ANGELOS STAVROU — Curriculum Vitae

POSITIONS HELD


Issued Patents

  1. Systems and methods for analyzing software

    Ryan Johnson, Nikolaos Kiourtis, Angelos Stavrou

    U.S. Patent Number 10,387,627. Issued on August 20th, 2019.

  2. Active Authentication of Users

    Angelos Stavrou, Rahul Murmuria, Ryan Johnson, Daniel Barbara

    U.S. Patent Number 10,289,819. Issued on May 14th, 2019.

  3. Methods and systems for increased debugging transparency

    Fengwei Zhang, Kevin Leach, Angelos Stavrou, Haining Wang

    U.S. Patent Number 10,127,137. Issued on November 13th, 2018.

  4. Methods and Apparatus for Application Isolation

    Anup Ghosh, Yih Huang, Jiang Wang, Angelos Stavrou

    U.S. Patent Number 9,602,524. Issued on March 21st, 2017.

  5. Malware Detector

    Angelos Stavrou, Sushil Jajodia, Anup Ghosh, Rhandi Martin, Charalampos Andrianakis

    U.S. Patent Number 9,531,747. Issued on December 27th, 2016.

  6. Hardware-assisted Integrity Monitor

    Jiang Wang, Anup Ghosh, Kun Sun, Angelos Stavrou

    U.S. Patent Number 9,270,697. Issued on February 23rd, 2016.

  7. Systems and Methods for Inhibiting Attacks with a Network

    Angelos Stavrou, Angelos D. Keromytis

    U.S. Patent Number 9,344,418. Issued on May 17th, 2016.

  8. Methods and Apparatus for Application Isolation

    Anup Ghosh, Yih Huang, Jiang Wang, Angelos Stavrou

    U.S. Patent Number 9,098,698. Issued on August 4th, 2015.

  9. Adaptive feedback loop based on a sensor for streaming static and interactive media content to animals

    Angelos Stavrou, Margaret Lee Perry-Flippin

    U.S. Patent Number 9,043,818. Issued on May 26th, 2015.

  10. Malware Detector

    Angelos Stavrou, Sushil Jajodia, Anup Ghosh, Rhandi Martin, Charalampos Andrianakis

    U.S. Patent Number 8,935,773. Issued on January 13th, 2015.

  11. Systems, Methods, and Media for Recovering an Application from a Fault or Attack

    Michael E. Locasto, Angelos D. Keromytis, Angelos Stavrou, Gabriela F. Ciocarlie

    U.S. Patent Number 8,924,782. Issued on December 30th, 2014.

  12. Hardware-assisted Integrity Monitor

    Jiang Wang, Angelos Stavrou, Anup Ghosh, Kun Sun

    U.S. Patent Number 8,819,225. Issued on August 26th, 2014.

  13. Website Matching based on Network Traffic

    Angelos Stavrou, Mohammed A. Alhussein, Brian Sanders

    U.S. Patent Number 8,726,005. Issued on May 13th, 2014.

  14. Systems and Methods for Inhibiting Attacks with a Network

    Angelos Stavrou, Angelos D. Keromytis.

    U.S. Patent Number 8,631,484. Issued on January 14th, 2014.

  15. Methods, Media and Systems for Responding to a Denial of Service Attack

    Angelos Stavrou, Angelos D. Keromytis, Jason Nieh, Vishal Misra, and Daniel Rubenstein.

    U.S. Patent Number 8,549,646. Issued on October 1st, 2013.

  16. Systems, Methods, and Media for Generating Sanitized Data, Sanitizing Anomaly Detection Models, and/or Generating Sanitized Anomaly Detection Models

    Gabriela Cretu, Angelos Stavrou, Salvatore J. Stolfo, Angelos D. Keromytis, Michael E. Locasto.

    U.S. Patent Number 8,407,160. Issued on March 26th, 2013.

  17. Systems and Methods for Computing Data Transmission Characteristics of a Network Path Based on Single-ended Measurements

    Angelos D. Keromytis, Sambuddho Chakravarty, and Angelos Stavrou.

    U.S. Patent Number 8,228,815. Issued on July 24th, 2012.

  18. Methods, Systems and Media for Software Self-Healing

    Michael E. Locasto, Angelos D. Keromytis, Salvatore J. Stolfo, Angelos Stavrou, Gabriela Cretu, Stylianos Sidiroglou, Jason Nieh, and Oren Laadan.

    U.S. Patent Number 7,962,798. Issued on June 14th, 2011.

  19. Systems and Methods for Computing Data Transmission Characteristics of a Network Path Based on Single-ended Measurements

    Angelos D. Keromytis, Sambuddho Chakravarty, and Angelos Stavrou. U.S. Patent Number 7,660,261. Issued on February 9th, 2010.


Journal Publications

  1. 21 Years of Distributed Denial-of-Service: A Call to Action – Part 2 [PDF]

    Eric Osterweil, Angelos Stavrou, and Lixia Zhang. In Computer, vol. 53, no. 8, pp. 94-99, Aug. 2020, doi: 10.1109/MC.2020.2993330.

  2. 21 Years of Distributed Denial-of Service: Current State of Affairs - Part 1 [PDF]

    Eric Osterweil, Angelos Stavrou, and Lixia Zhang. In Computer, vol. 53, no. 7, pp. 88-92, July 2020, doi: 10.1109/MC.2020.2983711.

  3. Towards Transparent Debugging

    Fengwei Zhang, Kevin Leach, Angelos Stavrou, Haining Wang

    IEEE Trans. Dependable Sec. Comput. 15(2): 321-335 (IEEE TDSC 2018)

  4. On Early Detection of Application-level Resource Exhaustion and Starvation

    Mohamed Elsabagh, Daniel Barbará, Dan Fleck, Angelos Stavrou.

    In the Elsevier Journal of Systems and Software 137: 430-447 (2018)

  5. An Empirical Investigation of Ecommerce-Reputation-Escalation-as-a-Service

    Haitao Xu, Daiping Liu, Haining Wang, Angelos Stavrou.

    ACM Transactions on the Web, Volume 11, Number 2, May 2017 (pages 13:1-13:35)

  6. DDoS in the IoT: Mirai and Other Botnets

    Constantinos Kolias, Georgios Kambourakis, Angelos Stavrou, Jeffrey M. Voas.

    IEEE Computer 50(7): 80-84 (2017)

  7. Cybersecurity Leadership: Competencies, Governance, and Technologies for Industrial Control

    Jean-Pierre Auffret, Jane L. Snowdon, Angelos Stavrou, Jeffrey S. Katz, Diana Kelley, Rasheq S. Rahman, Frank Stein, Lisa Sokol, Peter Allor, Peng Warweg.

    Journal of Interconnection Networks 17(1): 1-20 (2017)

  8. Verified Time

    Angelos Stavrou, Jeff Voas.

    IEEE Computer, Volume: 50, Issue: 3, March 2017

  9. On the Move: Evading Distributed Denial-of-Service Attacks

    Angelos Stavrou, Daniel Fleck, Constantinos Kolias.

    IEEE Computer 49(3): 104-107 (2016)

  10. Intrusion Detection in 802.11 Networks: Empirical Evaluation of Threats and a Public Dataset

    Constantinos Kolias, Georgios Kambourakis, Angelos Stavrou, Stefanos Gritzalis.

    IEEE Communications Surveys and Tutorials 18(1): 184-208 (2016)

  11. Learning Internet-of-Things Security "Hands-On"

    Constantinos Kolias, Angelos Stavrou, Jeffrey M. Voas, Irena Bojanova, D. Richard Kuhn.

    IEEE Security & Privacy 14(1): 37-46 (2016)

  12. Securely Making "Things" Right

    Constantinos Kolias, Angelos Stavrou, Jeffrey M. Voas.

    IEEE Computer 48(9): 84-88 IEEE Magazine (2015)

  13. A Moving Target DDoS Defense Mechanism

    Huangxin Wang, Quan Jia, Dan Fleck, Walter Powell, Fei Li, Angelos Stavrou.

    In the Elsevier Journal of Computer Communications, 46: 10-21 (2014)

  14. HyperCheck: A Hardware-Assisted Integrity Monitor

    Fengwei Zhang, Jiang Wang, Kun Sun, and Angelos Stavrou.

    In the proceedings of IEEE Transactions on Dependable and Secure Computing (TDSC), 11(4): 332-344 (2014)

  15. Improving network response times using social information

    Sharath Hiremagalore, Chen Liang, Angelos Stavrou and Huzefa Rangwala. Proceedings of Social Network Analysis and Mining, Springer

    Social Network Analysis and Mining, Volume 3, pages 209-220 (2013)

  16. Providing Users' Anonymity in Mobile Hybrid Networks

    Claudio Agostino Ardagna, Sushil Jajodia, Pierangela Samarati, Angelos Stavrou.

    ACM Transactions on Internet Technology, Volume 12, 3, Article 7, pages 1 - 33 (May 2013)

  17. Building Security into Off-the-Shelf Smartphones

    Angelos Stavrou, Jeffrey Voas, Tom Karygiannis, Steve Quirolgico.

