Christos Xenakis

• PhD
• Professor at University of Piraeus

The growth of IoT networks necessitates robust and adaptive trust management (TM) systems to ensure secure and reliable interactions between devices. This paper introduces a novel TM framework for IoT devices, leveraging a statistical Markov chain model to calculate dynamic trust scores. Our approach integrates a Multi-Attribute Decision-Making (MA...

The adoption of FIDO2 authentication by major tech companies in web applications has grown significantly in recent years. However, we argue FIDO2 has broader potential applications. In this paper, we introduce EAP-FIDO, a novel Extensible Authentication Protocol (EAP) method for use in IEEE 802.1X-protected networks. This allows organisations with...

Public-key encryption is typically managed through a public key infrastructure. However, it relies on a central control point, the certification authority, which acts as a single point of failure. Recent technological advancements have led to the need for decentralized cryptographic protocols. This paper presents a comprehensive study on enhancing...

This publication presents the ERATOSTHENES project outcomes on devising a novel distributed, automated, auditable, yet privacy-respectful, Trust and Identity Management Framework intended to dynamically and holistically manage the lifecycle of IoT devices, strengthening trust, identities, and resilience in the entire IoT ecosystem. The solution als...

To overcome the security vulnerabilities caused by weak passwords, thus bridge the gap between user friendly interfaces and advanced security features, the Fast IDentity Online (FIDO) alliance defined a number of authentication protocols. The existing literature leverages all versions of the FIDO protocols, without indicating the reasons behind the...

Despite the rapid growth of the cyber insurance market in recent years, insurance companies in this area face several challenges, such as a lack of data, a shortage of automated tasks, increased fraudulent claims from legal policyholders, attackers masquerading as legal policyholders, and insurance companies becoming targets of cybersecurity attack...

Adversarial Machine Learning (AML) is a recently introduced technique, aiming to deceive Machine Learning (ML) models by providing falsified inputs to render those models ineffective. Consequently, most researchers focus on detecting new AML attacks that can undermine existing ML infrastructures, overlooking at the same time the significance of def...

The rapid adoption of smart grids demands robust security and efficiency measures due to their critical role in delivering electricity and their potential for customer-oriented benefits. This paper presents an innovative framework, named RETINA, which provides a resilient and secure energy trading mechanism within smart grid systems. RETINA tackles...

The ERATOSTHENES project is driven by recent security challenges of IoT networks being today embedded into our day to day lives. The high increase of connected devices, their inhomogeneous nature, high penetration, as well as different manufacturing and vendor characteristics have created a vast attack surface that is prone to increase in the next...

This paper presents an original Intelligent and Secure Asset Discovery Tool (ISADT) that uses artificial intelligence and TPM-based technologies to: (i) detect the network assets, and (ii) detect suspicious pattern in the use of the network. The architecture has specifically been designed to discover the assets of medium and large size companies an...

After the completion of its third year of operation in 2022, the CyberSec4Europe pilot project (https://cybersec4europe.eu/) produced this ”Blue Book” (and delivered it as Deliverable D4.7) to serve as a Horizon Research Roadmap in the area of cyber security. To make this book a reality, the project put together a ”Task Force” of young and senior r...

Phishing email attack is a dominant cyber-criminal strategy for decades. Despite its longevity, it has evolved during the COVID-19 pandemic, indicating that adversaries exploit critical situations to lure victims. Plenty of detectors have been proposed over the years, which mainly focus on the contents or the textual information of emails; however,...

IoT devices present an ever-growing domain with multiple applicability. This technology has favored and still favors many areas by creating critical infrastructures that are as profitable as possible. This paper presents a hierarchical architecture composed of different licensing entities that manage access to different resources within a network i...

Digitization, in terms of online services, work environment and other day-to-day procedures, has lead to the wide adoption and use of the respective digital identities. Users utilize their digital personas and their corresponding attributes on a daily basis, in order to gain access to resources and services. This is achieved through the use of nume...

Passwords remain the most common method of authentication in computers and networks. Thus, passwords have been the prime targets of attackers, and the number of data breaches in the last few years proves the high value of passwords. A detailed analysis of such data can provide insight on password trends and patterns users follow when they create a...

