Jason (Iasonas) Polakis - cv


Postdoctoral Research Scientist
Network Security Lab,
Computer Science Department,
Columbia University

e-mail: my-last-name[at]cs.columbia.edu
450 Computer Science Building
1214 Amsterdam Avenue, M.C. 0401
New York, NY 10027, USA



Currently, I am a postdoctoral research scientist in the Computer Science Department at Columbia University, and a member of the Network Security Lab, working with Professor Angelos D. Keromytis.

I received my B.Sc. (2007), M.Sc. (2009), and Ph.D. (2014) degrees in Computer Science from the University of Crete, Greece, under the supervision of Professor Evangelos Markatos, while working as a research assistant in the Distributed Computing Systems Lab at FORTH-ICS. More information is available in my resume.

I will join UIC as an Assistant Professor in August 2016.


Research Interests

My research interests span several areas of security and privacy. In the past few years I have focused on understanding the security limitations of online social networks and web services, exploring the privacy threats that users face, and designing robust countermeasures. I have also explored alternative user authentication techniques, and access control mechanisms for shared content that strengthen user privacy. I am also interested in the usable aspect of security, and analyzing/designing image CAPTCHAs. I have also explored other topics of security, including the design of honeypots and VoIP-based DoS attacks.



Service

  • Program Committee member DSN 2017
  • Program Committee member DIMVA 2015, 2016
  • Program Committee member UEOP 2016 (satellite workshop of NDSS)
  • Publication co-chair BADGERS 2014

Peer-reviewed Conference and Workshop Publications


[Oakland] The Cracked Cookie Jar: HTTP Cookie Hijacking and the Exposure of Private Information
Suphannee Sivakorn*, Iasonas Polakis*, Angelos D. Keromytis
In Proceedings of the 37th IEEE Symposium on Security and Privacy (S&P)
May 2016, San Jose, CA (to appear). [PDF]
*Joint first authors.

▷ This work will also be presented at BlackHat USA 2016.


[EuroS&P] I Am Robot: (Deep) Learning to Break Semantic Image CAPTCHAs
Suphannee Sivakorn, Iasonas Polakis, Angelos D. Keromytis
In Proceedings of the 1st IEEE European Symposium on Security and Privacy
March 2016, Saarbrucken, Germany. [PDF, BibTex]

▷ This work was also presented at BlackHat Asia 2016.

▷ Media Coverage: The Register, Slashdot, Softpedia, Sophos, Schneier on Security, Gizmodo, Kaspersky, Information Week, Security Week, SC Magazine, Computing, The Inquirer, DHS


[BADGERS] Social Forensics: Searching for Needles in Digital Haystacks
Iasonas Polakis, Panagiotis Ilia, Zacharias Tzermias, Sotiris Ioannidis, Paraskevi Fragopoulou
In Proceedings of the 4th International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS), co-located with the 18th International Symposium on Research in Attacks, Intrusions and Defenses (RAID)
November 2015, Kyoto, Japan. [PDF, BibTex]


[CCS] Where's Wally? Precise User Discovery Attacks in Location Proximity Services
Iasonas Polakis, George Argyros, Theofilos Petsios, Suphannee Sivakorn, Angelos D. Keromytis
In Proceedings of the 22nd ACM Conference on Computer and Communications Security (CCS)
October 2015, Denver, CO, USA. [PDF, BibTex, Software]


[CCS] Face/Off: Preventing Privacy Leakage From Photos in Social Networks
Panagiotis Ilia, Iasonas Polakis, Elias Athanasopoulos, Federico Maggi, Sotiris Ioannidis
In Proceedings of the 22nd ACM Conference on Computer and Communications Security (CCS)
October 2015, Denver, Co, USA. [PDF, BibTex]


[DIMVA] Powerslave: Analyzing the Energy Consumption of Mobile Antivirus Software
Iasonas Polakis, Michalis Diamantaris, Thanasis Petsas, Federico Maggi, Sotiris Ioannidis
In Proceedings of the 12th Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA)
July 2015, Milan, Italy. [PDF, BibTex]


[CCS] Faces in the Distorting Mirror: Revisiting Photo-based Social Authentication
Iasonas Polakis, Panagiotis Ilia, Federico Maggi, Marco Lancini, Georgios Kontaxis, Stefano Zanero, Sotiris Ioannidis, Angelos D. Keromytis
In Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS)
November 2014, Arizona, USA. [PDF, BibTex]


[SI] Think before RT: An Experimental Study of Abusing Twitter Trends
Despoina Antonakaki, Iasonas Polakis, Elias Athanasopoulos, Paraskevi Fragopoulou, Sotiris Ioannidis
In Proceedings of the Workshop On Social Influence (SI), co-located with the 6th International Conference on Social Informatics (SocInfo)
November 2014, Barcelona, Spain. [PDF, BibTex]


[BADGERS] Security and Privacy Measurements in Social Networks: Experiences and Lessons Learned
Iasonas Polakis, Federico Maggi, Stefano Zanero, Angelos D. Keromytis
In Proceedings of the 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS), co-located with the 19th European Symposium on Research in Computer Security (ESORICS)
September 2014, Wroclaw, Poland [PDF, BibTex]


[ACSAC] The Man Who Was There: Validating Check-ins in Location-based Services
Iasonas Polakis, Stamatis Volanis, Elias Athanasopoulos, Evangelos P. Markatos
In Proceedings of the 29th Annual Computer Security Applications Conference (ACSAC)
December 2013, New Orleans, USA. [PDF, BibTex]


