Constantinos Patsakis

Constantinos Patsakis
University of Piraeus · Department of Informatics

About

185
Publications
131,298
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
4,144
Citations
Citations since 2016
124 Research Items
3913 Citations
201620172018201920202021202202004006008001,000
201620172018201920202021202202004006008001,000
201620172018201920202021202202004006008001,000
201620172018201920202021202202004006008001,000
Education
October 2003 - October 2008
University of Piraeus
Field of study
  • Computer Security
September 2002 - September 2003
Royal Holloway, University of London
Field of study
  • Information Security
September 1998 - September 2002

Publications

Publications (185)
Article
Malware authors continuously evolve their code base to include counter-analysis methods that can significantly hinder their detection and blocking. While malware execution in a sandboxed environment may provide insightful feedback about what the malware does in a machine, anti-virtualisation and hooking evasion methods may allow malware to bypass s...
Preprint
Full-text available
Digital evidence underpin the majority of crimes as their analysis is an integral part of almost every criminal investigation. Even if we temporarily disregard the numerous challenges in the collection and analysis of digital evidence, the exchange of the evidence among the different stakeholders has many thorny issues. Of specific interest are cro...
Preprint
Malware authors are continuously evolving their code base to include counter-analysis methods that can significantly hinder their detection and blocking. While the execution of malware in a sandboxed environment may provide a lot of insightful feedback about what the malware actually does in a machine, anti-virtualisation and hooking evasion method...
Article
Many malware campaigns use Microsoft (MS) Office documents as droppers to download and execute their malicious payload. Such campaigns often use these documents because MS Office is installed on billions of devices and that these files allow the execution of arbitrary VBA code. Recent versions of MS Office prevent the automatic execution of VBA mac...
Article
The technological advance of drone technology has augmented the existing capabilities of flying vehicles rendering them a valuable asset of the modern society. As more drones are expected to occupy the airspace in the near future, security-related incidents, either malicious acts or accidents, will increase as well. The forensics analysis of a secu...
Chapter
In these last years, we are witnessing the constant evolution of technologies such as artificial intelligence, machine learning, blockchain, IoT, and cloud computing. At the same time, before the COVID-19 crisis, the tourism sector steadily increased its growth yearly, raising to be one of the dominant sectors worldwide, generating a wide number of...
Article
Full-text available
Due to its critical role in cybersecurity, digital forensics has received significant attention from researchers and practitioners alike. The ever increasing sophistication of modern cyberattacks is directly related to the complexity of evidence acquisition, which often requires the use of several technologies. To date, researchers have presented m...
Article
Full-text available
Cybersecurity is a never-ending battle against attackers, who try to identify and exploit misconfigurations and software vulnerabilities before being patched. In this ongoing conflict, it is important to analyse the properties of the vulnerability time series to understand when information systems are more vulnerable. We study computer systems’ sof...
Article
Full-text available
Microsoft Office may be by far the most widely used suite for processing documents, spreadsheets, and presentations. Due to its popularity, it is continuously utilised to carry out malicious campaigns. Threat actors, exploiting the platform’s dynamic features, use it to launch their attacks and penetrate millions of hosts in their campaigns. This w...
Article
Coronavirus has radically changed the world and our lives in many and various ways. During this crisis, the tourism sector was severely damaged globally, as, within some weeks, popular touristic places worldwide changed from over-tourism to non-tourism destinations. In order to address new challenges in this sector, a novel cloud-based framework is...
Chapter
The InterPlanetary File System (IPFS) is employed extensively nowadays by many blockchain projects to store personal data off-chain in order to comply with the Right to be Forgotten (RtbF) provision of the General Data Protection Regulation (GDPR). Nevertheless, upon an erasure request under the RtbF, the onus of removing the actual personal inform...
Chapter
In the previous chapter we analysed the impact of implementing the GDPR, and in particular the RtbF, in established IT environments and business processes. However, two advanced technological trends of our times used increasingly nowadays for storing and processing personal data, have been emerged in parallel and independently of the GDPR: the ubiq...