    IEEE Computer, vol. 45, no. 2, pp. 82-84, Feb. 2012, doi:10.1109/MC.2012.44

  18. DoubleGuard: Detecting Intrusions In Multi-tier Web Applications

    Meixing Le, Angelos Stavrou, Brent ByungHoon Kang.

    In IEEE Journal on Transactions on Dependable and Secure Computing (TDSC) 2011,ISSN: 1545-5971 10 Nov. 2011. IEEE computer Society Digital Library.

    IEEE Computer Society. Acceptance Rate: 10-12% as reported by 2009 TDSC editorial, ISI Impact Factor: 2.093 (2010).

  19. The Ephemeral Legion: Producing an Expert Cyber-security Workforce from Thin Air

    Michael E. Locasto, Anup Ghosh, Sushil Jajodia, and Angelos Stavrou.

    In the Communications of the ACM, Vol. 54, Issue 1, pp 129 - 131. Impact Factor: 2.362 (2010). [bib]

  20. The Dynamic Community of Interest and its Realization in ZODIAC

    Scott Alexander, Steve Bellovin, Yuu-Heng Cheng, Brian Coan, Andrei Ghetie,

    Vikram Kaul, Nicholas F. Maxemchuk, Henning Schulzrinne, Stephen Schwab, Bruce Siegell, Angelos Stavrou, and Jonathan M. Smith.

    In IEEE Communications Magazine, October 2009, pp. 40-47. Impact Factor: 2.837

  21. On the Infeasibility of Modeling Polymorphic Shellcode: Re-thinking the Role of Learning in Intrusion Detection Systems

    Yingbo Song, Michael E. Locasto, Angelos Stavrou, Angelos D. Keromytis, and Salvatore J. Stolfo.

    In the Proceedings of Machine Learning Journal (MLJ) p. 179-205. Accepted: 7 August 2009.

    Published online: 29 October 2009. Editors: Pavel Laskov and Richard Lippmann. ISI Impact Factor: 1.956 (2010). [bib]

  22. WebSOS: An Overlay-based System For Protecting Web Servers From Denial of Service Attacks

    Angelos Stavrou, Debra L. Cook, William G. Morein, Angelos D. Keromytis, Vishal Misra, and Dan Rubenstein.

    In Elsevier Journal of Computer Networks, special issue on Web and Network Security,

    vol. 48, no. 5,p. 781 - 807. August 2005 5-Year Impact Factor: 1.690. [bib]

  23. A Lightweight, Robust, P2P System to Handle Flash Crowds

    Angelos Stavrou, Dan Rubenstein, Sambit Sahu.

    In the Proceedings of IEEE Journal on Selected Areas in Communications (JSAC) ,special issue on Service Overlay Networks,

    Volume 22, Number 1, p. 6-17, January 2004. Impact Factor: 4.232 (2010). [bib]


Conference Publications

  1. FIRMSCOPE: Automatic Uncovering of Privilege-Escalation Vulnerabilities in Pre-Installed Apps in Android Firmware. [PDF]

    Mohamed Elsabagh, Ryan Johnson, and Angelos Stavrou, Kryptowire; Chaoshun Zuo, Qingchuan Zhao, and Zhiqiang Lin, The Ohio State University.

    In the 29th USENIX Security Symposium (USENIX Security 2020).

  2. Resilient and Scalable Cloned App Detection Using Forced Execution and Compression Trees

    Mohamed Elsabagh, Ryan Johnson, Angelos Stavrou

    In proceedings of the IEEE Conference on Dependable and Secure Computing (DSC 2018)

  3. An adversarial coupon-collector model of asynchronous moving-target defense against botnet reconnaissance

    G Kesidis, Y Shan, D Fleck, A Stavrou, T Konstantopoulos

    In proceedings of the 2018 13th IEEE International Conference on Malicious and Unwanted Software (IEEE MALCON)

  4. Moving-target Defense against Botnet Reconnaissance and an Adversarial Coupon-Collection Model

    Dan Fleck, Angelos Stavrou, George Kesidis, N Nasiriani, Y Shan, T Konstantopoulos

    In proceedings of the IEEE Conference on Dependable and Secure Computing (DSC 2018)

  5. End Users Get Maneuvered: Empirical Analysis of Redirection Hijacking in Content Delivery Networks

    Shuai Hao, Yubao Zhang and Haining Wang, Angelos Stavrou

    In the proceeding of the 27th Usenix Security Symposium, (Usenix Security 2018) August 15-17, 2018, Baltimore, MD, USA

  6. Dazed Droids: A Longitudinal Study of Android Inter-App Vulnerabilities

    Ryan Johnson, Mohamed Elsabagh, Angelos Stavrou, and Jeff Offutt

    In the Proceedings of ACM ASIA Conference on Computer & Communications Security 2018, (ASIACCS 2018), 777-791, June 4 - 8, 2018, Sogdo, Incheon, Korea

  7. Detecting and Characterizing Web Bot Traffic in a Large E-commerce Marketplace

    Haitao Xu, Zhao Li, Chen Chu, Yuanmi Chen, Yifan Yang, Haifeng Lu, Haining Wang, and Angelos Stavrou

    In the Proceedings of the 23rd European Symposium on Research in Computer Security (ESORICS'18), Barcelona, Spain, Sep. 2018. (Acceptance Rate: 19.8%, 56/283).

  8. The Mirai Botnet and the IoT Zombie Armies

    Georgios Kambourakis, Constantinos Kolias, and Angelos Stavrou

    In the Proceedings of the IEEE Military Communications Conference (MILCOM 2017) October 23 -25, 2017, Baltimore, MD, USA.

  9. Practical and Accurate Runtime Application Protection against DoS Attacks

    Mohamed Elsabagh, Dan Fleck, Angelos Stavrou, Michael Kaplan, Thomas Bowen

    In the Proceedings of 20th International Symposium on Research on Attacks, Intrusions and Defenses (RAID 2017). September 18-20, 2017, Atlanta, Georgia, USA.

  10. E-Android: A New Energy Profiling Tool for Smartphones

    Xing Gao, Dachuan Liu, Daiping Liu, Haining Wang, Angelos Stavrou

    In the proceedings of the the 37th IEEE International Conference on Distributed Computing Systems (ICDCS 2017), June 5-8, 2017, Atlanta, Georgia, USA. (Acceptance Rate: 16.9%, 90/531)

  11. Detecting Passive Cheats in Online Games via Performance-Skillfulness Inconsistency

    Daiping Liu, Xing Gao, Mingwei Zhang, Haining Wang, Angelos Stavrou

    In the proceedings of the 47th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2017), June 26-29, 2017, Denver, Colorado, USA.

    (Acceptance Rate: 22.3%, 49/220)

  12. Strict Virtual Call Integrity Checking for C++ Binaries(Distinguished paper award)

    Mohamed Elsabagh, Dan Fleck, Angelos Stavrou

    In the Proceedings of the ACM Asia Conference on Computer and Communications Security (ASIACCS) 2017, April 2-6, 2017 Abu Dhabi, UAE (Acceptance Rate: 18.7%, 67/359)

  13. Why Software DoS is Hard to Fix: Denying Access in Embedded Android Platforms

    Ryan Johnson, Mohamed Elsabagh, and Angelos Stavrou

    In the proceedings of the 14th International Conference on Applied Cryptography and

    Network Security (ACNS) 2016, June 19-22, 2016, London, UK (Acceptance Rate: 19.13%, 35/183).

  14. When a Tree Falls: Using Diversity in Ensemble Classifiers to Identify Evasion in Malware Detectors

    Charles Smutz and Angelos Stavrou

    In the proceedings of the Network and Distributed System Security Symposium (NDSS) 2016, February 21-24, San Diego, California, USA (Acceptance Rate: 15.4%, 60/389).

  15. Targeted DoS on Android: How to Disable Android in 10 Seconds or Less

    Ryan Johnson, Mohamed Elsabagh, Angelos Stavrou, and Vincent Sritapan

    In the proceedings of the 10th Malware Conference (MALCON) Oct. 2015, IEEE Computer Society ISBN: 978-1-5090-0317-4 pp: 136-143 Puerto Rico, USA.

  16. Preventing Exploits in Microsoft Office Documents through Content Randomization

    Charles Smutz and Angelos Stavrou

    In the proceedings of the 18th International Symposium on Research in Attacks, Intrusions and Defenses (RAID), November 2015, Kyoto, Japan (Acceptance Rate: 23.5%, 28/119).

  17. Continuous Authentication on Mobile Devices Using Power Consumption, Touch Gestures and Physical Movement of Users

    Rahul Murmuria, Angelos Stavrou, Daniel Barbara, Dan Fleck

    In the proceedings of the 18th International Symposium on Research in Attacks, Intrusions and Defenses (RAID), November 2015, Kyoto, Japan (Acceptance Rate: 23.5%, 28/119).

  18. Privacy Risk Assessment on Online Photos

    Haitao Xu, Haining Wang, Angelos Stavrou

    In the proceedings of the 18th International Symposium on Research in Attacks, Intrusions and Defenses (RAID), November 2015, Kyoto, Japan (Acceptance Rate: 23.5%, 28/119).

