Ph.D. student of Computer Science at Columbia University, New York, U.S.A.

His advisor is Prof. Angelos D. Keromytis. Member of the Network Security Lab.

Curriculum vitae available here


What's new

  • Our paper on protecting access to user accounts in the face of password leaks has been accepted at CCS '2013

Research Interests

  • Web security and privacy
  • Network security
  • Systems security
  • Applied cryptography

Contant Information

kontaxis[at]cs.[columbia]

Also, on Twitter, Google Plus
and LinkedIn

450 Computer Science Building, Columbia University
1214 Amsterdam Avenue, New York, NY 10027

Refereed Publications

Conference Proceedings

-- SAuth: Protecting User Accounts from Password Database Leaks. Georgios Kontaxis, Elias Athanasopoulos, Georgios Portokalidis, and Angelos D. Keromytis. In Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS). November 2013, Berlin, Germany. (Acceptance rate: 19.8%) [Slides]

-- All your face are belong to us: Breaking Facebook's Social Authentication. Iasonas Polakis, Marco Lancini, Georgios Kontaxis, Federico Maggi, Sotiris Ioannidis, Angelos D. Keromytis, and Stefano Zanero. In Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC). December 2012, Orlando, FL, USA. (Acceptance rate: 19%)
Featured online in Computerworld

-- Privacy-Preserving Social Plugins. Georgios Kontaxis, Michalis Polychronakis, Angelos D. Keromytis, and Evangelos P. Markatos. In Proceedings of the 21st USENIX Security Symposium. August 2012, Bellevue, WA. (Acceptance rate: 19.4%)

-- SudoWeb: Minimizing Information Disclosure to Third Parties in Single Sign-On Platforms. Georgios Kontaxis, Michalis Polychronakis, and Evangelos P. Markatos. In Proceedings of the 14th Information Security Conference (ISC). October 2011, Xi'an, China. (Best Student Paper Award) (Acceptance rate: 26.3%)

-- dead.drop: URL-based Stealthy Messaging. Georgios Kontaxis, Iasonas Polakis, Michalis Polychronakis, and Evangelos P. Markatos. In Proceedings of the 7th European Conference on Computer Network Defense (EC2ND). September 2011, Gothenburg, Sweden. (Acceptance rate: 32%)

-- we.b: The Web of Short URLs. Demetris Antoniades, Iasonas Polakis, Georgios Kontaxis, Elias Athanasopoulos, Sotiris Ioannidis, Evangelos P. Markatos, and Thomas Karagiannis. In Proceedings of the 20th International World Wide Web Conference (WWW). March 2011, Hyberabad, India. (Acceptance rate: 12.4%)

Workshop Proceedings

-- Outsourcing Malicious Infrastructure to the Cloud. Georgios Kontaxis, Iasonas Polakis and Sotiris Ioannidis. In Proceedings of the 2011 SysSec Workshop, co-located with the 8th conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA). July 2011, Amsterdam, Netherlands.

-- An Empirical Study on the Security of Cross-Domain Policies in Rich Internet Applications. Georgios Kontaxis, Demetris Antoniades, Iasonas Polakis and Evangelos P. Markatos. In Proceedings of the 4th European Workshop on System Security (EuroSec), co-located with EuroSys. April 2011, Salzburg, Austria.

-- Detecting Social Network Profile Cloning. Georgios Kontaxis, Iasonas Polakis, Sotiris Ioannidis, and Evangelos P. Markatos. In Workshop Proceedings of the 9th Annual IEEE International Conference on Pervasive Computing and Communications (PerCom). 3rd IEEE International Workshop on Security and Social Networking (SESOC). March 2011, Seattle, WA. (Acceptance rate: 26.9%)

-- Using Social Networks to Harvest Email Addresses. Iasonas Polakis, Georgios Kontaxis, Spiros Antonatos, Eleni Gessiou, Thanasis Petsas, and Evangelos P. Markatos. In Proceedings of the 9th ACM Workshop on Privacy in the Electronic Society (WPES), co-located with the ACM Conference on Computer and Communications Security (CCS). October 2010, Chicago IL, USA. (Acceptance rate: 20.8%)

Journals

-- Minimizing Information Disclosure to Third Parties in Social Login Platforms. Georgios Kontaxis, Michalis Polychronakis, and Evangelos P. Markatos. International Journal of Information Security (IJIS), vol. 11, no. 5, pp. 321-332, 2012. DOI: 10.1007/s10207-012-0173-6


Projects

SAuth

Synergy-based Enhanced Authentication

Safebutton

Privacy-Preserving Social Plugins

SudoWeb

Minimizing Information Disclosure to Third Parties in Social Login Platforms

MINESTRONE: Identifying and containing software vulnerabilities

MINESTRONE is a novel architecture that integrates static analysis, dynamic confinement, and code diversification techniques to enable the identification, mitigation and containment of a large class of software vulnerabilities.

MEERKATS: Maintaining EnterprisE Resiliency via Kaleidoscopic Adaptation and Transformation of Software Services

MEERKATS is a novel architecture for cloud environments that elevates continuous system evolution, adaptation, and misdirection as first-rate design principles.


Past Projects

SysSec Network of Excellence (2010-2014)

SysSec is funded by the European Commission.

The SysSec project aims at building a european network of excellence in managing threats and vulnerabilities in the future Internet.

WOMBAT: Worldwide Observatory of Malicious Behaviors and Attack Threats (2008-2010)

WOMBAT was funded by the European Union under the Seventh Framework Program.

The WOMBAT project aimed at providing new means to understand the existing and emerging threats that are targeting the Internet economy and the net citizens. To reach this goal, it involved: (i) real time gathering of a diverse set of security related raw data, (ii) enrichment of this input by means of various analysis techniques, and (iii) root cause identification and understanding of the phenomena under scrutiny.

NoAH: Network of Affined Honeypots (2005-2008)

NoAH was funded by the European Union under the Sixth Framework Program.

The NoAH project focused on the gathering and analysing of information about the nature of Internet cyberattacks. It has produced an infrastructure to detect and provide early warning of such attacks, so that appropriate countermeasures may be taken to combat them.