Sokratis K. KatsikasNorwegian University of Science and Technology | NTNU · Department of Information Security and Communication Technology
Sokratis K. Katsikas
Ph.d. in Computer Engineering & Informatics, University of Patras, Patras, Greece; MSc in Electrical & Computer Engineering, University of Massachusetts at Amherst, USA; Dipl. Eng. in Electrical Engineering, University of Patras, Patras, Greece
About
355
Publications
79,750
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
4,149
Citations
Introduction
Sokratis K. Katsikas is the Director of the Norwegian Center for Cybersecurity in Critical Sectors and Professor with the Dept. of Information Security and Communication Technology of the Norwegian University of Science and Technology (NTNU). His research activity has resulted in more than 300 published books; book chapters; journal papers; and papers in conference proceedings. He has led or participated in more than 60 funded national and international R&D projects.
Additional affiliations
October 2015 - September 2018
March 1990 - May 2007
September 2006 - January 2016
Publications
Publications (355)
Real‐time, lightweight, adaptive time series anomaly detection is increasingly critical in cybersecurity, industrial control, finance, healthcare, and many other domains due to its capability to promptly process time series and detect anomalies without requiring extensive computation resources. While numerous anomaly detection approaches have emerg...
The digitalisation of the world is a global trend affecting many industries, including the maritime transport sector. Electronic navigational equipment aboard modern ships has undoubtedly decreased naval accidents, but these devices may suffer from cybersecurity vulnerabilities. One such vector is its reliance on a great number of protocols for com...
The global trend of progressive digitalisation of the world is affecting many industries, including the maritime transport sector. Electronic navigation equipment used on board modern ships has undoubtedly decreased naval accidents over the years, but these devices may suffer from cyber security vulnerabilities.
The Automatic Identification System...
The world is shifting towards increased digitalisation, severely impacting critical infrastructure like maritime transportation. Electronic navigation equipment—such as echo sounders, sonars, anemometers, gyrocompasses, autopilot systems, GPS receivers, and many other instruments—used on modern ships has undoubtedly decreased naval accidents over t...
This research delves into the consolidation of Digital Twin and cyber deception technologies and explores their potential synergy for advancing cybersecurity processes. The study begins with a literature survey and market analysis, revealing a scarcity of mature scientific and commercial contributions in this domain. Most discussions remain theoret...
The evolution of authentication mechanisms in ensuring secure access to systems has been crucial for mitigating vulnerabilities and enhancing system security. However, despite advancements in two-factor authentication (2FA) and multi-factor authentication (MFA), authentication mechanisms remain weak in system security , particularly when individual...
Real-time lightweight time series anomaly detection has become increasingly crucial in cybersecurity and many other domains. Its ability to adapt to unforeseen pattern changes and swiftly identify anomalies enables prompt responses and critical decision-making. While several such anomaly detection approaches have been introduced in recent years, th...
Industry 5.0 and smart grid technologies are mutually dependent and synergistic. They complement each other by leveraging advanced digital capabilities to enhance energy efficiency, integrate renewable energy sources, and improve the resilience and reliability of industrial operations and electricity distribution systems. With the mounting threat o...
Gait anomaly detection is a task that involves detecting deviations from a person's normal gait pattern. These deviations can indicate health issues and medical conditions in the healthcare domain, or fraudulent impersonation and unauthorized identity access in the security domain. A number of gait anomaly detection approaches have been introduced,...
This two-volume set LNCS 14398 and LNCS 14399 constitutes the refereed proceedings of eleven International Workshops which were held in conjunction with the 28th European Symposium on Research in Computer Security, ESORICS 2023, in The Hague, The Netherlands, during September 25-29, 2023.
The 22 regular papers included in these proceedings stem fro...
The maritime industry is undergoing a digital transformation, with an increasing integration of Information Technology (IT) and Operational Technology (OT) systems on modern vessels. Its multiple benefits notwithstanding, this transformation brings with it increased cybersecurity risks, that need to be identified, assessed, and managed. Although se...
In the era of digital transformation and automation, cybersecurity has become a critical concern in various sectors, including dairy farming. As dairy farms increasingly adopt cyber-physical systems, understanding and mitigating relevant cyber threats is paramount. This work identifies typical cyber-physical systems in a dairy farm and their interc...
