Who am I?

My name is Alexandros Kapravelos and I'm an Assistant Professor in the Department of Computer Science at North Carolina State University. I am a member of the Wolfpack Security and Privacy Research (WSPR) Lab. I earned my PhD in 2015 from University of California, Santa Barbara under the advice of Giovanni Vigna and Christopher Kruegel

Research Interests

I'm interested in systems and software security and my current focus is on web security and in particular finding new ways to detect if a web page is malicious or not. I'm the lead developer of Wepawet's development and improvement. My latest project is tracking the evolution of malicious JavaScript with Revolver.

Last Blog Post

My last blog post is "Attacking home routers via JavaScript" where I explain an attack I found in the wild that targets the victim's local router via JavaScript.

last blog post


  1. Cloak of Visibility: Detecting When Machines Browse A Different Web
    Luca Invernizzi, Kurt Thomas, Alexandros Kapravelos, Oxana Comanescu, Jean-Michel Picod, Elie Bursztein
    IEEE Symposium on Security and Privacy, 2016
    [ PDF ]
  2. Ad Injection at Scale: Assessing Deceptive Advertisement Modifications
    Kurt Thomas, Elie Bursztein, Chris Grier, Grant Ho, Nav Jagpal, Alexandros Kapravelos, Damon McCoy, Antonio Nappa, Vern Paxson, Paul Pearce, Niels Provos, Moheeb Abu Rajab
    IEEE Symposium on Security and Privacy, 2015
    Distinguished Practical Paper Award
    [ PDF ]
  3. The Dark Alleys of Madison Avenue: Understanding Malicious Advertisements
    Apostolis Zarras, Alexandros Kapravelos, Gianluca Stringhini, Thorsten Holz, Christopher Kruegel, Giovanni Vigna
    IMC, 2014 (short paper)
    [ PDF ]
  4. Hulk: Eliciting Malicious Behavior in Browser Extensions
    Alexandros Kapravelos, Chris Grier, Neha Chachra, Chris Kruegel, Giovanni Vigna, and Vern Paxson
    USENIX Security, 2014
    [ PDF ]
  5. PExy: The other side of Exploit Kits
    Giancarlo De Maio, Alexandros Kapravelos, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna
    Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), 2014
    [ PDF ]
  6. Revolver: An Automated Approach to the Detection of Evasive Web-based Malware
    Alexandros Kapravelos, Yan Shoshitaishvili, Marco Cova, Christopher Kruegel, and Giovanni Vigna
    USENIX Security, 2013
    [ PDF ] [ presentation ] [ Revolver's website ]
  7. Cookieless Monster: Exploring the Ecosystem of Web-based Device Fingerprinting
    Nick Nikiforakis, Alexandros Kapravelos, Wouter Joosen, Christopher Kruegel, Frank Piessens, and Giovanni Vigna
    IEEE Symposium on Security and Privacy (S&P), 2013
    [ PDF ]
  8. You Are What You Include: Large-scale Evaluation of Remote JavaScript Inclusions
    Nick Nikiforakis, Luca Invernizzi, Alexandros Kapravelos, Steven Van Acker, Wouter Joosen, Christopher Kruegel, Frank Piessens, and Giovanni Vigna
    19th ACM Conference on Computer and Communications Security (CCS), ACM Press. USA, 2012.
    [ PDF ]
  9. Escape from Monkey Island: Evading High-Interaction Honeyclients
    Alexandros Kapravelos, Marco Cova, Christopher Kruegel, and Giovanni Vigna
    8th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2011
    [ PDF ]
  10. D(e|i)aling with VoIP: Robust Prevention of Dial Attacks
    Alexandros Kapravelos, Iasonas Polakis, Ilias Athanasopoulos, Sotiris Ioannidis, and Evangelos Markatos
    European Symposium on Research in Computer Security (ESORICS), 2010
    [ PDF ]
  11. Realistic Passive Packet Loss Measurement for High-Speed Networks
    Ales Friedl, Sven Ubik, Alexandros Kapravelos, Michalis Polychronakis, and Evangelos Markatos
    1st International Workshop on Traffic Monitoring and Analysis (TMA), 2009
    [ PDF ]
  12. Flexconf: A flexible conference assistant using context-aware notification services
    Nikos Armenatzoglou, Yannis Marketakis, Lito Kriara, Elias Apostolopoulos, Vicky Papavasiliou, Dimitris Kampas, Alexandros Kapravelos, Eythimis Kartsonakis, Giorgos Linardakis, Sofia Nikitaki,Antonis Bikakis, and Grigoris Antoniou
    On the Move to Meaningful Internet Systems: OTM Workshops, 2009
    [ PDF ]
  13. Passive end-to-end packet loss estimation for grid traffic monitoring
    Antonis Papadogiannakis, Alexandros Kapravelos, Michalis Polychronakis, Evangelos Markatos, and Augusto Ciuffoletti
    Proceedings of the CoreGRID Integration Workshop, 2006
    [ PDF ]