Alexandros

Kapravelos

Associate Professor
NC State University

[email protected]

I'm an Associate Professor in the Department of Computer Science at North Carolina State University, a member of the Wolfpack Security and Privacy Research (WSPR) Lab and the faculty mentor of HackPack. Together with The Order of the Overflow team we organized DEF CON CTF during 2018-2021.

I'm looking for excited and motivated students to work with. PhD applications at NCSU are due in December (link). If you are interested to visit our group for an internship, take a look here.

Research Interests

My research interests span the areas of web security & privacy, software supply chain security, and AI security. I am in particular interested in the security and privacy problems that arise from the evolution of the web, the software supply chain and the latest advancements in AI.

News

Publications

1. An Empirical Study on Reproducible Packaging in Open-Source Ecosystems
   Giacomo Benedetti, Oreofe Solarin, Courtney Miller, Greg Tystahl, William Enck, Christian Kästner, Alexandros Kapravelos, Alessio Merlo, Luca Verderame
   Proceedings of the International Conference on Software Engineering (ICSE), 2025
   [to appear] [Bibtex]

   ×

   @inproceedings{repro-icse25,
     title = {{An Empirical Study on Reproducible Packaging in Open-Source Ecosystems}},
     author = {Benedetti, Giacomo and Solarin, Oreofe and Miller, Courtney and Tystahl, Greg and Enck, William and K{ä}stner, Christian and Kapravelos, Alexandros and Merlo, Alessio and Verderame, Luca},
     booktitle = {{Proceedings of the International Conference on Software Engineering (ICSE)}},
     year = {2025}
   }
   

2. JSHint: Revealing API Usage to Improve Detection of Malicious JavaScript
   Shaown Sarker, Kasimir Schulz, Aleksandr Nahapetyan, Anupam Das, Alexandros Kapravelos
   Proceedings of the Information Security Conference (ISC), 2024
   [PDF] [Bibtex]

   ×

   @inproceedings{jshint-isc24,
     title = {{JSHint: Revealing API Usage to Improve Detection of Malicious JavaScript}},
     author = {Sarker, Shaown and Schulz, Kasimir and Nahapetyan, Aleksandr and Das, Anupam and Kapravelos, Alexandros},
     booktitle = {{Proceedings of the Information Security Conference (ISC)}},
     month = oct,
     year = {2024}
   }
   

3. Automated Generation of Behavioral Signatures for Malicious Web Campaigns
   Shaown Sarker, William Melicher, Oleksii Starov, Anupam Das, Alexandros Kapravelos
   Proceedings of the Information Security Conference (ISC), 2024
   [PDF] [Bibtex]

   ×

   @inproceedings{webehavior-isc24,
     title = {{Automated Generation of Behavioral Signatures for Malicious Web Campaigns}},
     author = {Sarker, Shaown and Melicher, William and Starov, Oleksii and Das, Anupam and Kapravelos, Alexandros},
     booktitle = {{Proceedings of the Information Security Conference (ISC)}},
     month = oct,
     year = {2024}
   }
   

4. FV8: A Forced Execution JavaScript Engine for Detecting Evasive Techniques
   Nikolaos Pantelaios, Alexandros Kapravelos
   Proceedings of the USENIX Security Symposium, 2024
   [PDF] [Bibtex] [code]

   ×

   @inproceedings{fv8-sec24,
     title = {{FV8: A Forced Execution JavaScript Engine for Detecting Evasive Techniques}},
     author = {Pantelaios, Nikolaos and Kapravelos, Alexandros},
     booktitle = {{Proceedings of the USENIX Security Symposium}},
     code = {{https://github.com/wspr-ncsu/FV8}},
     month = aug,
     tag = {vv8},
     year = {2024}
   }
   

5. On SMS Phishing Tactics and Infrastructure
   Aleksandr Nahapetyan, Sathvik Prasad, Kevin Childs, Adam Oest, Yeganeh Ladwig, Alexandros Kapravelos, Brad Reaves
   Proceedings of the IEEE Symposium on Security and Privacy, 2024
   [PDF] [Bibtex]

   ×

   @inproceedings{smsphishing-sp24,
     title = {{On SMS Phishing Tactics and Infrastructure}},
     author = {Nahapetyan, Aleksandr and Prasad, Sathvik and Childs, Kevin and Oest, Adam and Ladwig, Yeganeh and Kapravelos, Alexandros and Reaves, Brad},
     booktitle = {{Proceedings of the IEEE Symposium on Security and Privacy}},
     month = may,
     year = {2024}
   }
   