Purpose
This paper aims to discuss the ethical aspects of hardware reverse engineering (HRE) and propose an ethical framework for HRE when used to mitigate cyber risks of the digital supply chain of critical infrastructure operators.
Design/methodology/approach
A thorough review and analysis of existing relevant literature was performed to establi...
The proliferation of information and communication technologies in enterprises enables them to develop new business models and enhance their operational and commercial activities. Nevertheless, this practice also introduces new cybersecurity risks and vulnerabilities. This may not be an issue for large organizations with the resources and mature cy...
Information security policies are formalized rules and regulations that employees should follow to avoid unwanted cyber incidents. This paper reports on the findings of a survey among personnel employed in the Norwegian industrial sector. The survey measured how the respondents self-assess their risky behavior and cognitive awareness regarding the...
This paper extends and advances our recently introduced two-factor Honeytoken authentication method by incorporating blockchain technology. This novel approach strengthens the authentication method to prevent many attacks including tampering attacks. Evaluation results show that integrating blockchain into the Honeytoken method could improve perfor...
Purpose
Cybersecurity attacks on critical infrastructures, businesses and nations are rising and have reached the interest of mainstream media and the public’s consciousness. Despite this increased awareness, humans are still considered the weakest link in the defense against an unknown attacker. Whatever the reason, naïve-, unintentional- or inten...
To a large extent, modeling Cyber-Physical systems (CPSs) and interdependency analysis collaborate in the security enhancement of CPSs and form the basis of various research domains such as risk propagation, attack path analysis, reliability analysis, robustness evaluation, and fault identification. Interdependency analysis as well as modeling of i...
Machine learning and Artificial Intelligence (AI) already support human decision-making and complement professional roles, and are expected in the future to be sufficiently trusted to make autonomous decisions. To trust AI systems with such tasks, a high degree of confidence in their behaviour is needed. However, such systems can make drastically d...
Situation awareness is shown through human factors research to be a valuable construct to understand and improve how humans perform while operating complex systems in critical environments. Within cyber security one such environment is the Security Operations Center (SOC). With the increasing threat of hybrid warfare, knowledge about situation awar...
Autonomous transport receives increasing attention, with research and development activities already providing prototype implementations. In this article, we focus on Autonomous Passenger Ships (APS), which are being considered as a solution for passenger transport across urban waterways. The ambition of the authors has been to examine the safety a...
National or international maritime authorities are used to handle requests for licenses for all kinds of marine activities. These licenses constitute authorizations limited in time and space, but there is no technical security service to check for the authorization of a wide range of marine assets. We have noted secure AIS solutions suitable for mo...
The security of the communication systems, digital services and functionalities of Critical Infrastructures (CI) is more important now than ever. Many of today's energy providing infrastructures such as Smart Grids and Nuclear Power Plants rely on digitalized Industrial Control Systems. This, while facilitating data exchange and regular functions,...
Secure digital wireless communication underwater has become a key issue as maritime operations shift towards employing a heterogeneous mix of robotic assets and as the security of digital systems becomes challenged across all domains. At the same time, a proliferation of underwater signal coding and physical layer options are delivering greater ban...
A cyber-physical attack is a security breach in cyber space that impacts on the physical environment. The number and diversity of such attacks against Cyber-Physical Systems (CPSs) are increasing at impressive rates. In times of Industry 4.0 and Cyber-Physical Systems, providing security against cyber-physical attacks is a serious challenge which c...
The automatic identification system (AIS), despite its importance in worldwide navigation at sea, does not provide any defence mechanisms against deliberate misuse, e.g., by sea pirates, terrorists, business adversaries, or smugglers. Previous work has proposed an international maritime identity-based cryptographic infrastructure (mIBC) as the foun...
Cyber-Physical Systems (CPSs) engineering profoundly relies on modeling methods to represent the system and study the operation and cybersecurity of CPSs. The operation of a CPS is the result of the collaboration between Information Technology (IT) and Operational Technology (OT) components. While OT focuses on the system’s process physics, the emp...
Cybersecurity awareness (CSA) is not just about knowing, but also transforming things learned into practice. It is a continuous process that needs to be adjusted in subsequent iterations to improve its usability as well as sustainability. This is possible only if a CSA program is reviewed and evaluated timely. Review and evaluation of an awareness...
Several disruptive attacks against companies in the maritime industry have led experts to consider the increased risk imposed by cyber threats as a major obstacle to undergoing digitization. The industry is heading toward increased automation and connectivity, leading to reduced human involvement in the different navigational functions and increase...