  19. Radmin: Early Detection of Application-Level Resource Exhaustion and Starvation Attacks

    Mohamed Elsabagh, Daniel Barbara, Daniel Fleck, Angelos Stavrou

    In the proceedings of the 18th International Symposium on Research in Attacks, Intrusions and Defenses (RAID), November 2015, Kyoto, Japan (Acceptance Rate: 23.5%, 28/119).

  20. On the DNS Deployment of Modern Web Services (Best paper nominee)

    Shuai Hao, Haining Wang, Angelos Stavrou, and Evgenia Smirni

    In the proceeding of the 23rd IEEE International Conference on Network Protocols (ICNP) November 10-13 2015, San Francisco, CA, USA (Acceptance rate: 20%).

  21. Analysis of Content Copyright Infringement in Mobile Application Markets (Best paper award)

    Ryan Johnson, Nikolaos Kiourtis, Angelos Stavrou, and Vincent Sritapan

    In the proceedings of APWG/IEEE eCrime Research Summit 2015, May 2015, Barcelona, Spain.

  22. Using Hardware Features for Increased Debugging Transparency

    Fengwei Zhang, Kevin Leach, Angelos Stavrou, Haining Wang, and Kun Sun.

    In the Proceedings of the 36th IEEE Symposium on Security and Privacy (Oakland 2015), May 2015, San Jose, CA (Acceptance Rate: 13.5%, 55/407).

  23. Resurrecting the READ_LOGS Permission on Samsung Devices

    Ryan Johnson and Angelos Stavrou

    In the briefings of Blackhat Asia 2015.

  24. E-commerce Reputation Manipulation: The Emergence of Reputation-Escalation-as-a-Service (Best paper nominee)

    Haitao Xu, Daiping Liu, Haining Wang and Angelos Stavrou

    In the Proceedings of 24th World Wide Web Conference (WWW 2015) (Acceptance Rate: 14.1%, 131/929).

  25. TrustLogin: Securing Password-Login on Commodity Operating Systems

    Fengwei Zhang, Kevin Leach, Haining Wang, and Angelos Stavrou

    In the Proceedings of The 10th ACM Symposium on Information, Computer and Communications Security (AsiaCCS'15), Singapore, April 2015 (Acceptance Rate: 17.8%, 48/269).

  26. transAD: An Anomaly Detection Network Intrusion Sensor for the Web (short paper)

    Sharath Hiremagalore, Daniel Barbara, Dan Fleck, Walter Powell, and Angelos Stavrou

    In the Proceedings of Information Security Conference (ISC 2014), Lecture Notes in Computer Science p 477-489, Hong Kong, Oct 2014. (Acceptance Rate: 17.8%, 48/269)

  27. A Framework to Secure Peripherals at Runtime

    Fengwei Zhang, Haining Wang, Kevin Leach, Angelos Stavrou

    European Symposium on Research in Computer Security (ESORICS) p. 219-238 (2014) (Acceptance Rate: 24.8%, 58/234)

  28. Click Fraud Detection on the Advertiser Side

    Haitao Xu, Daiping Liu, Aaron Koehl, Haining Wang, Angelos Stavrou

    European Symposium on Research in Computer Security (ESORICS) p. 419-438 (2014) (Acceptance Rate: 24.8%, 58/234)

  29. Activity Spoofing and Its Defense in Android Smartphones

    Brett Cooley, Haining Wang, and Angelos Stavrou

    In the proceedings of the 12th International Conference on Applied Cryptography and Network Security (ACNS 2014) Lausanne, Switzerland. (Acceptance Rate: 22.5%, 33/147)

  30. Catch Me if You Can: A Cloud-Enabled DDoS Defense

    Quan Jia, Huangxin Wang, Dan Fleck, Fei Li, Angelos Stavrou, Walter A. Powell. In the Proceedings of the 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (IEEE DSN 2014), Atlanta, Georgia USA, June 23 - 26, 2014.

  31. Detecting Malicious Javascript in PDF through Document Instrumentation

    Daiping Liu, Haining Wang, and Angelos Stavrou.

    In the Proceedings of the 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (IEEE DSN 2014), Atlanta, Georgia USA, June 23 - 26, 2014.

  32. PyTrigger: A System to Trigger & Extract User-Activated Malware Behavior

    Dan Fleck, Arnur Tokhtabayev, Alex Alarif, Angelos Stavrou, and Tomas Nykodym.

    In the proceedings of the 8th ARES Conference (ARES 2013) University of Regensburg, Germany September 2nd - 6th, 2013.

  33. MOTAG: Moving Target Defense Against Internet Denial of Service Attacks

    Quan Jia, Kun Sun, Angelos Stavrou.

    In the proceedings of the International Conference on Computer Communications and Networks ICCCN 2013 Nassau, Bahamas July 30 - August 2, 2013.

  34. Behavioral Analysis of Android Applications Using Automated Instrumentation.

    Mohammad Karami, Mohamed Elsabagh, Parnian Najafiborazjani, and Angelos Stavrou.

    In the Proceedings of the 7th International Conference on Software Security and Reliability (IEEE SERE 2013), 18-20 June 2013, Washington DC, USA. (Acceptance rate 30%)

  35. Forced-Path Execution for Android Applications on x86 Platforms

    Ryan Johnson, and Angelos Stavrou.

    In the Proceedings of the 7th International Conference on Software Security and Reliability (IEEE SERE 2013), 18-20 June 2013, Washington DC, USA. (Acceptance rate 30%)

  36. Towards a Cyber Conflict Taxonomy

    Scott Applegate and Angelos Stavrou.

    In the Proceedings of the 5th International Conference on Cyber Conflict (CyCon 2013) NATO Cooperative Cyber Defence Centre of Excellence conference, 4-7 June 2013 in Tallinn, Estonia.

  37. Spectre: A Dependable Introspection Framework via System Management Mode

    Fengwei Zhang, Kevin Leach, Kun Sun, and Angelos Stavrou.

    In the Proceedings of the 43nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (IEEE DSN 2013), Budapest, 24 - 27 June 2013. (Acceptance Rate: 19.6%)

  38. Exposing Software Security and Availability Risks For Commercial Mobile Devices (CMDs)

    Ryan Johnson, Zhaohui Wang, Angelos Stavrou, and Jeff Voas.

    In the Proceedings of the IEEE RAMS 2013, Orlando, Florida, 28 - 31 January 2013.

  39. Malicious PDF Detection Using Metadata and Structural Features

    Charles Smutz and Angelos Stavrou.

    In the Proceedings of the 2012 Annual Computer Security Applications Conference (ACSAC), Orlando, Florida, USA, December 3-7, 2012. (Acceptance Rate: 19%, 44/231)

  40. Malware Characterization using Behavioral Components

    Chaitanya Yavvari, Arnur Tokhtabayev, Huzefa Rangwala, and Angelos Stavrou.

    In the Proceedings of 6th International Conference "Mathematical Methods, Models, and Architectures for Computer Network Security", St. Petersburg, Russia, October 17-20, 2012.

  41. Exposing Security Risks for Commercial Mobile Devices(Invited).

    Zhaohui Wang, Ryan Johnson, Rahul Murmuria, and Angelos Stavrou.

    In the Proceedings of 6th International Conference Mathematical Methods, Models, and Architectures for Computer Network Security", St. Petersburg, Russia, October 17-20, 2012.

  42. Mobile Application and Device Power Usage Measurements

    Rahul Murmuria, Jeffrey Medsger, Angelos Stavrou.

    In the Proceedings of the 6th International Conference on Software Security and Reliability (SERE 2012), Washington, DC, June 2012.

  43. Netgator: Malware Detection Using Program Interactive Challenges

    Brian Schulte, Haris Andrianakis, Kun Sun, Angelos Stavrou.

    In the Proceedings of the 9th Conference on Detection of Intrusions and Malware

    & Vulnerability Assessment (DIMVA 2012), Heraklion, Crete, Greece, July 26-27th, 2012.

  44. A Dependability Analysis of Hardware-Assisted Polling Integrity Checking Systems

    Jiang Wang, Kun Sun, and Angelos Stavrou.

    In the Proceedings of the 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012), Boston, Massachusetts, June, 2012.

  45. Implementing & Optimizing an Encryption File System on Android

    Zhaohui Wang, Rahul Murmuria, and Angelos Stavrou.

    In the Proceedings of the IEEE International Conference on Mobile Data Management (IEEE MDM 2012), July 23 - 26, 2012, Bangalore, India. (Acceptance Rate: 22/88)

  46. Analysis Android Applications’ Permissions (short paper)

    Ryan Johnson, Zhaohui Wang, Corey Gagnon and Angelos Stavrou.

    In the Proceedings of the 6th International Conference on Software Security and Reliability (SERE 2012), Washington, DC, June 2012.

  47. Mutual Authentication for USB Communications. (short paper)

    Zhaohui Wang, Ryan Johnson and Angelos Stavrou.

    In the Proceedings of the 6th International Conference on Software Security and Reliability (SERE 2012), Washington, DC, June 2012.

  48. A Framework for Automated Security Testing of Android Applications on the Cloud. (short paper)

    Sam Malek, Naeem Esfahani, Thabet Kacem, Riyadh Mahmood, Nariman Mirzaei, and Angelos Stavrou.

