Dr. Emmanouil Vasilomanolakis

nameEmmanouil Vasilomanolakis

Senior Researcher

Postdoc (Smart Protection in Infrastructures and Networks (SPIN))

phone+49 (6151) 16 - 23199

+49 (6151) 16 - 23202


S2|02 A312

postal address

TU Darmstadt - FB 20
FG Telekooperation
Hochschulstraße 10
D-64289 Darmstadt

Short Bio

I am a senior researcher (post-doc) at Technische Universität Darmstadt. My research interests include collaborative intrusion detection, honeypots and alert data correlation.

I received a PhD (Dr. rer. nat.) from the Technische Universität Darmstadt in 2016 for my dissertation "On Collaborative Intrusion Detection". Heretofore, I received my diploma (Dipl.-Inform.) and MSc from the University of the Aegean (Greece) in 2008 and 2011 respectively. My master thesis, in the area of honeypots, was conducted in cooperation with the National Center of Scientific Research “Demokritos”. Lastly, I worked as a researcher for AGT International, on the field of IoT security, from 2014-2015.

For an updated overview of my activities, have a look at my personal website.


Additional Attributes


Don't Steal my Drone: Catching Attackers with an Unmanned Aerial Vehicle Honeypot

Emmanouil Vasilomanolakis, Jörg Daubert, Dhanasekar Boopalan, Max Mühlhäuser
In: IEEE/IFIP Network Operations and Management Symposium (NOMS), April 2018
[Online-Edition: http://noms2018.ieee-noms.org/]

HoneyDrone: a medium-interaction Unmanned Aerial Vehicle Honeypot

Jörg Daubert, Dhanasekar Boopalan, Max Mühlhäuser, Emmanouil Vasilomanolakis
In: IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies, 2018
[Online-Edition: https://dissect.vcu.edu/2018/]

I Trust my Zombies: a Trust-enabled Botnet

Emmanouil Vasilomanolakis, Jan Helge Wolf, Leon Böck, Max Mühlhäuser, Shankar Karuppayah
In: Blackhat Europe, December 2017
[Online-Edition: https://www.blackhat.com/eu-17]

ID2T - The Intrusion Detection Dataset Generation Toolkit

Carlos Garcia Cordero, Emmanouil Vasilomanolakis, Max Mühlhäuser
December 2017
[Online-Edition: https://www.blackhat.com/eu-17]

Towards Blockchain-Based Collaborative Intrusion Detection Systems

Nikolaos Alexopoulos, Emmanouil Vasilomanolakis, Natalia Reka Ivanko, Max Mühlhäuser
In: International Conference on Critical Information Infrastructures Security, October 2017
[Online-Edition: http://www.critis2017.org]

Challenges and Available Solutions against Organized Cyber-Crime and Terrorist Networks

Andrea Tundis, Florian Huber, Bernhard Jäger, Jörg Daubert, Emmanouil Vasilomanolakis, Max Mühlhäuser
In: International Conference on Safety and Security Engineering, September 2017

TRIDEnT: Trustworthy collaboRative Intrusion DETection (POSTER)

Nikolaos Alexopoulos, Emmanouil Vasilomanolakis, Natalia Reka Ivanko, Tamara Frieß, Max Mühlhäuser
In: USENIX Security Symposium Poster Session, August 2017
[Online-Edition: https://www.usenix.org/conference/usenixsecurity17]

Towards Trust-aware Collaborative Intrusion Detection: challenges and solutions

Emmanouil Vasilomanolakis, Sheikh Mahbub Habib, Rabee Sohail Malik, Pavlos Milaszewicz, Max Mühlhäuser
In: International Conference on Trust Management (IFIPTM), Vol. 505, p. 94-109, June 2017
Springer International Publishing
[Online-Edition: http://wp.portal.chalmers.se/ifiptm2017/]

Defending Against Probe-Response Attacks

Emmanouil Vasilomanolakis, Noorulla Sharief, Max Mühlhäuser
In: IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies (DISSECT), p. 1046 - 1051, May 2017
[Online-Edition: http://www.dissect.vcu.edu/2017/]

On Probe-Response Attacks in Collaborative Intrusion Detection Systems

Emmanouil Vasilomanolakis, Michael Stahn, Carlos Garcia Cordero, Max Mühlhäuser
In: IEEE Conference on Communications and Network Security, p. 279 - 286, October 2016
[Online-Edition: http://cns2016.ieee-cns.org/]

To top

Posters, Demos and Talks

  • 10-11.06.2014 Collaborative Intrusion Detection using Mobile Honeypots
    Emmanouil Vasilomanolakis, Shankar Karuppayah, Mathias Fischer, Max Muhlhauser
    Intel Workshop on Cyberphysical and Mobile Security, Darmstadt, Germany (poster)
  • 21.04.2013 A short introduction to honeypots
    FOSSCOMM 2013, Athens, Greece (invited talk)

Summer/Winter Schools & Workshops

  • European Intensive Program on Information and Communication Security (IPICS), University of Regensburg, Germany, 2008
  • 4th Summer School on Network & Information Security (NIS): The Challenge of the Changing Risk Landscape, jointly organized by ENISA and FORTH, Greece, 2011
  • Honeynet Project Workshop (Under a full scholarship offered by the Honeynet Project), Warsaw Poland, 2014

Topics for Bachelor and Master Theses

Please check the list bellow for open Bachelor or Master thesis topics. Our group always offers a selection of challenging topics in the area of intrusion detection and Cyber Security. If you see an open topic that appears to be interesting for you, kindly drop me an email.


