Dr. Emmanouil Vasilomanolakis

nameEmmanouil Vasilomanolakis

Senior Researcher

Postdoc (Smart Protection in Infrastructures and Networks (SPIN))

phone+49 (6151) 16 - 23199

+49 (6151) 16 - 23202


S2|02 A312

postal address

TU Darmstadt - FB 20
FG Telekooperation
Hochschulstraße 10
D-64289 Darmstadt

Short Bio

I am a senior researcher (post-doc) at Technische Universität Darmstadt. My research interests include collaborative intrusion detection, honeypots and alert data correlation.

I received a PhD (Dr. rer. nat.) from the Technische Universität Darmstadt in 2016 for my dissertation "On Collaborative Intrusion Detection". Heretofore, I received my diploma (Dipl.-Inform.) and MSc from the University of the Aegean (Greece) in 2008 and 2011 respectively. My master thesis, in the area of honeypots, was conducted in cooperation with the National Center of Scientific Research “Demokritos”. Lastly, I worked as a researcher for AGT International, on the field of IoT security, from 2014-2015.

For an updated overview of my activities, have a look at my personal website.


Defending Against Probe-Response Attacks

Author Emmanouil Vasilomanolakis, Noorulla Sharief, Max Mühlhäuser
Date May 2017
Kind Inproceedings
Book titleIEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies (DISSECT)
Pages1046 - 1051
LocationLisbon, Portugal
Research Areas Telecooperation, SPIN: Smart Protection in Infrastructures and Networks
Abstract With the increase in the sophistication of cyber-attacks, collaborative defensive approaches such as Collaborative IDSs (CIDSs) have emerged. CIDSs utilize a multitude of heterogeneous monitors to create a holistic picture of the monitored network. Nowadays, a number of research institutes and companies deploy CIDSs that publish their alert data publicly, over the Internet. Such systems are important for researchers and security administrators as they provide a source of real-world alert data for experimentation. However, a class of attacks exist, called Probe-Response Attacks (PRAs), which can significantly reduce the benefits of a CIDS. In particular, such attacks allow an adversary to detect the network location of the monitors of a CIDS.In this paper, we first study the related work and analyze the various mitigation techniques for defending against PRAs.Subsequently, we propose a novel mitigation mechanism that improves the state of the art. Our method, namely the Shuffle-based PRA Mitigation (SPM), is based on the idea of shuffling the watermarks, so-called markers, which the adversary requires to successfully perform a PRA. By doing so the whole process of the attack is disrupted leading to a very small number of identified monitors. Our experimental results suggest that our proposed method significantly reduces the impact of a PRA whilst it does not introduce a trade-off for the usability of the data produced by the CIDS.
Website http://www.dissect.vcu.edu/2017/
Full paper (pdf)
[Export this entry to BibTeX]

Important Copyright Notice:

The documents contained in these directories are included by the contributing authors as a means to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.

To top

Posters, Demos and Talks

  • 10-11.06.2014 Collaborative Intrusion Detection using Mobile Honeypots
    Emmanouil Vasilomanolakis, Shankar Karuppayah, Mathias Fischer, Max Muhlhauser
    Intel Workshop on Cyberphysical and Mobile Security, Darmstadt, Germany (poster)
  • 21.04.2013 A short introduction to honeypots
    FOSSCOMM 2013, Athens, Greece (invited talk)

Summer/Winter Schools & Workshops

  • European Intensive Program on Information and Communication Security (IPICS), University of Regensburg, Germany, 2008
  • 4th Summer School on Network & Information Security (NIS): The Challenge of the Changing Risk Landscape, jointly organized by ENISA and FORTH, Greece, 2011
  • Honeynet Project Workshop (Under a full scholarship offered by the Honeynet Project), Warsaw Poland, 2014

Topics for Bachelor and Master Theses

Please check the list bellow for open Bachelor or Master thesis topics. Our group always offers a selection of challenging topics in the area of intrusion detection and Cyber Security. If you see an open topic that appears to be interesting for you, kindly drop me an email.


2 Entries found


Reverse engineering of sophisticated malware

Master Thesis


• Knowledge in reverse engineering is a must!

• Understanding of C and Assembly languages

• General understanding of network protocols


Semantic/statistical analysis of hacked & leaked passwords

Master Thesis

in progress

Regardless of advances in biometrics and other alternatives, good old passwords are still the main authentication medium nowadays. At the same time, hacked/stolen passwords are sold in the dark web for trivial amounts of money (or even for free). Now, imagine a massive leaked password database: how much can we learn from it?


Winter Term 2017/2018

Winter Term 2016/2017

  • Seminar Telekooperation
  • Protection in Networked Systems ‒ Trust, Resilience, and Privacy (course web page)

Winter Term 2015/2016

  • Seminar Telekooperation (course web page)
  • Bachelor Students Traineeship / Bachelorpraktikum
  • Oberseminar TK (link)

Winter Term 2014/2015

  • Seminar Telekooperation (course web page)
    Advisor for topics: "Analysis of collaborative data correlation algorithms with a focus on alert data correlation", "A survey of the security features of IoT platforms and architectures", "A Survey on Security in the Internet of Thing’s Machine-to-Machine Platforms"
  • Projectpraktikum
    Supervision: HosTaGe

Summer Term 2014

  • Seminar Telekooperation (course web page)
    Advisor for topic "
    Alert Correlation and Aggregation for Collaborative Intrusion Detection"
  • Simulation und Evaluation von Computernetzwerken (SECoN) (course web page)

Winter Term 2013/2014

  • Seminar Telekooperation (course web page)
    Advisor for topics "Mobile Honeypots: A survey" and (Co-advisor) "Mobile Live Forensics"
  • Bachelor Students Traineeship / Bachelorpraktikum
    Co-supervision "HOsTaGe: 2.0"
  • Projectpraktikum
    Co-supervision "HOsTaGe: Arm and Loaded"

Summer Term 2013

Winter Term 2012/2013

  • Seminar Security, Privacy, and Trust
    Advisor for topic “Attacks on Intrusion Detection Systems
A A A | Drucken Print | Impressum Impressum | Sitemap Sitemap | Suche Search | Kontakt Contact | Website Analysis: More Information
zum Seitenanfangzum Seitenanfang