ANGELOS STAVROU - Curriculum Vitae
POSITIONS
HELD
-
May 2012 – Present
Associate Professor, Computer
Science Department, George Mason University, Fairfax, VA.
-
August 2007 – May 2012
Assistant Professor, Computer Science Department, George Mason University, Fairfax, VA.
-
May 2006 – August 2006
Research
Intern, Microsoft Research, Cambridge, UK.
-
August 2004 – December 2004
Software Engineer Intern,
Google Inc., Mountain view, CA.
-
September 2001 – August 2007
Research
Assistant, Computer Science Department, Columbia University, New York, NY.
EDUCATION
- Columbia University, Fu
Foundation School of Engineering & Applied Science, New York, NY.
Ph.D. in Computer Science (with Distinction) (August 2007)
Thesis:
"An Overlay Architecture for End-to-End Service Availability".
Advisor: Angelos D. Keromytis.
- Columbia University, Fu
Foundation School of Engineering & Applied Science, New York, NY.
M.Phil. Degree in Computer Science (January
2007)
M.Sc. Degree in Electrical Engineering with concentration in Multimedia Networking
(Peer to Peer Networks). (December 2002).
- National University of
Athens, Athens Greece /Carleton University ON, Canada.
M.Sc. Degree in Algorithms, Computability and Logic. (June 2001)
Master's Thesis: "A new distributed algorithm for routing in satellite
constellation networks" Advisor: Prof. E. Kranakis.
- University of Patras, Electrical Engineering Department, Patras Greece.
Certificate of Engineering for the completion of the last two
years of coursework in Electrical Engineering (February 1999).
- University of Patras, Physics Department, Patras,
Greece.
B.Sc (Honors) in Physics, (July 1997) Thesis: "Stream Ciphers theory and practical
application".
Publications
Issued Patents
1.
Methods, systems and media
for software self-healing
Michael
E. Locasto, Angelos D. Keromytis,
Salvatore J. Stolfo, Angelos
Stavrou, Gabriela Cretu,
Stylianos Sidiroglou, Jason
Nieh, and Oren Laadan.
U.S. Patent Number 7,962,798. Issued on June 14th,
2011.
2.
Systems and methods for computing data
transmission characteristics of a network path based on single-ended
measurements
Angelos D. Keromytis, Sambuddho Chakravarty, and Angelos Stavrou.
U.S. Patent Number 7,660,261. Issued on February 9th,
2010.
Journal Publications
1.
Improving network response times using
social information
Sharath Hiremagalore, Chen
Liang, Angelos Stavrou and Huzefa Rangwala.
Proceedings of Social Network Analysis and Mining, Springer Wien, p.1-12
(2012).
2.
Building Security into Off-the-Shelf
Smartphones
Angelos Stavrou, Jeffrey Voas, Tom Karygiannis, Steve Quirolgico,
Computer, vol. 45, no. 2, pp. 82-84, Feb. 2012,
doi:10.1109/MC.2012.44
3.
DoubleGuard: Detecting Intrusions In Multi-tier Web
Applications
Meixing Le, Angelos
Stavrou, Brent ByungHoon Kang.
In IEEE Journal on Transactions on Dependable and Secure Computing (TDSC) 2011, ISSN: 1545-5971
10 Nov. 2011. IEEE computer Society Digital Library. IEEE Computer Society.
Acceptance Rate: 10-12% as reported by 2009 TDSC editorial,
ISI Impact Factor: 2.093
(2010).
4.
The Ephemeral Legion:
Producing an Expert Cyber-security Workforce from Thin Air
Michael E. Locasto, Anup
Ghosh, Sushil Jajodia, and Angelos Stavrou.
In the Proceedings of the Communications of the
ACM, Vol. 54, Issue 1, pp 129—131.
Impact Factor: 2.362
(2010). [bib]
5.
The Dynamic Community of Interest and its
Realization in ZODIAC
Scott Alexander, Steve Bellovin, Yuu-Heng
Cheng, Brian Coan, Andrei Ghetie,
Vikram Kaul, Nicholas F. Maxemchuk, Henning Schulzrinne,
Stephen Schwab, Bruce Siegell,
Angelos Stavrou, and Jonathan M. Smith.
In IEEE Communications Magazine, October 2009, pp. 40-47. Impact Factor: 2.837
6.
On the Infeasibility of Modeling
Polymorphic Shellcode: Re-thinking the Role of
Learning in Intrusion Detection Systems
Yingbo Song, Michael E. Locasto,
Angelos Stavrou,
Angelos D. Keromytis, and Salvatore J. Stolfo.
In the Proceedings of Machine Learning
Journal (MLJ) p. 179-205. Accepted: 7 August 2009, Published
online: 29 October 2009. Editors: Pavel Laskov and Richard
Lippmann. ISI Impact Factor: 1.956 (2010). [bib]
7.
WebSOS: An Overlay-based System For Protecting
Web Servers From Denial of Service Attacks
Angelos Stavrou, Debra L. Cook,
William G. Morein, Angelos D. Keromytis,
Vishal Misra, and Dan Rubenstein.
In Elsevier
Journal of Computer Networks, special issue on Web and Network Security,
vol. 48, no. 5,
p. 781 - 807. August 2005 5-Year Impact
Factor: 1.690.
[bib]
8.
A Lightweight, Robust, P2P System to Handle
Flash Crowds
Angelos Stavrou, Dan Rubenstein, Sambit Sahu.
In the Proceedings of IEEE
Journal on Selected Areas in Communications (JSAC), special issue on
Service
Overlay Networks, Volume 22, Number 1, p. 6-17, January 2004. Impact Factor: 4.232 (2010). [bib]
Conference Publications
1.
Towards a Cyber Conflict Taxonomy
Scott Applegate and Angelos Stavrou.
To appear in the Proceedings of the 5th International
Conference on Cyber Conflict (CyCon 2013)
NATO Cooperative Cyber Defence Centre of Excellence
conference, 4-7 June 2013 in Tallinn, Estonia.
2.