Chapter
The GDPR, being a legal document, follows a technology-agnostic approach so as not to bind the provisions of the law with current trends and state-of-the-art technologies in computer science and information technology. Yet, the technical challenges of aligning modern systems and processes with the GDPR provisions, and mainly with the Right to be Fo...
Chapter
The sudden outbreak of COVID-19 at the late 2019 has brought enormous hurdles globally to our everyday lives and to our society. In order to mitigate the impact of the pandemic and to control the dissemination of the coronavirus, governments worldwide have taken extreme surveillance measures which most of the times invade to individuals’ privacy an...
Chapter
Privacy in blockchains is rather complicated as it contradicts with some highly praised properties of blockchain such as immutability. Immutability is considered a cornerstone of blockchains’ security and, therefore, an indisputable property according to which transactional blockchain data cannot be edited nor deleted. However, blockchain’s immutab...
Chapter
Privacy nowadays is commonly discussed in the context of data protection. While privacy and data protection are not synonymous, they overlap to a great extent. In consequence, privacy —besides data protection—is always within the scope of contemporary data protection legislations. As both terms derive from well established fundamental human rights...
Chapter
Mobile sensing applications exploit big data to measure and assess human-behavioural modelling. However, big data profiling and automated decision practices, albeit powerful and pioneering, they are also highly unregulated and thereby unfair and intrusive. Their risk to privacy has been indeed identified as one of the biggest challenges faced by mo...
Chapter
The enforcement of the GDPR on the 25th of May 2018 has caused prolonged controversy due to the severe impact on the processing of personal data under this new regulation. Of its provisions, the most radical and controversial one is the “Right to be Forgotten” (RtbF). In simple terms, the RtbF—along with the provisions for withdrawing consent—allow...
Chapter
Modern technological advancements such as mobile ubiquitous computing and decentralized p2p networks rely on the collection, processing and sharing of vast amount of personal information which—when combined with big data and machine learning techniques—pose significant challenges to the rights of privacy and data protection. The GDPR, seeking to re...
Article
Blockchain DNS has emerged as an alternative solution to traditional DNS to address many of its inherent drawbacks. In this regard, a blockchain DNS approach is decentralised, resilient, provides high availability, and prevents censorship. Unfortunately, despite these desirable features, the major blockchain DNS solutions to date, Namecoin and Emer...
Preprint
Full-text available
Advanced persistent threats pose a significant challenge for blue teams as they apply various attacks over prolonged periods, impeding event correlation and their detection. In this work, we leverage various diverse attack scenarios to assess the efficacy of EDRs and other endpoint security solutions against detecting and preventing APTs. Our resul...
Preprint
Full-text available
Due to its critical role in cybersecurity, digital forensics has received much focus from researchers and practitioners. The ever increasing sophistication of modern cyberattacks is directly related to the complexity of evidence acquisition, which often requires the use of different technologies. To date, researchers have presented many surveys and...
Article
Programming errors in Ethereum smart contracts can result in catastrophic financial losses from stolen cryptocurrency. While vulnerability detectors can prevent vulnerable contracts from being deployed, this does not mean that such contracts will not be deployed. Once a vulnerable contract is instantiated on the blockchain and becomes the target of...
Article
Full-text available
Advanced persistent threats pose a significant challenge for blue teams as they apply various attacks over prolonged periods, impeding event correlation and their detection. In this work, we leverage various diverse attack scenarios to assess the efficacy of EDRs against detecting and preventing APTs. Our results indicate that there is still a lot...
Chapter
As the digitization of information-intensive processes gains momentum in nowadays, the concern is growing about how to deal with the ever-growing problem of cybercrime. To this end, law enforcement officials and security firms use sophisticated digital forensics techniques for analysing and investigating cybercrimes. However, multi-jurisdictional m...