    In the Proceedings of the 6th International Conference on Software Security and Reliability (SERE 2012), Washington, DC, June 2012.

  49. SecureSwitch: BIOS-Assisted Isolation and Switch between Trusted and Untrusted Commodity OSes

    Kun Sun, Jiang Wang, Fengwei Zhang and Angelos Stavrou.

    In the Proceedings of the 19th Annual Network & Distributed System Security Symposium NDSS 2012, San Diego, California, 5-8 February 2012. Impact Factor: 2.60 (Acceptance Rate: 46/258 - 17.8%). [Presentation]

  50. Hardware-Assisted Application Integrity Monitor

    Jiang Wang, Kun Sun, Angelos Stavrou.

    In the Proceedings of IEEE Hawaii International Conference on System Sciences (HICSS45) pp. 5375- 5383, 45th Hawaii International Conference on System Sciences, 2012 January 4-7, 2012, Grand Wailea, Maui, USA. Impact Factor: N/A, (Acceptance Rate: N/A).

  51. Cross-domain Collaborative Anomaly Detection: So Far Yet So Close.

    Nathaniel Boggs, Sharath Hiremagalore, Angelos Stavrou, Salvatore J. Stolfo. In the Proceedings of the 14th International Symposium on Recent

    Advances in Intrusion Detection (RAID). September 2011, Menlo Park, CA. Impact Factor: 2.20 (Acceptance rate: 20/87 - 23%).

  52. Trading Elephants For Ants: Efficient Post-Attack Reconstitution. (short paper)

    Meixing Le, Zhaohui Wang, Quan Jia, Angelos Stavrou, Anup Ghosh and Sushil Jajodia In the Proceedings of the 7th International ICST Conference on Security and Privacy

    in Communication Networks (Securecomm 2011), p. 1-10, September 7-9 2011, London. Impact Factor: N/A, (Acceptance rate: 24%).

  53. Predicting Network Response Times Using Social Information (short paper)

    Chen Liang, Sharath Hiremagalore, Angelos Stavrou and Huzefa Rangwala.

    In the Proceedings of the ACM 2011 Conference on Advances in Social Networks Analysis and Mining, p. 527-531, July, 2011, Kaohsiung, Taiwan. Impact Factor: N/A, (Acceptance rate: 25%).

  54. Breaching and Protecting an Anonymizing Network System

    Jason Clark and Angelos Stavrou.

    In the Proceedings of the 6th Annual Symposium on Information Assurance (ASIA 2011). Impact Factor: N/A, (Acceptance rate: 50%).

  55. Advantages and disadvantages of remote asynchronous usability testing using amazon mechanical turk

    Erik Nelson and Angelos Stavrou.

    Proceedings of the Human Factors and Ergonomics Society 55th Annual Meeting, pages 1080-1084, HFES 2011 Conference, Red Rock Resort, Las Vegas, Nevada, September 19-23, 2011.

    Impact Factor: N/A, (Acceptance rate: N/A).

  56. Exploiting Smart-Phone USB Connectivity For Fun And Profit (Extended Version)

    Angelos Stavrou and Zhaohui Wang.

    BlackHat Technical Conference DC 2011 - Technical Briefings Session.

  57. Exploiting Smart-Phone USB Connectivity For Fun And Profit

    Zhaohui Wang and Angelos Stavrou.

    In the Proceedings of the 26th Annual Computer Security Applications Conference (ACM ACSAC)

    p. 357-366. December 6-10, 2010, Austin, Texas, USA. Impact Factor: 1.82 (Acceptance rate: 39/227) [bib]

  58. Experimental Results of Cross-Site Exchange of Web Content Anomaly Detector Alerts

    Nathaniel Boggs, Sharath Hiremagalore, Angelos Stavrou, and Salvatore J. Stolfo.

    In the Proceedings of IEEE Conference on Homeland Security Technologies (IEEE HST 2010), November 8-10, 2010, Waltham, MA, USA. Impact Factor: N/A (Acceptance rate: N/A).

  59. An Adversarial Evaluation of Network Signaling and Control Mechanisms

    Kangkook Jee, Stelios Sidiroglou-Douskos, Angelos Stavrou, and Angelos D. Keromytis.

    In the Proceedings of the 13th International Conference on Information Security and Cryptology (ICISC).

    December 2010, Seoul, Korea. Impact Factor: N/A (Acceptance rate: N/A).

  60. Small World VoIP

    Xiaohui Yang, Angelos Stavrou, Ram Dantu, and Duminda Wijesekera.

    In the Proceedings of the Second International Conference on Mobile Computing, Applications, and Services MobiCASE, October 25-28, 2010, Santa Clara, CA, USA.

    Impact Factor: N/A (Acceptance rate: N/A).

  61. QoP and QoS policy cognizant policy composition

    Paul Seymer, Angelos Stavrou, Duminda Wijesekera, Sushil Jajodia.

    In the Proceedings of the IEEE International Symposium on Policies for Distributed Systems and Networks, p. 77-86, Fairfax, VA, July 21-23, 2010. (Acceptance rate: 19.2%) [bib]

  62. Providing Mobile Users' Anonymity in Hybrid Networks

    Claudio Ardagna, Sushil Jajodia, Pierangela Samarati, and Angelos Stavrou (Alphabetic)

    In the Proceedings of the 15th European Symposium on Research in Computer Security (ESORICS 2010), p. 540-557, September 2010, Athens, Greece.

    Impact Factor: 1.45 (Acceptance rate: 42/210 - 20%). [bib]

  63. Traffic Analysis Against Low-Latency Anonymity Networks Using Available Bandwidth Estimation

    Sambuddho Chakravarty, Angelos Stavrou, and Angelos D. Keromytis.

    In the Proceedings of the 15th European Symposium on Research in Computer Security (ESORICS 2010) p. 249-267, September 2010, Athens, Greece.

    Impact Factor: 1.45 (Acceptance rate: 42/210 - 20%). [bib]

  64. HyperCheck: A Hardware-Assisted Integrity Monitor

    Jiang Wang, Angelos Stavrou, and Anup K. Ghosh.

    In the Proceedings of 13th International Symposium on Recent Advances in Intrusion Detection (RAID 2010), p. 158-177, Ottawa, Canada, September 15-17, 2010.

    Impact Factor: 2.20 (Acceptance rate: 24/104 - 23.1%). [bib]

  65. A Virtualization Architecture for In-Depth Kernel Isolation

    Jiang Wang, Sameer Niphadkar, Angelos Stavrou, Anup K. Ghosh.

    In the Proceedings of 43rd Hawaii International International Conference on Systems Science, IEEE Computer Society, p. 1-10, 5-8 January 2010, Koloa, Kauai, HI, USA.

    Impact Factor: N/A (Acceptance rate: N/A).

  66. Privacy preservation over untrusted mobile networks

    Claudio A. Ardagna, Sushil Jajodia, Pierangela Samarati, Angelos Stavrou in Privacy in Location- Based

    Applications: Research Issues and Emerging Trends, Springer Lecture Notes in Computer Science, Volume

    5599, 2009, pages 84-105. Impact Factor: N/A (Acceptance rate: N/A).

  67. Deny-by-Default Distributed Security Policy Enforcement in Mobile Ad Hoc Networks (short)

    Mansoor Alicherry, Angelos D. Keromytis, and Angelos Stavrou.

    In the Proceedings of the 5th International ICST Conference on Security and Privacy in Communication

    Networks SECURECOMM 2009, p. 41-50. September 2009, Athens, Greece. Impact Factor: N/A, (Acceptance rate: 25.3%). [bib]

  68. Adding Trust to P2P Distribution of Paid Content

    Alex Sherman, Angelos Stavrou, Jason Nieh, Angelos D. Keromytis, and Clifford Stein. In the Proceedings of the 12th Information Security Conference (ISC), p.459-474.

    September 2009, Pisa, Italy. Impact Factor: 1.24, (Acceptance rate: 27.6%). [bib]

  69. A2M: Access-Assured Mobile Desktop Computing

    Angelos Stavrou, Ricardo A. Baratto, Angelos D. Keromytis, and Jason Nieh.

    In the Proceedings of the 12th Information Security Conference (ISC), p. 186-201. September 2009, Pisa, Italy. Impact Factor: 1.24, (Acceptance rate: 27.6%). [bib]

  70. Adaptive Anomaly Detection via Self-Calibration and Dynamic Updating

    Gabriela F. Cretu, Angelos Stavrou, Michael E. Locasto, Salvatore J. Stolfo.

    In the Proceedings of 12th International Symposium On Recent Advances In Intrusion Detection,

    p. 41-60. Saint-Malo, Brittany, France, September 23-25, 2009. Impact Factor: 2.20 (Acceptance rate: 17 / 59 - 28.8%). [bib]

  71. SQLProb: A Proxy-based Architecture towards Preventing SQL Injection Attacks

    Anyi Liu, Yi Yuan, Duminda Wijesekera, and Angelos Stavrou.

    In the Proceedings of 24th Annual ACM Symposium on Applied Computing (SAC'09), p. 2054-2061 March 8-12, 2009, Honolulu, Hawaii. Impact Factor: N/A, (Acceptance Rate: 16.6%). [bib]

  72. A Security Architecture for Information Assurance and Availability in MANETs

    Angelos Stavrou, and Anup K. Ghosh.

