009.
HomeMaestro
A distributed system for monitoring and instrumentation of home networks in real-time. HomeMaestro strives to put order in the chaos of home networks through an end-host distributed solution that requires no additional assistance from network equipment such as routers or access points or modification of network application. HomeMaestro performs extensive measurements at the host level to infer application network requirements, and identifies network related problems through time-series analysis. HomeMaestro automatically detects and resolves contention over network resources among applications based on predefined policies. While interning with Microsoft Research, I was the initial coder for the first prototype of HomeMaestro, which is developed in C# for the Microsoft Windows Operating System.
Related Publications
HomeMaestro: Order from Chaos in Home Networks
Technical Report.
MSR-TR-2008-84, 2008.
WISDOM
WIrespeed Security Domains using Optical Monitoring (funded by EU, 2007-2009). WISDOM is designed to develop advanced optical components necessary for photonic firewalls. This involves the development of novel optical processing modules are placed at the front end of the node firewall to provide the primary optical information filtering - operating at wirespeed (40Gbit/s per channel) which includes operations such as optical packet recognition, interrogation and manipulating data streams incorporating features of parity checking, flag status, and header recognition. As a research assistant at FORTH, I am the principal software architect for the WISDOM platform.
Related Publications
WISDOM: Security-Aware Fibres
In Proceedings of the 2nd ACM European Workshop on System Security (EUROSEC).
Nuremberg, Germany, March 2009.
WSIM: A software platform to simulate all-optical security operations
In Proceedings of the 2nd European Conference on Computer Network Defense (EC2ND).
Dublin, Ireland, December 2008.