Dr. Emmanouil Vasilomanolakis

nameEmmanouil Vasilomanolakis
position

Senior Researcher

Postdoc (Smart Protection in Infrastructures and Networks (SPIN))

emailvasilomano@tk.tu-darmstadt.de
phone+49 (6151) 16 - 23199
fax

+49 (6151) 16 - 23202

office

S2|02 A312

postal address

TU Darmstadt - FB 20
FG Telekooperation
Hochschulstraße 10
D-64289 Darmstadt
Germany

Research Interests

  • Collaborative Intrusion Detection
  • Honeypots
  • Botnet monitoring

Short Bio

I am a senior researcher (post-doc) at Technische Universität Darmstadt. My research interests include collaborative intrusion detection, honeypots and alert data correlation.

I received a PhD (Dr. rer. nat.) from the Technische Universität Darmstadt in 2016 for my dissertation "On Collaborative Intrusion Detection". Heretofore, I received my diploma (Dipl.-Inform.) and MSc from the University of the Aegean (Greece) in 2008 and 2011 respectively. My master thesis, in the area of honeypots, was conducted in cooperation with the National Center of Scientific Research “Demokritos”. Lastly, I worked as a researcher for AGT International, on the field of IoT security, from 2014-2015.

Publications

Additional Attributes

Type

Multi-stage Attack Detection and Signature Generation with ICS Honeypots

Emmanouil Vasilomanolakis, Shreyas Srinivasa, Carlos Garcia Cordero, Max Mühlhäuser
In: IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies (DISSECT), p. 1227 - 1232, April 2016
IEEE
[Online-Edition: http://www.dissect.vcu.edu/2016]
[Inproceedings]

Towards the creation of synthetic, yet realistic, intrusion detection datasets <b>(best paper award)</b>

Emmanouil Vasilomanolakis, Carlos Garcia Cordero, Nikolay Milanov, Max Mühlhäuser
In: IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies (DISSECT), p. 1209 - 1214, April 2016
IEEE
[Online-Edition: http://www.dissect.vcu.edu/2016/]
[Inproceedings]

SkipMon: a Locality-Aware Collaborative Intrusion Detection System

Emmanouil Vasilomanolakis, Matthias Kruegl, Carlos Garcia Cordero, Mathias Fischer, Max Mühlhäuser
In: International Performance Computing and Communications Conference (IPCCC), p. 1 - 8, December 2015
IEEE
[Inproceedings]

Probe-response attacks on collaborative intrusion detection systems: effectiveness and countermeasures

Emmanouil Vasilomanolakis, Michael Stahn, Carlos Garcia Cordero, Max Mühlhäuser
In: IEEE Conference on Communications and Network Security (CNS), p. 699 - 700, September 2015
IEEE
[Inproceedings]

Did you really hack a nuclear power plant? An industrial control mobile honeypot

Emmanouil Vasilomanolakis, Shreyas Srinivasa, Max Mühlhäuser
In: IEEE Conference on Communications and Network Security (CNS), p. 729 - 730, September 2015
IEEE
[Inproceedings]

ID2T: a DIY dataset creation toolkit for Intrusion Detection Systems

Carlos Garcia Cordero, Emmanouil Vasilomanolakis, Nikolay Milanov, Christian Koch, David Hausheer, Max Mühlhäuser
In: IEEE Conference on Communications and Network Security (CNS), p. 739 - 740, September 2015
IEEE
[Inproceedings]

On the Security and Privacy of Internet of Things Architectures and Systems

Emmanouil Vasilomanolakis, Jörg Daubert, Manisha Luthra, Vangelis Gazis, Alexander Wiesmaier, Panagiotis Kikiras
In: International Workshop on Secure Internet of Things (SIoT) 2015, ESORICS, p. 49 - 57, September 2015
IEEE
[Inproceedings]

A Survey of Technologies for the Internet of Things

Vangelis Gazis, Manuel Görtz, Marco Huber, Alessandro Leonardi, Kostas Mathioudakis, Alexander Wiesmaier, Florian Zeiger, Emmanouil Vasilomanolakis
In: International Wireless Communications and Mobile Computing Conference (IWCMC), Machine - to - Machine Communications (M2M) & Internet of Things (IoT) Workshop, p. 1090 - 1095 , August 2015
IEEE
[Inproceedings]