4 Entries found

A Mobile Honeypot for Industrial Control Systems

Master Thesis


Mobile devices today have better communication capabilities. They enable dynamic and faster communication. Users are able to access internet and web applications through their smart phones anywhere, anytime. Smarter applications offer better social interaction and online presence to the users. This creates an urge to stay connected and be online seamlessly to be updated.Public infrastructures like airports, coffee shops, shopping malls provide free access to their networks to its customers to facilitate their connectivity and of course, for some information exchange. With free access to networks,attackers are now concentrating on the possibility of exploiting users in the same network. Securing open networks is very challenging and complex. It is however possible to detect these attacks. A pro-active approach for detecting the attacks is a better approach.

There are two approaches for detection of attacks. One is by using a NIDS (Network Intrusion Detection System )and the other is by using honeypot. NIDS are installed on the server machines or hosts. The requests are scanned and analyzed for exploit-forged packets before they are sent to the server. NIDS are suitable for systems with high resources.The honeypot approach, rather could be used where there are lesser resources. The idea behind honeypot, is to pose as vulnerable hosts connected to the network, which could be tempting for exploits, thereby trapping the attacker by collecting as much information possible to backtrack, or good enough to detect that the network is under attack.

ID2T: an Intrusion Detection Dataset Toolkit

Master Thesis


Intrusion detection systems are nowadays considered a mandatory line of defense for computer networks. A lot of research has been done in the direction of creating novel detection algorithms, especially in the field of anomaly detection. However, in order to be able to evaluate intrusion detection algorithms or systems, researchers require network datasets that are as close as possible to real networks. This implies that modern cyber attacks and browsing patterns must be included in such datasets. Nevertheless, in a continuously dynamic environment both from a network as well as from an attackers point of view, it is not easy to create realistic simulated datasets.

Probe response attacks on cyber incident monitors

Master Thesis


One of the biggest threats in the Internet are collaborative attacks. Attackers are controlling bot nets in order to achieve maximum damage e.g. via Distributed Denial of Service (DDOS) attacks or spreading malware. Intrusion Detection Systems (IDS) can help to identify malicious network traffic to create coun- termeasures and fend attacks for a limited network area. CIDS allow to recognize attacks on a bigger scale by collecting and correlating reports from various nodes like e.g. honeypots. The benefit of CIDS is giving greater clearity about the attackers’ intent, precise models of adversarial behavior and a better view of global network activity.


Membership Management for unstructured distributed Collaborative IDS

Master Thesis


In the recent years, the increasing amount of network traffic put new challenges to the identification
of malicious traces within the masses of data. Stand alone Intrusion Detection System (IDS)
and Centralised IDSs struggle to process the data. Distributed approaches try to share the workload
among nodes, at the cost of network overhead for nodes communicating input data and
results. Moreover, sharing data over a network that is only for a subset of the nodes important
produces useless overhead and keeps the other nodes from processing data important to them.
Furthermore, it is hard to share data privately with only a subset of those nodes.


Winter Term 2017/2018

Winter Term 2016/2017

  • Seminar Telekooperation
  • Protection in Networked Systems ‒ Trust, Resilience, and Privacy (course web page)

Winter Term 2015/2016

  • Seminar Telekooperation (course web page)
  • Bachelor Students Traineeship / Bachelorpraktikum
  • Oberseminar TK (link)

Winter Term 2014/2015

  • Seminar Telekooperation (course web page)
    Advisor for topics: "Analysis of collaborative data correlation algorithms with a focus on alert data correlation", "A survey of the security features of IoT platforms and architectures", "A Survey on Security in the Internet of Thing’s Machine-to-Machine Platforms"
  • Projectpraktikum
    Supervision: HosTaGe

Summer Term 2014

  • Seminar Telekooperation (course web page)
    Advisor for topic "
    Alert Correlation and Aggregation for Collaborative Intrusion Detection"
  • Simulation und Evaluation von Computernetzwerken (SECoN) (course web page)

Winter Term 2013/2014

  • Seminar Telekooperation (course web page)
    Advisor for topics "Mobile Honeypots: A survey" and (Co-advisor) "Mobile Live Forensics"
  • Bachelor Students Traineeship / Bachelorpraktikum
    Co-supervision "HOsTaGe: 2.0"
  • Projectpraktikum
    Co-supervision "HOsTaGe: Arm and Loaded"

Summer Term 2013

Winter Term 2012/2013

  • Seminar Security, Privacy, and Trust
    Advisor for topic “Attacks on Intrusion Detection Systems
A A A | Drucken Print | Impressum Impressum | Sitemap Sitemap | Suche Search | Kontakt Contact | Website Analysis: More Information
zum Seitenanfangzum Seitenanfang