Spectre:
A Dependable Introspection Framework via System Management Mode
Fengwei Zhang, Kevin Leach, Kun Sun, and Angelos Stavrou.
In the Proceedings of the 43nd Annual IEEE/IFIP International Conference on
Dependable Systems and
Networks (IEEE DSN 2013), Budapest, 24 - 27
June 2013.
3.
Exposing Software Security and
Availability Risks For Commercial Mobile Devices (CMDs)
Ryan Johnson, Zhaohui Wang, Angelos
Stavrou, and Jeff Voas.
In the Proceedings of the IEEE RAMS 2013,
Orlando, Florida, 28 - 31 January 2013.
4.
Malicious
PDF Detection Using Metadata and Structural Features
Charles Smutz and Angelos Stavrou.
In the Proceedings of the 2012 Annual Computer Security Applications Conference
(ACSAC), Orlando,
Florida, USA, December 3–7, 2012.
5.
Malware
Characterization using Behavioral Components
Chaitanya Yavvari, Arnur Tokhtabayev, Huzefa Rangwala, and Angelos Stavrou.
In the Proceedings of 6th International Conference “Mathematical Methods, Models, and
Architectures for
Computer Network Security”, St. Petersburg, Russia, October 17-20, 2012.
6.
Exposing
Security Risks for Commercial Mobile Devices(Invited)
Zhaohui Wang, Ryan Johnson, Rahul Murmuria,
and Angelos Stavrou.
In the Proceedings of 6th International Conference “Mathematical Methods, Models, and
Architectures for
Computer Network Security”, St. Petersburg, Russia, October 17-20, 2012.
7.
Mobile Application and Device Power Usage
Measurements
Rahul Murmuria, Jeffrey Medsger,
Angelos Stavrou.
In the Proceedings of the 6th International Conference on Software
Security and Reliability (SERE 2012), Washington, DC, June 2012.
8. Netgator: Malware Detection Using Program
Interactive Challenges
Brian
Schulte, Haris Andrianakis,
Kun Sun, Angelos
Stavrou.
In the Proceedings of the 9th Conference on Detection of Intrusions and Malware
& Vulnerability Assessment
(DIMVA 2012), Heraklion, Crete, Greece, July 26-27th, 2012.
9. A Dependability Analysis of Hardware-Assisted
Polling Integrity Checking Systems
Jiang Wang, Kun Sun, and Angelos Stavrou.
In the Proceedings of the 42nd Annual IEEE/IFIP International Conference on
Dependable Systems and
Networks (DSN 2012), Boston, Massachusetts, June,
2012.
10. Implementing
& Optimizing an Encryption File System on Android
Zhaohui Wang, Rahul Murmuria, and Angelos Stavrou.
In the Proceedings of the IEEE International Conference on Mobile Data
Management
(IEEE MDM 2012), July 23 - 26, 2012, Bangalore, India. (Acceptance Rate: 22/88)
11. Analysis Android Applications’ Permissions
(short paper)
Ryan Johnson, Zhaohui Wang, Corey Gagnon and Angelos Stavrou.
In the Proceedings of the 6th International
Conference on Software Security and Reliability (SERE 2012), Washington,
DC, June 2012.
12. Mutual Authentication for USB
Communications (short paper)
Zhaohui Wang, Ryan Johnson and Angelos Stavrou.
In the Proceedings of the 6th
International Conference on Software Security and Reliability (SERE 2012),
Washington, DC, June 2012.
13. A Framework for Automated Security Testing
of Android Applications on the Cloud (short paper)
Sam Malek, Naeem Esfahani, Thabet Kacem, Riyadh Mahmood, Nariman Mirzaei, and Angelos Stavrou.
In the Proceedings of the 6th
International Conference on Software Security and Reliability (SERE 2012),
Washington, DC, June 2012.
14. SecureSwitch: BIOS-Assisted Isolation and Switch
between Trusted and Untrusted Commodity OSes
Kun Sun, Jiang Wang, Fengwei Zhang and Angelos Stavrou.
In the Proceedings of the 19th Annual Network & Distributed System
Security Symposium NDSS 2012,
San Diego, California, 5-8 February 2012. Impact Factor: 2.60 (Acceptance Rate: 46/258 – 17.8%). [Presentation]
15.
Hardware-Assisted Application Integrity
Monitor
Jiang Wang, Kun Sun, Angelos Stavrou.
In the Proceedings of IEEE Hawaii International Conference on System Sciences
(HICSS45) pp. 5375-5383,
45th Hawaii International Conference on System Sciences, 2012 January 4-7, 2012, Grand Wailea,
Maui, USA.
Impact Factor: N/A, (Acceptance Rate: N/A).
16.
Cross-domain
Collaborative Anomaly Detection: So Far Yet So Close
Nathaniel Boggs, Sharath Hiremagalore,
Angelos Stavrou, Salvatore J. Stolfo.
In the Proceedings of the 14th International Symposium on Recent
Advances in Intrusion Detection (RAID). September 2011, Menlo Park, CA.
Impact Factor: 2.20
(Acceptance rate: 20/87 - 23%).
17.
Trading Elephants For Ants: Efficient
Post-Attack Reconstitution (Short paper)
Meixing Le, Zhaohui Wang, Quan Jia, Angelos Stavrou, Anup Ghosh and Sushil Jajodia
In the Proceedings of the 7th International ICST Conference on Security and
Privacy
in Communication Networks (Securecomm 2011), p. 1-10,
September 7-9 2011, London.
Impact Factor: N/A, (Acceptance rate: 24%).
18.
Predicting Network Response Times Using
Social Information (short paper)
Chen Liang, Sharath Hiremagalore,
Angelos Stavrou and Huzefa
Rangwala.
In the Proceedings of the ACM 2011
Conference on Advances in Social Networks Analysis and Mining,
p. 527-531, July, 2011, Kaohsiung, Taiwan. Impact Factor: N/A, (Acceptance
rate: 25%) [bib]
19.
Breaching and Protecting an Anonymizing Network System
Jason Clark and Angelos Stavrou.