Article
Full-text available
A crucial technical challenge for cybercriminals is to keep control over the potentially millions of infected devices that build up their botnets, without compromising the robustness of their attacks. A single, fixed C&C server, for example, can be trivially detected either by binary or traffic analysis and immediately sink-holed or taken-down by s...
Preprint
Full-text available
Cybercrime is continuously growing in numbers and becoming more sophisticated. Currently, there are various monetisation and money laundering methods, creating a huge, underground economy worldwide. A clear indicator of these activities is online marketplaces which allow cybercriminals to trade their stolen assets and services. While traditionally...
Preprint
The technological advance of drone technology has augmented the existing capabilities of flying vehicles rendering them a valuable asset of the modern society. As more drones are expected to occupy the airspace in the near future, security-related incidents, either malicious acts or accidents, will increase as well. The forensics analysis of a secu...
Preprint
Full-text available
With the continuous rise of malicious campaigns and the exploitation of new attack vectors, it is necessary to assess the efficacy of the defensive mechanisms used to detect them. To this end, the contribution of our work is twofold. First, it introduces a new method for obfuscating malicious code to bypass all static checks of multi-engine scanner...
Article
Nowadays, malware campaigns have reached a high level of sophistication, thanks to the use of cryptography and covert communication channels over traditional protocols and services. In this regard, a typical approach to evade botnet identification and takedown mechanisms is the use of domain fluxing through the use of Domain Generation Algorithms (...
Article
Web applications are widely used, and new ways for easier and cost-effective methods to develop them are constantly introduced. A common omission among the new development and implementation techniques when designing them is security; Node.js is no exception, as Server-Side JavaScript Injection (SSJI) attacks are possible due to the use of vulnerab...
Preprint
Full-text available
Programming errors in Ethereum smart contracts can result in catastrophic financial losses from stolen cryptocurrency. While vulnerability detectors can prevent vulnerable contracts from being deployed, this does not mean that such contracts will not be deployed. Once a vulnerable contract is instantiated on the blockchain and becomes the target of...
Preprint
Many malware campaigns use Microsoft (MS) Office documents as droppers to download and execute their malicious payload. Such campaigns often use these documents because MS Office is installed in billions of devices and that these files allow the execution of arbitrary VBA code. Recent versions of MS Office prevent the automatic execution of VBA mac...
Article
Dynamic malware analysis involves the debugging of the associated binary files and the monitoring of changes in sandboxed environments. This allows the investigator to manipulate the code execution path and environment to develop an understanding of the malware’s internal workings, aims and modus operandi. However, the malware may incorporate anti-...
Article
Full-text available
Social networks are evolving to engage their users more by providing them with more functionalities. One of the most attracting ones is streaming. Users may broadcast part of their daily lives to thousands of others world-wide and interact with them in real-time. Unfortunately, this feature is reportedly exploited for grooming. In this work, we pro...
Chapter
Full-text available
Ubiquitous computing systems are commonplace. They have opened the door to great benefits for society as a whole. However, they have to be used with care, otherwise they can cause serious risks for their users. In this chapter, we analyze the privacy risks of ubiquitous computing systems from a new individual-centred perspective based on five priva...
Chapter
Mobile devices have become an indispensable part of our daily lives. Practically, most of our everyday communication is performed through mobile devices which host third party apps and provide for various means of interaction with diverse levels of security. Android is by far the most widely used mobile operating system, with a user base in the sca...
Preprint
Full-text available
In this report, we analyse the latest campaign of Emotet that had a significant impact in several countries worldwide. We leverage the data of a specifically crafted dataset, which contains emails, documents, executables and domains from the latest campaign. The goal is to analyse the attack vector, map the infrastructure used in various stages of...
Chapter
Full-text available
During the last few years, there has been an upsurge of social media influencers who are part of the adult entertainment industry, referred to as Performers. To monetize their online presence, Performers often engage in practices which violate community guidelines of social media, such as selling subscriptions for accessing their private “premium”...