Service providers, 5G network operators and, more generally, vertical industries face today a dangerous shortage of highly skilled cybersecurity experts. Along with the escalation and growing sophistication of cyber-attacks, 5G networks require the training of skilled and highly competent cyber forces. To meet these requirements, the SPIDER cyber r...

Web Exploit Kits (EKs) are designed to exploit browsers and browsers plugins vulnerabilities, in order to serve malware without drawing user’s attention. Despite their longevity, EKs have adapted their modus operandi to new malware trends and pose an imminent threat to individual and organizations. This paper proposes EKnad, a methodology to detect...

For decades, code transformations have been a vital open problem in the field of system security, especially for cases like malware mutation engines that generate semantically equivalent forms of given malicious payloads. While there are abundant works on malware and on malware phylogenies classification and detection in general, the fundamental pr...

Over the past decade, software development has evolved from a rigid, linear process to a highly automated and flexible one, thanks to the emergence of continuous integration and delivery environments. Nowadays, more and more development teams rely on such environments to build their complex projects, as the advantages they offer are numerous. On th...

Addressing cyber and privacy risks has never been more critical for organisations. While a number of risk assessment methodologies and software tools are available, it is most often the case that one must, at least, integrate them into a holistic approach that combines several appropriate risk sources as input to risk mitigation tools. In addition,...

Recent advancements in information and communication technologies (ICT) have improved the power grid, leading to what is known as the smart grid, which, as part of a critical economic and social infrastructure, is vulnerable to security threats from the use of ICT and new emerging vulnerabilities and privacy issues. Access control is a fundamental...

Unequivocally, a single man in possession of a strong password is not enough to solve the issue of security. Studies indicate that passwords have been subjected to various attacks, regardless of the applied protection mechanisms due to the human factor. The keystone for the adoption of more efficient authentication methods by the different markets...

The new "status quo" created by the emerging integration of Multi-Access Edge Computing (MEC) and Radio Access Network (RAN) infrastructures, combined with the openness of the 5G service market, have set new standards on how the multitude of 5G service domains should be incentivized and coordinated to comply with the performance requirements set on...

Web applications are widely used, and new ways for easier and cost-effective methods to develop them are constantly introduced. A common omission among the new development and implementation techniques when designing them is security; Node.js is no exception, as Server-Side JavaScript Injection (SSJI) attacks are possible due to the use of vulnerab...

Due to its flexibility in terms of charging and billing, the smart grid is an enabler of many innovative energy consumption scenarios. One such example is when a landlord rents their property for a specific period to tenants. Then the electricity bill could be redirected from the landlord’s utility to the tenant’s utility. This novel scenario of th...

With the COVID-19 pandemic entering a second phase and vaccination strategies being applied by countries and governments worldwide, there is an increasing expectation by people to return to a more familiar, normal life. The debate for an immunity passport that would enable individuals to safely enter their everyday social life, work and transportat...

TrustZone-based Trusted Execution Environments (TEEs) have been utilized extensively for the implementation of security-oriented solutions for several smart intra and inter-connected devices. Although TEEs have been promoted as the starting point for establishing a device root of trust, a number of published attacks against the most broadly utilize...

Software development has passed from being rigid and not very flexible, to be automated with constant changes. This happens due to the creation of continuous integration and delivery environments. Nevertheless, developers often rely on such environments due to the large number of amenities they offer. They focus on authentication only, without taki...

Wireless networks constitute a significant attack vector for adversaries due to their wide usage in our everyday life. As the fifth generation of wireless networks reaches maturity, several vulnerabilities affecting earlier generations have been resolved. Nevertheless the coexistence of legacy wireless technologies is giving rise to the risk of all...

This paper represents the SECONDO framework to assist organizations with decisions related to cybersecurity investments and cyber-insurance. The platform supports cybersecurity and cyber-insurance decisions by implementing and integrating a number of software components. SECONDO operates in three distinct phases: (i) cyber-physical risk assessment...

In recent years, the Smart Grid has increasingly integrated cutting-edge technologies that generate several benefits for all the stakeholders involved, such as a more accurate billing system and enhanced Demand Response procedures. However, this modernization also brings with it diverse cyber security and privacy issues, which sets the necessity fo...