In the Proceedings of the 6th Annual Symposium on Information
Assurance (ASIA ‘11).
Impact Factor: N/A, (Acceptance rate: 50%).
20.
Advantages and disadvantages of remote
asynchronous usability testing using amazon mechanical turk
Erik Nelson and Angelos Stavrou.
Proceedings of the Human Factors and
Ergonomics Society 55th Annual Meeting, pages 1080-1084, HFES
2011 Conference, Red Rock Resort, Las Vegas, Nevada, September 19-23, 2011.
Impact Factor: N/A, (Acceptance rate: N/A).
21.
Exploiting
Smart-Phone USB Connectivity For Fun And Profit (Extended
Version)
Angelos Stavrou
and Zhaohui Wang.
BlackHat Technical Conference DC 2011 - Technical Briefings
Session.
22.
Exploiting
Smart-Phone USB Connectivity For Fun And Profit
Zhaohui Wang and Angelos Stavrou.
In the Proceedings of the 26th Annual
Computer Security Applications Conference (ACM ACSAC)
p. 357-366. December 6–10, 2010, Austin, Texas, USA. Impact Factor: 1.82 (Acceptance
rate: 39/227) [bib]
23.
Experimental Results
of Cross-Site Exchange of Web Content Anomaly Detector Alerts
Nathaniel Boggs, Sharath Hiremagalore,
Angelos Stavrou,
and Salvatore J. Stolfo.
In the Proceedings of IEEE Conference on
Homeland Security Technologies (IEEE HST 2010),
November 8-10, 2010, Waltham, MA, USA. Impact Factor: N/A (Acceptance rate:
N/A).
24.
An
Adversarial Evaluation of Network Signaling and Control Mechanisms
Kangkook Jee, Stelios Sidiroglou-Douskos, Angelos Stavrou, and Angelos D. Keromytis.
In the Proceedings of the 13th International Conference on Information Security
and Cryptology (ICISC).
December 2010, Seoul, Korea. Impact Factor: N/A (Acceptance rate: N/A).
25.
Small
World VoIP
Xiaohui Yang, Angelos Stavrou, Ram Dantu,
and Duminda Wijesekera.
In the Proceedings of the Second International Conference on Mobile Computing,
Applications,
and Services MobiCASE,
October 25-28, 2010, Santa Clara, CA, USA.
Impact Factor: N/A (Acceptance rate: N/A).
26.
QoP and QoS policy cognizant policy composition
Paul Seymer, Angelos Stavrou, Duminda
Wijesekera, Sushil Jajodia.
In the Proceedings of the IEEE
International Symposium on Policies for Distributed Systems
and Networks, p. 77-86, Fairfax, VA, July 21-23, 2010. (Acceptance rate: 19.2%)
[bib]
27.
Providing Mobile Users' Anonymity in Hybrid
Networks
Claudio Ardagna, Sushil
Jajodia, Pierangela Samarati, and Angelos Stavrou
(Alphabetic)
In the Proceedings of the 15th European
Symposium on Research in Computer Security
(ESORICS 2010), p. 540-557, September 2010, Athens, Greece.
Impact Factor: 1.45 (Acceptance
rate: 42/210 – 20%). [bib]
28.
Traffic Analysis Against Low-Latency
Anonymity Networks Using Available Bandwidth Estimation
Sambuddho Chakravarty,
Angelos Stavrou,
and Angelos D. Keromytis.
In the Proceedings of the 15th European
Symposium on Research in Computer Security
(ESORICS 2010) p. 249-267, September 2010, Athens, Greece.
Impact Factor: 1.45 (Acceptance
rate: 42/210 – 20%). [bib]
29.
HyperCheck: A Hardware-Assisted Integrity Monitor
Jiang Wang, Angelos Stavrou,
and Anup K. Ghosh.
In the Proceedings of 13th International
Symposium on Recent Advances in Intrusion Detection
(RAID 2010), p. 158-177, Ottawa, Canada, September 15-17, 2010.
Impact Factor: 2.20 (Acceptance
rate: 24/104 – 23.1%). [bib]
30.
A Virtualization Architecture for In-Depth Kernel Isolation
Jiang Wang, Sameer Niphadkar, Angelos Stavrou, Anup
K. Ghosh.
In the Proceedings of 43rd Hawaii International International
Conference on Systems Science,
IEEE Computer Society, p. 1-10, 5-8 January 2010, Koloa, Kauai, HI, USA.
Impact Factor: N/A (Acceptance rate: N/A).
31.
Privacy preservation over untrusted mobile
networks
Claudio A. Ardagna, Sushil Jajodia, Pierangela Samarati, Angelos Stavrou
in Privacy in Location-Based
Applications: Research Issues and
Emerging Trends, Springer Lecture Notes in Computer Science, Volume
5599, 2009, pages 84-105. Impact Factor: N/A (Acceptance rate: N/A).
32.
Deny-by-Default Distributed Security Policy
Enforcement in Mobile Ad Hoc Networks (short)
Mansoor Alicherry, Angelos
D. Keromytis, and Angelos Stavrou.
In the Proceedings of the 5th International ICST Conference on Security and
Privacy in Communication
Networks SECURECOMM 2009, p. 41-50. September 2009, Athens, Greece.
Impact Factor: N/A, (Acceptance rate: 25.3%). [bib]
33.
Adding Trust to P2P Distribution of Paid
Content
Alex Sherman, Angelos Stavrou,
Jason Nieh, Angelos D. Keromytis,
and Clifford Stein.
In the Proceedings of the 12th Information Security Conference (ISC),
p.459-474.
September 2009, Pisa, Italy. Impact Factor: 1.24, (Acceptance rate: 27.6%).
[bib]
34.
A2M:
Access-Assured Mobile Desktop Computing
Angelos Stavrou,
Ricardo A. Baratto, Angelos D. Keromytis,
and Jason Nieh.
In the Proceedings of the 12th Information Security Conference (ISC), p.
186-201.
September 2009, Pisa, Italy. Impact Factor: 1.24, (Acceptance rate: 27.6%).
[bib]
35.