6. UntrustIDE: Exploiting Weaknesses in VS Code Extensions
   Elizabeth Lin, Igibek Koishybayev, Trevor Dunlap, William Enck, Alexandros Kapravelos
   Proceedings of the Network and Distributed System Security Symposium (NDSS), 2024
   Distinguished Paper Award
   [PDF] [Bibtex]

   ×

   @inproceedings{untrustide-ndss24,
     title = {{UntrustIDE: Exploiting Weaknesses in VS Code Extensions}},
     author = {Lin, Elizabeth and Koishybayev, Igibek and Dunlap, Trevor and Enck, William and Kapravelos, Alexandros},
     booktitle = {{Proceedings of the Network and Distributed System Security Symposium (NDSS)}},
     note = {Distinguished Paper Award},
     month = feb,
     year = {2024}
   }
   

7. WRIT: Web Request Integrity and Attestation against Malicious Browser Extensions
   Giorgos Vasiliadis, Apostolis Karampelas, Alexandros Shevtsov, Panagiotis Papadopoulos, Sotiris Ioannidis, Alexandros Kapravelos
   IEEE Transactions on Dependable and Secure Computing, 2023
   [PDF] [Bibtex]

   ×

   @inproceedings{writ-tdsc24,
     title = {{WRIT: Web Request Integrity and Attestation against Malicious Browser Extensions}},
     author = {Vasiliadis, Giorgos and Karampelas, Apostolis and Shevtsov, Alexandros and Papadopoulos, Panagiotis and Ioannidis, Sotiris and Kapravelos, Alexandros},
     booktitle = {{IEEE Transactions on Dependable and Secure Computing}},
     month = dec,
     pages = {1-14},
     year = {2023}
   }
   

8. ARGUS: A Framework for Staged Static Taint Analysis of GitHub Workflows and Actions
   Siddharth Muralee, Igibek Koishybayev, Aleksandr Nahapetyan, Greg Tystahl, Brad Reaves, Antonio Bianchi, William Enck, Alexandros Kapravelos, Aravind Machiry
   Proceedings of the USENIX Security Symposium, 2023
   CSAW 2023 Applied Research Finalist
   [PDF] [Bibtex] [website] [code] [news]

   ×

   @inproceedings{githubreactions-usenixsec23,
     title = {{ARGUS: A Framework for Staged Static Taint Analysis of GitHub Workflows and Actions}},
     author = {Muralee, Siddharth and Koishybayev, Igibek and Nahapetyan, Aleksandr and Tystahl, Greg and Reaves, Brad and Bianchi, Antonio and Enck, William and Kapravelos, Alexandros and Machiry, Aravind},
     booktitle = {{Proceedings of the USENIX Security Symposium}},
     month = aug,
     code = {{https://github.com/purs3lab/ARGUS}},
     howpublished = {/projects/argus/},
     pages = {6983--7000},
     note = {{CSAW 2023 Applied Research Finalist}},
     news = {{https://github.blog/2023-08-09-four-tips-to-keep-your-github-actions-workflows-secure/}},
     tag = {githubreactions},
     year = {2023}
   }
   

9. Automatic Discovery of Emerging Browser Fingerprinting Techniques
   Junhua Su, Alexandros Kapravelos
   Proceedings of The Web Conference (WWW), 2023
   [PDF] [Bibtex] [code]

   ×

   @inproceedings{fptechniques-www23,
     title = {{Automatic Discovery of Emerging Browser Fingerprinting Techniques}},
     author = {Su, Junhua and Kapravelos, Alexandros},
     booktitle = {{Proceedings of The Web Conference (WWW)}},
     month = apr,
     code = {{https://github.com/wspr-ncsu/BrowserFingerprintingAD}},
     pages = {2178--2188},
     tag = {vv8},
     year = {2023}
   }
   

10. Characterizing the Security of Github CI Workflows
    Igibek Koishybayev, Aleksandr Nahapetyan, Raima Zachariah, Siddharth Muralee, Brad Reaves, Alexandros Kapravelos, Aravind Machiry
    Proceedings of the USENIX Security Symposium, 2022
    [PDF] [Bibtex] [website] [code]