Several disruptive attacks against companies in the maritime industry have led experts to consider the increased risk imposed by cyber threats as a major obstacle to undergoing digitization. The industry is heading toward increased automation and connectivity, leading to reduced human involvement in the different navigational functions and increase...
The e-navigation concept was introduced by the IMO to enhance berth-to-berth navigation towards enhancing environmental protection, and safety and security at sea by leveraging technological advancements. Even though a number of e-navigation testbeds including some recognized by the IALA exist, they pertain to parts only of the Integrated Navigatio...
This chapter presents an implementation of a cybersecurity education program. The program aims to address some issues identified in current cybersecurity teaching in higher education on a European level, like the fragmentation of cybersecurity expertise or resource shortage, resulting in few higher education institutions to offer full degree progra...
This volume constitutes selected papers presented at the Second International Symposium on Emerging Information Security and Applications, EISA 2021, held in Copenhagen, Denmark, in November 2021.*
The 10 full papers and 1 short paper presented in this volume were thoroughly reviewed and selected from the 36 submissions. They present a discussion...
The increasing integration of information technology with operational technology leads to the formation of Cyber-Physical Systems (CPSs) that intertwine physical and cyber components and connect to each other. This interconnection enables the offering of functionality beyond the combined offering of each individual component, but at the same time i...
Aim: The paper proposes a novel risk assessment method ology for complex cyber-physical systems: The proposed method ology may assist risk assessors to: (a) assess the risks deriving from cyber and physical interactions among cyber-physical components; and (b) prioritize the control selection process for mitigating these risks. Methods: To achieve...
In recent times, security and safety are, at least, conducted in safety-sensitive or critical sectors. Nevertheless, both processes do not commonly analyze the impact of security risks on safety. Several scholars are focused on integrating safety and security risk assessments, using different methodologies and tools in critical infrastructures (CIs...
Insiders might have incentives and objectives opposed to those of the belonging organization. It is hard to detect them because of their privileges that partially protect them. In Wireless Sensor Networks (WSNs), significant security issues arise, including compromised nodes by insiders that disrupt the normal network operation. Immediate defensive...
Today, cybersecurity training is commonplace in both large companies and Small & Medium Enterprise (SME). Nonetheless, the effectiveness of many of the current training offerings is put into question by reports of increasing successful cyber-attacks. While a number of models for developing Cybersecurity (CS) training frameworks for industrial perso...
Autonomous transport receives increasing attention, with research and development activities already providing prototype implementations. In this article, we focus on Autonomous Passenger Ships (APSs), which are under investigation as a solution for passenger transport across urban waterways. The ambition of the authors has been to examine the safe...
The technological leap of smart technologies and the Internet of Things has advanced the conventional model of the electrical power and energy systems into a new digital era, widely known as the Smart Grid. The advent of Smart Grids provides multiple benefits, such as self-monitoring, self-healing and pervasive control. However, it also raises cruc...
Novel innovations have been witnessed in the past few years in the field of technology for autonomous vehicles. These have been exploited in various applications in the maritime domain; one such application is the proposal to develop autonomous passenger ships (APS) or ferries for carrying passengers in urban waterways. Such technology requires the...
The increasingly witnessed integration of information technology with operational technology leads to the formation of Cyber-Physical Systems (CPSs) that intertwine physical and cyber components and connect to each other to form systems-of-systems. This interconnection enables the offering of functionality beyond the combined offering of each indiv...
Contemporary Critical Infrastructures (CIs), such as the power grid, comprise cyber physical systems that are tightly coupled, to form a complex system of interconnected components with interacting dependencies. Modelling methodologies have been suggested as proper tools to provide better insight into the dependencies and behavioural characteristic...
The reporting of incidents of misconduct, violence, sexual assault, harassment, and other types of crime that constitute a major concern in modern society is of significant value when investigating such incidents. Unfortunately, people involved in such incidents, either as witnesses or victims, are often reluctant to report them when such reporting...
Reliability, Availability, Maintainability, and Safety/Security (RAMS) analysis of Critical Infrastructures (CIs) can be applied to investigate their performance subjected to failure modes. The literature has witnessed earlier research approaches to RAM analysis. However, the integration of cybersecurity or safety aspects, along with the RAM to dev...
