2024
C166. G. Stergiopoulos, S. Leventopoulos, D. Gritzalis, ""A Machine Learning approach to optimizing cybersecurity spending in critical infrastructures", in Proc. of the 21st International Conference on Security and Cryptography (SECRYPT-2024), ScitePress, France, July 2024 (to appear).
C165. A. Anagnostopoulou, T. Papaloukas, G. Stergiopoulos, D. Gritzalis, "From plant to lab: Evaluating and comparing industrial emulation tools for real-world testing in Industrial Control Systems", in Proc. of the 21st International Conference on Security and Cryptography (SECRYPT-2024), ScitePress, France, July 2024 (to appear).
2023
C164. Stergiopoulos G., Kampolis M.-T., Michaloliakos M., Gritzalis D., “A framework for assessing cyberattacks on LNG vessels", in 14th NMIOTC Annual Conference on Energy Security and the Maritime Interdiction (NMIOTC-2023), Chania, Greece, June 2023.
C163. Anagnostopoulou A., Mavridis Ι., Gritzalis D., “Risk-based illegal information flow detection in the IIoT", in Proc. of the 20th International Conference on Security & Cryptography (SECRYPT-2023), Rome, pp. 377-384, ScitePress, July 2023.
C162. Adamos K., Filippopoulos I., Stergiopoulos G., Gritzalis D., "A survey on National Cyber Emergency Plans", in Proc. of the 22nd European Conference on Cyber Warfare and Security (ECCWS-2022), Interscience, Greece, June 2023.
2022
C161. Dedousis P., Raptaki M., Stergiopoulos G., Gritzalis D., "Towards an automated business process model risk assessment: A process mining approach", in Proc. of the 19th International Conference on Security & Cryptography (SECRYPT-2022), pp. 35-46, ScitePress, August 2022.
2020
C160. Dedousis P., Stergiopoulos G., Gritzalis D., "Towards integrating security in industrial engineering design practices", in Proc. of the 18th International Conference on Security & Cryptography (SECRYPT-2021), pp. 161-173, ScitePress, July 2021.
C159. Stergiopoulos G., Gritzalis D., "Defending Oil & Gas Critical Infrastructures from Cyber-attacks", Invited lecture, 15th International Conference on Critical Information Infrastructure Security (CRITIS-2020), United Kingdom, September 2020.
C158. Stergiopoulos G., Ligerou E., Tsalis N., Tomaras D., Gritzalis D., “Avoiding network and host detection using packet bit-masking”, in Proc. of the 17th International Conference on Security & Cryptography (SECRYPT-2020), pp. 52-63, ScitePress, France, July 2020.
2019
C157. Stergiopoulos G., Ntouskas T., Gritzalis D., "Results on container ship route risk-based interdependency modeling", in Proc. of the 3rd NATO MIOTC Cyber Security Conference in Maritime Domain (NMIOTC-2019), Greece, April 2019.
2018
C156. Lykou G., Anagnostopoulou A., Stergiopoulos G., Gritzalis D., “Cybersecurity self-assessment tools: Evaluating the importance of securing industrial control systems in Critical Infrastructures”, in Proc. of the 13th International Conference on Critical Information Infrastructures Security (CRITIS-2018), pp. 129-142, Springer, Lithuania, September 2018.
C155. Stergiopoulos G., Talavari A., Bitsikas E., Gritzalis D., "Automatic detection of various malicious traffic using side channel features on TCP packets", in Proc. of the 23rd European Symposium on Research in Computer Security (ESORICS-2018), pp. 346–362, Springer (LNCS 11099), Spain, September 2018.
C154. Tsalis N., Stergiopoulos G., Bitsikas E., Gritzalis D., Apostolopoulos T., “Side channel attacks over encrypted TCP/IP Modbus reveal functionality leaks”, in Proc. of the 15th International Conference on Security and Cryptography (SECRYPT-2018), pp. 53-63, ScitePress, Portugal, July 2018.
C153. Lykou G., Anagnostopoulou A., Gritzalis D., “Implementing cyber-security measures in airports to improve cyber-resilience”, in Proc. of the Global Internet of Things Summit (GIoTS-2018), pp. 305-310, IEEE, Spain, June 2018.
2017
C152. Stergiopoulos G., Gritzalis D., Ntouskas T., "Interdependency analysis of port calls and ship routes for cascading delay analysis between interconnected ports", 2nd NMIOTC Conference on Cyber Security in Maritime Domain, Greece, September 2017.
C151. Pipyros K., Mitrou L., Gritzalis D., "Evaluating the effects of cyber-attacks on critical infrastructures in the context of Tallinn manual", 2nd NMIOTC Conference on Cyber Security in Maritime Domain, Greece, September 2017.
