Dimitrios Papamartzivanos scite author profile

The intrusion detection systems (IDSs) are essential elements when it comes to the protection of an ICT infrastructure. A misuse IDS is a stable method that can achieve high attack detection rates (ADR) while keeping false alarm rates under acceptable levels. However, the misuse IDSs suffer from the lack of agility, as they are unqualified to adapt to new and ''unknown'' environments. That is, such an IDS puts the security administrator into an intensive engineering task for keeping the IDS up-to-date every time it faces efficiency drops. Considering the extended size of modern networks and the complexity of big network traffic data, the problem exceeds the substantial limits of human managing capabilities. In this regard, we propose a novel methodology which combines the benefits of self-taught learning and MAPE-K frameworks to deliver a scalable, self-adaptive, and autonomous misuse IDS. Our methodology enables the misuse IDS to sustain high ADR, even if it is imposed on consecutive and drastic environmental changes. Through the utilization of deep-learning based methods, the IDS is able to grasp an attack's nature based on the generalized feature reconstructions stemming directly from the unknown environment and its unlabeled data. The experimental results reveal that our methodology can breathe new life into the IDS without the constant need for manually refreshing its training set. We evaluate our proposal under several classification metrics and demonstrate that the ADR of the IDS increases up to 73.37% in critical situations where a statically trained IDS is rendered totally ineffective.

show abstract

Optimal Countermeasures Selection Against Cyber Attacks: A Comprehensive Survey on Reaction Frameworks

Nespoli

Papamartzivanos

Mármol

et al. 2018

IEEE Commun. Surv. Tutorials

View full text Add to dashboard Cite

Introducing touchstroke: keystroke‐based authentication system for smartphones

Kambourakis

Damopoulos

Papamartzivanos

et al. 2014

Security Comm Networks

View full text Add to dashboard Cite

Keystroke dynamics is a well‐investigated behavioural biometric based on the way and rhythm in which someone interacts with a keyboard or keypad when typing characters. This paper explores the potential of this modality but for touchscreen‐equipped smartphones. The main research question posed is whether ‘touchstroking’ can be effective in building the biometric profile of a user, in terms of typing pattern, for future authentication. To reach this goal, we implemented a touchstroke system in the Android platform and executed different scenarios under disparate methodologies to estimate its effectiveness in authenticating the end‐user. Apart from typical classification features used in legacy keystroke systems, we introduce two novel ones, namely, speed and distance. From the experiments, it can be argued that touchstroke dynamics can be quite competitive, at least when compared to similar results obtained from keystroke evaluation studies. As far as we are aware of, this is the first time this newly arisen behavioural trait is put into focus. Copyright © 2014 John Wiley & Sons, Ltd.

show abstract

Dendron : Genetic trees driven rule induction for network intrusion detection systems

Papamartzivanos

Mármol

Kambourakis

2018

Future Generation Computer Systems

View full text Add to dashboard Cite

Screening Out Social Bots Interference: Are There Any Silver Bullets?

et al. 2019

View full text Add to dashboard Cite

Battling Against DDoS in SIP - Is Machine Learning-based Detection an Effective Weapon?

Tsiatsikas

Fakis

Papamartzivanos

et al. 2015

View full text Add to dashboard Cite

A Perfect Match: Converging and Automating Privacy and Security Impact Assessment On-the-Fly

et al. 2021

View full text Add to dashboard Cite

As the upsurge of information and communication technologies has become the foundation of all modern application domains, fueled by the unprecedented amount of data being processed and exchanged, besides security concerns, there are also pressing privacy considerations that come into play. Compounding this issue, there is currently a documented gap between the cybersecurity and privacy risk assessment (RA) avenues, which are treated as distinct management processes and capitalise on rather rigid and make-like approaches. In this paper, we aim to combine the best of both worlds by proposing the APSIA (Automated Privacy and Security Impact Assessment) methodology, which stands for Automated Privacy and Security Impact Assessment. APSIA is powered by the use of interdependency graph models and data processing flows used to create a digital reflection of the cyber-physical environment of an organisation. Along with this model, we present a novel and extensible privacy risk scoring system for quantifying the privacy impact triggered by the identified vulnerabilities of the ICT infrastructure of an organisation. We provide a prototype implementation and demonstrate its applicability and efficacy through a specific case study in the context of a heavily regulated sector (i.e., assistive healthcare domain) where strict security and privacy considerations are not only expected but mandated so as to better showcase the beneficial characteristics of APSIA. Our approach can complement any existing security-based RA tool and provide the means to conduct an enhanced, dynamic and generic assessment as an integral part of an iterative and unified risk assessment process on-the-fly. Based on our findings, we posit open issues and challenges, and discuss possible ways to address them, so that such holistic security and privacy mechanisms can reach their full potential towards solving this conundrum.

show abstract

A cloud-based architecture to crowdsource mobile app privacy leaks

Papamartzivanos

Damopoulos

Kambourakis

2014

View full text Add to dashboard Cite

12 3 4

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.