Georgios Portokalidis

I am an assistant Professor in the Department of Computer Science at Stevens Institute of Technology. I obtained my PhD from Vrije Universiteit in Amsterdam on February 2010. My research interests are mainly around the area of systems and security, including software security, authentication, privacy, and software resiliency.

I have been working on information-flow tracking for a while now, and I am interested in novel methods and technologies that can improve performance and accuracy. I have been also working on hardening software against attacks based on memory corruption bugs, like code-reuse attacks. This has lead to a series of papers attacking various defenses proposed in academic papers and an interest in developing tools and metrics for evaluating defenses. I am also interested in exploring synergies to improve authentication on the web and the physical world.

I am looking for bright students to work on two federally funded projects on using compilers and modern CPU features for improving software security and on HW-accelerated information-flow tracking. More information below.

CV | Google Scholar Profile | @portokalidis

Recent News

"Location-enhanced Authentication using the IoT" was accepted to the 2016 Annual Computer Security Applications Conference (ACSAC)

"NaClDroid: Native Code Isolation for Android Applications" was accepted to the 2016 ESORICS conference.

"Undermining Entropy-based Information Hiding (And What to do About it)" was accepted to the 2016 USENIX Security Symposium.

I received an award from ONR for developing techniques to harden software using dynamic and static analysis.


PhD Positions

Interested in pursuing a PhD?

I'm looking for good students that wish to pursue a PhD to join my group in the department of Computer Science at Stevens Institute of Technology. I work closely with all my student on various projects in the area of systems and security. Currently, we have two projects, one on reducing the attack surface of binaries and hardening, and one on using modern HW to perform super-fast data-flow tracking for security and privacy applications.

Good programming skills are required and students should be comfortable working with binary code. Experience with any of the following is currently a plus: FPGAs, the Linux Kernel, LLVM, disassembly and code analysis. While not required, if you have a publication in any of these security or systems conferences you should email me immediately!

Joining the PhD program does not require an MS degree and students can start both in the fall and spring semesters. All PhD students are fully funded, including their tuition and a generous stipend. Stevens faculty and students consistently publish in top research venues, offering the unique opportunity to perform cutting-edge research just 15 minutes from New York City.

If you are interested please email me and submit an application.

Opportunities for Stevens students

If you are a Stevens undergraduate or graduate student interested in doing some research, I, occasionally, support non-PhD students with exceptional skills to work on research projects. If you are one of them, please contact me.

Stevens also provides various opportunities for summer research (to undergraduate students only) through the Pinnacle scholars and I&E scholars programs.

Finally, if you are looking to improve yourself and take on challenging problems, you can do research for credit through courses CS-497-S and CS-800-S. Make sure to contact me before you attempt to enroll.

Research Highlights


Location-enhanced Authentication using the IoT
Ioannis Agadakos, Per Hallgren, Dimitrios Damopoulos, Andrei Sabelfeld, and Georgios Portokalidis
To appear in Proceedings of the Annual Computer Security Applications Conference (ACSAC), Los Angeles, CA, USA, December 2016 (22.8%)

WYSISNWIV: What You Scan Is Not What I Visit (pdf)
Qilang Yang, Dimitrios Damopoulos, and Georgios Portokalidis
Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID), Kyoto, Japan, November 2015 (22.69%)

Out Of Control: Overcoming Control-Flow Integrity (pdf)
Proceedings of the 35th IEEE Symposium on Security and Privacy, San Jose, CA, USA, May 2014 (13.6%)

SAuth: Protecting User Accounts from Password Database Leaks (pdf)
Proceedings of the 20th ACM Conference on Computer and Communications Security, Berlin, Germany, November 2013 (19.8%)

ShadowReplica: Efficient Parallelization of Dynamic Data Flow Tracking (pdf)
Proceedings of the 20th ACM Conference on Computer and Communications Security, Berlin, Germany, November 2013 (19.8%)

Paranoid Android: Versatile Protection For Smartphones (pdf)
Georgios Portokalidis, Philip Homburg, Kostas Anagnostakis, and Herbert Bos
Proceedings of the Annual Computer Security Applications Conference (ACSAC), Austin, TX, USA, December 2010 (17%)

Argos: an Emulator for Fingerprinting Zero-Day Attacks (pdf)
Proceedings of ACM SIGOPS EUROSYS 2006, Leuven, Belgium, April 2006 (20%)

Grands and Awards

  • PI, "Trails: Efficient Data-Flow Tracking Through HW-assisted Parallelization", DARPA, $462,419 (September 2016 - August 2018)
  • PI, "Adapting Static and Dynamic Program Analysis to Effectively Harden Debloated Software" ONR, $467,543 (March 2016 - February 2019)
  • Best student paper award at the 2015 Annual Computer Security Applications Conference (ACSAC)
  • PI (lead Columbia University), "MINESTRONE: Phase 3 Extension" IARPA, $65,796 (September 2013 - November 2014)
  • PI (lead Columbia University), "MINESTRONE Task: Automatic Discovery of Rescue Points Using Static and Dynamic Analysis", IARPA, $247,641 (September 2012 - November 2014)
  • Best paper award at the 6th International Workshop on Security, Tokyo, Japan (November 2011)