Adaptive Anomaly Detection via
Self-Calibration and Dynamic Updating
Gabriela F. Cretu, Angelos
Stavrou, Michael E. Locasto, Salvatore J. Stolfo.
In the Proceedings of 12th International Symposium On Recent Advances In
Intrusion Detection,
p. 41-60. Saint-Malo, Brittany, France, September 23-25, 2009.
Impact Factor: 2.20 (Acceptance
rate: 17 / 59 – 28.8%). [bib]
36.
SQLProb: A Proxy-based Architecture towards Preventing SQL Injection Attacks
Anyi Liu, Yi Yuan, Duminda Wijesekera, and Angelos
Stavrou.
In the Proceedings of 24th Annual ACM Symposium on Applied Computing (SAC'09), p.
2054-2061
March 8-12, 2009, Honolulu, Hawaii. Impact Factor: N/A, (Acceptance Rate:
16.6%). [bib]
37.
A Security Architecture for Information Assurance and
Availability in MANETs
Angelos Stavrou,
and Anup K. Ghosh.
In the Proceedings of IEEE Conference on Military Communications (MILCOM '08),
p. 1 – 8, November 2008, San Diego, CA. Impact Factor: N/A, (Acceptance Rate:
N/A).
Impact Factor: N/A, (Acceptance Rate: N/A). [bib]
38.
PAR: Payment for Anonymous Routing
Elli Androulaki, Mariana Raykova,
Shreyas Srivatsan, Angelos Stavrou, and Steven M. Bellovin.
In the Proceedings of 8th Privacy Enhancing Technologies Symposium, p. 219-236,
Leuven, Belgium
July 23 - July 25, 2008. Impact Factor: 1.95,
Acceptance rate: 13/49 - 26%). [bib]
39.
The Hidden Difficulties of Watching and
Rebuilding Networks.
Michael Locasto and Angelos
Stavrou.
IEEE Security and Privacy, vol. 6, no. 2, pp. 79-82, Mar/Apr, 2008.
Impact Factor: 1.17, (Acceptance Rate: N/A). [bib]
40.
Pushback for Overlay Networks: Protecting
against Malicious Insiders
Angelos Stavrou, Michael E. Locasto, and Angelos D. Keromytis.
In the Proceedings of the 6th International Conference on Applied Cryptography
and Network Security (ACNS). June 2008, New York, NY.
Impact Factor: N/A, (Acceptance Rate: N/A). [bib]
41.
Casting out Demons: Sanitizing Training
Data for Anomaly Sensors
Gabriela F. Cretu, Angelos
Stavrou ,
Michael E. Locasto, Salvatore J. Stolfo,
and Angelos D. Keromytis.
In the Proceedings of the IEEE Symposium on Security & Privacy p. 81-95.
May 2008, Oakland, CA.
Impact Factor: 4.15, (Acceptance
Rate: 11.2%) [bib]
42.
On the Infeasibility of Modeling
Polymorphic Shellcode
Yingbo Song, Michael E. Locasto,
Angelos Stavrou , Angelos D. Keromytis,
and Salvatore J. Stolfo.
In the Proceedings of the 13th ACM Conference on Computer and Communications
Security (CCS),
pp. 541 - 551. October/November 2007, Alexandria, VA. Impact Factor: 2.87, (Acceptance rate:
18.1%) [bib]
43.
A Study of Malcode-Bearing
Documents
Weijen Li, Salvatore Stolfo,
Angelos Stavrou, Elli Androulaki,
and Angelos D. Keromytis.
In Proceedings of the 4th GI International Conference on Detection of
Intrusions & Malware, and
Vulnerability Assessment (DIMVA), pp. 231 - 250. July 2007, Lucerne,
Switzerland.
Impact Factor: 1.42, (Acceptance rate: 21%). [bib]
44.
From STEM to SEAD: Speculative Execution
for Automated Defense.
Michael E. Locasto, Angelos
Stavrou, Gabriela F. Cretu, and Angelos D. Keromytis.
In the Proceedings of the USENIX
Annual Technical Conference (USENIX 2007),
pp. 219-232, June 2007, Santa Clara, CA. Impact Factor: N/A, (Acceptance rate: 18.75%)
[bib]
45.
Network Security as a Composable
Service
Stelios Sidiroglou, Angelos Stavrou, and Angelos D. Keromytis.
In the Proceedings of the IEEE
Sarnoff Symposium. January 2007, Princeton, NJ. (Invited paper)
46.
Countering DDoS
Attacks with Multi-path Overlay Networks
Angelos Stavrou and Angelos D. Keromytis.
In the Information Assurance Technology
Analysis Center (IATAC) Information Assurance
Newsletter (IAnewsletter), vol. 9, no. 3, November
2006. (Invited paper, based on the CCS 2005 paper.)[pdf]
47.
W3Bcrypt: Encryption as a Stylesheet
Angelos Stavrou, Michael E. Locasto, and Angelos D. Keromytis.
In the Proceedings of the
4th International Conference on
Applied Cryptography and Network Security (ACNS 2006),
pp. 349-364, June 6-9, 2006, Singapore. Impact Factor: 1.44,
(Acceptance rate: 33 / 218 –
15.1%) [bib]
48.
Countering DoS
Attacks With Stateless Multipath Overlays
Angelos Stavrou and Angelos D. Keromytis.
In the Proceedings of the 12th ACM Conference on Computer
and Communications Security (CCS),
pp. 249 - 259. November 2005, Alexandria, VA. Impact Factor: 2.87,
(Acceptance rate: 15.2%) [bib]
49.
gore: Routing-Assisted Defense Against DDoS Attacks
Stephen T. Chou, Angelos Stavrou, John
Ioannidis, and Angelos D. Keromytis.
In the Proceedings of the 8th
Information Security Conference (ISC), p.
179-193.
September 2005, Singapore. Impact
Factor: 1.24, (Acceptance rate: 14%). [bib]
50.
MOVE: An End-to-End Solution To Network Denial of Service
Angelos Stavrou, Angelos D. Keromytis, Jason Nieh, Vishal Misra, and Dan Rubenstein.
