Dr. Emmanouil Vasilomanolakis

nameEmmanouil Vasilomanolakis

Senior Researcher

Postdoc (Smart Protection in Infrastructures and Networks (SPIN))

phone+49 (6151) 16 - 23199

+49 (6151) 16 - 23202


S2|02 A312

postal address

TU Darmstadt - FB 20
FG Telekooperation
Hochschulstraße 10
D-64289 Darmstadt

Short Bio

I am a senior researcher (post-doc) at Technische Universität Darmstadt. My research interests include collaborative intrusion detection, honeypots and alert data correlation.

I received a PhD (Dr. rer. nat.) from the Technische Universität Darmstadt in 2016 for my dissertation "On Collaborative Intrusion Detection". Heretofore, I received my diploma (Dipl.-Inform.) and MSc from the University of the Aegean (Greece) in 2008 and 2011 respectively. My master thesis, in the area of honeypots, was conducted in cooperation with the National Center of Scientific Research “Demokritos”. Lastly, I worked as a researcher for AGT International, on the field of IoT security, from 2014-2015.

For an updated overview of my activities, have a look at my personal website.


Additional Attributes


Don't Steal my Drone: Catching Attackers with an Unmanned Aerial Vehicle Honeypot

Emmanouil Vasilomanolakis, Jörg Daubert, Dhanasekar Boopalan, Max Mühlhäuser
In: IEEE/IFIP Network Operations and Management Symposium (NOMS), April 2018
[Online-Edition: http://noms2018.ieee-noms.org/]

HoneyDrone: a medium-interaction Unmanned Aerial Vehicle Honeypot

Jörg Daubert, Dhanasekar Boopalan, Max Mühlhäuser, Emmanouil Vasilomanolakis
In: IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies, 2018
[Online-Edition: https://dissect.vcu.edu/2018/]

I Trust my Zombies: a Trust-enabled Botnet

Emmanouil Vasilomanolakis, Jan Helge Wolf, Leon Böck, Max Mühlhäuser, Shankar Karuppayah
In: Blackhat Europe, December 2017
[Online-Edition: https://www.blackhat.com/eu-17]

ID2T - The Intrusion Detection Dataset Generation Toolkit

Carlos Garcia Cordero, Emmanouil Vasilomanolakis, Max Mühlhäuser
December 2017
[Online-Edition: https://www.blackhat.com/eu-17]

Towards Blockchain-Based Collaborative Intrusion Detection Systems

Nikolaos Alexopoulos, Emmanouil Vasilomanolakis, Natalia Reka Ivanko, Max Mühlhäuser
In: International Conference on Critical Information Infrastructures Security, October 2017
[Online-Edition: http://www.critis2017.org]

Challenges and Available Solutions against Organized Cyber-Crime and Terrorist Networks

Andrea Tundis, Florian Huber, Bernhard Jäger, Jörg Daubert, Emmanouil Vasilomanolakis, Max Mühlhäuser
In: International Conference on Safety and Security Engineering, September 2017

TRIDEnT: Trustworthy collaboRative Intrusion DETection (POSTER)

Nikolaos Alexopoulos, Emmanouil Vasilomanolakis, Natalia Reka Ivanko, Tamara Frieß, Max Mühlhäuser
In: USENIX Security Symposium Poster Session, August 2017
[Online-Edition: https://www.usenix.org/conference/usenixsecurity17]

Towards Trust-aware Collaborative Intrusion Detection: challenges and solutions

Emmanouil Vasilomanolakis, Sheikh Mahbub Habib, Rabee Sohail Malik, Pavlos Milaszewicz, Max Mühlhäuser
In: International Conference on Trust Management (IFIPTM), Vol. 505, p. 94-109, June 2017
Springer International Publishing
[Online-Edition: http://wp.portal.chalmers.se/ifiptm2017/]