    ×

    @inproceedings{githubactions-usenixsec22,
      title = {{Characterizing the Security of Github CI Workflows}},
      author = {Koishybayev, Igibek and Nahapetyan, Aleksandr and Zachariah, Raima and Muralee, Siddharth and Reaves, Brad and Kapravelos, Alexandros and Machiry, Aravind},
      booktitle = {{Proceedings of the USENIX Security Symposium}},
      month = aug,
      tag = {githubactions},
      code = {{https://github.com/wspr-ncsu/github-actions-security-analysis}},
      howpublished = {/projects/githubactions/},
      pages = {2747--2763},
      year = {2022}
    }
    

11. yoU aRe a Liar://A Unified Framework for Cross-Testing URL Parsers
    Dashmeet Kaur Ajmani, Igibek Koishybayev, Alexandros Kapravelos
    Proceedings of the IEEE SecWeb Workshop, 2022
    [PDF] [Bibtex]

    ×

    @inproceedings{youarealiar-secweb22,
      title = {{yoU aRe a Liar://A Unified Framework for Cross-Testing URL Parsers}},
      author = {Ajmani, Dashmeet Kaur and Koishybayev, Igibek and Kapravelos, Alexandros},
      booktitle = {{Proceedings of the IEEE SecWeb Workshop}},
      pages = {51-58},
      month = jun,
      year = {2022}
    }
    

12. SoK: Workerounds - Categorizing Service Worker Attacks and Mitigations
    Karthika Subramani, Jordan Jueckstock, Alexandros Kapravelos, Roberto Perdisci
    Proceedings of the IEEE European Symposium on Security and Privacy (EuroS&P), 2022
    [PDF] [Bibtex]

    ×

    @inproceedings{workerounds-eurosp22,
      title = {{SoK: Workerounds - Categorizing Service Worker Attacks and Mitigations}},
      author = {Subramani, Karthika and Jueckstock, Jordan and Kapravelos, Alexandros and Perdisci, Roberto},
      booktitle = {{Proceedings of the IEEE European Symposium on Security and Privacy (EuroS\&P)}},
      month = jun,
      pages = {555-571},
      year = {2022}
    }
    

13. Measuring the Privacy vs. Compatibility Trade-off in Preventing Third-Party Stateful Tracking
    Jordan Jueckstock, Peter Snyder, Shaown Sarker, Alexandros Kapravelos, Ben Livshits
    Proceedings of The Web Conference (WWW), 2022
    [PDF] [Bibtex]

    ×

    @inproceedings{ephemeralstorage-www22,
      title = {{Measuring the Privacy vs. Compatibility Trade-off in Preventing Third-Party Stateful Tracking}},
      author = {Jueckstock, Jordan and Snyder, Peter and Sarker, Shaown and Kapravelos, Alexandros and Livshits, Ben},
      booktitle = {{Proceedings of The Web Conference (WWW)}},
      month = apr,
      pages = {710–720},
      year = {2022}
    }
    

14. Browserprint: An Analysis of the Impact of Browser Features on Fingerprintability and Web Privacy
    Seyed Ali Akhavani, Jordan Jueckstock, Junhua Su, Alexandros Kapravelos, Engin Kirda, Long Lu
    Proceedings of the Information Security Conference (ISC), 2021
    [PDF] [Bibtex]

    ×

    @inproceedings{browserprint-isc21,
      title = {{Browserprint: An Analysis of the Impact of Browser Features on Fingerprintability and Web Privacy}},
      author = {Akhavani, Seyed Ali and Jueckstock, Jordan and Su, Junhua and Kapravelos, Alexandros and Kirda, Engin and Lu, Long},
      booktitle = {{Proceedings of the Information Security Conference (ISC)}},
      pages = {161--176},
      month = nov,
      tag = {vv8},
      year = {2021}
    }
    

15. Fingerprinting in Style: Detecting Browser Extensions via Injected Style Sheets
    Pierre Laperdrix, Oleksii Starov, Quan Chen, Alexandros Kapravelos, Nick Nikiforakis
    Proceedings of the USENIX Security Symposium, 2021
    [PDF] [Bibtex] [code]

    ×

    @inproceedings{css-fp-usenixsec21,
      title = {{Fingerprinting in Style: Detecting Browser Extensions via Injected Style Sheets}},
      author = {Laperdrix, Pierre and Starov, Oleksii and Chen, Quan and Kapravelos, Alexandros and Nikiforakis, Nick},
      booktitle = {{Proceedings of the USENIX Security Symposium}},
      code = {https://github.com/plaperdr/fingerprinting-in-style},
      month = aug,
      pages = {2507--2524},
      year = {2021}
    }
    

