Antonis Papadogiannakis | University of Crete (original) (raw)
Papers by Antonis Papadogiannakis
Bookmarks Related papers MentionsView impact
Accessing the large volume of information that is available on the Web is more important than eve... more Accessing the large volume of information that is available on the Web is more important than ever before. Search engines are the primary means to help users find the content they need. To suggest the most closely related and the most popular web pages for a user's query, search engines assign a rank to each web page. Each page's rank typically increases with the number and rank of the web pages having a link to this page. However, spammers have developed several techniques to exploit this page rank algorithm and improve the rank of their spam web pages. These techniques are commonly based on underground forums for collaborative link exchange, building a social network between spammers to favor their spam web pages in search engine results. This causes a significant problem for both search engines and end users. Therefore, new anti-spam techniques are needed to detect this behavior and mitigate web spam. Search Engine Optimization (SEO) forums are widely used by adversaries to exchange links between their web pages, so they are good sources to collect and analyze spam links. In this study, we provide a systematic analysis of the spam link exchange performed through 15 SEO forums. We propose a new system, called Inquisitor, to capture the activity of web spammers in SEO forums, identify the actual spam link exchanges, and visualize the web spam ecosystem. Inquisitor collects spam links posted in public forum threads, as well as, links sent via private messages, by creating and using " honey " accounts in these forums. This approach is needed because many spammers tend to exchange links through private messages to avoid being identified. The web pages behind the collected links are examined, and the actual links of these pages are extracted and matched against the other collected links. This analysis results in link exchange identification and generation of the respective relationship network graph of web spam. We believe that the results of this study improve our understanding of web spammers' behavior, and the proposed system can be used to improve the detection of web spam.
Bookmarks Related papers MentionsView impact
Proc. of the Passive …, 2006
Available bandwidth measurement as simple as running wget Demetres Antoniades1, Manos Athanatos1,... more Available bandwidth measurement as simple as running wget Demetres Antoniades1, Manos Athanatos1, Antonis Papadogiannakis1, Evangelos P. Markatos1, Constantine Dovrolis2 1 Institute of Computer Science (ICS) Foundation for Research & Technology Hellas (FORTH) ...
Bookmarks Related papers MentionsView impact
Computer Communications, 2012
Bookmarks Related papers MentionsView impact
Proceedings of the 4th International ICST Conference on Testbeds and Research Infrastructures for the Development of Networks and Communities, 2008
Bookmarks Related papers MentionsView impact
The capability of dynamically monitoring the performance of the communication infrastructure is o... more The capability of dynamically monitoring the performance of the communication infrastructure is one of the emerging requirements for a Grid. We claim that such a capability is in fact orthogonal to the more popular collection of data for scheduling and diagnosis, which needs large storage and indexing capabilities, but may disregard real-time performance issues. We discuss such claim analyzing the
Bookmarks Related papers MentionsView impact
Proceedings of the 4th International ICST Conference on Testbeds and Research Infrastructures for the Development of Networks and Communities, 2008
Bookmarks Related papers MentionsView impact
IEEE Transactions on Emerging Topics in Computing, 2014
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
IEEE Journal on Selected Areas in Communications, 2014
Bookmarks Related papers MentionsView impact
2014 Twelfth Annual International Conference on Privacy, Security and Trust, 2014
Bookmarks Related papers MentionsView impact
Proceedings of the 2013 conference on Internet measurement conference - IMC '13, 2013
Bookmarks Related papers MentionsView impact
Proceedings of the Third European Workshop on System Security - EUROSEC '10, 2010
... In our approach one can start with an unsupervised anomaly detector and, in principle, collec... more ... In our approach one can start with an unsupervised anomaly detector and, in principle, collect the training set for the optimizer during the operation of the IDS. ... [10] KK Gupta, B. Nath and K. Ramamohanarao, Layered Ap-proach using Conditional Random Fields for Intrusion ...
Bookmarks Related papers MentionsView impact
2010 IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems, 2010
Bookmarks Related papers MentionsView impact
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security - CCS '13, 2013
ABSTRACT Code injection attacks continue to pose a threat to today's computing systems, a... more ABSTRACT Code injection attacks continue to pose a threat to today's computing systems, as they exploit software vulnerabilities to inject and execute arbitrary, malicious code. Instruction Set Randomization (ISR) is able to protect a system against remote machine code injection attacks by randomizing the instruction set of each process. This way, the attacker will inject invalid code that will fail to execute on the randomized processor. However, all the existing implementations of ISR are based on emulators and binary instrumentation tools that (i) incur a significant runtime performance overhead, (ii) limit the ease of deployment of ISR, (iii) cannot protect the underlying operating system kernel, and (iv) are vulnerable to evasion attempts trying to bypass ISR protection. To address these issues we propose ASIST: an architecture with hardware and operating system support for ISR. We present the design and implementation of ASIST by modifying and mapping a SPARC processor onto an FPGA board and running our modified Linux kernel to support the new features. The operating system loads the randomization key of each running process into a newly defined register, and the modified processor decodes the process's instructions with this key before execution. Moreover, ASIST protects the system against attacks that exploit kernel vulnerabilities to run arbitrary code with elevated privileges, by using a separate randomization key for the operating system. We show that ASIST transparently protects all applications and the operating system kernel from machine code injection attacks with less than 1.5% runtime overhead, while only requiring 0.7% additional hardware.
