Georgios Portokalidis

I am an assistant professor at Stevens Institute of Technology. I obtained my doctorate degree from the Vrije Universiteit in Amsterdam. My research interests are mainly around the area of software and systems security. Currently my interests revolve around host intrusion prevention, faster and more usable security, authentication, software self-healing, and information-flow tracking. My goal is to improve systems' security and build systems that can improve security. You can find a complete CV here.

Our paper, "WYSISNWIV: What You Scan Is Not What I Visit", is going to appear in the 2015 International Symposium on Recent Advances in Intrusion Detection (RAID)

Our paper, "ShrinkWrap: VTable protection without loose ends", is going to appear in the 2015 Annual Computer Security Applications Conference (ACSAC)

Our paper "GPU-Disasm: A GPU based x86 Disassembler" is going to appear in the 2015 Information Security Conference (ISC).

Our paper "The Devil is in the Constants: Bypassing Defenses in Browser JIT Engines" is going to appear in the 2015 Network and Distributed System Security (NDSS) Symposium.

Interested in pursuing a PhD? I'm looking for good students that wish to pursue a PhD to join my group in the department of Computer Science at Stevens Institute of Technology and work on various aspects of systems security. In particular, I am looking for eager students to work on evaluating and improving the security of systems against state-of-the art exploits (for example, exploits using return-oriented programming, bypassing sandboxes, etc.) and improving system transparency through information flow tracking (for example, exposing how mobile and cloud apps treat user data). Joining the PhD program does not require an MS degree.
If you are interested, you can submit your application following this link and/or email me.

Research for credit for Stevens students: If you are a Stevens undergraduate or graduate student interested in doing some research for credit during the summer or academic year email me. Stevens also provides various opportunities and scholarships for students to do some research during the summer.

Selected Publications

Size Does Matter - Why Using Gadget-Chain Length to Prevent Code-reuse Attacks is Hard (pdf)
Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 2014 (19.1%)

Out Of Control: Overcoming Control-Flow Integrity (pdf)
Proceedings of the 35th IEEE Symposium on Security and Privacy, San Jose, CA, USA, May 2014 (13.6%)

SAuth: Protecting User Accounts from Password Database Leaks (pdf)
Proceedings of the 20th ACM Conference on Computer and Communications Security, Berlin, Germany, November 2013 (19.8%)

ShadowReplica: Efficient Parallelization of Dynamic Data Flow Tracking (pdf)
Proceedings of the 20th ACM Conference on Computer and Communications Security, Berlin, Germany, November 2013 (19.8%)

kGuard: Lightweight Kernel Protection against Return-to-user Attacks (pdf)
Proceedings of the 21st USENIX Security Symposium, Bellevue, WA, USA, August 2012 (19.4%)

A General Approach for Efficiently Accelerating Software-based Dynamic Data Flow Tracking on Commodity Hardware (pdf)
Proceedings of the 19th Annual Network & Distributed System Security Symposium (NDSS) San Diego, CA, USA, February, 2012 (Acceptance rate: 17.8%)

Argos: an Emulator for Fingerprinting Zero-Day Attacks (pdf)
Proceedings of ACM SIGOPS EUROSYS 2006, Leuven, Belgium, April 2006 (20%)

Supervised students/researchers

Current PhD students

Postdoctoral researchers

Past co-supervised PhD students

  • Angeliki Zavou, Columbia University, Co-supervised with Prof. Angelos D. Keromytis (April 2011 - May 2014)
  • Kangkook Jee, Columbia University, Co-supervised with Prof. Angelos D. Keromytis (March 2010 - December 2013)
  • Sambuddho Chakravarty, Columbia University, Co-supervised with Prof. Angelos D. Keromytis (March 2010 - December 2012)
  • Vasileios P. Kemerlis , Columbia University, Co-supervised with Prof. Angelos D. Keromytis (March 2010 - December 2012)

Grand and Awards

"Out Of Control: Overcoming Control-Flow Integrity" was awarded the Dutch Cybersecurity research award

A data-driven mobile user-privacy monitor: Algorithm and Tool, Stevens Ignition Grant Initiative (IGI) $20,000 (June 2014)

Co-PI, "MINESTRONE: Phase 3 Extension" IARPA, $313,437 (September 2012 - November 2014)

Co-PI, "MINESTRONE Task: Automatic Discovery of Rescue Points Using Static and Dynamic Analysis", IARPA, $270,400 (September 2012 - November 2014)

Best paper award at the 6th International Workshop on Security, Tokyo, Japan (November 2011)