Georgios Portokalidis

I am an assistant Professor in the Department of Computer Science at Stevens Institute of Technology. I obtained my PhD from Vrije Universiteit in Amsterdam on February 2010. My research interests are mainly around the area of systems and security, including software security, authentication, privacy, and software resiliency.

I have been working on information-flow tracking for a while now, and I am interested in novel methods and technologies that can improve performance and accuracy. I have been also working on hardening software against attacks based on memory corruption bugs, like code-reuse attacks. This has lead to a series of papers attacking various defenses proposed in academic papers and an interest in developing tools and metrics for evaluating defenses. I am also interested in exploring synergies to improve authentication on the web and the physical world.

CV | Google Scholar Profile | @portokalidis

Recent News

I received an award from ONR for developing techniques to harden software using dynamic and static analysis.

Changes to CS-576 Systems Security course CS-576 has incorporated the Cybersecurity Lab (previously CS-577). It is now a 4-credit course with the following prerequisites: (CS392 and CS306) or CS631.

"ShrinkWrap: VTable protection without loose ends" won the Best Student Paper Award at the 2015 Annual Computer Security Applications Conference (ACSAC)

Openings

PhD Positions

Interested in pursuing a PhD in the New York area? I'm looking for good students that wish to pursue a PhD to join my group in the department of Computer Science at Stevens Institute of Technology and work on various aspects of systems and security. Good programming skills in C and intellectual curiosity required! Joining the PhD program does not require an MS degree.
If you are interested please email me and submit an application.

Opportunities for Steven students

Research for credit for Stevens students: If you are a Stevens undergraduate or graduate student interested in doing some research for credit during the summer or academic year email me. Stevens also provides various opportunities and scholarships for students to do some research during the summer.

Research Highlights

Publications

Size Does Matter - Why Using Gadget-Chain Length to Prevent Code-reuse Attacks is Hard (pdf)
Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 2014 (19.1%)

Out Of Control: Overcoming Control-Flow Integrity (pdf)
Proceedings of the 35th IEEE Symposium on Security and Privacy, San Jose, CA, USA, May 2014 (13.6%)

SAuth: Protecting User Accounts from Password Database Leaks (pdf)
Proceedings of the 20th ACM Conference on Computer and Communications Security, Berlin, Germany, November 2013 (19.8%)

ShadowReplica: Efficient Parallelization of Dynamic Data Flow Tracking (pdf)
Proceedings of the 20th ACM Conference on Computer and Communications Security, Berlin, Germany, November 2013 (19.8%)

kGuard: Lightweight Kernel Protection against Return-to-user Attacks (pdf)
Proceedings of the 21st USENIX Security Symposium, Bellevue, WA, USA, August 2012 (19.4%)

A General Approach for Efficiently Accelerating Software-based Dynamic Data Flow Tracking on Commodity Hardware (pdf)
Proceedings of the 19th Annual Network & Distributed System Security Symposium (NDSS) San Diego, CA, USA, February, 2012 (Acceptance rate: 17.8%)

Argos: an Emulator for Fingerprinting Zero-Day Attacks (pdf)
Proceedings of ACM SIGOPS EUROSYS 2006, Leuven, Belgium, April 2006 (20%)

Grand and Awards

  • PI, "Adapting Static and Dynamic Program Analysis to Effectively Harden Debloated Software" ONR, $467,543 (March 2016 - February 2019)
  • Best student paper award at the 2015 Annual Computer Security Applications Conference (ACSAC)
  • Co-PI, "MINESTRONE: Phase 3 Extension" IARPA, $313,437 (September 2012 - November 2014)
  • Co-PI, "MINESTRONE Task: Automatic Discovery of Rescue Points Using Static and Dynamic Analysis", IARPA, $270,400 (September 2012 - November 2014)
  • Best paper award at the 6th International Workshop on Security, Tokyo, Japan (November 2011)