In the Proceedings of the Internet Society (ISOC) Symposium on
Network and Distributed Systems Security
(NDSS), pp. 81 - 96. February 2005, San Diego, CA. Impact Factor: 2.60
(Acceptance rate: 12.9%). [bib]
51.
Content distribution for seamless
transmission
Edward G. Coffman Jr., Andreas Constantinides,
Dan Rubenstein, Bruce Shepherd, Angelos Stavrou
In the Proceedings of SIGMETRICS
Performance Evaluation Review 32(2): 31-32 (2004) [pdf (936 KB)].
52.
A Pay-per-Use DoS
Protection Mechanism For The Web
Angelos Stavrou, John Ioannidis,
Angelos D. Keromytis, Vishal Misra,
and Dan Rubenstein.
In the Proceedings of the Applied
Cryptography and Network Security (ACNS) Conference.
June 2004, Yellow Mountain, China. LNCS Volume 3089/2004, pp. 120-134, ISBN:
3-540-22217-0.
Impact Factor: 1.44
(Acceptance rate: 12%). [bib]
53.
Using Graphic Turing Tests to Counter
Automated DDoS Attacks Against Web Servers
William G. Morein, Angelos
Stavrou, Debra L. Cook, Angelos D. Keromytis,
Vishal Misra, Dan
Rubenstein.
In the Proceedings of the 10th
ACM International Conference on Computer and Communications Security
(CCS), Washington, DC, October 2003. Impact Factor: 2.87,
(Acceptance rate: 13.8%) [bib]
54.
A Lightweight, Robust P2P System to Handle
Flash Crowds
Angelos Stavrou, Dan Rubenstein and Sambit Sahu.
In the Proceedings of IEEE ICNP 2002, Paris, France, November,
2002.
[Proceedings Version ps
(252K)] [Proceedings Version ps.gz
(65K)] [Proceedings Version pdf (143K)]
An earlier version is available as Columbia Technical Report EE020321-1, February, 2002.
[Tech Report ps (508K)]
[Tech Report ps.gz (109K)] [Tech Report pdf (242K)].
Impact Factor: N/A, (Acceptance rate: 14.7%). [bib]
Books/Book Chapters
1.
Overlay-Based
DoS Defenses
Angelos Stavrou. In Henk
C.A. van Tilborg and Sushil
Jajodia, editors, Encyclopedia of Cryptography and
Security, 2nd Edition. Springer, 2010.
2. TCP Modulation Attacks
Angelos Stavrou. In Henk
C.A. van Tilborg and Sushil
Jajodia, editors, Encyclopedia of Cryptography and
Security, 2nd Edition. Springer, 2010.
Workshops
1. Switchwall: Automated Topology Fingerprinting &
Behavior Deviation Identification
Nelson Nazzicari, Javier Almillategui, Angelos Stavrou and Sushil Jajodia.
In the Proceedings of
the 8th International Workshop on Security and Trust Management (STM 2012)
in conjunction with ESORICS 2012,
Pisa, Italy - September 13-14, 2012
2. A Whitebox
Approach for Automated Security Testing of Android Applications on the Cloud
Riyadh Mahmood, Naeem Esfahani, Thabet Kacem, Nariman Mirzaei, Sam Malek, and Angelos Stavrou.
In the Proceedings of the 7th International Workshop on
Automation of Software Test (AST 2012), Zurich, Switzerland, June 2012.
3. The MEERKATS Cloud Security Architecture
, , , , , , , ,
, and .
In the Proceedings of the 3rd
International Workshop on Security and Privacy in Cloud Computing (ICDCS-SPCC).
June 2012, Macao, China.
4. CapMan: Capability-based Defense against Multi-Path Denial
of Service (DoS) Attacks in MANET
Quan Jia, Kun Sun and Angelos Stavrou.
In the Proceedings of the
First International Workshop on Privacy, Security and Trust in Mobile and
Wireless Systems (MobiPST 2011) in conjunction with 20th International Conference on
Computer Communications and Networks (ICCCN 2011)
5.
The MINESTRONE Architecture: Combining Static
and Dynamic Analysis Techniques for Software Security
Angelos D. Keromytis, Salvatore J. Stolfo, Junfeng Yang, Angelos Stavrou,
Anup Ghosh, Dawson Engler, Marc Dacier, Matthew
Elder, and Darrell Kienzle.
In the Proceedings of the 1st Workshop on Systems Security (SysSec).
July 2011, Amsterdam, Netherlands.
6.
Firmware-assisted Memory Acquisition and
Analysis tools for Digital Forensic (short paper)
Jiang Wang, Fengwei Zhang, Kun Sun, and Angelos
Stavrou.
In the Sixth International Workshop on
Systematic Approaches to Digital Forensic Engineering (IEEE SADFE 2011). In
conjunction with IEEE Security and Privacy Symposium, Oakland, CA, USA, May 26,
2011
7. Moving Forward,
Building An Ethics Community (Panel Statements) - Computer Security
Ethics, Quo Vadis?
Erin Kenneally, Angelos
Stavrou, John McHugh, and Nicolas Christin.
In the proceedings of the 2nd
Workshop on Ethics in Computer Security Research 2011
Springer Lecture Notes in Computer Science (LNCS).
8.
Scalable Web Object Inspection and Malfease Collection
Charalampos Andrianakis,
Paul Seymer, and Angelos Stavrou.
In the Proceedings of the 5th USENIX Workshop on Hot Topics in Security (HotSec '10).
August 10, 2010 Washington, DC. (Acceptance rate: 11/57)
9.
Fine-grained Sharing of Health Records using
XSPA Profile for XACML
A. Al-Faresi, Bo Yu, Khalid Moidu,
Angelos Stavrou, Duminda
Wijesekera, Anoop Singhal
In the Proceedings of 1st USENIX Workshop on Health Security and Privacy (HealthSec '10),
August, 2010, Washington DC, USA.
10.
