Papers by Christos Douligeris
Industrial applications require more and more lowpower operations, low-delay, deterministic commu... more Industrial applications require more and more lowpower operations, low-delay, deterministic communications as well as end-to-end reliability close to 100%. IEEE 802.15.4-TSCH (Time-Slotted Channel Hopping) relies on a channel hopping technique while scheduling properly the transmissions to provide a high end-to-end reliability. Because of external interference, some channels may perform very poorly locally, which impacts negatively the reliability for some radio links. We propose here the first distributed scheduling solution which reactively allocates the cells to each pair of nodes while also considering local blacklists. These local blacklists are constructed on a perradio link basis to reflect the actual performance encountered locally. Our simulations highlight the relevance of our distributed blacklisting aware scheduling algorithm to improve both the reliability and the delay efficiency compared with DeTAS, a state of the art distributed solution.
Journal of Network and Computer Applications, Mar 1, 2012
ABSTRACT Since the midst of 1990s, a great variety of strategies have been proposed and analyzed ... more ABSTRACT Since the midst of 1990s, a great variety of strategies have been proposed and analyzed to address the problem of web caching object replacement strategies, with each one outperforming the others in one or more basic performance metrics. In this paper, our objective is to evaluate the principal web caching object replacement strategies in terms of their efficiency, i.e. their ability to demonstrate high performance, while, at the same time, keeping the total cost for their support as low as possible. In our approach, we propose the technique of data envelopment analysis (DEA) as a complementary to simulations tool in order to solve the efficiency problem. Using DEA we show that two strategies – namely gGDSF(1) and LRU-SP – can be considered as (1) efficient solutions for real systems and (2) good benchmarks for future research. Our work also concluded that DEA has demonstrated absolute consistency in seeking for the efficient strategies and that it is able to distinguish the champion strategy that will outperform all the others. Moreover, it has been shown that large cache sizes may subvert the struggle of some strategies to stand out.
Computer Networks, Apr 1, 2004
Denial of Service (DoS) attacks constitute one of the major threats and among the hardest securit... more Denial of Service (DoS) attacks constitute one of the major threats and among the hardest security problems in todayÕs Internet. Of particular concern are Distributed Denial of Service (DDoS) attacks, whose impact can be proportionally severe. With little or no advance warning, a DDoS attack can easily exhaust the computing and communication resources of its victim within a short period of time. Because of the seriousness of the problem many defense mechanisms have been proposed to combat these attacks. This paper presents a structural approach to the DDoS problem by developing a classification of DDoS attacks and DDoS defense mechanisms. Furthermore, important features of each attack and defense system category are described and advantages and disadvantages of each proposed scheme are outlined. The goal of the paper is to place some order into the existing attack and defense mechanisms, so that a better understanding of DDoS attacks can be achieved and subsequently more efficient and effective algorithms, techniques and procedures to combat these attacks may be developed.
Denial of Service (DOS) attacks are an immense threat to lntemet sites and among the hardest secu... more Denial of Service (DOS) attacks are an immense threat to lntemet sites and among the hardest security problems in today's Intemet. Of particular concernbecause of their potential impactare the Distributed Denial of Service (DDoS) attacks. With little or no advance warning a DDoS attack can easily exhaust the computing and communication resources of its victim within a short period of time. This paper presents the problem of DDoS attacks and develops a classification of DDoS defense systems. Important features of each attack and defense system category are described and advantages and disadvantages of each proposed scheme are outlined. The goal of the paper is to place some order into the existing attack and defense mechanisms, so that a better understanding of DDoS attacks can be achieved and more efficient defense mechanisms and techniques can he devised.
Mobile technology can facilitate “anytime and anywhere” learning and has the potential not only t... more Mobile technology can facilitate “anytime and anywhere” learning and has the potential not only to educate people but also to encourage their choices towards greener habits. This paper describes the User-Centered Design process followed within a mobile application aiming to educate pupils/adolescents in adopting a sustainable travel urban behavior using various motivational features. We report the primary outcomes derived from an assessment by a secondary education pupils’ group of six simulated screens of a prospective mobile application named ESTA (Educating pupils/adolescents in Sustainable Travel urban behavior through mobile Applications). We analyze their feedback on the application’s functionality and the possibility for its daily use in order to the adolescents to become more mindful of their environmental impact.