    In the Proceedings of IEEE Conference on Military Communications (MILCOM '08),

    p. 1 - 8, November 2008, San Diego, CA. Impact Factor: N/A, (Acceptance Rate: N/A). Impact Factor: N/A, (Acceptance Rate: N/A). [bib]

  73. PAR: Payment for Anonymous Routing

    Elli Androulaki, Mariana Raykova, Shreyas Srivatsan, Angelos Stavrou, and Steven M. Bellovin.

    In the Proceedings of 8th Privacy Enhancing Technologies Symposium, p. 219-236, Leuven, Belgium July 23 - July 25, 2008. Impact Factor: 1.95, Acceptance rate: 13/49 - 26%). [bib]

  74. The Hidden Difficulties of Watching and Rebuilding Networks.

    Michael Locasto and Angelos Stavrou.

    IEEE Security and Privacy, vol. 6, no. 2, pp. 79-82, Mar/Apr, 2008. Impact Factor: 1.17, (Acceptance Rate: N/A). [bib]

  75. Pushback for Overlay Networks: Protecting against Malicious Insiders

    Angelos Stavrou, Michael E. Locasto, and Angelos D. Keromytis.

    In the Proceedings of the 6th International Conference on Applied Cryptography and Network Security (ACNS). June 2008, New York, NY.

    Impact Factor: N/A, (Acceptance Rate: N/A). [bib]

  76. Casting out Demons: Sanitizing Training Data for Anomaly Sensors

    Gabriela F. Cretu, Angelos Stavrou , Michael E. Locasto, Salvatore J. Stolfo, and Angelos D. Keromytis.

    In the Proceedings of the IEEE Symposium on Security & Privacy p. 81-95. May 2008, Oakland, CA. Impact Factor: 4.15, (Acceptance Rate: 11.2%) [bib]

  77. On the Infeasibility of Modeling Polymorphic Shellcode

    Yingbo Song, Michael E. Locasto, Angelos Stavrou , Angelos D. Keromytis, and Salvatore J. Stolfo.

    In the Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS), pp. 541 - 551. October/November 2007, Alexandria, VA.

    Impact Factor: 2.87, (Acceptance rate: 18.1%) [bib]

  78. A Study of Malcode-Bearing Documents

    Weijen Li, Salvatore Stolfo, Angelos Stavrou, Elli Androulaki, and Angelos D. Keromytis.

    In Proceedings of the 4th GI International Conference on Detection of Intrusions & Malware, and Vulnerability Assessment (DIMVA)

    pp. 231 - 250. July 2007, Lucerne, Switzerland.Impact Factor: 1.42, (Acceptance rate: 21%). [bib]

  79. From STEM to SEAD: Speculative Execution for Automated Defense.

    Michael E. Locasto, Angelos Stavrou, Gabriela F. Cretu, and Angelos D. Keromytis. In the Proceedings of the USENIX Annual Technical Conference (USENIX 2007),

    pp. 219-232, June 2007, Santa Clara, CA. Impact Factor: N/A, (Acceptance rate: 18.75%) [bib]

  80. Network Security as a Composable Service

    Stelios Sidiroglou, Angelos Stavrou, and Angelos D. Keromytis.

    In the Proceedings of the IEEE Sarnoff Symposium. January 2007, Princeton, NJ. (Invited paper)

  81. Countering DDoS Attacks with Multi-path Overlay Networks

    Angelos Stavrou and Angelos D. Keromytis.

    In the Information Assurance Technology Analysis Center (IATAC)

    Information Assurance Newsletter (IAnewsletter), vol. 9, no. 3, November 2006. (Invited paper, based on the CCS 2005 paper.)[pdf]

  82. W3Bcrypt: Encryption as a Stylesheet

    Angelos Stavrou, Michael E. Locasto, and Angelos D. Keromytis. In the Proceedings of the 4th International Conference on Applied Cryptography and Network Security (ACNS 2006),

    pp. 349-364, June 6-9, 2006, Singapore. Impact Factor: 1.44, (Acceptance rate: 33 / 218 - 15.1%) [bib]

  83. Countering DoS Attacks With Stateless Multipath Overlays

    Angelos Stavrou and Angelos D. Keromytis.

    In the Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS), pp. 249 - 259.

    November 2005, Alexandria, VA. Impact Factor: 2.87, (Acceptance rate: 15.2%).

  84. gore: Routing-Assisted Defense Against DDoS Attacks

    Stephen T. Chou, Angelos Stavrou, John Ioannidis, and Angelos D. Keromytis. In the Proceedings of the 8th Information Security Conference (ISC), p. 179-193. September 2005, Singapore. Impact Factor: 1.24, (Acceptance rate: 14%). [bib]

  85. MOVE: An End-to-End Solution To Network Denial of Service

    Angelos Stavrou, Angelos D. Keromytis, Jason Nieh, Vishal Misra, and Dan Rubenstein.

    In the Proceedings of the Internet Society (ISOC) Symposium on Network and Distributed Systems Security

    (NDSS) pp. 81 - 96. February 2005, San Diego, CA. Impact Factor: 2.60 (Acceptance rate: 12.9%).

  86. Content distribution for seamless transmission

    Edward G. Coffman Jr., Andreas Constantinides, Dan Rubenstein, Bruce Shepherd, Angelos Stavrou.

    In the Proceedings of SIGMETRICS Performance Evaluation Review 32(2): 31-32 (2004) [pdf (936 KB)].

  87. A Pay-per-Use DoS Protection Mechanism For The Web

    Angelos Stavrou, John Ioannidis, Angelos D. Keromytis, Vishal Misra, and Dan Rubenstein. In the Proceedings of the Applied Cryptography and Network Security (ACNS) Conference.

    June 2004, Yellow Mountain, China. LNCS Volume 3089/2004, pp. 120-134, ISBN: 3-540-22217-0. Impact Factor: 1.44 (Acceptance rate: 12%). [bib]

  88. Using Graphic Turing Tests to Counter Automated DDoS Attacks Against Web Servers.

    William G. Morein, Angelos Stavrou, Debra L. Cook, Angelos D. Keromytis, Vishal Misra, Dan Rubenstein.

    In the Proceedings of the 10th ACM International Conference on Computer and Communications Security (CCS) Washington, DC, October 2003.

    Impact Factor: 2.87, (Acceptance rate: 13.8%)

  89. A Lightweight, Robust P2P System to Handle Flash Crowds

    Angelos Stavrou, Dan Rubenstein and Sambit Sahu.

    In the Proceedings of IEEE ICNP 2002, Paris, France, November, 2002.

    [Proceedings Version ps (252K)] [Proceedings Version ps.gz (65K)] [Proceedings Version pdf (143K)] An earlier version is available as Columbia Technical Report EE020321-1, February, 2002.

    [Tech Report ps (508K)] [Tech Report ps.gz (109K)] [Tech Report pdf (242K)]. Impact Factor: N/A, (Acceptance rate: 14.7%). [bib]


Books/Book Chapters

  1. Overlay-Based DoS Defenses

    Angelos Stavrou. In Henk C.A. van Tilborg and Sushil Jajodia, editors, Encyclopedia of Cryptography and Security, 2nd Edition. Springer, 2010.

  2. TCP Modulation Attacks


Angelos Stavrou. In Henk C.A. van Tilborg and Sushil Jajodia, editors, Encyclopedia of Cryptography and Security, 2nd Edition. Springer, 2010.

Workshops

  1. Microservices made attack-resilient using unsupervised service fissioning [PDF]

    Ataollah Fatahi Baarzi, George Kesidis, Dan Fleck, Angelos Stavrou.

    In EuroSec '20: Proceedings of the 13th European workshop on Systems Security, April 2020 Pages 31–36.

  2. Breaking BLE Beacons For Fun But Mostly Profit

    Constantinos Kolias, Lucas Copi, Fengwei Zhang, Angelos Stavrou EUROSEC 2017: 4:1-4:6

  3. Your Data in Your Hands: Privacy-preserving User Behavior Models for Context Computation

    Rahul Murmuria, Angelos Stavrou, Daniel Barbara, and Vincent Sritapan

    To appear in the proceedings of International Workshop on Behavioral Implications of Contextual Analytics (co-located with IEEE PerCom 2017)

  4. Authentication Feature and Model Selection using Penalty Algorithms

    Rahul Murmuria and Angelos Stavrou.

    In the proceedings of the Twelfth Symposium on Usable Privacy and Security (SOUPS 2016). USENIX Association, 2016, Way workshop, Denver Colorado June 22-24, 2016

  5. Switchwall: Automated Topology Fingerprinting & Behavior Deviation Identification

    Nelson Nazzicari, Javier Almillategui, Angelos Stavrou and Sushil Jajodia.

    In the Proceedings of the 8th International Workshop on Security and Trust Management (STM 2012) in conjunction with ESORICS 2012, Pisa, Italy - September 13-14, 2012

  6. A Whitebox Approach for Automated Security Testing of Android Applications on the Cloud.

    Riyadh Mahmood, Naeem Esfahani, Thabet Kacem, Nariman Mirzaei, Sam Malek, and Angelos Stavrou.