C149. Lykou G., Iakovakis G., Chronis G., Gritzalis D., "Analysis and Classification of Adaptation Tools for Transport Sector Adaptation Planning", in Proc. of the 12th International Conference on Critical Information Infrastructures Security (CRITIS-2017), Springer (LNCS 10707), pp. 37–47, Italy, September 2017 (preprint version).
C148. Stergiopoulos G., Valvis E., Anagnou-Misyris F., Bozovic N., Gritzalis D., “Interdependency analysis of junctions for congestion mitigation in Transportation Infrastructures”, 1st ACM SIGMETRICS International Workshop on Critical Infrastructure Network Security (CINS-2017), Vol. 45, No. 2, pp. 119-124, June 2017 (preprint version).
C147. Benias N., Chantzaras V., Iakovakis G., Gritzalis D., “Phishing campaigns in corporate water”, in Proc. of the 16th European Conference on Cyber Warfare and Security (ECCWS-2017), pp. 34-43, Ireland, June 2017.
C146. Lykou G., Stergiopoulos G., Papachrysanthou A., Gritzalis D., “Climate adaption: Addressing risks and impacts of climate change on Transport Sector”, 11th International Conference on Critical Infrastructure Protection (CIP-2017), USA, March 2017 (preprint version).
2016
C145. Gritzalis D., Stergiopoulos G., Kotzanikolaou P., Magkos E., Lykou G., "Critical Infrastructure Protection: A Holistic Methodology for Greece", in Proc. of the Workshop on the Security of Industrial Control Systems and Cyber-Physical Systems (in conjunction with ESORICS-2016), Springer (LNCS 10166), pp. 19–36, September 2016 (preprint version).
C144. Pipiros K., Thraskias C., Mitrou L., Gritzalis D., Apostolopoulos T., “Cyber-attacks evaluation using a simple additive weighting method on the basis of Schmitt’s analysis”, in Proc. of the 10th Mediterranean Conference on Information Systems (MCIS-2016), Springer, pp. 1-10, Cyprus, September 2016 (preprint version).
C143. Faily S., Lykou G., Partridge A., Gritzalis D., Mylonas A., Katos V., “Human-Centered Specification Exemplars for Critical Infrastructure Environments”, in Proc. of the 30th British Human Computer Interaction Conference (HCI-2016), July 2016 (short paper).
C142. Stergiopoulos G, Katsaros P., Gritzalis D., Apostolopoulos T., “Combining invariant violation with execution path classification for detecting multiple types of logical errors and race conditions”, in Proc. of the 13th International Conference on Security & Cryptography (SECRYPT-2016), Vol. 4, pp. 28-40, Portugal, July 2016 (preprint version).
C141. Stergiopoulos G., Vasilellis E., Lykou G., Kotzanikolaou P., Gritzalis D., “Critical Infrastructure Protection tools: Classification and comparison”, in Proc. of the 10th International Conference on Critical Infrastructure Protection (CIP-2016), USA, March 2016 (preprint version).
2015
C140. Xie J., Theocharidou M., Barbarin Y., Rome E., "Knowledge-driven Scenario Development for Critical Infrastructure Protection", in Proc. of the 10th International Conference on Critical Infrastructures Security (CRITIS-2015), Springer, Germany, October 2015.
C139. Salonikias S., Mavridis I., Gritzalis D., "Access control issues in utilizing Fog Computing for Transportation Infrastructures", in Proc. of the 10th International Conference on Critical Infrastructures Security (CRITIS-2015), Springer (LNCS 9578), pp. 15–26, Germany, October 2015 (preprint version).
C138. Faily S., Stergiopoulos G., Katos V., Gritzalis D., "Water, water, everywhere: Nuances for a Water Industry Critical Infrastructure specification exemplar", in Proc. of the 10th International Conference on Critical Infrastructures Security (CRITIS-2015), pp. 243-246, Springer (LNCS 9578), Germany, October 2015 (preprint version).
C137. Tsalis N., Mylonas A., Gritzalis D., "An intensive analysis of the availability of security and privacy browser add-ons", in Proc. of the 10th International Conference on Risks and Security of Internet and Systems (CRiSIS-2015), pp. 258-273, Springer (LNCS 9572), Greece, July 2015. (preprint version).
C136. Stergiopoulos G., Petsanas P., Katsaros P., Gritzalis D., "Automated exploit detection using path profiling: The disposition should matter, not the position", in Proc. of the 12th International Conference on Security and Cryptography (SECRYPT-2015), pp. 100-111, ScitePress, France, July 2015 (preprint version).
C135. Stergiopoulos G., Kotzanikolaou P., Theoharidou M., Gritzalis D., “Using centrality metrics in CI dependency risk graphs for efficient risk mitigation”, in Proc. of the 9th IFIP International Conference on Critical Infrastructure Protection (CIP-2015), Springer, USA, March 2015 (preprint version).
