Vassilis Prevelakis (vp)
SHARCS: Secure Hardware-Software Architectures for Robust Computing Systems:
This project is funded under the EU H2020-ICT-2014-1 call. SHARCS
is a framework for designing, building and demonstrating
secure-by-design applications and services, that achieve end-to-end
security for their users. SHARCS will achieve this by systematically
analyzing and extending, as necessary, the hardware and software layers
in a computing system.
(Duration April 2015 - March 2018, amount: € 3,105,763)
Controlling Current Change: Security and Integrity Project:
The Research Unit ``Controlling
Concurrent Change (CCC)''
examines the challenges the independent software updates will face due
to an increasingly openly interconnected future, and how these challenges
can be met. The Research Unit
will therefore look for ways of how to control the variety of updates
of different software applications without side effects, and how to make
computer platforms more robust to ensure proper functioning of different
Within the overall framework of CCC, the Security and Integrity Project looks at flexible security policy enforcement mechanisms that can ensure that misbehaving components cannot interfere adversely with the overall system of the execution of other components.
CCC is funded by the Deutsche Forschungsgemeinschaft (German Research Foundation) for 6 years (after the initial 3 year period, the project was awarded a second 3 year period).
(Duration April 2013 - March 2019).
ForToo (Forensics Tools Against Illegal Use of the Internet):
The project, which is funded by the European Union DG for Home
Affairs, aims to develop digital forensics tools that will identify,
analyze and visualize illegal activities on the Internet. The
objectives of this project are: (a) to design and prototype a toolkit
that will detect illegal activities both proactively and after-the-fact,
(b) to identify the source and perpetrators of the illegal activities,
both in terms of virtual/network and, as much as possible, physical
location, (c) to profile the expertise and motive of the attackers,
(d) to present the relevant information in a way that will be usable
by investigating authorities, and (e) to maximize the impact of the
project through aggressive and effective dissemination of the
(Duration June 2011 - May 2014, amount: € 750,000)
Home Area Network Gateway Architecture - I was PI for
this NSF project whose key objective was to investigate technologies and
methodologies with which the home network can be protected, and enrich the
computer science curriculum with security-focused experimental computer
(Duration July 2002 - June 2008, amount $ 367,393).
CHATS/CoSAK (DARPA) - I was CoPI in the
Code Security Analysis Kit
project whose objective was to provide the open source developers with tools
to allow them to produce code that is more robust and secure. This was achieved
via the CoSAK framework for code analysis and constraint enforcement. CoSAK
may be used to protect systems from code that strays outside its operational limits.
(Duration July 2001 - Oct. 2003, amount $ 622,873).
``LS-ARP: a lightweight and secure ARP,''
Vassilis Prevelakis, and Wael Adi,
Seventh IEEE International Conference on Emerging Security Technologies - EST 2017
Canterbury, Kent, UK, Sep. 2017.
Best Paper Award
``Chaining Trusted Links by Deploying Secured Physical Identities,'' Saleh Mulhem, Wael Adi, Ayoub Mars, and Vassilis Prevelakis, Seventh IEEE International Conference on Emerging Security Technologies - EST 2017 Canterbury, Kent, UK, Sep. 2017
``Library-Level Policy Enforcement,'' Marinos Tsantekidis, Vassilis Prevelakis, The Eleventh International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2017), September 10-14, 2017 - Rome, Italy.
``Using Ciphers for Failure-Recovery in ITS Systems,'' Mustafa Ayoob, Wael Adi, and Vassilis Prevelakis, Proceedings of the 12th International Conference on Availability, Reliability and Security, Reggio Calabria, Italy, 2017, ACM DOI: 10.1145/3098954.3103168
`` Towards Comprehensive Threat Modeling for Vehicles,'' Mohammad Hamad, Marcus Nolte, Vassilis Prevelakis, 1st Workshop on Security and Dependability of Critical Embedded Real-Time Systems (CERTS 2016), Nov 2016.
``A communication framework for distributed access control in microkernel-based systems,'' Mohammad Hamad, Johannes Schlatow, Vassilis Prevelakis, Rolf Ernst. Proceedings of the 12th annual workshop on Operating Systems Platforms for Embedded Real-Time applications July 5, 2016. Toulouse, France.