    In the Proceedings of the 7th International Workshop on Automation of Software Test (AST 2012), Zurich, Switzerland, June 2012.

  7. The MEERKATS Cloud Security Architecture.

    Angelos D. Keromytis, Roxana Geambasu, Simha Sethumadhavan, Salvatore J. Stolfo, Junfeng Yang, Azzedine Benameur, Marc Dacier, Matthew Elder, Darrell Kienzle, and Angelos Stavrou.

    In the Proceedings of the 3rd International Workshop on Security and Privacy in Cloud Computing (ICDCS-SPCC). June 2012, Macao, China.

  8. CapMan: Capability-based Defense against Multi-Path Denial of Service (DoS) Attacks in MANET.

    Quan Jia, Kun Sun and Angelos Stavrou.

    In the Proceedings of the First International Workshop on Privacy, Security and Trust in Mobile and Wireless Systems

    (MobiPST 2011) in conjunction with 20th International Conference on Computer Communications and Networks (ICCCN 2011)

  9. The MINESTRONE Architecture: Combining Static and Dynamic Analysis Techniques for Software Security

    Angelos D. Keromytis, Salvatore J. Stolfo, Junfeng Yang, Angelos Stavrou, Anup Ghosh, Dawson Engler, Marc Dacier, Matthew Elder, and Darrell Kienzle.

    In the Proceedings of the 1st Workshop on Systems Security (SysSec), July 2011, Amsterdam, Netherlands.

  10. Firmware-assisted Memory Acquisition and Analysis tools for Digital Forensic. (short paper).

    Jiang Wang, Fengwei Zhang, Kun Sun, and Angelos Stavrou.

    In the Sixth International Workshop on Systematic Approaches to Digital Forensic Engineering (IEEE SADFE

    In conjunction with IEEE Security and Privacy Symposium, Oakland, CA, USA, May 26, 2011

  11. Moving Forward, Building An Ethics Community (Panel Statements) - Computer Security Ethics, Quo Vadis?

    Erin Kenneally, Angelos Stavrou, John McHugh, and Nicolas Christin.

    In the proceedings of the 2nd Workshop on Ethics in Computer Security Research 2011 Springer Lecture Notes in Computer Science (LNCS).

  12. Scalable Web Object Inspection and Malfease Collection.

    Charalampos Andrianakis, Paul Seymer, and Angelos Stavrou

    In the Proceedings of the 5th USENIX Workshop on Hot Topics in Security (HotSec '10). August 10, 2010 Washington, DC. (Acceptance rate: 11/57)

  13. Fine-grained Sharing of Health Records using XSPA Profile for XACML

    A. Al-Faresi, Bo Yu, Khalid Moidu, Angelos Stavrou, Duminda Wijesekera, Anoop Singhal In the Proceedings of 1st USENIX Workshop on Health Security and Privacy (HealthSec '10), August, 2010, Washington DC, USA.

  14. Evaluating a Collaborative Defense Architecture for MANETs.

    Mansoor Alicherry, Angelos Stavrou, and Angelos D. Keromytis.

    In the Proceedings (electronic) of the IEEE Workshop on Collaborative Security Technologies (CoSec),

    pp. 37 - 42. December 2009, Bangalore, India. (Acceptance rate: 17.2%).

  15. Keep your friends close: the necessity for updating an anomaly sensor with legitimate environment changes.

    Angelos Stavrou, Gabriela F. Cretu, Michael E. Locasto, Salvatore J. Stolfo.

    In the Proceedings of the 2nd ACM Workshop on Security and Artificial intelligence

    (Chicago, Illinois, USA, November 09 - 09, 2009). AISec '09. ACM, New York, NY, 39-46. (Position paper)

  16. The Heisenberg Measuring Uncertainty in Lightweight Virtualization Testbeds.

    Quan Jia, Zhaohui Wang and Angelos Stavrou.

    In the Proceedings of 2nd Workshop on Cyber Security Experimentation and Test (CSET '09). August, 2009, Montreal, Canada.

  17. Universal Multi-Factor Authentication Using Graphical Passwords.

    Alireza Pirayesh Sabzevar, and Angelos Stavrou.

    In the Proceedings of the 2nd IEEE/ACM Workshop on Security and Privacy in Telecommunications and Information Systems (SePTIS). December 2008, Bali, Indonesia.

  18. Identifying Proxy Nodes in a Tor Anonymization Circuit

    Sambuddho Chakravarty, Angelos Stavrou, and Angelos D. Keromytis.

    In the Proceedings of the 2nd IEEE/ACM Workshop on Security and Privacy

    in Telecommunications and Information Systems (SePTIS). December 2008, Bali, Indonesia.

  19. A multi-path approach for k-anonymity in mobile hybrid networks

    Claudio Agostino Ardagna, Angelos Stavrou, Sushil Jajodia, Pierangela Samarati and Rhandi Martin. In the Proceedings of International Workshop on Privacy in Location-Based Applications (PiLBA '08), October 2008.

  20. Efficiently Tracking Application Interactions using Lightweight Virtualization.

    Yih Huang, Angelos Stavrou, Anup K. Ghosh and Sushil Jajodia.

    In the Proceeding of the 1st Workshop on Virtualization Security (VMSec), in conjunction with ACM CCS 2008, October 2008.

  21. Return Value Predictability for Self-Healing

    Michael E. Locasto, Angelos Stavrou>, Gabriela F. Cretu, Angelos D. Keromytis, and Salvatore J. Stolfo.

    In the Proceedings of the 3rd International Workshop on Security (IWSEC), November 2008, Kagawa, Japan.

  22. Online Training and Sanitization of AD Systems. (extended abstract)

    Gabriela F. Cretu, Angelos Stavrou, Michael E. Locasto, Salvatore J. Stolfo.

    In the Proceedings of NIPS 2007 Workshop on Machine Learning in Adversarial Environments for Computer Security,

    December 2007, Vancouver, B.C., Canada. [pdf]

  23. Data Sanitization: Improving the Forensic Utility of Anomaly Detection Systems.

    Gabriela F. Cretu, Angelos Stavrou, Salvatore J. Stolfo, Angelos D. Keromytis.

    In the Proceedings of the 3rd Workshop on Hot Topics in System Dependability (HotDep), pp. 64 -

    70. June 2007, Edinburgh, UK. [pdf]

  24. Bridging the Network Reservation Gap Using Overlays

    Angelos Stavrou, David Turner, Angelos D. Keromytis, and Vassilis Prevelakis.

    In the Proceedings of the 1st Workshop on Information Assurance for Middleware Communications (IAMCOM).

    January 2007, Bangalore, India. [pdf] [ps]

  25. Dark Application Communities

    Michael E. Locasto, Angelos Stavrou, and Angelos D. Keromytis.

    In the Proceedings of the 15th New Security Paradigms Workshop (NSPW 2006). September 2006, Schloss Dagstuhl, Germany. [pdf] [ps]


Technical Reports

  1. Netgator: Malware Detection Through Program Interactive Proofs

    Brian Schulte, Rhandi Martin, Haris Andrianakis and Angelos Stavrou, GMU-CS-TR-2011-6

  2. SecureSwitch: BIOS-Assisted Isolation and Switch between Trusted and Untrusted Commodity OSes

    Kun Sun, Jiang Wang, Fengwei Zhang and Angelos Stavrou, GMU-CS-TR-2011-7

  3. An Analysis of System Management Mode (SMM)-based Integrity Checking Systems and Evasion Attacks.

    Jiang Wang, Kun Sun and Angelos Stavrou, GMU-CS-TR-2011-8

  4. Ruminate: A Scalable Architecture for Deep Network Analysis.

    Charles Smutz and Angelos Stavrou, GMU-CS-TR-2010-20.


Professional Activities & Service

Founder & CEO

Kryptowire LLC (http://www.kryptowire.com)

Editorial Positions, Panels, and Boards

Associate Editor, IEEE Transactions on Reliability, September 2015 - present

IET Journal on Information Security, May 2010 – May 2018

Encyclopedia of Cryptography and Security, Editorial Board Member, March 2010 - present

Program Organization:

Program co-Chair, 10th European Workshop on Systems Security (EuroSec): 2017, 2018

Program co-Chair, Research in Attacks, Intrusions and Defenses (RAID) Symposium, RAID 2013, 2014

Student Travel Grant Chair, ACM Conference on Computer and Communications Security (CCS), 2009, 2010

Program co-Chair, Workshop on Cyber Security Experimentation and Test (CSET): 2009, 2010

Program co-Chair, 1st Workshop on Virtual Machine Security (VMSec): 2008, 2009

Program Committee Member (Selected):

USENIX Security Symposium: 2007, 2008, 2009, 2020

ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec) 2020

IEEE MILCOM (Track 3): 2016, 2017, 2018

IEEE Conference on Dependable and Secure Computing: 2017

IEEE International Conference on Software Quality, Reliability and Security: 2016

Recent Advances in Intrusion Detection (RAID): 2011, 2012, 2017

IEEE Symposium on Security and Privacy (IEEE S&P): 2010, 2011, 2012

ACM Conference on Computer and Communications Security (CCS): 2009, 2010

Annual Computer Security Applications Conference (ACSAC): 2009, 2010, 2011, 2012, 2013