Springer eBooks, Aug 28, 2008
In this paper we present the design and evaluation of intrusion detection models for MANETs using... more In this paper we present the design and evaluation of intrusion detection models for MANETs using supervised classification algorithms. Specifically, we evaluate the performance of the MultiLayer Perceptron (MLP), the Linear classifier, the Gaussian Mixture Model (GMM), the Naive Bayes classifier and the Support Vector Machine (SVM). The performance of the classification algorithms is evaluated under different traffic conditions and mobility patterns for the Black Hole, Forging, Packet Dropping, and Flooding attacks. The results indicate that Support Vector Machines exhibit high accuracy for almost all simulated attacks and that Packet Dropping is the hardest attack to detect.
24th Pan-Hellenic Conference on Informatics
The insider threat is increasingly becoming extremely important for companies, organizations and ... more The insider threat is increasingly becoming extremely important for companies, organizations and even governments. A malicious, or even a careless, insider can cause severe damage to the resources and the reputation of an organization. In this article, we provide an overview of the basic characteristics of insider cyber-security threats and we present current approaches and controls of mitigating such threats.
arXiv (Cornell University), Jun 15, 2017
Recent advancements in the field of smart machineto-machine (M2M) communications impose the neces... more Recent advancements in the field of smart machineto-machine (M2M) communications impose the necessity to improve the service delivery by enforcing appropriate security rules. Due to the large number of the connected devices, the criticality of the M2M applications, and the network stability weaknesses, we need to consider and analyze the security aspects and establish a flexible policy-aware architecture. This paper explores the relevant architectural challenges in this environment and proposes a Policy-Aware smart M2M Architecture (PAArc) based on ETSI's M2M communications functional architecture. We explore the policy-based management aspects to improve the security of the M2M components and services and to mitigate the security concerns that arise by evaluating an Intelligent Transportation System use case. It is shown that the policy enforcement enables enhanced security management capabilities, increased agility, and better service levels in the field of smart M2M communications.
IEEE Communications Surveys & Tutorials
The increased use of smart Electric Vehicles (EVs) and Plug-in Electric Vehicles (PEV) opened a n... more The increased use of smart Electric Vehicles (EVs) and Plug-in Electric Vehicles (PEV) opened a new area of research and development. The number of EV charging sites has considerably increased in residential as well as in public areas. Within these EV charging sites, various entities need to communicate in a secure and efficient way. The Open Charge Point Protocol (OCPP) offers a way to coordinate this communication and is already being used in many implementations. However, only the latest OCPP 2.0 version of the protocol includes certain security features. In this article, we present the entities that take part in an OCPP-based smart charging scenario, we identify security issues and threats and present solutions that have been proposed by scholars. We identify open security issues for OCPP and propose future research directions for the security enhancement of the protocol.
2018 IEEE Symposium on Computers and Communications (ISCC), 2018
Time Slotted Channel Hopping (TSCH) has been proposed in various wireless protocols as a solution... more Time Slotted Channel Hopping (TSCH) has been proposed in various wireless protocols as a solution to combat external interference, path-loss fading and static jamming attacks. However, since TSCH algorithms generate a deterministic and periodic pattern of channel hops, they are still subject to jamming attacks. Proactive randomization of the channel generation process could provide a good solution against jamming attacks, however due to the strict time constraints of the timeslots, practical solutions should be very efficient. In this paper, we propose R-TSCH, a randomized radio channel generation algorithm that can be used to proactively protect wireless nodes from jamming attacks. Based on a cryptographic hash function and a secret key, R-TSCH produces a new pseudo-random channel sequence, which looks as truly random to anyone who has no access to the key. Our simulation results show that the attacked links of the TSCH network enhanced with the proposed mechanism can achieve an over 90% Packet Reception Rate (PRR) in presence of multiple jammers.