Defending Against Probe-Response Attacks

Emmanouil Vasilomanolakis, Noorulla Sharief, Max Mühlhäuser
In: IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies (DISSECT), p. 1046 - 1051, May 2017
[Online-Edition: http://www.dissect.vcu.edu/2017/]

On Probe-Response Attacks in Collaborative Intrusion Detection Systems

Emmanouil Vasilomanolakis, Michael Stahn, Carlos Garcia Cordero, Max Mühlhäuser
In: IEEE Conference on Communications and Network Security, p. 279 - 286, October 2016
[Online-Edition: http://cns2016.ieee-cns.org/]

To top

Posters, Demos and Talks

  • 10-11.06.2014 Collaborative Intrusion Detection using Mobile Honeypots
    Emmanouil Vasilomanolakis, Shankar Karuppayah, Mathias Fischer, Max Muhlhauser
    Intel Workshop on Cyberphysical and Mobile Security, Darmstadt, Germany (poster)
  • 21.04.2013 A short introduction to honeypots
    FOSSCOMM 2013, Athens, Greece (invited talk)

Summer/Winter Schools & Workshops

  • European Intensive Program on Information and Communication Security (IPICS), University of Regensburg, Germany, 2008
  • 4th Summer School on Network & Information Security (NIS): The Challenge of the Changing Risk Landscape, jointly organized by ENISA and FORTH, Greece, 2011
  • Honeynet Project Workshop (Under a full scholarship offered by the Honeynet Project), Warsaw Poland, 2014

Topics for Bachelor and Master Theses

Please check the list bellow for open Bachelor or Master thesis topics. Our group always offers a selection of challenging topics in the area of intrusion detection and Cyber Security. If you see an open topic that appears to be interesting for you, kindly drop me an email.


7 Entries found


TRIDEnT: Blockchain-based Collaborative Intrusion Detection

Master Thesis

in progress

Cyber attacks are becoming increasingly sophisticated and coordinated. Isolated intrusion detection systems can sometimes not detect coordinated attacks in time. Therefore, collaboration between intrusion detection systems in needed, in the form of alert exchange. However, beneficial collaboration between mutually untrusted peers (some may be controlled by attackers already) is a problem of its own. To address this problem, we have introduced TRIDEnT, a blockchain-based Collaborative Intrusion Detection System (CIDS).

This thesis involves continuing the development of TRIDEnT with theoretical and practical contributions. Prototypes will be built using Hyperledger Fabric and will be evaluated in simulated, as well as in real-world settings.

Trust in Collaborative Intrusion Detection

Master Thesis


On P2P Botnet Monitoring in Adverse Conditions

Master Thesis


Botnets are collections of infected computation devices that are remotely controlled by so called botmasters. Botnets are used for many criminal purposes such as Distributed Denial of Service (DDoS), credential theft or spam mail distribution which makes them a prominent target for law enforcement and researchers. Several takedowns of centralized botnets lead to an arms race of developing more resilient botnets and new ways to defeat them. The latest iteration of resilient botnets uses P2P overlays to overcome the single point of failure present in centralized systems. The open nature of P2P systems allows the defender to infiltrate and monitor the botnets to collect intelligence information for potential takedowns. Recent publications present mechanisms that allow to detect monitoring operations and it is only a matter of time until botmasters implement these to create monitoring resistant Peer-to-peer botnets.

Using blockchains for alert data dissemination between CIDS monitors

Master Thesis


The increasing number of highly sophisticated and coordinated cyber attacks proves that Intrusion

Detection Systems (IDSs) have to re-examine their current defensive techniques and move

towards to more collaborative mechanisms. Collaborative IDSs (CIDSs) are providing such an

approach by introducing the idea of cooperation between multiple sensors (firewalls, IDSs, honeypots)

with the aim of creating a holistic overview about the monitored network. Altough,

there are plenty of research attempts with regard to CIDSs, this new area is still facing major

challenges. Among all the others, these include the problem of exchanging alert data in a

confidential and integrity-preserving way as well as providing accountability for the participating

sensors. Apart from these challenges, bringing consensus to a CIDS network is also an area,

which has not been explored yet. According to novel research aspects that have been made in

the field of blockchains, this technology seems promising to fill the aforementioned research