[ACSAC] All Your Face Are Belong to Us: Breaking Facebook's Social Authentication
Iasonas Polakis, Marco Lancini, Georgios Kontaxis, Federico Maggi, Sotiris Ioannidis, Angelos D. Keromytis, Stefano Zanero
In Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC)
December 2012, Florida, USA. [PDF, BibTex]

▷ Media Coverage: Computer World


[EC2ND] dead.drop: URL-based Stealthy Messaging
Georgios Kontaxis, Iasonas Polakis, Michalis Polychronakis and Evangelos P. Markatos
In Proceedings of the 7th European Conference on Computer Network Defense (EC2ND)
September 2011, Gothenburg, Sweden. [PDF, BibTex]


[SysSec] CAPTCHuring Automated (Smart)Phone Attacks
Iasonas Polakis, Georgios Kontaxis and Sotiris Ioannidis
In Proceedings of the 1stWorkshop on Systems Security (SysSec), co-located with the 8th Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)
July 2011, Amsterdam, Netherlands. [PDF, BibTex]


[SysSec] Outsourcing Malicious Infrastructure to the Cloud
Georgios Kontaxis, Iasonas Polakis, and Sotiris Ioannidis
In Proceedings of the 1stWorkshop on Systems Security (SysSec), co-located with the 8th Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)
July 2011, Amsterdam, Netherlands. [PDF, BibTex]


[EUROSEC] An Empirical Study on the Security of Cross-Domain Policies in Rich Internet Applications
Georgios Kontaxis, Demetres Antoniades, Iasonas Polakis, and Evangelos P. Markatos
In Proceedings of the 4th European Workshop on System Security (EUROSEC)
April 2011, Salzburg, Austria. [PDF, BibTex )


[WWW] we.b: The Web of Short URLs
Demetres Antoniades, Iasonas Polakis, Georgios Kontaxis, Elias Athanasopoulos, Sotiris Ioannidis, Evangelos P. Markatos, and Thomas Karagiannis.
In Proceedings of the 20th International World Wide Web Conference (WWW)
March 2011 Hyderabad, India [PDF, BibTex]


[SESOC] Detecting Social Network Profile Cloning
Georgios Kontaxis, Iasonas Polakis, Sotiris Ioannidis, and Evangelos P. Markatos
In Proceedings of the 3rd IEEE International Workshop on SEcurity and SOCial Networking (SESOC), co-located with the IEEE International Conference on Pervasive Computing and Communications (PerCom)
March 2011 Seattle, WA [PDF, BibTex]


[WPES] Using Social Networks to Harvest Email Addresses
Iasonas Polakis, Georgios Kontaxis, Spiros Antonatos, Eleni Gessiou, Thanasis Petsas and Evangelos P. Markatos
In Proceedings of the 9th Workshop on Privacy in the Electronic Society (WPES), co-located with the ACM Conference on Computer and Communications Security (CCS)
October 2010 Chicago, IL. [PDF, BibTex]


[EC2ND] Experiences and Observations from the NoAH Infrastructure
Georgios Kontaxis, Iasonas Polakis, Spiros Antonatos and Evangelos P. Markatos
In Proceedings of the 6th European Conference on Computer Network Defense (EC2ND)
October 2010 Berlin, Germany. [PDF, BibTex]


[ESORICS] D(e | i)aling with VoIP: Robust Prevention of DIAL Attacks
Alexandros Kapravelos, Iasonas Polakis, Elias Athanasopoulos, Sotiris Ioannidis, and Evangelos P. Markatos
In Proceedings of the 15th European Symposium on Research in Computer Security (ESORICS)
September 2010 Athens, Greece [PDF, BibTex]


[NDSS] A Systematic Characterization of IM Threats Using Honeypots
Spiros Antonatos, Iasonas Polakis, Thanasis Petsas and Evangelos P. Markatos
In Proceedings of the 17th Annual Network and Distributed System Security Symposium (NDSS)
March 2010 San Diego, CA. [PDF, BibTex]


Technical Reports


Where's Wally? Precise User Discovery Attacks in Location Proximity Services
Iasonas Polakis, George Argyros, Theofilos Petsios, Suphannee Sivakorn, Angelos D. Keromytis.
Technical Report CUCS-012-15, Dept. of Computer Science, Columbia University, August 2015. [PDF]


Digital is Calling the Analog: Robust Prevention of Dial Attacks
Alexandros Kapravelos, Iasonas Polakis, Elias Athanasopoulos, Sotiris Ioannidis, and Evangelos P. Markatos.
Technical Report 399. FORTH-ICS, October 2009. [PDF]


Articles, Books, Posters


Honeypot Technologies - PenTest Magazine.
Iasonas Polakis and Spiros Antonatos, September 2012.


The Red Book: A Roadmap for Systems Security Research
Evangelos Markatos and Davide Balzarotti (editors).
Available on: http://red-book.eu. The SysSec Consortium, August 2013.


(POSTER) Dynamic Monitoring of Dark IP Address Space
Iasonas Polakis, Georgios Kontaxis, Sotiris Ioannidis, and Evangelos P. Markatos
In Proceedings of the 3rd COST TMA International Workshop on Traffic Monitoring and Analysis (TMA)
April 2011, Vienna, Austria. [PDF, BibTex]
 

Last Modified: January 2016