Evaluating a Collaborative Defense Architecture for
MANETs
Mansoor Alicherry, Angelos Stavrou, and
Angelos D. Keromytis.
In the Proceedings (electronic) of the IEEE Workshop on Collaborative Security
Technologies (CoSec),
pp. 37 - 42. December 2009, Bangalore, India. (Acceptance rate: 17.2%).
11.
Keep your friends
close: the necessity for updating an anomaly sensor with legitimate environment
changes.
Angelos Stavrou,
Gabriela F. Cretu, Michael E. Locasto,
Salvatore J. Stolfo.
In the Proceedings of the 2nd ACM Workshop on Security and Artificial
intelligence
(Chicago, Illinois, USA, November 09 - 09, 2009). AISec
'09. ACM, New York, NY, 39-46. (Position paper)
12.
The Heisenberg
Measuring Uncertainty in Lightweight Virtualization Testbeds
Quan Jia, Zhaohui Wang and Angelos Stavrou.
In the Proceedings of 2nd Workshop on Cyber Security Experimentation and Test
(CSET '09). August, 2009, Montreal, Canada.
13.
Universal
Multi-Factor Authentication Using Graphical Passwords
Alireza Pirayesh Sabzevar, and Angelos Stavrou.
In the Proceedings of the 2nd IEEE/ACM Workshop on Security and Privacy in
Telecommunications and Information Systems (SePTIS).
December 2008, Bali, Indonesia.
14.
Identifying Proxy Nodes in
a Tor Anonymization Circuit
Sambuddho Chakravarty, Angelos Stavrou, and Angelos D. Keromytis.
In the Proceedings of the 2nd IEEE/ACM Workshop on Security and Privacy
in Telecommunications and Information Systems (SePTIS).
December 2008, Bali, Indonesia.
15.
A
multi-path approach for k-anonymity in mobile hybrid networks
Claudio Agostino Ardagna,
Angelos Stavrou, Sushil
Jajodia, Pierangela Samarati and Rhandi Martin.
In the Proceedings of International Workshop on Privacy in Location-Based
Applications (PiLBA '08), October 2008.
16.
Efficiently
Tracking Application Interactions using Lightweight Virtualization
Yih Huang, Angelos
Stavrou, Anup K. Ghosh
and Sushil Jajodia.
In the Proceeding of the 1st Workshop on
Virtualization Security (VMSec), in conjunction
with ACM CCS 2008, October 2008.
17.
Return
Value Predictability for Self-Healing
Michael E. Locasto, Angelos
Stavrou>, Gabriela F. Cretu, Angelos D. Keromytis, and Salvatore J. Stolfo.
In the Proceedings of the 3rd International
Workshop on Security (IWSEC), November 2008, Kagawa, Japan.
18.
Online
Training and Sanitization of AD Systems (extended abstract)
Gabriela F. Cretu, Angelos
Stavrou, Michael E. Locasto, Salvatore J. Stolfo.
In the Proceedings of NIPS 2007 Workshop on Machine Learning in Adversarial
Environments for Computer Security,
December 2007, Vancouver, B.C., Canada. [pdf]
19.
Data
Sanitization: Improving the Forensic Utility of Anomaly Detection Systems
Gabriela F. Cretu, Angelos
Stavrou, Salvatore J. Stolfo, Angelos D. Keromytis.
In the Proceedings of the 3rd Workshop on Hot Topics in System Dependability (HotDep), pp. 64 - 70. June 2007, Edinburgh, UK. [pdf]
20.
Bridging the
Network Reservation Gap Using Overlays
Angelos Stavrou, David Turner, Angelos D. Keromytis, and Vassilis Prevelakis.
In the Proceedings of the 1st Workshop on
Information Assurance for Middleware Communications (IAMCOM).
January 2007, Bangalore, India. [pdf] [ps]
21.
Dark
Application Communities
Michael E. Locasto, Angelos
Stavrou, and Angelos D. Keromytis.
In the Proceedings of the 15th New
Security Paradigms Workshop (NSPW 2006).
September 2006, Schloss Dagstuhl,
Germany. [pdf] [ps]
Technical Reports
1. Netgator: Malware Detection Through Program Interactive Proofs
GMU-CS-TR-2011-6
2. SecureSwitch: BIOS-Assisted Isolation and Switch between Trusted and Untrusted Commodity OSes
, GMU-CS-TR-2011-7
3. An Analysis of System Management Mode (SMM)-based Integrity Checking Systems and Evasion Attacks
, GMU-CS-TR-2011-8
4.
Ruminate: A
Scalable Architecture for Deep Network Analysis
, GMU-CS-TR-2010-20.
Professional Activities &
Service
Editorial Positions, Panels, and
Boards
IET
Journal on Information Security, May 2010 - Present.
Encyclopedia
of Cryptography and Security, Editorial Board Member, March 2010 - Present.
