Georgios Portokalidis

I am an assistant Professor in the Department of Computer Science at Stevens Institute of Technology. I obtained my doctorate degree from Vrije Universiteit in Amsterdam on February 2010. My research interests are mainly around the area of systems and security, including software security, authentication, privacy, and software resiliency. My goal is to improve systems' security and build systems that can improve security.

I have been working on information-flow tracking for a while now, and I am interested in novel methods and technologies that can improve performance and accuracy. Recently, I have been doing work on code-reuse attacks and defenses, and I am interested in developing tools and metrics for evaluating defenses. I have also started exploring security issues and uses for the Internet of Things.

CV | Google Scholar Profile | @portokalidis

News

Changes to CS-576 Systems Security course CS-576 has incorporated the Cybersecurity Lab (previously CS-577). It is now a 4-credit course with the following prerequisites: (CS392 and CS306) or CS631.

"ShrinkWrap: VTable protection without loose ends" won the Best Student Paper Award at the 2015 Annual Computer Security Applications Conference (ACSAC)

Our paper, "WYSISNWIV: What You Scan Is Not What I Visit", is going to appear in the 2015 International Symposium on Recent Advances in Intrusion Detection (RAID)

Our paper "GPU-Disasm: A GPU based x86 Disassembler" is going to appear in the 2015 Information Security Conference (ISC).

Selected Publications

Size Does Matter - Why Using Gadget-Chain Length to Prevent Code-reuse Attacks is Hard (pdf)
Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 2014 (19.1%)

Out Of Control: Overcoming Control-Flow Integrity (pdf)
Proceedings of the 35th IEEE Symposium on Security and Privacy, San Jose, CA, USA, May 2014 (13.6%)

SAuth: Protecting User Accounts from Password Database Leaks (pdf)
Proceedings of the 20th ACM Conference on Computer and Communications Security, Berlin, Germany, November 2013 (19.8%)

ShadowReplica: Efficient Parallelization of Dynamic Data Flow Tracking (pdf)
Proceedings of the 20th ACM Conference on Computer and Communications Security, Berlin, Germany, November 2013 (19.8%)

kGuard: Lightweight Kernel Protection against Return-to-user Attacks (pdf)
Proceedings of the 21st USENIX Security Symposium, Bellevue, WA, USA, August 2012 (19.4%)

A General Approach for Efficiently Accelerating Software-based Dynamic Data Flow Tracking on Commodity Hardware (pdf)
Proceedings of the 19th Annual Network & Distributed System Security Symposium (NDSS) San Diego, CA, USA, February, 2012 (Acceptance rate: 17.8%)

Argos: an Emulator for Fingerprinting Zero-Day Attacks (pdf)
Proceedings of ACM SIGOPS EUROSYS 2006, Leuven, Belgium, April 2006 (20%)

Working with me

Interested in pursuing a PhD? I'm looking for good students that wish to pursue a PhD to join my group in the department of Computer Science at Stevens Institute of Technology and work on various aspects of systems security. In particular, I am looking for eager students to work on evaluating and improving the security of systems against state-of-the art exploits (for example, exploits using return-oriented programming, bypassing sandboxes, etc.) and improving system transparency through information flow tracking (for example, exposing how mobile and cloud apps treat user data). Joining the PhD program does not require an MS degree.
If you are interested, you can submit your application following this link and/or email me.

Research for credit for Stevens students: If you are a Stevens undergraduate or graduate student interested in doing some research for credit during the summer or academic year email me. Stevens also provides various opportunities and scholarships for students to do some research during the summer.

Supervised students/researchers

Current PhD students

Postdoctoral researchers

Past co-supervised PhD students

  • Angeliki Zavou, Columbia University, Co-supervised with Prof. Angelos D. Keromytis (April 2011 - May 2014)
  • Kangkook Jee, Columbia University, Co-supervised with Prof. Angelos D. Keromytis (March 2010 - December 2013)
  • Sambuddho Chakravarty, Columbia University, Co-supervised with Prof. Angelos D. Keromytis (March 2010 - December 2012)
  • Vasileios P. Kemerlis , Columbia University, Co-supervised with Prof. Angelos D. Keromytis (March 2010 - December 2012)

Grand and Awards

  • Best student paper award at the 2015 Annual Computer Security Applications Conference (ACSAC)
  • "Out Of Control: Overcoming Control-Flow Integrity" was awarded the Dutch Cybersecurity research award
  • A data-driven mobile user-privacy monitor: Algorithm and Tool, Stevens Ignition Grant Initiative (IGI), $20,000 (June 2014)
  • Co-PI, "MINESTRONE: Phase 3 Extension" IARPA, $313,437 (September 2012 - November 2014)
  • Co-PI, "MINESTRONE Task: Automatic Discovery of Rescue Points Using Static and Dynamic Analysis", IARPA, $270,400 (September 2012 - November 2014)
  • Best paper award at the 6th International Workshop on Security, Tokyo, Japan (November 2011)