Preprint
Full-text available
During the last few years, there has been an upsurge of social media influencers who are part of the adult entertainment industry, referred to as Performers. To monetize their online presence, Performers often engage in practices which violate community guidelines of social media, such as selling subscriptions for accessing their private "premium"...
Preprint
Full-text available
A crucial technical challenge for cybercriminals is to keep control over the potentially millions of infected devices that build up their botnets, without compromising the robustness of their attacks. A single, fixed C&C server, for example, can be trivially detected either by binary or traffic analysis and immediately sink-holed or taken-down by s...
Chapter
Full-text available
Smartphone and smart devices, in general, have penetrated modern life, accompanying humans in the majority of their daily activities, realizing the era of IoT. This tight bond between mobile devices and humans has introduced numerous solutions and automation in people’s everyday living, however, it also comes with a cost, since we are more exposed...
Article
Full-text available
The current landscape of the core Internet technologies shows considerable centralisation with the big tech companies controlling the vast majority of traffic and services. This situation has sparked a wide range of decentralisation initiatives with blockchain technology being among the most prominent and successful innovations. At the same time, o...
Article
The InterPlanetary File System (IPFS) is employed extensively nowadays by many blockchain projects to store personal data off-chain to comply with the Right to be Forgotten (RtbF) requirement of the General Data Protection Regulation (GDPR), the new regulatory regime for personal data protection in the EU. In such a way, when a request for content...
Chapter
The YAKSHA project aims at reinforcing EU-ASEAN cooperation and building partnerships in cybersecurity domain by developing a solution tailored to specific national needs leveraging EU know-how and local knowledge. YAKSHA enhances cybersecurity readiness levels for its end-users, helps better prevent cyber-attacks, reduces cyber-risks and better go...
Preprint
Full-text available
As the digitization of information-intensive processes gains momentum in nowadays, the concern is growing about how to deal with the ever-growing problem of cybercrime. To this end, law enforcement officials and security firms use sophisticated digital forensics techniques for analyzing and investigating cybercrimes. However, multi-jurisdictional m...
Preprint
Full-text available
Human beings produce electronic waste (e-waste) at an unprecedented pace. Mobile phones and other inter-connected smart devices make a significant contribution to the generation of e-waste. Reverse logistics (RL) activities play an essential role in managing mobile phones during their end-of-life. However, remanufacturing and/or refurbishing of mob...
Article
Full-text available
Random number generation is critical to many applications. Gaming, gambling, and particularly cryptography all require random numbers that are uniform and unpredictable. For testing whether supposedly random sources feature particular characteristics commonly found in random sequences, batteries of statistical tests are used. These are fundamental...
Preprint
Full-text available
Social networks are evolving to engage their users more by providing them with more functionalities. One of the most attracting ones is streaming. Users may broadcast part of their daily lives to thousands of others world-wide and interact with them in real-time. Unfortunately, this feature is reportedly exploited for grooming. In this work, we pro...
Article
Full-text available
Recent advances in telecommunications and database systems have allowed the scientific community to efficiently mine vast amounts of information worldwide and to extract new knowledge by discovering hidden patterns and correlations. Nevertheless, all this shared information can be used to invade the privacy of individuals through the use of fusion...
Article
Full-text available
The widespread adoption of the new generation of decentralised architectures, leveraged by blockchain and decentralised file storage (DFS) systems, enables a myriad of new applications and opportunities. Nevertheless, their remarkable features, namely auditability, availability and, among all, immutability, do not come without a cost. In this artic...
Preprint
Full-text available
Nowadays, malware campaigns have reached a high level of sophistication, thanks to the use of cryptography and covert communication channels over traditional protocols and services. In this regard, a typical approach to evade botnet identification and takedown mechanisms is the use of domain fluxing through the use of Domain Generation Algorithms (...
Preprint
Full-text available
The current landscape of the core Internet technologies shows considerable centralisation with the big tech companies controlling the vast majority of traffic and services. This has sparked a wide range of decentralisation initiatives with perhaps the most profound and successful being the blockchain technology. In the past years, a core Internet i...