16. Detecting Filter List Evasion With Event-Loop-Turn Granularity JavaScript Signatures
    Quan Chen, Peter Snyder, Ben Livshits, Alexandros Kapravelos
    Proceedings of the IEEE Symposium on Security and Privacy, 2021
    [PDF] [Bibtex] [code]

    ×

    @inproceedings{pg-sigs-sp20,
      title = {{Detecting Filter List Evasion With Event-Loop-Turn Granularity JavaScript Signatures}},
      author = {Chen, Quan and Snyder, Peter and Livshits, Ben and Kapravelos, Alexandros},
      booktitle = {{Proceedings of the IEEE Symposium on Security and Privacy}},
      code = {{https://github.com/semantic-signatures/semantic-signatures}},
      month = may,
      pages = {1715-1729},
      year = {2021}
    }
    

17. CrawlPhish: Large-scale Analysis of Client-side Cloaking Techniques in Phishing
    Penghui Zhang, Adam Oest, Haehyun Cho, Zhibo Sun, RC Johnson, Brad Wardman, Shaown Sarker, Alexandros Kapravelos, Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, Adam Doupe, Gail-Joon Ahn
    Proceedings of the IEEE Symposium on Security and Privacy, 2021
    Best Student Paper Award
    [PDF] [Bibtex]

    ×

    @inproceedings{crawlphish-sp21,
      title = {{CrawlPhish: Large-scale Analysis of Client-side Cloaking Techniques in Phishing}},
      author = {Zhang, Penghui and Oest, Adam and Cho, Haehyun and Sun, Zhibo and Johnson, RC and Wardman, Brad and Sarker, Shaown and Kapravelos, Alexandros and Bao, Tiffany and Wang, Ruoyu and Shoshitaishvili, Yan and Doupe, Adam and Ahn, Gail-Joon},
      booktitle = {{Proceedings of the IEEE Symposium on Security and Privacy}},
      note = {Best Student Paper Award},
      month = may,
      pages = {1109-1124},
      year = {2021}
    }
    

18. Cookie Swap Party: Abusing First-Party Cookies for Web Tracking
    Quan Chen, Panagiotis Ilia, Michalis Polychronakis, Alexandros Kapravelos
    Proceedings of The Web Conference (WWW), 2021
    [PDF] [Bibtex]

    ×

    @inproceedings{cookieparty-www21,
      title = {{Cookie Swap Party: Abusing First-Party Cookies for Web Tracking}},
      author = {Chen, Quan and Ilia, Panagiotis and Polychronakis, Michalis and Kapravelos, Alexandros},
      booktitle = {{Proceedings of The Web Conference (WWW)}},
      month = apr,
      pages = {2117–2129},
      year = {2021}
    }
    

19. Towards Realistic and Reproducible Web Crawl Measurements
    Jordan Jueckstock, Shaown Sarker, Peter Snyder, Aidan Beggs, Panagiotis Papadopoulos, Matteo Varvello, Ben Livshits, Alexandros Kapravelos
    Proceedings of The Web Conference (WWW), 2021
    [PDF] [Bibtex] [code]

    ×

    @inproceedings{vpc-www21,
      title = {{Towards Realistic and Reproducible Web Crawl Measurements}},
      author = {Jueckstock, Jordan and Sarker, Shaown and Snyder, Peter and Beggs, Aidan and Papadopoulos, Panagiotis and Varvello, Matteo and Livshits, Ben and Kapravelos, Alexandros},
      booktitle = {{Proceedings of The Web Conference (WWW)}},
      code = {{https://github.com/wspr-ncsu/reprocrawl-code-release}},
      pages = {80–91},
      numpages = {13},
      month = apr,
      tag = {vv8},
      year = {2021}
    }
    

20. Favocado: Fuzzing Binding Code of JavaScript Engines Using Semantically Correct Test Cases
    Sung Ta Dinh, Haehyun Cho, Kyle Martin, Adam Oest, Yihui Zeng, Alexandros Kapravelos, Tiffany Bao, Ruoyu "Fish" Wang, Yan Shoshitaishvili, Adam Doupe, Gail-Joon Ahn
    Proceedings of the Network and Distributed System Security Symposium (NDSS), 2021
    [PDF] [Bibtex]