``Controlling Change via Policy Contracts,'' Vassilis Prevelakis and Mohammad Hamad. In Proceedings of the Internet of Things Software Update Workshop (IoTSU 2016). Dublin, Ireland, June 2016.
``SHARCS - Secure Hardware-Software Architectures for Robust Computing Systems,'' Elias Athanasopoulos, Martin Boehner, Sotiris Ioannidis, Cristiano Giurida, Dmitry Pidan, Vassilis Prevelakis, Ioannis Sourdis, Christos Strydis, John Thomson. Proceedings of the 6th International Conference on e-Democracy, Athens, 10-11 December 2015.
``Implementation and Performance Evaluation of IPsec in Microkernel OS'', Prevelakis, V., and Hammad, M., Proceedings of the Symposium On Computer Networks and Information Security (WSCNIS) 2015, Hammamet, Tunisia, 19-21 September 2015. IEEE DOI: 10.1109/WSCNIS.2015.7368294
``Extending the Operational Envelope of Applications,'' Prevelakis, V., and Hammad, M., Proceedings of the Conference on Trust and Trustworthy Computing (TRUST) 2015, Heraklion, Crete, 24-26 Aug. 2015.
``A Policy-Based Communications Architecture for Vehicles,'' Prevelakis, V., and Hammad, M., proceedings of the 2015 International Conference on Information Systems Security and Privacy, Angers, France, 9-11 February 2015.
``Privacy Risks from Public Data Sources,'' Tzermias, Z., Prevelakis, V., and Ioannidis, S. SEC 2014, IFIP AICT 428, pp. 156-168, IFIP International Federation for Information Processing (2014).
``On the Development of Automated Forensic Analysis Methods for Mobile Devices,'' Panagiotis Andriotis, Theo Tryfonas, George Oikonomou, Shancang Li, Zacharias Tzermias, Konstantinos Xynos, Huw Read, and Vassilis Prevelakis, 7th International Conference on Trust & Trustworthy Computing June 30 - July 2, 2014 - Hersonissos, Crete, Greece.
``On The General Applicability of Instruction-Set Randomization,'' Angelos Keromytis, Vassilis Prevelakis, Gaurav S. Kc, Michael E. Locasto, IEEE Transactions on Dependable and Secure Computing, 7(3), July - September 2010. (ISI impact factor 2.133).
``A Market-based Bandwidth Charging Framework,'' David Michael Turner, Vassilis Prevelakis, and Angelos D. Keromytis. ACM Transactions on Internet Technology (ToIT), 10(1), pp. 1 - 30, February 2010.
``Decentralized Access Control in Networked File Systems,'' Stefan Miltchev, Jonathan M. Smith, Vassilis Prevelakis, Angelos D. Keromytis, and Sotiris Ioannidis. ACM Computing Surveys, 40(3), pp. 10:1 - 10:30, August 2008.
``How to buy a network: Towards an economically sustainable interconnection of optical networks,'' Jukan, A. Prevelakis, V. Altmann, J.; 2007 First International Symposium on Advanced Networks and Telecommunication Systems, 17-18 Dec. 2007, Mumbai, India.
``The Athens Affair,'' Vassilis Prevelakis, Diomidis Spinellis, IEEE Spectrum, 44(7), pp. 26-33, July 2007.
``Supporting a Security Laboratory,'' Vassilis Prevelakis, USENIX ;login: Magazine, June 2007, Volume 32, Number 3.
``Bridging the Network Reservation Gap Using Overlays,'' Angelos Stavrou, David Turner, Angelos D. Keromytis, and Vassilis Prevelakis. In Proceedings of the 1st Workshop on Information Assurance for Middleware Communications (IAMCOM). January 2007, Bangalore, India.
``How to Buy a Network: Trading of Resources in the Physical Layer,'' Vassilis Prevelakis, Admela Jukan, IEEE Communications Magazine, special feature topic on "Advances in Control and Management of Connection-Oriented Networks," December 2006. (ISI impact factor 1.946).