IEEE Access, 2021
The Internet of Medical Things (IoMT) has revolutionized health care services by providing signif... more The Internet of Medical Things (IoMT) has revolutionized health care services by providing significant benefits in terms of patient well being and relevant costs. Traditional risk assessment methodologies, however, cannot be effectively applied in the IoMT context since IoMT devices form part of a distributed and trustless environment and naturally support functionalities that favor reliability and usability instead of security. In this work we present a survey of risk assessment and mitigation methodologies for IoMT. For conducting the survey, we assess two streams of literature. First, we systematically review and classify the current scientific research in IoMT risk assessment methodologies. Second, we review existing standards/best practices for IoMT security assessment and mitigation in order to i) provide a comparative assessment of these standards/best practices on the basis of predefined criteria (scope and/or coverage, maturity level, and relevant risk methodology applied) and ii) identify common themes for IoMT security controls. Based on the analysis, we provide various IoMT research and implementation gaps along with a road map of fruitful areas for future research. The paper could be of significant value to security assessment researchers and policymakers/stakeholders in the health care industry.
2019 International Conference on Information and Communication Technologies for Disaster Management (ICT-DM), 2019
In recent years, the growing emergence of digitalization and data explosion has altered the threa... more In recent years, the growing emergence of digitalization and data explosion has altered the threat dynamics in the maritime sector. The interconnected Maritime Critical Infrastructures are highly attracted by cybercriminals, who are constantly evolving their tactics, committing complex, sophisticated attacks causing a tremendous impact to economic and social life. Such intrusions engage multi-vector, composite attacks exploiting existing vulnerabilities from both the physical and the cyber domain. Current risk assessment approaches and countermeasure strategies fail to gather an overview of the maritime physical and cyber threat landscape. This work describes a method to detect and counter such sophisticated attacks by applying a Hybrid Situational Awareness model. This model allows to generate a holistic picture of the security condition within Maritime Critical Infrastructures considering the potential cascading effects of such combined cyberphysical attacks. Furthermore, the curr...
2018 IEEE International Conference on Communications (ICC), 2018
The IEEE 802.15.4 Time Slotted Channel Hopping (TSCH) networks suffer considerably from the high ... more The IEEE 802.15.4 Time Slotted Channel Hopping (TSCH) networks suffer considerably from the high interference caused by the presence of nearby external devices, such as from the presence of IEEE 802.11b/g/n Access Points. Frequency hopping and blacklisting of radio channels that temporarily or consistently present bad performance are the two main approaches to cope with interference and increase the chances of successful packet delivery. However, the blacklisting of a number of channels and the scheduling of transmissions so that two or more neighboring links do not use the same frequency at the same time is a challenging problem, since in IEEE 802.15.4 TSCH many parallel transmissions may occur. Blacklisting algorithms may be applied either locally or globally in IEEE 802.15.4 networks. In this paper, we first present the weaknesses of a localized blacklisting solution presented in the literature for multi-hop networks, and we propose a new distributed solution to overcome these issues. Both analytical and simulation evaluation under heavy interference show the superiority of the proposed scheme. In particular, the packet delivery ratio is improved while achieving minimum delay.
2018 25th International Conference on Telecommunications (ICT), 2018
LoRa networks enable long range communications for Internet of Things (IoT) applications. The cur... more LoRa networks enable long range communications for Internet of Things (IoT) applications. The current LoRa technology provides a wide range of communication settings whereas many combination settings are orthogonal and, thus, they can be successfully decoded at the gateway when the signals are transmitted simultaneously. Previous simulation results showed that the LoRa network capacity can be improved when multiple communication parameters are applied. In this paper, we model a LoRa network consisting of nodes with different communication settings in terms of bandwidth and spreading factor. We compute the average success probability per configuration as a function of density taking into account both intra and inter-spreading factor collisions. We, also, formulate and solve an optimization problem to maximize the node capacity for a given deployment area and frequency by optimizing the number of nodes having different spreading factor configurations. We present numerical results and we show that solutions close to the optimal can increase the maximum number of nodes by more than 700% compared to case where equal number of users per spreading factor are considered.