    ×

    @inproceedings{favocado-ndss21,
      title = {{Favocado: Fuzzing Binding Code of JavaScript Engines Using Semantically Correct Test Cases}},
      author = {Dinh, Sung Ta and Cho, Haehyun and Martin, Kyle and Oest, Adam and Zeng, Yihui and Kapravelos, Alexandros and Bao, Tiffany and Wang, Ruoyu "Fish" and Shoshitaishvili, Yan and Doupe, Adam and Ahn, Gail-Joon},
      booktitle = {{Proceedings of the Network and Distributed System Security Symposium (NDSS)}},
      month = feb,
      year = {2021}
    }
    

21. You’ve Changed: Detecting Malicious Browser Extensions through their Update Deltas
    Nikolaos Pantelaios, Nick Nikiforakis, Alexandros Kapravelos
    Proceedings of the ACM Conference on Computer and Communications Security (CCS), 2020
    [PDF] [Bibtex] [code]

    ×

    @inproceedings{extensiondeltas-CCS20,
      title = {{You've Changed: Detecting Malicious Browser Extensions through their Update Deltas}},
      author = {Pantelaios, Nikolaos and Nikiforakis, Nick and Kapravelos, Alexandros},
      booktitle = {{Proceedings of the ACM Conference on Computer and Communications Security (CCS)}},
      code = {https://github.com/wspr-ncsu/extensiondeltas},
      month = nov,
      pages = {477–491},
      year = {2020}
    }
    

22. Hiding in Plain Site: Detecting JavaScript Obfuscation through Concealed Browser API Usage
    Shaown Sarker, Jordan Jueckstock, Alexandros Kapravelos
    Proceedings of the ACM Internet Measurement Conference (IMC), 2020
    [PDF] [Bibtex]

    ×

    @inproceedings{jsobf-imc20,
      title = {{Hiding in Plain Site: Detecting JavaScript Obfuscation through Concealed Browser API Usage}},
      author = {Sarker, Shaown and Jueckstock, Jordan and Kapravelos, Alexandros},
      booktitle = {{Proceedings of the ACM Internet Measurement Conference (IMC)}},
      pages = {648–661},
      month = oct,
      tag = {vv8},
      year = {2020}
    }
    

23. Mininode: Reducing the Attack Surface of Node.js Applications
    Igibek Koishybayev, Alexandros Kapravelos
    Proceedings of the International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2020
    [PDF] [Bibtex] [website]

    ×

    @inproceedings{mininode-raid20,
      title = {{Mininode: Reducing the Attack Surface of Node.js Applications}},
      author = {Koishybayev, Igibek and Kapravelos, Alexandros},
      booktitle = {{Proceedings of the International Symposium on Research in Attacks, Intrusions and Defenses (RAID)}},
      month = oct,
      howpublished = {/projects/mininode/},
      tag = {mininode},
      pages = {121--134},
      year = {2020}
    }
    

24. VisibleV8: In-browser Monitoring of JavaScript in the Wild
    Jordan Jueckstock, Alexandros Kapravelos
    Proceedings of the ACM Internet Measurement Conference (IMC), 2019
    [PDF] [Bibtex] [website] [slides] [talk] [code]

    ×

    @inproceedings{vv8-imc19,
      title = {{VisibleV8: In-browser Monitoring of JavaScript in the Wild}},
      author = {Jueckstock, Jordan and Kapravelos, Alexandros},
      booktitle = {{Proceedings of the ACM Internet Measurement Conference (IMC)}},
      pages = {393–405},
      month = oct,
      howpublished = {/projects/vv8/},
      code = {{https://github.com/wspr-ncsu/visiblev8}},
      slides = {/presentations/vv8-imc19.pdf},
      talk = {https://vimeo.com/showcase/6531379/video/369121825#t=3500s},
      tag = {vv8},
      year = {2019}
    }
    

25. Everyone is Different: Client-side Diversification for Defending Against Extension Fingerprinting
    Erik Trickel, Oleksii Starov, Alexandros Kapravelos, Nick Nikiforakis, Adam Doupe
    Proceedings of the USENIX Security Symposium, 2019
    [PDF] [Bibtex] [code]

    ×

    @inproceedings{cloakx-sec19,
      title = {{Everyone is Different: Client-side Diversification for Defending Against Extension Fingerprinting}},
      author = {Trickel, Erik and Starov, Oleksii and Kapravelos, Alexandros and Nikiforakis, Nick and Doupe, Adam},
      booktitle = {{Proceedings of the USENIX Security Symposium}},
      code = {https://github.com/sefcom/cloakx},
      month = aug,
      pages = {1679--1696},
      year = {2019}
    }
    