The modern day society driven by a variety of electronic devices and high-speed internet is changing its perception and practice of paper currency, mode of economic and financial transactions, and so on. The usage of cash is increasingly reducing because of the ease of payments facilitated by cards, mobile phone apps and contact-less chips, online...
The Internet of Things (IoT) has changed the traditional computing models. While it has enabled multiple new computing applications, it has also raised significant issues regarding security and privacy. We are gradually shifting to using extended computing architectures, the nodes of which may be lightweight devices limited in hardware resources, s...
This book constitutes the proceedings of the 24rd International Conference on Information Security, ISC 2021, held virtually, in November 2021.
The 21 full papers presented in this volume were carefully reviewed and selected from 87 submissions. The papers categorized into the following topical subheadings: cryptology; web and OS security; network...
Authenticating a user the correct way is paramount to IT systems, where the risk is growing more and more in number and complexity. This is specially important in mobile phones, where a number of applications require continuous device authentication following the Point-of-Entry user authentication. Existing common approach in systems that require s...
The identification and analysis of potential paths that an adversary may exploit to attack Cyber Physical Systems comprising sub-systems enables the comprehensive understanding of the attacks and the impact that may have to the overall system, thus facilitating the definition of appropriate countermeasures that will satisfy the pertinent security r...
Electronic health record (EHR) management systems require the adoption of effective technologies when health information is being exchanged. Current management approaches often face risks that may expose medical record storage solutions to common security attack vectors. However, healthcare-oriented blockchain solutions can provide a decentralized,...
Electronic health record (EHR) management systems require the adoption of effective technologies when health information is being exchanged. Current management approaches often face risks that may expose medical record storage solutions to common security attack vectors. However, healthcare-oriented blockchain solutions can provide a decentralized,...
One aspect of the digital transformation process in the shipping industry, a process often referred to as Shipping 4.0, is the increased digitization of on board systems that goes along with increased automation in and autonomy of the vessel. This is happening by integrating Information Technology with Operation Technology systems that results in C...
The Domain Name System (DNS) was created to resolve the IP addresses of the web servers to easily remembered names. When it was initially created, security was not a major concern; nowadays, this lack of inherent security and trust has exposed the global DNS infrastructure to malicious actors. The passive DNS data collection process creates a datab...
The Domain Name System (DNS) was created to resolve the IP addresses of web servers to easily remembered names. When it was initially created, security was not a major concern; nowadays, this lack of inherent security and trust has exposed the global DNS infrastructure to malicious actors. The passive DNS data collection process creates a database...
This editorial gives an overview of the papers included in the Special Issue on “Security, Privacy, and Trustworthiness of Sensor Networks and Internet of Things” of Sensors. The context of the special issue theme is first briefly described. This is then followed by an outline of each paper that provides information on the problem addressed; the pr...
The Automatic Identification System (AIS) offers automatic traffic control and collision avoidance services to the maritime transportation sector worldwide. Because AIS lacks security mechanisms, it is vulnerable to misuse and exploitation by unlawful adversaries (e.g. sea-pirates, terrorists, smugglers). To address the security issues of the AIS,...
The problem of identifying critical components in large scale networked Cyber-Physical Systems comes up as an underlying issue when attempting to enhance the efficiency, the safety and the security of such systems. Graph theory is one of the well-studied methods that are often used to model complex systems and to facilitate the analysis of network-...
Safeguarding both safety and cybersecurity is paramount to the smooth and trustworthy operation of contemporary cyber physical systems, many of which support critical functions and services. As safety and security have been known to be interdependent, they need to be jointly considered in such systems. As a result, various approaches have been prop...
There is intense activity of the maritime industry towards making remotely controlled and autonomous ships sail in the near future; this activity constitutes the instantiation of the Industry 4.0 process in the maritime industry. Yet, a reference model of the architecture of such vessels that will facilitate the “shipping 4.0” process has not yet b...
The Cyber-Enabled Ship (C-ES) is either an autonomous or a remotely controlled vessel which relies on interconnected cyber physical-systems (CPS) for its operations. Such systems are not well protected against cyber attacks. Considering the criticality of the functions that such systems provide, it is important to address their security challenges,...
Recent innovations in the smart city domain include new autonomous transportation solutions such as buses and cars, while Autonomous Passenger Ships (APS) are being considered for carrying passengers across urban waterways. APS integrate several interconnected systems and services that are required to communicate in a reliable manner to provide saf...