Associate Research Scientist
Network Security Lab,
Computer Science Department,
Columbia University

mikepo[at]cs.[domain]
450 Computer Science Building
1214 Amsterdam Avenue, M.C. 0401
New York, NY 10027-7003

About


I am an associate research scientist in the Computer Science Department at Columbia University. My main research interests are in the areas of network and system security and network monitoring and measurement.

I received the B.Sc. ('03), M.Sc. ('05), and Ph.D. ('09) degrees in Computer Science from the University of Crete, Greece, while working as a research assistant in the Distributed Computing Systems Lab at FORTH-ICS. Between 2010-2013, I was a Marie Curie fellow (IOF) at Columbia University and FORTH-ICS. More information is available in my resume.

Google Scholar | @polychronakis


Conference Publications


Dynamic Reconstruction of Relocation Information for Stripped Binaries
Vasilis Pappas, Michalis Polychronakis, and Angelos D. Keromytis. To appear in Proceedings of the 17th International Symposium on Research in Attacks, Intrusions and Defenses (RAID). September 2014, Gothenburg, Sweden.

ret2dir: Rethinking Kernel Isolation
Vasileios P. Kemerlis, Michalis Polychronakis, and Angelos D. Keromytis. To appear in Proceedings of the 23rd USENIX Security Symposium. August 2014, San Diego, CA.

GASPP: A GPU-Accelerated Stateful Packet Processing Framework
Giorgos Vasiliadis, Lazaros Koromilas, Michalis Polychronakis, and Sotiris Ioannidis. To appear in Proceedings of the USENIX Annual Technical Conference (ATC). June 2014, Philadelphia, PA.

On the Effectiveness of Traffic Analysis Against Anonymity Networks Using Flow Records
Sambuddho Chakravarty, Marco V. Barbera, Georgios Portokalidis, Michalis Polychronakis, and Angelos D. Keromytis. In Proceedings of the 15th Passive and Active Measurement Conference (PAM). March 2014, Los Angeles, CA.

K-Subscription: Privacy-preserving Microblogging Browsing through Obfuscation
Panagiotis Papadopoulos, Antonis Papadogiannakis, Michalis Polychronakis, Apostolis Zarras, Thorsten Holz, and Evangelos P. Markatos. In Proceedings of the 29th Annual Computer Security Applications Conference (ACSAC). December 2013, New Orleans, LA.

PRIDE: Practical Intrusion Detection in Resource Constrained Wireless Mesh Networks
Amin Hassanzadeh, Zhaoyan Xu, Radu Stoleru, Guofei Gu, and Michalis Polychronakis. In Proceedings of the 15th International Conference on Information & Communications Security (ICICS). November 2013, Beijing, China.

Scap: Stream-Oriented Network Traffic Capture and Analysis for High-Speed Networks
Antonis Papadogiannakis, Michalis Polychronakis, and Evangelos P. Markatos. In Proceedings of the Internet Measurement Conference (IMC). October 2013, Barcelona, Spain.

Rise of the Planet of the Apps: A Systematic Study of the Mobile App Ecosystem
Thanasis Petsas, Antonis Papadogiannakis, Michalis Polychronakis, Evangelos P. Markatos, and Thomas Karagiannis. In Proceedings of the Internet Measurement Conference (IMC). October 2013, Barcelona, Spain.

Server-side Code Injection Attacks: A Historical Perspective
Jakob Fritz, Corrado Leita, and Michalis Polychronakis. In Proceedings of the 16th International Symposium on Research in Attacks, Intrusions and Defenses (RAID). October 2013, Saint Lucia.

CloudFence: Data Flow Tracking as a Cloud Service
Vasilis Pappas, Vasileios P. Kemerlis, Angeliki Zavou, Michalis Polychronakis, and Angelos D. Keromytis. In Proceedings of the 16th International Symposium on Research in Attacks, Intrusions and Defenses (RAID). October 2013, Saint Lucia.

Transparent ROP Exploit Mitigation using Indirect Branch Tracing
Vasilis Pappas, Michalis Polychronakis, and Angelos D. Keromytis. In Proceedings of the 22nd USENIX Security Symposium. August 2013, Washington, DC.