``Preserving TCP Connections Across Host Address Changes,'' Vassilis Prevelakis and Sotiris Ioannidis, Information Security Conference, 2006.
``Base Line Performance Measurements of Access Controls For Libraries and Modules.'' Jason W Kim and Vassilis Prevelakis, Proceedings of the 2nd IEEE International Workshop on Security in Systems and Networks (SSN2006) Rhode Island, Greece, April 2006.
``The Virtual Firewall,'' Vassilis Prevelakis, USENIX ;login: Magazine, December 2005, Volume 30, Number 6.
``The Bandwidth Exchange Architecture,'' David Michael Turner, Vassilis Prevelakis, and Angelos D. Keromytis. Presented at the Tenth IEEE Symposium on Computers and Communications (ISCC 2005), June 27-30, 2005, La Manga del Mar Menor, Cartagena, Spain.
Presentation Slides (in PDF).
Ethernet Speaker System,'' David Michael Turner and
Vassilis Prevelakis. Presented at the FREENIX Track of the
USENIX 2005 Conference, April 10-15, 2005, Anaheim, CA.
More information on the Ethernet Speaker
Stream Redirector for the Ethernet Speaker,'' Ishan Mandrekar,
Vassilis Prevelakis and David Michael Turner,
Campus-Wide Information Systems Journal, Vol 21 No. 5, 2005, pp. 211-216.
``Dealing with System Monocultures,'' Angelos D. Keromytis, and Vassilis Prevelakis. Proceedings of the NATO Information Systems Technology Symposium on Adaptive Defence in Unclasssified Networks, April 2004, Toulouse, France.
Code-Injection Attacks With Instruction-Set Randomization,''
Gaurav S. Kc, Angelos D. Keromytis, and Vassilis Prevelakis.
Proceedings of the 10th ACM Conference on Computer
and Communications Security (CCS), pp. 272-280. October 2003, Washington, DC.
the Security Vulnerability Likelihood of Software Functions,''
by D. DaCosta, C. Dahn, S. Mancoridis, V. Prevelakis. IEEE Proceedings
of the 2003 International Conference on Software Maintenance (ICSM'03),
Amsterdam, The Netherlands, September, 2003.
``Demonstration of COSAK static analysis tools,''
D. DaCosta, C. Dahn, S. Mancoridis, V. Prevelakis.
Proceedings of the DARPA Information Survivability Conference and Exposition,
April 2003, Vol 2, Pages 7-9.
and Flexible Global File Sharing,'' Stefan Miltchev, Vassilis
Prevelakis, Sotiris Ioannidis, John Ioannidis, Angelos D. Keromytis,
and Jonathan M. Smith, Proceedings of the USENIX
Annual Technical Conference, Freenix Track. June 2003, San Antonio, TX.
A previous version of this paper is available as
University of Pennsylvania Technical Report MS-CIS-01-23
An Administrator-Free Approach To Web File-Sharing,'' Alexander
Levine, Vassilis Prevelakis, John Ioannidis, Sotiris Ioannidis, and
Angelos D. Keromytis. In Proceedings of the IEEE International
Workshops on Enabling Technologies: Infrastructure for Collaborative
Enterprises (WETICE), Workshop on Distributed and Mobile Collaboration.
June 2003, Linz, Austria.
for Distributed and Portable Computing Elements,'' V.Prevelakis,
Angelos Keromytis, Journal of Internet Research, Volume 13 Issue 2,
MCB Press, 2003.
an Embedded Firewall/VPN Gateway,'' Vassilis Prevelakis,
Angelos Keromytis, Proceedings of the International Network Conference
2002, Plymouth, UK.
Best Paper Award
A previous version of this paper is available as University of Pennsylvania Technical Report Number MS-CIS-00-21.
Paying and Getting Paid for File Storage,'' John Ioannidis,
Sotiris Ioannidis, Angelos Keromytis, and Vassilis Prevelakis,
Proceedings Financial Cryptography 2002.
Sandboxing Applications which was presented at FreeNIX'01.
Paper Presented at the 8th Usenix Security Symposium:
A Secure Station for Network Monitoring and Control
Paper on Perspectives and the WWW: Managing Large WWW Sites