Taxonomy and Survey of Collaborative Intrusion Detection

Emmanouil Vasilomanolakis, Shankar Karuppayah, Mathias Fischer, Max Mühlhäuser
In: ACM Computing Surveys, Vol. 47, p. 33, May 2015
[Article]

Community-based Collaborative Intrusion Detection

Carlos Garcia Cordero, Emmanouil Vasilomanolakis, Mathias Fischer, Max Mühlhäuser
In: International Workshop on Applications and Techniques in Cyber Security (ATCS) , International Conference on Security and Privacy in Communication Networks (SecureComm), Vol. 164, p. 665-681, 2015
Springer International Publishing
[Inproceedings]

To top

Community Services

Journals

Editor

Reviewer

  • Journal of Network and Computer Applications, ELSEVIER
  • Computer Science Review, ELSEVIER
  • Information Fusion, ELSEVIER
  • IEEE Transactions on Cognitive Communications and Networking

Conferences & Workshops

Organizer/Chair

TPC member

Reviewer

  • IEEE GLOBECOM
  • IEEE International Conference on Communications (ICC)

Posters, Demos and Talks

  • 10-11.06.2014 Collaborative Intrusion Detection using Mobile Honeypots
    Emmanouil Vasilomanolakis, Shankar Karuppayah, Mathias Fischer, Max Muhlhauser
    Intel Workshop on Cyberphysical and Mobile Security, Darmstadt, Germany (poster)
  • 21.04.2013 A short introduction to honeypots
    FOSSCOMM 2013, Athens, Greece (invited talk)

Summer/Winter Schools & Workshops

  • European Intensive Program on Information and Communication Security (IPICS), University of Regensburg, Germany, 2008
  • 4th Summer School on Network & Information Security (NIS): The Challenge of the Changing Risk Landscape, jointly organized by ENISA and FORTH, Greece, 2011
  • Honeynet Project Workshop (Under a full scholarship offered by the Honeynet Project), Warsaw Poland, 2014

Topics for Bachelor and Master Theses

Please check the list bellow for open Bachelor or Master thesis topics. Our group always offers a selection of challenging topics in the area of intrusion detection and Cyber Security. If you see an open topic that appears to be interesting for you, kindly drop me an email.

Theses

7 Entries found


10.11.2017

TRIDEnT: Blockchain-based Collaborative Intrusion Detection

Master Thesis

in progress


Cyber attacks are becoming increasingly sophisticated and coordinated. Isolated intrusion detection systems can sometimes not detect coordinated attacks in time. Therefore, collaboration between intrusion detection systems in needed, in the form of alert exchange. However, beneficial collaboration between mutually untrusted peers (some may be controlled by attackers already) is a problem of its own. To address this problem, we have introduced TRIDEnT, a blockchain-based Collaborative Intrusion Detection System (CIDS).

This thesis involves continuing the development of TRIDEnT with theoretical and practical contributions. Prototypes will be built using Hyperledger Fabric and will be evaluated in simulated, as well as in real-world settings.

28.06.2017

Trust in Collaborative Intrusion Detection

Master Thesis

in progress


16.03.2017

A novel honeypot concept

Master Thesis

in progress


Nowadays, the number and sophistication of cyberattacks is  constantly  increasing.  To  cope  with  this,  security  solutions  such  as  Intrusion Detection Systems (IDSs)  are  considered  a  mandatory  line of  defense  for  any  critical  network.  However,  IDSs usually employ passive monitoring techniques.  Honeypots emerged from the need for more active monitoring.

Honeypots are systems whose only value is to be probed, attacked and compromised. Their purpose is to attract malicious users, study their activities and, at the same time, reduce the attack surface of the monitored network. It is important to note that since honeypots do not feature any other purpose; by definition, any interaction with them is considered an attack. Thus, they do not exhibit false positives, i.e., all incoming traffic is considered malicious.