Cloudopsy: an Autopsy of Data Flows in the Cloud
Angeliki Zavou, Vasilis Pappas, Vasileios P. Kemerlis, Michalis Polychronakis, Georgios Portokalidis, and Angelos D. Keromytis. In Proceedings of the 15th International Conference on Human-Computer Interaction (HCI). July 2013, Las Vegas, NV.

Privacy-Preserving Social Plugins
Georgios Kontaxis, Michalis Polychronakis, Angelos D. Keromytis and Evangelos P. Markatos. In Proceedings of the 21st USENIX Security Symposium. August 2012, Bellevue, WA.

ARC: Protecting against HTTP Parameter Pollution Attacks Using Application Request Caches
Elias Athanasopoulos, Vasileios P. Kemerlis, Michalis Polychronakis, and Evangelos P. Markatos. In Proceedings of the 10th International Conference on Applied Cryptography and Network Security (ACNS). June 2012, Singapore.

Tolerating Overload Attacks Against Packet Capturing Systems (Short Paper)
Antonis Papadogiannakis, Michalis Polychronakis, and Evangelos P. Markatos. In Proceedings of the USENIX Annual Technical Conference (ATC). June 2012, Boston, MA.

Smashing the Gadgets: Hindering Return-Oriented Programming Using In-Place Code Randomization
Vasilis Pappas, Michalis Polychronakis, and Angelos D. Keromytis. In Proceedings of the 33rd IEEE Symposium on Security & Privacy (S&P). May 2012, San Francisco, CA.

Parallelization and Characterization of Pattern Matching using GPUs
Giorgos Vasiliadis, Michalis Polychronakis, and Sotiris Ioannidis. In Proceedings of the IEEE International Symposium on Workload Characterization (IISWC). November 2011, Austin, TX.

ROP Payload Detection Using Speculative Code Execution
Michalis Polychronakis and Angelos D. Keromytis. In Proceedings of the 6th International Conference on Malicious and Unwanted Software (MALWARE). October 2011, Fajardo, Puerto Rico. (Best Paper Award)

MIDeA: A Multi-Parallel Intrusion Detection Architecture
Giorgos Vasiliadis, Michalis Polychronakis, and Sotiris Ioannidis. In Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS). October 2011, Chicago, IL.

SudoWeb: Minimizing Information Disclosure to Third Parties in Single Sign-On Platforms
Georgios Kontaxis, Michalis Polychronakis, and Evangelos P. Markatos. In Proceedings of the 14th Information Security Conference (ISC). October 2011, Xi'an, China. (Best Student Paper Award)

Detecting Traffic Snooping in Tor Using Decoys
Sambuddho Chakravarty, Georgios Portokalidis, Michalis Polychronakis, and Angelos D. Keromytis. In Proceedings of the 14th International Symposium On Recent Advances in Intrusion Detection (RAID). September 2011, Menlo Park, CA.

Comprehensive Shellcode Detection using Runtime Heuristics
Michalis Polychronakis, Kostas G. Anagnostakis, and Evangelos P. Markatos. In Proceedings of the 26th Annual Computer Security Applications Conference (ACSAC). December 2010, Austin, TX.

GPU-assisted Malware
Giorgos Vasiliadis, Michalis Polychronakis, and Sotiris Ioannidis. In Proceedings of the 5th IEEE International Conference on Malicious and Unwanted Software (MALWARE). October 2010, Nancy, France.

RRDtrace: Long-term Raw Network Traffic Recording using Fixed-size Storage
Antonis Papadogiannakis, Michalis Polychronakis, and Evangelos P. Markatos. In Proceedings of the 18th IEEE International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS). August 2010, Miami, FL.

Regular Expression Matching on Graphics Hardware for Intrusion Detection
Giorgos Vasiliadis, Michalis Polychronakis, Spiros Antonatos, Evangelos P. Markatos, and Sotiris Ioannidis. In Proceedings of the 12th International Symposium On Recent Advances in Intrusion Detection (RAID). September 2009, Saint-Malo, France.