26. Wild Extensions: Discovering and Analyzing Unlisted Chrome Extensions
    Aidan Beggs, Alexandros Kapravelos
    Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2019
    [PDF] [Bibtex]

    ×

    @inproceedings{wildextensions-dimva19,
      title = {{Wild Extensions: Discovering and Analyzing Unlisted Chrome Extensions}},
      author = {Beggs, Aidan and Kapravelos, Alexandros},
      booktitle = {{Proceedings of the Conference on Detection of Intrusions and Malware \& Vulnerability Assessment (DIMVA)}},
      month = jun,
      pages = {3--22},
      year = {2019}
    }
    

27. Unnecessarily Identifiable: Quantifying the fingerprintability of browser extensions due to bloat
    Oleksii Starov, Pierre Laperdrix, Alexandros Kapravelos, Nick Nikiforakis
    Proceedings of the World Wide Web Conference (WWW), 2019
    [PDF] [Bibtex]

    ×

    @inproceedings{extbloat-www2019,
      title = {{Unnecessarily Identifiable: Quantifying the fingerprintability of browser extensions due to bloat}},
      author = {Starov, Oleksii and Laperdrix, Pierre and Kapravelos, Alexandros and Nikiforakis, Nick},
      booktitle = {{Proceedings of the World Wide Web Conference (WWW)}},
      month = may,
      pages = {3244–3250},
      year = {2019}
    }
    

28. Mystique: Uncovering Information Leakage from Browser Extensions
    Quan Chen, Alexandros Kapravelos
    Proceedings of the ACM Conference on Computer and Communications Security (CCS), 2018
    [PDF] [Bibtex] [website] [code]

    ×

    @inproceedings{mystique-CCS18,
      title = {Mystique: Uncovering Information Leakage from Browser Extensions},
      author = {Chen, Quan and Kapravelos, Alexandros},
      booktitle = {{Proceedings of the ACM Conference on Computer and Communications Security (CCS)}},
      howpublished = {https://mystique.csc.ncsu.edu/},
      code = {https://github.com/wspr-ncsu/mystique},
      pages = {1687–1700},
      year = {2018}
    }
    

29. Cloak of Visibility: Detecting When Machines Browse A Different Web
    Luca Invernizzi, Kurt Thomas, Alexandros Kapravelos, Oxana Comanescu, Jean-Michel Picod, Elie Bursztein
    Proceedings of the IEEE Symposium on Security and Privacy, 2016
    [PDF] [Bibtex]

    ×

    @inproceedings{cloaking-SP16,
      title = {{Cloak of Visibility: Detecting When Machines Browse A Different Web}},
      author = {Invernizzi, Luca and Thomas, Kurt and Kapravelos, Alexandros and Comanescu, Oxana and Picod, Jean-Michel and Bursztein, Elie},
      booktitle = {{Proceedings of the IEEE Symposium on Security and Privacy}},
      pages = {743-758},
      year = {2016}
    }
    

30. Ad Injection at Scale: Assessing Deceptive Advertisement Modifications
    Kurt Thomas, Elie Bursztein, Chris Grier, Grant Go, Nav Jagpal, Alexandros Kapravelos, Damon Mccoy, Antonio Nappa, Vern Paxson, Paul Pearce, Niels Provos, Moheeb Abu Rajab
    Proceedings of the IEEE Symposium on Security and Privacy, 2015
    Distinguished Practical Paper Award
    [PDF] [Bibtex]

    ×

    @inproceedings{adinjection-SP15,
      title = {{Ad Injection at Scale: Assessing Deceptive Advertisement Modifications}},
      author = {Thomas, Kurt and Bursztein, Elie and Grier, Chris and Go, Grant and Jagpal, Nav and Kapravelos, Alexandros and Mccoy, Damon and Nappa, Antonio and Paxson, Vern and Pearce, Paul and Provos, Niels and Abu Rajab, Moheeb},
      booktitle = {{Proceedings of the IEEE Symposium on Security and Privacy}},
      note = {Distinguished Practical Paper Award},
      year = {2015}
    }
    