On P2P Botnet Monitoring in Adverse Conditions

Master Thesis

finished


Botnets are collections of infected computation devices that are remotely controlled by so called botmasters. Botnets are used for many criminal purposes such as Distributed Denial of Service (DDoS), credential theft or spam mail distribution which makes them a prominent target for law enforcement and researchers. Several takedowns of centralized botnets lead to an arms race of developing more resilient botnets and new ways to defeat them. The latest iteration of resilient botnets uses P2P overlays to overcome the single point of failure present in centralized systems. The open nature of P2P systems allows the defender to infiltrate and monitor the botnets to collect intelligence information for potential takedowns. Recent publications present mechanisms that allow to detect monitoring operations and it is only a matter of time until botmasters implement these to create monitoring resistant Peer-to-peer botnets.

Using blockchains for alert data dissemination in CIDS

Master Thesis

finished


The increasing number of highly sophisticated and coordinated cyber attacks proves that Intrusion

Detection Systems (IDSs) have to re-examine their current defensive techniques and move

towards to more collaborative mechanisms. Collaborative IDSs (CIDSs) are providing such an

approach by introducing the idea of cooperation between multiple sensors (firewalls, IDSs, honeypots)

with the aim of creating a holistic overview about the monitored network. Altough,

there are plenty of research attempts with regard to CIDSs, this new area is still facing major

challenges. Among all the others, these include the problem of exchanging alert data in a

confidential and integrity-preserving way as well as providing accountability for the participating

sensors. Apart from these challenges, bringing consensus to a CIDS network is also an area,

which has not been explored yet. According to novel research aspects that have been made in

the field of blockchains, this technology seems promising to fill the aforementioned research

gaps.

Trust Management in P2P Botnets

Master Thesis

finished


Botnets are one of the most prevalent threats present in today’s interconnected world, playing an

integral role in a wide variety of cybercrime activities. P2P botnets are the latest iteration in the

cat-and-mouse game between botmasters on the one side and researchers and law enforcement

officials on the other. While the open and distributed nature of P2P botnets prevents a number of attacks that can be performed on centralized botnets, it opens up a number of new attack vectors, too.

More specifically, attackers can reverse-engineer a botnet’s protocol, infiltrate it, and perform

monitoring or disruptive attacks.

On the Analysis & Generation of Synthetic Attacks for Intrusion Detection Systems

Master Thesis

finished


Intrusion Detection Systems (IDS) have established themselves as a mandatory line of defense for critical infrastructure. One main aspect during the development of an IDS is the evaluation and optimization of the detection algorithms. Currently there is no standardized model for the evaluation of the detection efficiency. A common approach has been the use of static datasets, but the publicly available datasets have flaws in many regards, like their actuality and the absence of up-to-date attacks.This creates challenges in terms of the reproducibility and the comparison of results.


Teaching

Winter Term 2017/2018

Winter Term 2016/2017

  • Seminar Telekooperation
  • Protection in Networked Systems ‒ Trust, Resilience, and Privacy (course web page)

Winter Term 2015/2016

  • Seminar Telekooperation (course web page)
  • Bachelor Students Traineeship / Bachelorpraktikum
  • Oberseminar TK (link)

Winter Term 2014/2015

  • Seminar Telekooperation (course web page)
    Advisor for topics: "Analysis of collaborative data correlation algorithms with a focus on alert data correlation", "A survey of the security features of IoT platforms and architectures", "A Survey on Security in the Internet of Thing’s Machine-to-Machine Platforms"
  • Projectpraktikum
    Supervision: HosTaGe

Summer Term 2014

  • Seminar Telekooperation (course web page)
    Advisor for topic "
    Alert Correlation and Aggregation for Collaborative Intrusion Detection"
  • Simulation und Evaluation von Computernetzwerken (SECoN) (course web page)
    Assistant

Winter Term 2013/2014

  • Seminar Telekooperation (course web page)
    Advisor for topics "Mobile Honeypots: A survey" and (Co-advisor) "Mobile Live Forensics"
  • Bachelor Students Traineeship / Bachelorpraktikum
    Co-supervision "HOsTaGe: 2.0"
  • Projectpraktikum
    Co-supervision "HOsTaGe: Arm and Loaded"

Summer Term 2013

Winter Term 2012/2013

  • Seminar Security, Privacy, and Trust
    Advisor for topic “Attacks on Intrusion Detection Systems
A A A | Drucken Print | Impressum Impressum | Sitemap Sitemap | Suche Search | Kontakt Contact | Website Analysis: More Information
zum Seitenanfangzum Seitenanfang