Topnet: A Network-aware top(1)
Antonis Theocharides, Demetres Antoniades, Michalis Polychronakis, Elias Athanasopoulos, and Evangelos P. Markatos. In Proceedings of the 22nd USENIX Large Installation System Administration Conference (LISA). November 2008, San Diego, CA.

Gnort: High Performance Network Intrusion Detection Using Graphics Processors
Giorgos Vasiliadis, Spiros Antonatos, Michalis Polychronakis, Evangelos P. Markatos and Sotiris Ioannidis. In Proceedings of the 11th International Symposium On Recent Advances in Intrusion Detection (RAID). September 2008, Boston, MA.

LOBSTER: A European Platform for Passive Network Traffic Monitoring
Demetres Antoniades, Michalis Polychronakis, Antonis Papadogiannakis, Panos Trimintzios, Sven Ubik, Vladimir Smotlacha, Arne Øslebø, and Evangelos P. Markatos. In proceedings of the 4th International Conference on Testbeds and Research Infrastructures for the Development of Networks & Communities (TRIDENTCOM). March 2008, Innsbruck, Austria.

Improving the Performance of Passive Network Monitoring Applications using Locality Buffering
Antonis Papadogiannakis, Demetres Antoniades, Michalis Polychronakis, and Evangelos P. Markatos. In Proceedings of the 15th IEEE International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS). October 2007, Istanbul, Turkey.

Emulation-based Detection of Non-self-contained Polymorphic Shellcode
Michalis Polychronakis, Kostas G. Anagnostakis, and Evangelos P. Markatos. In Proceedings of the 10th International Symposium on Recent Advances in Intrusion Detection (RAID). September 2007, Queensland, Australia.

Network-level Polymorphic Shellcode Detection using Emulation
Michalis Polychronakis, Kostas G. Anagnostakis, and Evangelos P. Markatos. In Proceedings of the Third Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA). July 2006, Berlin, Germany.

DiMAPI: An Application Programming Interface for Distributed Network Monitoring
Panos Trimintzios, Michalis Polychronakis, Antonis Papadogiannakis, Michalis Foukarakis, Evangelos P. Markatos, and Arne Øslebø. In Proceedings of the 10th IEEE/IFIP Network Operations and Management Symposium (NOMS). April 2006, Vancouver, Canada.

STRIDE: Polymorphic Sled Detection through Instruction Sequence Analysis
Periklis Akritidis, Evangelos P. Markatos, Michalis Polychronakis, and Kostas G. Anagnostakis. In Proceedings of the 20th IFIP International Information Security Conference (IFIP/SEC). May/June 2005, Makuhari-Messe, Chiba, Japan.

Piranha: Fast and memory-efficient Pattern Matching for Intrusion Detection
Spiros Antonatos, Michalis Polychronakis, Periklis Akritidis, Kostas G. Anagnostakis, and Evangelos P. Markatos. In Proceedings of the 20th IFIP International Information Security Conference (IFIP/SEC). May/June 2005, Makuhari-Messe, Chiba, Japan.

Design of an Application Programming Interface for IP Network Monitoring
Michalis Polychronakis, Kostas G. Anagnostakis, Evangelos P. Markatos, and Arne Øslebø. In Proceedings of the 9th IEEE/IFIP Network Operations and Management Symposium (NOMS). April 2004, Seoul, Korea.

Performance Analysis of Content Matching Intrusion Detection Systems
Spiros Antonatos, Kostas G. Anagnostakis, Evangelos P. Markatos, and Michalis Polychronakis. In Proceedings of the IEEE/IPSJ Symposium on Applications and the Internet (SAINT). January 2004, Tokyo, Japan.

E2xB: A Domain-specific String Matching Algorithm for Intrusion Detection
Kostas G. Anagnostakis, Evangelos P. Markatos, Spiros Antonatos, and Michalis Polychronakis. In Proceedings of the 18th IFIP International Information Security Conference (IFIP/SEC). May 2003, Athens, Greece.

ExB: Exclusion-based Signature Matching for Intrusion Detection
Evangelos P. Markatos, Spiros Antonatos, Michalis Polychronakis, and Kostas G. Anagnostakis. In Proceedings of the IASTED International Conference on Communications and Computer Networks (CCN). November 2002, Cambridge, MA.