Trust Management in P2P Botnets

Master Thesis


Botnets are one of the most prevalent threats present in today’s interconnected world, playing an

integral role in a wide variety of cybercrime activities. P2P botnets are the latest iteration in the

cat-and-mouse game between botmasters on the one side and researchers and law enforcement

officials on the other. While the open and distributed nature of P2P botnets prevents a number of attacks that can be performed on centralized botnets, it opens up a number of new attack vectors, too.

More specifically, attackers can reverse-engineer a botnet’s protocol, infiltrate it, and perform

monitoring or disruptive attacks.


HoneyDrone - A Honeypot for Drone Systems

Master Thesis


Nowadays, the number and sophistication of cyberattacks is  constantly  increasing.  To  cope  with  this,  security  solutions  such  as  Intrusion Detection Systems (IDSs)  are  considered  a  mandatory  line of  defense  for  any  critical  network.  However,  IDSs usually employ passive monitoring techniques.  Honeypots emerged from the need for more active monitoring.

Honeypots are systems whose only value is to be probed, attacked and compromised. Their purpose is to attract malicious users, study their activities and, at the same time, reduce the attack surface of the monitored network. It is important to note that since honeypots do not feature any other purpose; by definition, any interaction with them is considered an attack. Thus, they do not exhibit false positives, i.e., all incoming traffic is considered malicious.

On the Analysis & Generation of Synthetic Attacks for Intrusion Detection Systems

Master Thesis


Intrusion Detection Systems (IDS) have established themselves as a mandatory line of defense for critical infrastructure. One main aspect during the development of an IDS is the evaluation and optimization of the detection algorithms. Currently there is no standardized model for the evaluation of the detection efficiency. A common approach has been the use of static datasets, but the publicly available datasets have flaws in many regards, like their actuality and the absence of up-to-date attacks.This creates challenges in terms of the reproducibility and the comparison of results.


Winter Term 2017/2018

Winter Term 2016/2017

  • Seminar Telekooperation
  • Protection in Networked Systems ‒ Trust, Resilience, and Privacy (course web page)

Winter Term 2015/2016

  • Seminar Telekooperation (course web page)
  • Bachelor Students Traineeship / Bachelorpraktikum
  • Oberseminar TK (link)

Winter Term 2014/2015

  • Seminar Telekooperation (course web page)
    Advisor for topics: "Analysis of collaborative data correlation algorithms with a focus on alert data correlation", "A survey of the security features of IoT platforms and architectures", "A Survey on Security in the Internet of Thing’s Machine-to-Machine Platforms"
  • Projectpraktikum
    Supervision: HosTaGe

Summer Term 2014

  • Seminar Telekooperation (course web page)
    Advisor for topic "
    Alert Correlation and Aggregation for Collaborative Intrusion Detection"
  • Simulation und Evaluation von Computernetzwerken (SECoN) (course web page)

Winter Term 2013/2014

  • Seminar Telekooperation (course web page)
    Advisor for topics "Mobile Honeypots: A survey" and (Co-advisor) "Mobile Live Forensics"
  • Bachelor Students Traineeship / Bachelorpraktikum
    Co-supervision "HOsTaGe: 2.0"
  • Projectpraktikum
    Co-supervision "HOsTaGe: Arm and Loaded"

Summer Term 2013

Winter Term 2012/2013

  • Seminar Security, Privacy, and Trust
    Advisor for topic “Attacks on Intrusion Detection Systems
A A A | Drucken Print | Impressum Impressum | Sitemap Sitemap | Suche Search | Kontakt Contact | Website Analysis: More Information
zum Seitenanfangzum Seitenanfang