Network and Distributed System Security Symposium (NDSS): 2009, 2010

International Conference on Distributed Computing Systems (ICDCS): 2009, 2010, 2011, 2012, 2013

25th ACM Symposium On Applied Computing (SAC): 2010

Financial Cryptography and Data Security: 2010, 2011, 2012

5th ACM Int'l Conference on emerging Networking EXperiments and Technologies: 2009

International ICST Conference on Security and Privacy in Communication Networks (SecureComm), 2009, 2010, 2011

European Workshop on System Security (EUROSEC): 2008, 2009, 2010, 2011

IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2010, 2011, 2012

ECML/PKDD Workshop on Privacy and Security issues in Data Mining and Machine Learning PSDML 2010

2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET): 2009

European Conference on Computer Network Defense (EC2ND): 2008

Workshop on Cyber Security Experimentation and Test : 2008, 2013 Information Security Conference (ISC): 2008, 2009

European Symposium on Research in Computer Security (ESORICS): 2008

International Workshop on Security and Privacy in Wireless and Mobile Computing, Networking and Communications: 2008

Patent Litigation Experience

Expert witness for patent invalidity reports, depositions, patent office actions, Inter Partes Disputes preparation, product infringement reports, code and system examination.

Case: Confidential

Law firm: Feinberg Day Alberti & Thompson LLP ("Feinberg Day")

Project status: On-going

Case: IP Patent Consulting Law firm: Brian Owens, Esq

Project: On-going consulting on patent infringement, validity, and claim construction

Patent Filling/Examination Experience

Consulted GMU legal team on patent filling, claim structure, and responses to USPTO examination and re- examination of relevant patents.

  1. U.S. Patent Application 12/558,841 filed on September 14, 2009, entitled "Distributed Sensor for Detecting Malicious Software."

  2. U.S. Patent Application 12/548,175 filed on August 26, 2009, entitled "Event Driven Email Revocation."

  3. U.S. Patent Application 12/688,037 filed on January 15, 2010, entitled "Authentication Using Graphical Passwords."

  4. U.S. Patent Application 12/757,675 filed on April 9, 2010, entitled "Malware Detector."

  5. U.S. Patent Application 12/965,413 filed on December 10, 2010, entitled "Website Detection."

  6. U.S. Patent Application 12/835,228 filed on July 13, 2010, entitled "Inferring Packet Management Utility Rules."

  7. U.S. Patent Application 611413,673 filed on November 15, 2010, entitled "HyperCheck: A Hardware Assisted Integrity Monitor."

  8. U.S. Patent Application 611413,677 filed on November 15, 2010, entitled "Network Traffic Analysis."

Consulted on more patents filled prior to 2007 while I was at Columbia University (worked with Columbia retained law firms).


Advisory Boards, Workshops & Other Professional Activities

Academic Program Director, Masters in Management of Secure Information Systems, George Mason University, 2014 – May 2017

Academic Program Director, Masters in Information Security and Assurance, George Mason University, 2013 - 2015

IEEE Rebooting Computing Committee, 2013 - onwards

Senior Member of the IEEE, 2012 - onwards

Subject Matter Expert, DARPA Transformative Applications, September 2010 - September 2012

USDA Federal Mobile Computing Summit, 2011

NIST Mobile & Smart Phone Technologies Technical Exchange Meeting, 2011

Google Faculty Summit, July 2010

ARO/NSF Workshop on Moving Target Defense, October 2010

National Science Foundation Panels: 2008, 2009

DARPA Cyber Genome Project, Dec 2009

DARPA Digital Object Storage and Retrieval (DOSR), July 2008

DARPA Intrinsically Assurable Mobile Ad-hoc Networks (IAMANETs), January 2008


Student & Research advising

Ph.D. Thesis Committee Service

  1. Mahmood Riyadh, Electrical Engineering Department, George Mason University, Summer 2015.

  2. Velegalati Rajesh, Electrical Engineering Department, George Mason University, Summer 2015.

  3. Yu Bo, Computer Science Department, George Mason University, Fall 2014.

  4. Jin Jing, Computer Science Department, George Mason University, Fall 2013.

  5. Xu Min, Computer Science Department, George Mason University, Fall 2013.

  6. Caixia Wang, Thesis title: "Spatial content-based scene matching using a relaxation method", Department of Geography and GeoInformation Science, George Mason University, November 2010.

  7. Mansoor Alicherry, Thesis title: "A Distributed Policy Enforcement Architecture for Mobile Ad Hoc Networks",Computer Science Department, Columbia University, October 2010.

  8. Min Xu, Thesis title: "Session-aware RBAC Administration, Delegation, and Enforcement with XACML",Computer Science Department, George Mason University, April 2010.


Post-Doctoral Researchers

Konstantinos Kolias (August 2014 - 2019)

Daniel Fleck (August 2012 - 2019)

Nelson Nazzicari (August 2010 - September 2011)

Arnur Tokhtabayev (May 2011 - November 2012)

Current Ph.D. Students

Full Time Ph.D. Students

  1. Kene Nwondo (Auguest 2020 - present)

    Graduated Ph.D. Students

    Ryan E. Johnson (January 2011 – December 2019)

Graduated MSc. Students

  1. Charalampos Andrianakis (September 2008 - September 2011)

  2. Rhandi Martin (January 2009 - January 2011)

  3. Spyridon Panagiotopoulos (September 2009 - December 2011)

  4. Chen Liang (September 2009 - December 2011)


Service at George Mason University

Volgenau School of Engineering, Academic Director, M.S. in Management of Secure Information Systems Program, School of Management (March 2014 - 2018)

Computer Science Department, ISA Admissions & Policy Committee (September 2008 - present) Computer Science Department, Security Recruiting Committee (September 2010 - July 2011) Computer Science Department, APR ISA Committee (September 2010 - July 2011)

USENIX Association Campus Representative (2010 - present)

Faculty Advisor, undergraduate student group: GMU ECHO (Electrical & Computer Hacking Organization) (September 2009 - 2013)

Faculty Advisor, graduate student group: GMU Information Security Association (November 2007 - November 2009)


Teaching Experience

(Scores indicate mean course quality rating from student survey out of a maximum of 5.0)

Spring 2019: ISA 564/CS 499, Cyber Security Laboratory

Fall 2018: ISA 673, Operating Systems' Security

Fall 2017: CS 468, Secure Programing and Systems

Fall 2016: ISA 564, CS 499, Cyber Security Laboratory (14 students, Instr.: 4.43, Class: 4.86)

Fall 2015: ISA 564/CS 499, Cyber Security Laboratory (19 students, Instr.: 4.13, Class: 4.31)

Spring 2015: MSEC510, Foundations of Cyber Security (31 students, Instr.: 4.39, Class: 4.33)

Spring 2015: MSEC 650, Seminar: Enterprise Security Case St. (18 students, Instr.: 4.36, Class: 4.27)

Spring 2015: MSEC 720, Capstone Project Mgmt. Secure Info (18 students, Instr.: 4.22, Class: 3.72)

Spring 2015: ISA 785, Research in Digital Forensics (13 students, no evaluation)

Spring 2014: MSEC 511, Enterprise Security Practices (21 students, Instr.: 4.22, Class: 3.72)

Spring 2013: MSEC 642, Enterprise Security Technology (27 students, Instr.: 4.55, Class: 4.54)

Spring 2013: MSEC 511, Enterprise Security Practices (21 students, Instr.: 4.67, Class: 4.50)

Spring 2013: ISA 673, Operating Systems Security (31 students, Instr.: 4.53, Class: 4.55)

Fall 2012: ISA 674, Intrusion Detection (29 students, Instr.: 4.71, Class: 4.71)

Spring 2012 - Fall 2007. Weighted Average, Instructor: 4.66, Class: 4.53

Spring 2012: ISA 673, Operating Systems' Security (36 students, Instr.: 4.71, Class: 4.48)

Spring 2012: MSEC 511, Enterprise Security Practices (30 students, Instr.: 4.93, Class: 4.77)

Fall 2011: ISA 785, Research in Digital Forensics (29 students, Instr.: 4.91, Class: 4.91)

Fall 2010: ISA 862, Models for Computer Security (23 students, Instr.: 4.89, Class: 4.84)

Spring 2010: ISA 673, Operating Systems Security (28 students, Instr.: 4.46, Class: 4.58)

Fall 2009: CS 571, Operating Systems (40 students, Instr.: 4.58, Class: 4.21)

Spring 2009: ISA 564, Security Laboratory (46 students, Instr.: 4.45, Class: 4.42)

Fall 2008: ISA 656, Network Security (28 students, Instr.: 4.81, Class: 4.69)

Spring 2008: IT 862, Models for Computer Security (29 students, Instr.: 4.38, Class: 4.25)

Spring 2008: ISA 656, Network Security (32 students, Instr.: 4.64, Class: 4.46)

Fall 2007: ISA 656, Network Security (30 students, Instr.: 4.68, Class: 4.50)


Awarded Support for Research and Teaching (Gifts and Grants)