Workshop Publications


Rage Against the Virtual Machine: Hindering Dynamic Analysis of Mobile Malware
Thanasis Petsas, Giannis Voyatzis, Elias Athanasopoulos, Michalis Polychronakis, and Sotiris Ioannidis. In Proceedings of the 7th European Workshop on System Security (EuroSec). April 2014, Amsterdam, The Netherlands.

You Can Type, but You Can’t Hide: A Stealthy GPU-based Keylogger
Evangelos Ladakis, Lazaros Koromilas, Giorgos Vasiliadis, Michalis Polychronakis, and Sotiris Ioannidis. In Proceedings of the 6th European Workshop on System Security (EuroSec). April 2013, Prague, Czech Republic.

Combining Static and Dynamic Analysis for the Detection of Malicious Documents
Zacharias Tzermias, Giorgos Sykiotakis, Michalis Polychronakis, and Evangelos P. Markatos. In Proceedings of the 4th European Workshop on System Security (EuroSec). April 2011, Salzburg, Austria.

Improving the Accuracy of Network Intrusion Detection Systems Under Load Using Selective Packet Discarding
Antonis Papadogiannakis, Michalis Polychronakis, and Evangelos P. Markatos. In Proceedings of the 3rd European Workshop on System Security (EuroSec). April 2010, Paris, France.

Realistic Passive Packet Loss Measurement for High-Speed Networks
Ales Friedl, Sven Ubik, Alexandros Kapravelos, Michalis Polychronakis, and Evangelos P. Markatos. In Proceedings of the 1st International Workshop on Traffic Monitoring and Analysis (TMA). May 2009, Aachen, Germany.

An Empirical Study of Real-World Polymorphic Code Injection Attacks
Michalis Polychronakis, Kostas G. Anagnostakis, and Evangelos P. Markatos. In Proceedings of the 2nd USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET). April 2009, Boston, MA.

Deep Packet Anonymization
Michael Foukarakis, Demetres Antoniades, and Michalis Polychronakis. In Proceedings of the European Workshop on System Security (EuroSec). March 2009, Nuremberg, Germany.

Ghost Turns Zombie: Exploring the Life Cycle of Web-based Malware
Michalis Polychronakis, Panayiotis Mavrommatis, and Niels Provos. In Proceedings of the 1st USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET). April 2008, San Francisco, CA.

Monitoring three national research networks for eight weeks: Observations and implications
Demetris Antoniades, Michalis Polychronakis, Nick Nikiforakis, Evangelos P. Markatos, and Yiannis Mitsos. In Proceedings of the 6th IEEE Workshop on End-to-End Monitoring Techniques and Services (E2EMON). April 2008, Salvador, Bahia, Brazil.

Journal Publications


Stream-Oriented Network Traffic Capture and Analysis for High-Speed Networks
Antonis Papadogiannakis, Michalis Polychronakis, and Evangelos P. Markatos. In IEEE Journal on Selected Areas in Communications, to appear.

Minimizing Information Disclosure to Third Parties in Social Login Platforms
Georgios Kontaxis, Michalis Polychronakis, and Evangelos P. Markatos. In Internationa Journal of Information Security (IJIS), vol. 11, no. 5, pp. 321-332, October 2012.

Improving the Performance of Passive Network Monitoring Applications with Memory Locality Enhancements
Antonis Papadogiannakis, Giorgos Vasiliadis, Demetres Antoniades, Michalis Polychronakis, and Evangelos P. Markatos. In Computer Communications, vol. 35, no. 1, pp. 129-140, January 2012.

Shadow Honeypots
Kostas G. Anagnostakis, Stelios Sidiroglou, Periklis Akritidis, Michalis Polychronakis, Angelos D. Keromytis, and Evangelos P. Markatos. In International Journal of Computer and Network Security (IJCNS), vol. 2, no. 9, pp. 1-16, September 2010.

_

Network-level Polymorphic Shellcode Detection using Emulation
Michalis Polychronakis, Kostas G. Anagnostakis, and Evangelos P. Markatos. In Journal in Computer Virology, vol. 2, no. 4, pp. 257-274, February 2007.