31. The Dark Alleys of Madison Avenue: Understanding Malicious Advertisements
    Apostolis Zarras, Alexandros Kapravelos, Gianluca Stringhini, Thorsten Holz, Chris Kruegel, Giovanni Vigna
    Proceedings of the Internet Measurement Conference (IMC), 2014
    [PDF] [Bibtex]

    ×

    @inproceedings{malvertisments-IMC14,
      title = {{The Dark Alleys of Madison Avenue: Understanding Malicious Advertisements}},
      author = {Zarras, Apostolis and Kapravelos, Alexandros and Stringhini, Gianluca and Holz, Thorsten and Kruegel, Chris and Vigna, Giovanni},
      booktitle = {{Proceedings of the Internet Measurement Conference (IMC)}},
      year = {2014}
    }
    

32. Hulk: Eliciting Malicious Behavior in Browser Extensions
    Alexandros Kapravelos, Chris Grier, Neha Chachra, Chris Kruegel, Giovanni Vigna, Vern Paxson
    Proceedings of the USENIX Security Symposium, 2014
    [PDF] [Bibtex]

    ×

    @inproceedings{hulk-UsenixSec14,
      title = {{Hulk: Eliciting Malicious Behavior in Browser Extensions}},
      author = {Kapravelos, Alexandros and Grier, Chris and Chachra, Neha and Kruegel, Chris and Vigna, Giovanni and Paxson, Vern},
      booktitle = {{Proceedings of the USENIX Security Symposium}},
      year = {2014},
      organization = {USENIX}
    }
    

33. PExy: The other side of Exploit Kits
    Giancarlo De Maio, Alexandros Kapravelos, Yan Shoshitaishvili, Chris Kruegel, Giovanni Vigna
    Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2014
    [PDF] [Bibtex]

    ×

    @inproceedings{pexy-DIMVA14,
      title = {{PExy: The other side of Exploit Kits}},
      author = {De Maio, Giancarlo and Kapravelos, Alexandros and Shoshitaishvili, Yan and Kruegel, Chris and Vigna, Giovanni},
      booktitle = {{Proceedings of the Conference on Detection of Intrusions and Malware \& Vulnerability Assessment (DIMVA)}},
      year = {2014}
    }
    

34. Revolver: An Automated Approach to the Detection of Evasive Web-based Malware
    Alexandros Kapravelos, Yan Shoshitaishvili, Marco Cova, Chris Kruegel, Giovanni Vigna
    Proceedings of the USENIX Security Symposium, 2013
    [PDF] [Bibtex]

    ×

    @inproceedings{revolver-UsenixSec13,
      title = {{Revolver: An Automated Approach to the Detection of Evasive Web-based Malware}},
      author = {Kapravelos, Alexandros and Shoshitaishvili, Yan and Cova, Marco and Kruegel, Chris and Vigna, Giovanni},
      booktitle = {{Proceedings of the USENIX Security Symposium}},
      year = {2013}
    }
    

35. Cookieless Monster: Exploring the Ecosystem of Web-based Device Fingerprinting
    Nick Nikiforakis, Alexandros Kapravelos, Wouter Joosen, Chris Kruegel, Frank Piessens, Giovanni Vigna
    Proceedings of the IEEE Symposium on Security and Privacy, 2013
    [PDF] [Bibtex]

    ×

    @inproceedings{cookiemonster-SP13,
      title = {{Cookieless Monster: Exploring the Ecosystem of Web-based Device Fingerprinting}},
      author = {Nikiforakis, Nick and Kapravelos, Alexandros and Joosen, Wouter and Kruegel, Chris and Piessens, Frank and Vigna, Giovanni},
      booktitle = {{Proceedings of the IEEE Symposium on Security and Privacy}},
      year = {2013}
    }
    

36. You Are What You Include: Large-scale Evaluation of Remote JavaScript Inclusions
    Nick Nikiforakis, Luca Invernizzi, Alexandros Kapravelos, Steven Van Acker, Wouter Joosen, Chris Kruegel, Frank Piessens, Giovanni Vigna
    Proceedings of the ACM Conference on Computer and Communications Security (CCS), 2012
    [PDF] [Bibtex]

    ×

    @inproceedings{jsinclusions-CCS12,
      title = {You Are What You Include: Large-scale Evaluation of Remote JavaScript Inclusions},
      author = {Nikiforakis, Nick and Invernizzi, Luca and Kapravelos, Alexandros and Van Acker, Steven and Joosen, Wouter and Kruegel, Chris and Piessens, Frank and Vigna, Giovanni},
      booktitle = {{Proceedings of the ACM Conference on Computer and Communications Security (CCS)}},
      year = {2012}
    }
    