Program Organization:
Program co-Chair, Research in Attacks,
Intrusions and Defenses (RAID) Symposium, RAID
2013
Student Travel Grant Chair, ACM
Conference on Computer and Communications Security (CCS), 2009, 2010
Program co-Chair, Workshop on Cyber Security
Experimentation and Test (CSET): 2009, 2010
Program co-Chair, 1st
Workshop on Virtual Machine Security (VMSec): 2008,
2009
Program Committee Member (Selected Recent):
Recent Advances in Intrusion
Detection (RAID): 2011, 2012
IEEE Symposium on Security
and Privacy (IEEE S&P): 2010, 2011, 2012
ACM Conference on
Computer and Communications Security (CCS): 2009, 2010
Annual Computer Security
Applications Conference (ACSAC): 2009, 2010, 2011, 2012
USENIX Security Symposium: 2007, 2008, 2009
Network
and Distributed System Security Symposium (NDSS): 2009, 2010
Int’l Conference
on Distributed Computing Systems (ICDCS): 2009, 2010, 2011, 2012
25th ACM
Symposium On Applied Computing (SAC): 2010
Financial Cryptography and Data
Security: 2010, 2011, 2012
5th ACM
Int'l Conference on emerging Networking EXperiments
and Technologies: 2009
USENIX Security Symposium: 2007, 2008, 2009
International ICST
Conference on Security and Privacy in Communication Networks
(SecureComm),
2009, 2010, 2011
European Workshop on
System Security (EUROSEC): 2008, 2009, 2010, 2011
IEEE International Symposium on Policies for Distributed Systems and
Networks, POLICY 2010, 2011, 2012
ECML/PKDD Workshop on Privacy and Security issues in Data Mining and
Machine Learning PSDML 2010
2nd USENIX Workshop on Large-Scale
Exploits and Emergent Threats (LEET): 2009
European Conference on Computer
Network Defense (EC2ND): 2008
Workshop on Cyber Security
Experimentation and Test : 2008
Information Security Conference (ISC):
2008, 2009
European Symposium on
Research in Computer Security (ESORICS): 2008
International Workshop
on Security and Privacy in Wireless and Mobile Computing, Networking and
Communications: 2008
Advisory Boards, Workshops & Other Professional Activities
Subject
Matter Expert, DARPA Transformative Applications, September 2010 - current
USDA Federal Mobile Computing Summit,
2011
NIST Mobile & Smart Phone Technologies Technical Exchange Meeting, 2011
Google Faculty Summit, July 2010
ARO/NSF Workshop on Moving Target Defense, October 2010
National Science Foundation Panels: 2008,
2009
DARPA Cyber Genome Project, Dec 2009
DARPA Digital Object Storage and Retrieval (DOSR), July 2008
DARPA Intrinsically Assurable Mobile Ad-hoc Networks
(IAMANETs), January 2008
Ph.D. Thesis Committee Service
· Caixia Wang, Thesis title: “Spatial content-based scene matching using a relaxation method”,
Department of Geography and GeoInformation
Science, George Mason University, November 2010.
· Mansoor Alicherry, Thesis title: “A Distributed Policy Enforcement Architecture for Mobile Ad Hoc Networks”,
Computer Science Department, Columbia University, October 2010.
· Min Xu, Thesis title: “Session-aware RBAC Administration, Delegation, and
Enforcement with XACML”,
Computer Science Department, George Mason University, April 2010.
Post-Doctoral Researchers
Nelson
Nazzicari (August 2010 – September
2011)
Arnur Tokhtabayev (May 2011 – present)
Current Ph.D. Students
Full Time Ph.D. Students
·
Kevin Leach (May 2011 – present)
·
Ryan E. Johnson (January 2011 –
present)
·
Rahul Murmuria (January 2011 – present)
·
Chaitanya Yavvari
(January 2011 – present) (co-advised with Dr. Huzefa Rangwala)
·
Brian Schulte (September 2010 –
present)
·
Sharath Hiremagalore (September 2010 – present)
·
Quan Jia (September 2008 – present)
·
Zhaohui Wang (September 2008 – present)
·
Fengwei Zhang (September 2010 - present)
Part Time Ph.D. Students
·
Seymer Paul (January 2009 – present) (part-time Ph.D.)
·
Charles Smutz (January 2009 – present) (part-time Ph.D.)
Graduated Ph.D. Students
Jiang Wang (January 2008 – July 2011)
Graduated MSc. Students
· Charalampos Andrianakis (September 2008 – September 2011)
· Rhandi Martin (January 2009 – January 2011)
Service at George Mason University
Computer Science Department, ISA Admissions & Policy Committee (September 2008 – present)
Computer Science Department, Security Recruiting Committee (September
2010 – July 2011)
Computer Science Department, APR ISA Committee (September 2010 – July
2011)
Faculty
Advisor, undergraduate student group: GMU ECHO (Electrical & Computer Hacking Organization) (September
2009 – present)
Faculty Advisor, graduate student group: GMU
Information Security Association (November 2007 – November 2009)
Teaching Experience
(Scores indicate mean course quality rating from
student survey)
Instructor:
Fall 2012:
ISA 674, Intrusion
Detection
Spring 2012: ISA 673, Operating Systems' Security
Fall 2011: ISA 785, Research in Digital Forensics (29 students Ev: 4.91/5.0)
Fall 2010: ISA 862, Models for Computer Security (23
students Ev: 4.89/5.0)
Spring 2010: ISA 671, Operating Systems’ Security (28 students Ev:
4.46/5.0)
Fall 2009: CS 571, Operating
Systems (40 students Ev: 4.58/5.0)
Spring 2009: ISA 564, Security Laboratory (46 students Ev: 4.45/5.0)
Fall 2008: ISA 656, Network Security (28 students Ev: 4.81/5.0)
Spring 2008: IT 862, Models for Computer Security
(29 students, Ev:
4.38/5.0)
Spring 2008: ISA 656, Network Security
(32 students Ev:
4.64/5.0)
Fall 2007:
ISA 656 Network
Security (30 students, Ev:
4.68/5.0)
Fall 2005:
COMS W4995-1 (Special Topics) Networking Laboratory
(23 students)
Spring
2005:
COMS W1001 Introduction
to Computers (30 students)
Fall
2004: COMS W1001
Introduction
to Computers (33 students)
Teaching Assistant:
Fall 2003: COMS W4180 Network Security
Spring
2002: ELEN E4710y, An
Introduction to Network Engineering
Fall
2001: ELEN E3910, Elements of
Digital Systems
Awarded Support for Research and Teaching (Gifts and Grants)
Total: $9,718,287
Total as PI: $6,380,498
1. co-PI Google Research
Award, $75K, 06/2013 (with Damon McCoy)
2. co-PI NSF II-New, $547K 09/2012-08/2013, An Experimental Infrastructure for
Cross-Domain Research in Wireless Computing, Cybersecurity
and Data (with Robert Simon, Daniel Barbara and Brian Mark).