Article
Full-text available
Modern malware can take various forms, and has reached a very high level of sophistication in terms of its penetration, persistence, communication and hiding capabilities. The use of cryptography, and of covert communication channels over public and widely used protocols and services, is becoming a norm. In this work, we start by introducing Resou...
Article
Full-text available
Blockchain's evolution during the past decade is astonishing: from bitcoin to over 2.000 altcoins, and from decentralised electronic payments to transactions programmable by smart contracts and complex tokens governed by decentralised organisations. While the new generation of blockchain applications is still evolving, blockchain's technical charac...
Article
Information overload is a phenomenon of our days due to the unprecedented penetration of information and communication technologies (ICT) in our daily lives. As a result, people often end up with more options than they can process to choose from and therefore may opt for choices which do not fit best to their preferences. To address these issues, r...
Article
The amount of available information is growing steadily and, as a result, Internet users benefit from recommender systems, which help them find information, services and products that best fit their needs. A common technique used in recommender systems is Collaborative Filtering, which is based on users’ collaboration to make recommendations. Howev...
Preprint
Full-text available
There is a continuous increase in the sophistication that modern malware exercise in order to bypass the deployed security mechanisms. A typical approach to evade the identification and potential takedown of a botnet command and control server is domain fluxing through the use of Domain Generation Algorithms (DGAs). These algorithms produce a vast...
Article
Full-text available
As the vehicles are gradually transformed into the connected-vehicles, standard features of the past (i.e., immobilizer, keyless entry, self-diagnostics) were neglected to be software updated and hardware upgraded so they do not “align” with the cyber-security demands of the new ICT era (IoT, Industry 4.0, IPv6, sensor technology) we have stepped i...
Article
There is a continuous increase in the sophistication that modern malware exercise in order to bypass the deployed security mechanisms. A typical approach to evade the identification and potential take down of a botnet command and control server is domain fluxing through the use of Domain Generation Algorithms (DGAs). These algorithms produce a vast...
Conference Paper
Full-text available
Vendor-managed inventory (VMI) is a commonly used collaborative inventory management policy in which man-ufacturers/vendors manage the inventory of retailers and take responsibility for making decisions related to the timing and extent of inventory replenishment. Several prerequisites exist for successfully implementing a VMI strategy like informat...
Chapter
Full-text available
The continuous decrease in the price of Unmanned Aerial Vehicles (UAVs), more commonly known as drones, has pushed their adoption from military-oriented to a wide range of civilian and business applications. Nevertheless, the many features that they offer have started being maliciously exploited. The latter coupled with the fact that accidents or m...
Preprint
Full-text available
Blockchain's evolution during the past decade is astonishing: from bitcoin to over 2.000 altcoins, and from decentralised electronic payments to transactions programmable by smart contracts and complex tokens governed by decentralised organisations. While the new generation of blockchain applications is still evolving, blockchain's technical charac...
Article
The continuous and increasing use of social media has enabled the expression of human thoughts, opinions, and everyday actions publicly at an unprecedented scale. We present the Vent dataset, the largest annotated dataset of text, emotions, and social connections to date. It comprises more than 33 millions of posts by nearly a million users togethe...
Preprint
Full-text available
Modern malware can take various forms, and has reached a very high level of sophistication in terms of its penetration, persistence, communication and hiding capabilities. The use of cryptography, and of covert communication channels over public and widely used protocols and services, is becoming a norm. In this work, we start by introducing Resour...
Preprint
Full-text available
As the size and source of network traffic increase, so does the challenge of monitoring and analysing network traffic. Therefore, sampling algorithms are often used to alleviate these scalability issues. However, the use of high entropy data streams, through the use of either encryption or compression, further compounds the challenge as current sta...
Conference Paper
Full-text available
Identifying the optimal granularity level of traceable units is necessary when implementing traceability, particularly in food supply chains. In this paper we propose a generic framework for defining granularity levels based on product's unique characteristics, supply chain processes and stakeholders engagement. We determine different levels of gra...