Bookmarks Related papers MentionsView impact
Proceedings of the 29th Annual Computer Security Applications Conference on - ACSAC '13, 2013
Bookmarks Related papers MentionsView impact
2006 IEEE/IFIP Network Operations and Management Symposium NOMS 2006, 2006
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Accessing the large volume of information that is available on the Web is more important than eve... more Accessing the large volume of information that is available on the Web is more important than ever before. Search engines are the primary means to help users find the content they need. To suggest the most closely related and the most popular web pages for a user's query, search engines assign a rank to each web page. Each page's rank typically increases with the number and rank of the web pages having a link to this page. However, spammers have developed several techniques to exploit this page rank algorithm and improve the rank of their spam web pages. These techniques are commonly based on underground forums for collaborative link exchange, building a social network between spammers to favor their spam web pages in search engine results. This causes a significant problem for both search engines and end users. Therefore, new anti-spam techniques are needed to detect this behavior and mitigate web spam. Search Engine Optimization (SEO) forums are widely used by adversaries to exchange links between their web pages, so they are good sources to collect and analyze spam links. In this study, we provide a systematic analysis of the spam link exchange performed through 15 SEO forums. We propose a new system, called Inquisitor, to capture the activity of web spammers in SEO forums, identify the actual spam link exchanges, and visualize the web spam ecosystem. Inquisitor collects spam links posted in public forum threads, as well as, links sent via private messages, by creating and using " honey " accounts in these forums. This approach is needed because many spammers tend to exchange links through private messages to avoid being identified. The web pages behind the collected links are examined, and the actual links of these pages are extracted and matched against the other collected links. This analysis results in link exchange identification and generation of the respective relationship network graph of web spam. We believe that the results of this study improve our understanding of web spammers' behavior, and the proposed system can be used to improve the detection of web spam.
Bookmarks Related papers MentionsView impact
Proc. of the Passive …, 2006
Available bandwidth measurement as simple as running wget Demetres Antoniades1, Manos Athanatos1,... more Available bandwidth measurement as simple as running wget Demetres Antoniades1, Manos Athanatos1, Antonis Papadogiannakis1, Evangelos P. Markatos1, Constantine Dovrolis2 1 Institute of Computer Science (ICS) Foundation for Research & Technology Hellas (FORTH) ...
Bookmarks Related papers MentionsView impact
Computer Communications, 2012
Bookmarks Related papers MentionsView impact
Proceedings of the 4th International ICST Conference on Testbeds and Research Infrastructures for the Development of Networks and Communities, 2008
Bookmarks Related papers MentionsView impact
The capability of dynamically monitoring the performance of the communication infrastructure is o... more The capability of dynamically monitoring the performance of the communication infrastructure is one of the emerging requirements for a Grid. We claim that such a capability is in fact orthogonal to the more popular collection of data for scheduling and diagnosis, which needs large storage and indexing capabilities, but may disregard real-time performance issues. We discuss such claim analyzing the
Bookmarks Related papers MentionsView impact
Proceedings of the 4th International ICST Conference on Testbeds and Research Infrastructures for the Development of Networks and Communities, 2008
Bookmarks Related papers MentionsView impact
IEEE Transactions on Emerging Topics in Computing, 2014
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
IEEE Journal on Selected Areas in Communications, 2014
Bookmarks Related papers MentionsView impact
2014 Twelfth Annual International Conference on Privacy, Security and Trust, 2014
Bookmarks Related papers MentionsView impact
Proceedings of the 2013 conference on Internet measurement conference - IMC '13, 2013
Bookmarks Related papers MentionsView impact
Proceedings of the Third European Workshop on System Security - EUROSEC '10, 2010
... In our approach one can start with an unsupervised anomaly detector and, in principle, collec... more ... In our approach one can start with an unsupervised anomaly detector and, in principle, collect the training set for the optimizer during the operation of the IDS. ... [10] KK Gupta, B. Nath and K. Ramamohanarao, Layered Ap-proach using Conditional Random Fields for Intrusion ...
Bookmarks Related papers MentionsView impact
2010 IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems, 2010
Bookmarks Related papers MentionsView impact
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security - CCS '13, 2013
ABSTRACT Code injection attacks continue to pose a threat to today's computing systems, a... more ABSTRACT Code injection attacks continue to pose a threat to today's computing systems, as they exploit software vulnerabilities to inject and execute arbitrary, malicious code. Instruction Set Randomization (ISR) is able to protect a system against remote machine code injection attacks by randomizing the instruction set of each process. This way, the attacker will inject invalid code that will fail to execute on the randomized processor. However, all the existing implementations of ISR are based on emulators and binary instrumentation tools that (i) incur a significant runtime performance overhead, (ii) limit the ease of deployment of ISR, (iii) cannot protect the underlying operating system kernel, and (iv) are vulnerable to evasion attempts trying to bypass ISR protection. To address these issues we propose ASIST: an architecture with hardware and operating system support for ISR. We present the design and implementation of ASIST by modifying and mapping a SPARC processor onto an FPGA board and running our modified Linux kernel to support the new features. The operating system loads the randomization key of each running process into a newly defined register, and the modified processor decodes the process's instructions with this key before execution. Moreover, ASIST protects the system against attacks that exploit kernel vulnerabilities to run arbitrary code with elevated privileges, by using a separate randomization key for the operating system. We show that ASIST transparently protects all applications and the operating system kernel from machine code injection attacks with less than 1.5% runtime overhead, while only requiring 0.7% additional hardware.
Bookmarks Related papers MentionsView impact
Proceedings of the 29th Annual Computer Security Applications Conference on - ACSAC '13, 2013
Bookmarks Related papers MentionsView impact
2006 IEEE/IFIP Network Operations and Management Symposium NOMS 2006, 2006
Bookmarks Related papers MentionsView impact