3. PI (GMU), DARPA MRC,
$800,000 09/2011 – 09/2011, MEERKATS: Maintaining EnterprisE
Resiliency via Kaleidoscopic Adaptation & Transformation
of Software Services, (Part of team that
includes Columbia University and Symantec Corp. total budget: $6,619,270) (with Fei Li)
4. PI, DARPA Transformative
Applications/Aterrasys, $511,323 08/24/2011 – 08/24/2012, Securing Android Mobile Devices
5. PI, Army Research Office (ARO), DURIP $205,983 06/15/2011 –
06/14/2012, A
VPN Proxy Cloud for Detecting HTTP & VoIP Malware (with Anup
Ghosh).
6. PI, IARPA, $2,169,506 08/02/2010
– 05/31/2014, Securely
Taking on New Executable Software of Uncertain Provenance (STONESOUP) Program
(with Anup Ghosh).
7. PI, DARPA, $1,527,225 07/01/2010 – 06/30/2014, CyNomix:
Detecting Zero-Day Malware by Generating Behavioral Cyber Genome Sequences
(with Huzefa Rangwala).
8. PI, NIST/DARPA, $653,780 (+$300,000 Supplement) 08/01/2010 –
07/31/2013,
Securing Android Smart-Phones via Automated Testing and Certified
Communications (with Anup Ghosh).
9. co-PI, NIST,
$431,902
07/01/2010 – 06/30/2013, Building Policies to Control
Virtual Environments using the Policy Machine (with Duminda
Wijesekera).
10. co-PI, DHS, $368,923/$980,000
08/27/2010 – 05/31/2011 (2013), ATHENA-Yukon Project (with Anup
Ghosh).
11. co-PI, Secure
Command, LLC $32,797 09/01/2010 – 03/31/2011, Enforcing Hardware-Assisted Integrity
& Trust for Commodity Operating Systems (with Kun Sun).
12. PI, NSF, $239,884 09/2009-08/2011,
TC: Small: Collaborative Research: Scalable Malware Analysis Using Lightweight
Virtualization, (with Fabian Monrose).
13. PI, Army Research Office (ARO), $342,400 09/2009-08/2011, STTR Phase II: Automatic Identification & Mitigation of
Unauthorized Information Leaking from Enterprise Networks, (with Sushil Jajodia).
14. co-PI,
DARPA, $291,000 09/2009-08/2010, An Architecture for Providing High Assurance
of Untrusted Applications on Wireless Handheld Devices, (with Anup Ghosh).
15. co-PI, BAE
Systems/DARPA, $59,875 1/1/09 – 09/11/2009, National Cyber
Range, (with Anup Ghosh)
16. PI, Google Inc: Research gift,
$90,000 03/09,
(with Fabian Monrose).
17. co-PI,
AFOSR, $250,675 08/2009-08/2010, DURIP:
A Laboratory for Large-Scale Testing of Self-Healing, (with Anup
Ghosh).
18. co-PI, Princeton
University/DARPA, $84,937 8/16/08 – 8/31/09, Parallelizing Legacy Binary Code for Multi-Core
Architectures via Extraction of Self-Similarity (with Michael Locasto)
19. co-PI, Army
Research Office (ARO), DURIP $150,000
07/2009-07/2009, A Laboratory for Proactively Preventing
Phishing and Malcode Attacks Using Web Crawlers,
(with Sushil Jajodia and Anup Ghosh).
20. co-PI, DHS/I3P
Dartmouth College, $60,000 11/2009, Securing the Railway IT Infrastructure, (with Michael Locasto
and Duminda Wijesekera).
21. co-PI,
AFOSR, $670,499
07/2009-07/2011, Secure
Composition of Networked Systems Based on User Tasks and Organizational Policy (with
Duminda Wijesekera and Sushil Jajodia).
22. co-PI, DARPA/BAE
Systems, $50,000 1/1/09
– 6/30/09 “National Cyber Range”, (with Anup Ghosh).
23. PI DHS/I3P Dartmouth College: $150,000 8/10/08 – 8/9/09 “Open Taint: Flexible
and Automatic Dataflow Tagging and Control for User-Level Programs” (with
Michael Locasto).
24. co-PI, Google
Inc: Research gift, $25,000 03/08, (with Steven M. Bellovin).
25. co-PI,
Secure Command, LLC: $50,000 9/19/08 – 3/18/09 “STTR: Fingerprinting
Network Traffic” (with Sushil Jajodia).
Research Experience
Computer
Science department, Columbia University,
Fu Foundation School of Engineering & Applied Science, New York, NY.
Research Assistant (Fall 2003 - Summer 2007).
Design and Implementation of protection mechanisms against DDoS
Attacks using Overlay networks. |
NSL Web page has more info on SOS/WEBSOS project.
Electrical Engineering department, Columbia University,
Fu Foundation School of Engineering & Applied Science, New York, NY.
Research Assistant (Spring 2002 - Fall 2003).
Design and implementation of a novel peer to peer
client/server protocol in Java.
Performed Internet experiments using up to 180 concurrent nodes in various
locations around the world.
European Union program TIDE/RISE for home networks application.
Development of robust home network applications for a
controlled medical environment.
General Secretariat of Research and Technology of Greece.
Design and implementation of Industrial network for the Kopais
industry as a part of a program from the
General Secretariat of Research and Technology of Greece.
Prior to 2001 Work Experience
01/1999 - 12/2000: Network Administrator, University of Athens
03/1997 - 07/1998: Network Administrator. Westnet
S.A.
09/1994 - 09/1997: University of Patras,
Network Administrator
Academic Honors, Fellowships
IEEE Reliability Society Engineer of the Year Award (2012) - awarded January 2013.
Mason
Emerging Researcher/Scholar/Creator award: 2012 George Mason University
(one out of three awards for 2012).
Outstanding Research Award: 2010 Department
of Computer Science, George
Mason University.
Dissertation with Distinction Award: 2007 Computer Science Department, Columbia
University.
CS Service Award: 2006 Computer Science Department, Columbia University.
Preceptor: Columbia University Fellow Spring 2004 & Fall 2005.
Best Teaching Assistant Award: Spring 2002, Columbia University.
Scholarship: from the graduate program of Algorithms, Logic & Computation for the first two years of study (1998-2000).
Greek National Fellowship Institution award: for being the second (2/180) for the first and third years of undergraduate study.