Proceedings of the 21st Pan-Hellenic Conference on Informatics, 2017
It is our pleasure to welcome you to the 21st Pan-Hellenic Conference on Informatics - PCI 2017. ... more It is our pleasure to welcome you to the 21st Pan-Hellenic Conference on Informatics - PCI 2017. PCI 2017 is a unique event since it offers to the Greek informatics community, researchers and practitioners, a forum to strengthen their relationships, to explore new trends in the broad area of informatics and to present and discuss papers on relevant important and timely topics.
[1992] Proceedings Third International Symposium on Software Reliability Engineering
Software testability is the the tendency of code to reveal existing faults during random testing.... more Software testability is the the tendency of code to reveal existing faults during random testing. This paper proposes to take software testability predictions into account throughout the development process. These predictions can be made from formal specications, design documents, and the code itself. The insight provided by software testability is valuable during design, coding, testing, and quality assurance. We further believe that software testability analysis can play a crucial role in quantifying the likelihood that faults are not hiding after testing does not result in any failures for the current version.
Network Security, 2007
Preface. Contributors. 1. Computer Network Security: Basic Background and Current Issues (Panayio... more Preface. Contributors. 1. Computer Network Security: Basic Background and Current Issues (Panayiotis Kotzanikolaou and Christos Douligeris). 1.1 Some Terminology on Network Security. 1.2 ISO/OSI Reference Model for Networks. 1.3 Network Security Attacks. 1.4 Mechanisms and Controls for Network Security: Book Overview and Structure. References. Part One Internet Security. 2. Secure Routing (Ioannis Avramopoulos, Hisashi Kobayashi, Arvind Krishnamurthy, and Randy Wang). 2.1 Introduction. 2.2 Networking Technologies. 2.3 Attacks in Networks. 2.4 State of the Art. 2.5 Conclusion and Research Issues. References. 3. Designing Firewalls: A Survey (Angelos D. Keromytis and Vassilis Prevelakis). 3.1 Introduction. 3.2 Firewall Classifi cation. 3.3 Firewall Deployment: Management. 3.4 Conclusions. References. 4. Security in Virtual Private Networks (Srinivas Sampalli). 4.1 Introduction. 4.2 VPN Overview. 4.3 VPN Benefi ts. 4.4 VPN Terminology. 4.5 VPN Taxonomy. 4.6 IPSec. 4.7 Current Research on VPNs. 4.8 Conclusions. References. 5. IP Security (IPSec) (Anirban Chakrabarti and Manimaran Govindarasu). 5.1 Introduction. 5.2 IPSec Architecture and Components. 5.3 Benefi ts and Applications of IPSec. 5.4 Conclusions. References. 6. IDS for Networks (John C. McEachen and John M. Zachary). 6.1 Introduction. 6.2 Background. 6.3 Modern NIDSs. 6.4 Research and Trends. 6.5 Conclusions. References. 7. Intrusion Detection Versus Intrusion Protection (Luis Sousa Cardoso). 7.1 Introduction. 7.2 Detection Versus Prevention. 7.3 Intrusion Prevention Systems: The Next Step in Evolution of IDS. 7.4 Architecture Matters. 7.5 IPS Deployment. 7.6 IPS Advantages. 7.7 IPS Requirements: What to Look For. 7.8 Conclusions. References. 8. Denial-of-Service Attacks (Aikaterini Mitrokotsa and Christos Douligeris). 8.1 Introduction. 8.2 DoS Attacks. 8.3 DDoS Attacks. 8.4 DDoS Defense Mechanisms. 8.5 Conclusions. References. 9. Secure Architectures with Active Networks (Srinivas Sampalli, Yaser Haggag, and Christian Labonte). 9.1 Introduction. 9.2 Active Networks. 9.3 SAVE Test bed. 9.4 Adaptive VPN Architecture with Active Networks. 9.5 (SAM) Architecture. 9.6 Conclusions. References. Part Two Secure Services. 