37. Escape from Monkey Island: Evading High-Interaction Honeyclients
    Alexandros Kapravelos, Marco Cova, Chris Kruegel, Giovanni Vigna
    Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2011
    [PDF] [Bibtex]

    ×

    @inproceedings{monkeyisland-DIMVA11,
      title = {{Escape from Monkey Island: Evading High-Interaction Honeyclients}},
      author = {Kapravelos, Alexandros and Cova, Marco and Kruegel, Chris and Vigna, Giovanni},
      booktitle = {{Proceedings of the Conference on Detection of Intrusions and Malware \& Vulnerability Assessment (DIMVA)}},
      year = {2011}
    }
    

38. D(e|i)aling with VoIP: Robust Prevention of Dial Attacks
    Alexandros Kapravelos, Jason Polakis, Elias Athanasopoulos, Sotiris Ioannidis, Evangelos P. Markatos
    Proceedings of the European Symposium on Research in Computer Security (ESORICS), 2010
    [PDF] [Bibtex]

    ×

    @inproceedings{dial-esorics10,
      title = {{D(e$\mid$i)aling with VoIP: Robust Prevention of Dial Attacks}},
      author = {Kapravelos, Alexandros and Polakis, Jason and Athanasopoulos, Elias and Ioannidis, Sotiris and Markatos, Evangelos P.},
      booktitle = {{Proceedings of the European Symposium on Research in Computer Security (ESORICS)}},
      year = {2010}
    }
    

39. Realistic Passive Packet Loss Measurement for High-Speed Networks
    Ales Friedl, Sven Ubik, Alexandros Kapravelos, Michalis Polychronakis, Evangelos P. Markatos
    Proceedings of the International Workshop on Traffic Monitoring and Analysis (TMA), 2009
    [PDF] [Bibtex]

    ×

    @inproceedings{packetloss-TMA09,
      title = {{Realistic Passive Packet Loss Measurement for High-Speed Networks}},
      author = {Friedl, Ales and Ubik, Sven and Kapravelos, Alexandros and Polychronakis, Michalis and Markatos, Evangelos P.},
      booktitle = {{Proceedings of the International Workshop on Traffic Monitoring and Analysis (TMA)}},
      year = {2009}
    }
    

40. FleXConf: A Flexible Conference Assistant Using Context-Aware Notification Services
    Nikos Armenatzoglou, Yannis Marketakis, Lito Kriara, Elias Apostolopoulos, Vicky Papavasiliou, Dimitris Kampas, Alexandros Kapravelos, Eythimis Kartsonakis, Giorgos Linardakis, Sofia Nikitaki, Antonis Bikakis, Grigoris Antoniou
    Proceedings of the IEEE Workshop on Context Aware Mobile Systems (CAMS), 2009
    [PDF] [Bibtex]

    ×

    @inproceedings{flexconf,
      author = {Armenatzoglou, Nikos and Marketakis, Yannis and Kriara, Lito and Apostolopoulos, Elias and Papavasiliou, Vicky and Kampas, Dimitris and Kapravelos, Alexandros and Kartsonakis, Eythimis and Linardakis, Giorgos and Nikitaki, Sofia and Bikakis, Antonis and Antoniou, Grigoris},
      title = {FleXConf: A Flexible Conference Assistant Using Context-Aware
                     Notification Services},
      booktitle = {Proceedings of the IEEE Workshop on Context Aware Mobile Systems
        (CAMS)},
      year = {2009}
    }
    

41. Passive end-to-end packet loss estimation for grid traffic monitoring
    Antonis Papadogiannakis, Alexandros Kapravelos, Michalis Polychronakis, Evangelos P. Markatos, Augusto Ciuffoletti
    Proceedings of the CoreGRID Integration Workshop, 2006
    [PDF] [Bibtex]

    ×

    @inproceedings{lossestimation-coregrid06,
      title = {{Passive end-to-end packet loss estimation for grid traffic monitoring}},
      author = {Papadogiannakis, Antonis and Kapravelos, Alexandros and Polychronakis, Michalis and Markatos, Evangelos P. and Ciuffoletti, Augusto},
      booktitle = {{Proceedings of the CoreGRID Integration Workshop}},
      year = {2006}
    }
    

Contact