450 Computer Science Building, Columbia University
1214 Amsterdam Avenue, New York, NY 10027
-- Tracking Protection in Firefox For Privacy and Performance
Georgios Kontaxis and Monica Chew. In Proceedings of the 2015 workshop on Web 2.0 Security & Privacy (W2SP). May 2015, San Jose, California.
-- SAuth: Protecting User Accounts from Password Database Leaks
Georgios Kontaxis, Elias Athanasopoulos, Georgios Portokalidis, and Angelos D. Keromytis. In Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS). November 2013, Berlin, Germany. (Acceptance rate: 19.8%) [Slides]
-- All your face are belong to us: Breaking Facebook's Social Authentication
Iasonas Polakis, Marco Lancini, Georgios Kontaxis, Federico Maggi, Sotiris Ioannidis, Angelos D. Keromytis, and Stefano Zanero. In Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC). December 2012, Orlando, FL, USA. (Acceptance rate: 19%)
Featured online in Computerworld
-- Privacy-Preserving Social Plugins
Georgios Kontaxis, Michalis Polychronakis, Angelos D. Keromytis, and Evangelos P. Markatos. In Proceedings of the 21st USENIX Security Symposium. August 2012, Bellevue, WA. (Acceptance rate: 19.4%)
-- Minimizing Information Disclosure to Third Parties in Social Login Platforms
Georgios Kontaxis, Michalis Polychronakis, and Evangelos P. Markatos. International Journal of Information Security (IJIS), vol. 11, no. 5, pp. 321-332, 2012. DOI: 10.1007/s10207-012-0173-6
-- SudoWeb: Minimizing Information Disclosure to Third Parties in Single Sign-On Platforms
Georgios Kontaxis, Michalis Polychronakis, and Evangelos P. Markatos. In Proceedings of the 14th Information Security Conference (ISC). October 2011, Xi'an, China. (Best Student Paper Award) (Acceptance rate: 26.3%)
-- dead.drop: URL-based Stealthy Messaging
Georgios Kontaxis, Iasonas Polakis, Michalis Polychronakis, and Evangelos P. Markatos. In Proceedings of the 7th European Conference on Computer Network Defense (EC2ND). September 2011, Gothenburg, Sweden. (Acceptance rate: 32%)
-- Outsourcing Malicious Infrastructure to the Cloud
Georgios Kontaxis, Iasonas Polakis and Sotiris Ioannidis. In Proceedings of the 2011 SysSec Workshop, co-located with the 8th conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA). July 2011, Amsterdam, Netherlands.
-- we.b: The Web of Short URLs
Demetris Antoniades, Iasonas Polakis, Georgios Kontaxis, Elias Athanasopoulos, Sotiris Ioannidis, Evangelos P. Markatos, and Thomas Karagiannis. In Proceedings of the 20th International World Wide Web Conference (WWW). March 2011, Hyberabad, India. (Acceptance rate: 12.4%)
-- An Empirical Study on the Security of Cross-Domain Policies in Rich Internet Applications
Georgios Kontaxis, Demetris Antoniades, Iasonas Polakis and Evangelos P. Markatos. In Proceedings of the 4th European Workshop on System Security (EuroSec), co-located with EuroSys. April 2011, Salzburg, Austria.
-- Detecting Social Network Profile Cloning
Georgios Kontaxis, Iasonas Polakis, Sotiris Ioannidis, and Evangelos P. Markatos. In Workshop Proceedings of the 9th Annual IEEE International Conference on Pervasive Computing and Communications (PerCom). 3rd IEEE International Workshop on Security and Social Networking (SESOC). March 2011, Seattle, WA. (Acceptance rate: 26.9%)
-- Using Social Networks to Harvest Email Addresses
Iasonas Polakis, Georgios Kontaxis, Spiros Antonatos, Eleni Gessiou, Thanasis Petsas, and Evangelos P. Markatos. In Proceedings of the 9th ACM Workshop on Privacy in the Electronic Society (WPES), co-located with the ACM Conference on Computer and Communications Security (CCS). October 2010, Chicago IL, USA. (Acceptance rate: 20.8%)
Synergy-based Enhanced Authentication
VPSN: Virtual Private Social Networks
The VPSN project aims to investigate, develop, and experimentally evaluate novel techniques for protecting user privacy in the context of third-party websites and applications that have integrated popular social networking platforms for content personalization and social interaction.
Privacy-Preserving Social Plugins
Minimizing Information Disclosure to Third Parties in Social Login Platforms
MINESTRONE: Identifying and containing software vulnerabilities
MINESTRONE is a novel architecture that integrates static analysis, dynamic confinement, and code diversification techniques to enable the identification, mitigation and containment of a large class of software vulnerabilities.
MEERKATS: Maintaining EnterprisE Resiliency via Kaleidoscopic Adaptation and Transformation of Software Services
MEERKATS is a novel architecture for cloud environments that elevates continuous system evolution, adaptation, and misdirection as first-rate design principles.
SysSec Network of Excellence (2010-2014)
SysSec was funded by the European Commission. The SysSec project aimed at building a european network of excellence in managing threats and vulnerabilities in the future Internet.
WOMBAT: Worldwide Observatory of Malicious Behaviors and Attack Threats (2008-2010)
WOMBAT was funded by the European Union under the Seventh Framework Program. The WOMBAT project aimed at providing new means to understand the existing and emerging threats that are targeting the Internet economy and the net citizens. To reach this goal, it involved: (i) real time gathering of a diverse set of security related raw data, (ii) enrichment of this input by means of various analysis techniques, and (iii) root cause identification and understanding of the phenomena under scrutiny.
NoAH: Network of Affined Honeypots (2005-2008)
NoAH was funded by the European Union under the Sixth Framework Program. The NoAH project focused on the gathering and analysing of information about the nature of Internet cyberattacks. It has produced an infrastructure to detect and provide early warning of such attacks, so that appropriate countermeasures may be taken to combat them.