Total: $19,166,000(est). As the Primary Investigator (PI):: $15,315,000(est)

  1. PI NIST, $473,632, 09/01/2016 - 08/31/2019 "Towards Measuring Security for IoT"

  2. Co-PI NSF, $299,935, 09/01/2016 - 08/31/2019 "City and County Cross Jurisdiction Cybersecurity Collaboration Capacity Building" (with J.P. Auffret)

  3. PI DARPA LADS (sub to PFP Cyber), $1,454,051, 05/01/2016 - 04/30/2020 "Enhanced Cyber Defense by Leveraging Involuntary Analog Emissions" (with J.P. Auffret)

  4. PI DARPA XD3, $4,433,701, 04/12/2016 - 06/30/2020 "Democratizing DDoS Defenses Using Secure Indirection Networks" (GMU-led team with Columbia University, Penn. State, and BAE Systems, GMU portion $1,529,742 without options) (with Dan Fleck)

  5. PI DAPRA XD3 (sub to Vencore, Inc), $944,150, 04/20/2016 - 04/19/2019 "Lookout - for the DARPA Extreme DDoS Defense- TA3" (with Dan Fleck)

  6. PI, Korea Agency for Defense Development, $267,682, 06/02/2014 - 02/15/2016, Technical consulting on the test and evaluation methodology for cyber-security technologies (with J.P. Auffret)

  7. PI, NSF, $174,900, 09/01/2014 - 08/31/2017, "TWC: TTP Option: Small: Collaborative: Scalable Techniques for Better Situational Awareness: Algorithmic Frameworks and Large-Scale Empirical Analyses" (with Fabian Monrose, UNC)

  8. Co-PI, DARPA (sub to Invincea Labs), $360,753, 01/15/2014 - 03/30/2015, "TAPIO: Targeted Attack Premonition using Integrated Operational data sources" (with Dan Fleck)

  9. PI, NSF, $484,857, 08/01/2013 - 07/30/2016, "Bridging the Cybersecurity Leadership Gap: Assessment, Competencies and Capacity Building" (with J.P. Auffret)

  10. PI, DHS/Purdue, $486,691, 07/01/2013 - 06/30/2016, "Analysis of Mobile Application Communications Using GUI & Data Instrumentation"

  11. Co-PI, DHS, $256,000, 09/20/2012 - 08/31/2017, "Graduate Fellowship Training for Homeland Security" (with Duminda Wijesekera and Damon McCoy)

  12. co-PI Google Research Award, $75,000, 06/2013 (with Damon McCoy)

  13. co-PI NSF II-New, $547,000 09/2012-08/2013, "An Experimental Infrastructure for Cross-Domain Research in Wireless Computing, Cybersecurity and Data" (with Robert Simon, Daniel Barbara and Brian Mark)

  14. PI (GMU), DARPA MRC, $750,363 09/2011 - 01/2016, "MEERKATS: Maintaining EnterprisE Resiliency via Kaleidoscopic Adaptation & Transformation of Software Services", (Part of team that includes Columbia University and Symantec Corp. total budget: $6,619,270) (with Fei Li)

  15. PI, DARPA Transformative Applications/Aterrasys, $511,323 08/24/2011 - 08/24/2012,Securing Android Mobile Devices"

  16. PI, Army Research Office (ARO), DURIP $205,983 06/15/2011 - 06/14/2012, "A VPN Proxy Cloud for Detecting HTTP & VoIP Malware" (with Anup Ghosh)

  17. PI, IARPA, $2,169,506 08/02/2010 - 05/31/2014, "Securely Taking on New Executable Software of Uncertain Provenance (STONESOUP) Program" (with Anup Ghosh)

  18. PI, DARPA, $1,527,225 07/01/2010 - 06/30/2014, "CyNomix: Detecting Zero-Day Malware by Generating Behavioral Cyber Genome Sequences" (with Huzefa Rangwala)

  19. PI, NIST/DARPA, $653,780 (+$300,000 Supplement) 08/01/2010 - 07/31/2013, "Securing Android Smart-Phones via Automated Testing and Certified Communications" (with Anup Ghosh)

  20. co-PI, NIST, $431,902 07/01/2010 - 06/30/2013, "Building Policies to Control Virtual Environments using the Policy Machine" (with Duminda Wijesekera)

  21. co-PI, DHS, $368,923/$980,000 08/27/2010 - 05/31/2011 (2010), "ATHENA-Yukon Project" (with Anup Ghosh)

  22. co-PI, Secure Command, LLC $32,797 09/01/2010 - 03/31/2011, "Enforcing Hardware-Assisted Integrity & Trust for Commodity Operating Systems" (with Kun Sun)

  23. PI, NSF, $239,884 09/2009-08/2011, "TC: Small: Collaborative Research: Scalable Malware Analysis Using Lightweight Virtualization" (with Fabian Monrose)

  24. PI, Army Research Office (ARO), $342,400 09/2009-08/2011, STTR Phase II: "Automatic Identification & Mitigation of Unauthorized Information Leaking from Enterprise Networks" (with Sushil Jajodia)

  25. co-PI, DARPA, $291,000 09/2009-08/2010, "An Architecture for Providing High Assurance of Untrusted Applications on Wireless Handheld Devices" (with Anup Ghosh).

  26. co-PI, BAE Systems/DARPA, $59,875 1/1/09 - 09/11/2009, "National Cyber Range" (with Anup Ghosh)

  27. PI, Google Inc: Research gift, $90,000 03/09, (with Fabian Monrose)

  28. co-PI, AFOSR, $250,675 08/2009-08/2010, DURIP: "A Laboratory for Large-Scale Testing of Self- Healing" (with Anup Ghosh)

  29. co-PI, Princeton University/DARPA, $84,937 8/16/08 - 8/31/09, "Parallelizing Legacy Binary Code for Multi-Core Architectures via Extraction of Self-Similarity" (with Michael Locasto)

  30. co-PI, Army Research Office (ARO), DURIP $150,000 07/2009-07/2009, "A Laboratory for Proactively Preventing Phishing and Malcode Attacks Using Web Crawlers" (with Sushil Jajodia and Anup Ghosh)

  31. co-PI, DHS/I3P Dartmouth College, $60,000 11/2009, "Securing the Railway IT Infrastructure", (with Michael Locasto and Duminda Wijesekera)

  32. co-PI, AFOSR, $670,499 07/2009-07/2011, "Secure Composition of Networked Systems Based on User Tasks and Organizational Policy" (with Duminda Wijesekera and Sushil Jajodia).

  33. co-PI, DARPA/BAE Systems, $50,000 1/1/09 - 6/30/09 "National Cyber Range" (with Anup Ghosh)

  34. PI DHS/I3P Dartmouth College: $150,000 8/10/08 - 8/9/09 "Open Taint: Flexible and Automatic Dataflow Tagging and Control for User-Level Programs" (with Michael Locasto)

  35. co-PI, Google Inc: Research gift, $25,000 03/08, (with Steven M. Bellovin)

  36. co-PI, Secure Command, LLC: $50,000 9/19/08 - 3/18/09 "STTR: Fingerprinting Network Traffic" (with Sushil Jajodia)


Research Experience

Computer Science department, Columbia University,

Fu Foundation School of Engineering & Applied Science, New York, NY.

Research Assistant (Fall 2003 - Summer 2007).

Design and Implementation of protection mechanisms against DDoS Attacks using Overlay networks. | NSL Web page has more info on SOS/WEBSOS project.

Electrical Engineering department, Columbia University,

Fu Foundation School of Engineering & Applied Science, New York, NY.

Research Assistant (Spring 2002 - Fall 2003).

Design and implementation of a novel peer to peer client/server protocol in Java.

Performed Internet experiments using up to 180 concurrent nodes in various locations around the world.

European Union program TIDE/RISE for home networks application.

Development of robust home network applications for a controlled medical environment.

General Secretariat of Research and Technology of Greece.

Design and implementation of Industrial network for the Kopais industry as a part of a program from the General Secretariat of Research and Technology of Greece.

Prior to 2001 Work Experience

01/1999 - 12/2000: Network Administrator, University of Athens

03/1997 - 07/1998: Network Administrator. Westnet S.A.

09/1994 - 09/1997: University of Patras, Network Administrator

Academic Honors, Fellowships

Outstanding Research Award: 2016 Department of Computer Science, George Mason University.

IEEE Reliability Society Engineer of the Year Award (2012) - awarded January 2013.

Mason Masters In Secure Information Systems Outstanding Faculty of the Year Award (2013, 2014).

Mason Emerging Researcher/Scholar/Creator award: 2012 George Mason University (one out of three awards for 2012-2013).

Outstanding Research Award: 2010 Department of Computer Science, George Mason University. Dissertation with Distinction Award: 2007 Computer Science Department, Columbia University. CS Service Award: 2006 Computer Science Department, Columbia University.

Preceptor: Columbia University Fellow Spring 2004 & Fall 2005.

Best Teaching Assistant Award: Spring 2002, Columbia University.

Scholarship: from the graduate program of Algorithms, Logic & Computation for the first two years of study (1998-2000).

Greek National Fellowship Institution award: for being the second (2/180) for the first and third years of undergraduate study.