10. Security in E-Services and Applications (Manish Mehta, Sachin Singh, and Yugyung Lee). 10.1 Introduction. 10.2 What Is an E-Service? 10.3 Security Requirements for EServices and Applications. 10.4 Security for Future EServices. References. 11. Security in Web Services (Christos Douligeris and George P. Ninios). 11.1 Introduction. 11.2 Web Services Technologies and Standards. 11.3 Web Services Security Standard. 11.4 Conclusions. References. 12. Secure Multicasting (Constantinos Boukouvalas and Anthony G. Petropoulos). 12.1 Introduction 205 12.2 IP Multicast. 12.3 Application Security Requirements. 12.4 Multicast Security Issues. 12.5 Data Authentication. 12.6 Source Authentication Schemes. 12.7 Group Key Management. 12.8 Group Management and Secure Multicast Routing. 12.9 Secure IP Multicast Architectures. 12.10 Secure IP Multicast Standardization Efforts. 12.11 Conclusions. References. 13. Voice Over IP Security (Son Vuong and Kapil Kumar Singh). 13.1 Introduction. 13.2 Security Issues in VoIP. 13.3 Vulnerability Testing. 13.4 Intrusion Detection Systems. 13.5 Conclusions. References. 14. Grid Security (Kyriakos Stefanidis, Artemios G. Voyiatzis, and Dimitrios N. Serpanos). 14.1 Introduction. 14.2 Security Challenges for Grids. 14.3 Grid Security Infrastructure. 14.4 Grid Computing Environments. 14.5 Grid Network Security. 14.6 Conclusions and Future Directions. References. 15. Mobile Agent Security (Panayiotis Kotzanikolaou, Christos Douligeris, Rosa Mavropodi, and Vassilios Chrissikopoulos). 15.1 Introduction. 15.2 Taxonomy of Solutions. 15.3 Security Mechanisms for Mobile Agent Systems. References Part Three Mobile and Security. 16. Mobile Terminal Security (Olivier Benoit, Nora Dabbous, Laurent Gauteron, Pierre Girard, Helena Handschuh, David Naccache, Stephane Socie, and Claire Whelan). 16.1 Introduction. 16.2 WLAN and WPAN Security. 16.3 GSM and 3GPP Security. 16.4 Mobile Platform Layer Security. 16.5 Hardware Attacks on Mobile Equipment. 16.6 Conclusion. References. 17. IEEE 802.11 Security (Daniel L. Lough, David J. Robinson, and Ian G. Schneller). 17.1 Introduction. 17.2 Introduction to IEEE 802.11. 17.3 Wired Equivalent Privacy. 17.4 Additional IEEE 802.11 Security Techniques. 17.5 Wireless Intrusion Detection Systems. 17.6 Practical IEEE 802.11 Security Measures. 17.7 Conclusions. References. 18. Bluetooth Security (Christian Gehrmann). 18.1 Introduction. 18.2 Bluetooth Wireless Technology. 18.3 Security Architecture. 18.4 Security Weaknesses and Countermeasures. 18.5 Bluetooth Security: What Comes Next? References. 19. Mobile Telecom Networks (Christos Xenakis and Lazaros Merakos). 19.1 Introduction. 19.2 Architectures Network. 19.3 Security Architectures. 19.4 Research Issues. 19.5 Conclusions. References. 20. Security in…
Annals of Operations Research, 1984
IFAC Proceedings Volumes, Jun 1, 1997
This paper presents a novel methodology of analyzing, quantifying and assigning risk cost estimat... more This paper presents a novel methodology of analyzing, quantifying and assigning risk cost estimates as related to marine transportation of petroleum products. These risk costs constitute an essential input to any transportation network model that would solve for an optimal oil flow distribution. Based on the risk analysis, transportation models could then be used to identify shipping routes that minimize a function of transportation and risk cost while maintaining an equitable distribution of risk. The proposed methodology is implemented on a real world case study that captures the transportation of oil within the Gulf of Mexico for the 199()..1994 time period.
Uploads
Papers by Christos Douligeris