Current authentication methods on the Web have serious weaknesses. First, services heavily rely on the traditional password paradigm, which diminishes the end-users' security and usability. Second, the lack of attribute-based authentication does not allow anonymity-preserving access to services. Third, users have multiple online accounts that often...

Introduction: Individuals and healthcare providers need to trust that the EHRs are protected and that the confidentiality of their personal information is not at stake. Aim: Within CrowdHEALTH project, a security and privacy framework that ensures confidentiality, integrity, and availability of the data was developed. Methods: The CrowdHEALTH...

In recent years there is a surge of serialization-based vulnerabilities in web applications which have led to serious incidents, exposing private data of millions of individuals. Although there have been some efforts in addressing this problem, there is still no unified solution that is able to detect implementation-agnostic vulnerabilities. We aim...

This study advances research in offensive technology by proposing return oriented programming (ROP) as a means to achieve code obfuscation. The key inspiration is that ROP's unique structure poses various challenges to malware analysis compared to traditional shellcode inspection and detection. The proposed ROP‐based attack vector provides two uniq...

Today, an increasing number of Internet of Things (IoT) healthcare devices, crucial to a person's wellbeing and life, connects to the internet and consequently is exposed to a variety of threats. These devices possess low computational resources, and as a result they cannot use security tools such as antivirus or firewalls. Consequently, they becom...

The Health sector's increasing dependence on digital information and communication infrastructures renders it vulnerable to privacy and cybersecurity threats, especially as the theft of health data has become lucrative for cyber criminals. CUREX comprehensively addresses the protection of the confidentiality and integrity of health data by producin...

Security smart industrial systems is prominent due to the proliferation of cyber threats threatening national critical infrastructures. The smart grid comes with intelligent applications based on a bidirectional communication network among its entities. Microgrids are small-scale smart grids that enable Machine-to-Machine (M2) communications as the...

This paper categorizes, presents and evaluates a set of schemes and solutions that provide end-to-end encryption for voice communications. First, we analyze the research works that propose new schemes that enable the transfer of encrypted speech over the voice channel of the 2nd generation mobile network. Next, we analyze a set of popular widesprea...

Nowadays, the majority of web platforms in the Internet originate either from CMS to easily deploy websites or by web applications frameworks that allow developers to design and implement web applications. Considering the fact that CMS are intended to be plug and play solutions and their main aim is to allow even non-developers to deploy websites,...

Despite the prevalence and the high impact of command injection attacks, little attention has been given by the research community to this type of code injections. Although there are many software tools to detect and exploit other types of code injections, such as SQL injections or cross-site scripting, there is no dedicated and specialized softwar...

The introduction of information and communication technologies to the traditional energy grid offers advantages like efficiency, increased reliability, resilience, and better control of demand-response, while on the other hand poses customers' privacy at risk. By using information collected by a smart meter, an attacker can deduce whether a house i...

This paper performs a forensic investigation to a set of Android mobile applications aiming at discovering sensitive information related to the owner of the mobile device. These applications were chosen based on the fact that: i) they are very popular on Google Play Store, ii) they handle sensitive personal information, iii) they have not been rese...

Current authentication methods on the Web have serious weaknesses. First, services heavily rely on the traditional password paradigm, which diminishes the end-users' security and usability. Second, the lack of attribute-based authentication does not allow anonymity-preserving access to services. Third, users have multiple online accounts that ofte...

The introduction of information and communication technologies to the traditional energy grid offers advantages like efficiency, increased reliability, resilience and better control of demand-response, while on the other hand poses customers' privacy at risk. Aggregation of electricity consumption readings in intermediate nodes is needed for effici...

Historically, the financial benefits of cyber security investments have not been calculated with the same financial discipline used to evaluate other material investments. This was mainly due to a lack of readily available data on cyber incidents impacts and systematic methodology to support the efficacy of cyber investments. In this paper we propo...

The FIDO (Fast Identity Online) Universal Authentication Framework is a new authentication mechanism that replaces passwords, simplifying the process of us-er authentication. To this end, FIDO transfers user verification tasks from the au-thentication server to the user's personal device. Therefore, the overall assurance level of user authenticatio...

With the evolution of the smart grid, most homes will be equipped with smart meters that support consumption reading, demand response and applications requiring two-way communications. In this context, security is a key aspect for smart grid adoption, especially since customers will have physical access to smart meters installed in their premises....

The introduction of information and communication technologies to the traditional energy grid offersadvantages like efficiency, increased reliability, resilience, and better control of demand-response, whileon the other hand poses customers' privacy at risk. By using information collected by a smart meter, anattacker can deduce whether a house is e...

The blackhole attack is one of the simplest yet effective attacks that target the AODV protocol. Blackhole attackers exploit AODV parameters in order to win route requests, and thus, attract traffic, which they subsequently capture and drop. However, the first part of the attack is often neglected in present literature, while the majority of attemp...

The protection of the volatile memory data is an issue of crucial importance, since authentication credentials and cryptographic keys remain in the volatile memory. For this reason, the volatile memory has become a prime target for memory scrapers, which specifically target the volatile memory, in order to steal sensitive information, such as credi...

The lack of precise directives in 3GPP specifications allows mobile operators to configure and deploy security mechanisms at their sole discretion. This may lead to the adoption of bad security practices and insecure configurations. Based on this observation, this paper presents the design and implementation of a novel mobile application named (U)S...

p>The lack of precise directives in 3GPP specifications allows mobile operators to configure and deploy security mechanisms at their sole discretion. This may lead to the adoption of bad security practices and insecure configurations. Based on this observation, this paper presents the design and implementation of a novel mobile application named (U...

Mobile application developers are using cryptography in their products to protect sensitive data like passwords, short messages, documents etc. In this paper, we study whether cryptography and related techniques are employed in a proper way, in order to protect these private data. To this end, we downloaded 49 Android applications from the Google P...

Command injections are prevalent to any application independently of its operating system that hosts the application or the programming language that the application itself is developed.The impact of command injection attacks ranges from loss of data confidentiality and integrity to unauthorized remote access to the system that hosts the vulnerable...

With the emergence of widely available hardware and software tools for GSM hacking, the security of cellular networks is threatened even by script kiddies. In this paper we present four different attacks in GSM networks, using commodity hardware as well as open source and freely available software tools. All attacks are performed using a common DVB...

The downside of current polymorphism techniques lies to the fact that they require a writeable code section, either marked as such in the corresponding Portable Executable (PE) section header, or by changing permissions during runtime. Both approaches are identified by AV software as alarming characteristics and/or behavior, since they are rarely f...

As Smart Grid deployments emerge around the world, their protection against cyberattacks becomes more crucial. Before protective measures are put into place, one of the main factors to be considered is key management. Smart Grid poses special requirements compared to traditional networks; however, the review of previous work reveals that existing s...

As Smart Grid deployments emerge around the world, their protection against cyberattacks becomes more crucial. Before protective measures are put into place, one of the main factors to be considered is key management. Smart Grid poses special requirements compared to traditional networks; however, the review of previous work reveals that existing s...

As people are using their smartphones more frequently, cyber criminals are focusing their efforts on infecting smartphones rather than computers. This paper presents the design and implementation of a new type of mobile malware, named (U)SimMonitor for Android and iPhone devices, which attacks the baseband modem of mobile phones. In particular, the...

Recently, gait recognition has attracted much attention as a biometric feature for real-time person authentication. The main advantage of gait is that it can be observed at a distance in an unobtrusive manner. However, the security of an authentication system, based only on gait features, can be easily broken. A malicious actor can observe the gait...

XSS attacks have become very common nowadays, due to bad-written PHP web applications. In order to provide users with rudimentary protection against XSS attacks most web browser vendors have developed built-in protection mechanisms, called XSS filters. In this paper, we analyze two attacks that take advantage of poorly written PHP code to bypass th...

The proliferation of mobile computing devices has enabled the utilization of infrastructure-less networking as commercial solutions. However, the distributed and cooperative nature of routing in such networks makes them vulnerable to a variety of attacks. This paper proposes a host-based monitoring mechanism, called SIDE that safeguards the operati...

In this paper, we investigate and evaluate through experimental analysis the possibility of recovering authentication credentials of mobile applications from the volatile memory of Android mobile devices. Throughout the carried experiments and analysis, we have, exclusively, used open-source and free forensic tools. Overall, the contribution of thi...