C134. Stergiopoulos G., Theoharidou M., Gritzalis D., "Using logical error detection in Remote-Terminal Units to predict initiating events of Critical Infrastructures failures", in Proc. of the 3rd International Conference on Human Aspects of Information Security, Privacy and Trust (HCI-2015), pp. 672-683, Springer (LNCS 9190), USA, August 2015.
C133. Pierrakakis K., Gritzali C., Kandias M., Gritzalis D., "3D Printing: A Paradigm Shift in Political Economy?", in Proc. of the 65th International Studies Association's Annual Convention (ISA-2015), USA, February 2015 (preprint version).
2014
C132. Soupionis Y., Benoist T., “Cyber attacks in Power Grid ICT systems leading to financial disturbance”, in Proc. of the 9th International Conference on Critical Information Infrastructures Security (CRITIS-2014), Springer (LNCS 8985), pp. 256-267, Cyprus, October 2014 (preprint version).
C131. Soupionis Y., Ntalampiras S., Giannopoulos G., “Faults and Cyber Attacks Detection in Critical Infrastructures”, in Proc. of the 9th International Conference on Critical Information Infrastructures Security (CRITIS-2014), Springer (LNCS 8985), pp. 283–289, Cyprus, October 2014 (preprint version).
C130. Stavrou V., Kandias M., Karoulas G., Gritzalis D., "Business Process Modeling for Insider threat monitoring and handling", in Proc. of the 11th International Conference on Trust, Privacy & Security in Digital Business (TRUSTBUS-2014), pp. 119-131, Springer (LNCS 8647), Germany, September 2014 (preprint version).
C129. Virvilis N., Tsalis N., Mylonas A., Gritzalis D., "Mobile devices: A phisher's paradise", in Proc. of the 11th International Conference on Security and Cryptography (SECRYPT-2014), pp. 79-87, ScitePress, Austria, August 2014 (preprint version).
C128. Stergiopoulos G., Katsaros P., Gritzalis D., “Automated detection of logical errors in programs”, in Proc. of the 9th International Conference on Risks and Security of Internet and Systems (CRiSIS-2014), pp. 35-51, Springer (LNCS 8924), Italy, August 2014 (preprint version).
C127. Stergiopoulos G., Katsaros P., Gritzalis D., “Source code profiling and classification for automated detection of logical errors”, in Proc. of the 3rd International Seminar on Program Verification, Automated Debugging and Symbolic Computation (PAS-2014), Austria, July 2014 (preprint version).
C126. Gritzalis D., "Open Source Intelligence produced from Online Social Networks: A proactive cyber-defense tool", 13th European Conference on Cyber Warfare and Security (ECCWS-2014), Keynote address, Greece, July 2014.
C125. Pipyros K., Mitrou L., Gritzalis D., Apostolopoulos T., "A cyber attack evaluation methodology", in Proc. of the 13th European Conference on Cyber Warfare and Security (ECCWS-2014), pp. 264-270, ACPI, Greece, July 2014 (preprint version).
C124. N. Virvilis, O. Serrano, "Changing the game: The art of deceiving sophisticated attackers", in Proc. of the 6th International Conference on Cyber Conflict (CYCON-014), Estonia, June 2014 (preprint version).
C123. Apostolou A., Kalamboukis T., Mitrou L., "A Greek retrieval system in the legal domain: New rules for data protection", in Proc. of the 6th International Conference on Information Law and Ethics (ICIL-2014), Greece, May 2014 (preprint version).
C122. Mitrou L., "Towards new data protection rules", in Proc. of the 6th International Conference on Information Law and Ethics, Greece, May 2014.
C121. Pierrakakis K., Kandias M., Gritzali C., Gritzalis D., “3D Printing and its regulation dynamics: The world in front of a paradigm shift”, in Proc. of the 6th International Conference on Information Law and Ethics (ICIL-2014), Law Library Publications, Greece, May 2014 (preprint version).
C120. Mitrou L., Kandias M., Stavrou V., Gritzalis D., "Social media profiling: A Panopticon or Omniopticon tool?", in Proc. of the 6th Conference of the Surveillance Studies Network, Spain, April 2014 (preprint version).
C119. Soupionis Y., Benoist T., "Demonstrating cyber-attack impact on cyber-physical simulated environment", in Proc. of the 5th ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS-2014), Berlin, April 2014.
C118. Gritzalis D., Stavrou V., Kandias M., Stergiopoulos G., “Insider Threat: Εnhancing BPM through Social Media”, in Proc. of the 6th IFIP International Conference on New Technologies, Mobility and Security (NMTS-2014), IEEE Press, UAE, April 2014 (preprint version).
C117. Gritzalis D., Kandias M., Stavrou V., Mitrou L., "History of Information: The case of Privacy and Security in Social Media", in Proc. of the History of Information Conference (INFOHIST-2013), Law Library Publications, Athens, 2014 (preprint version).
2013
C116. Virvilis N., Gritzalis D., “Trusted Computing vs. Advanced Persistent Threats: Can a defender win this game?”, in Proc. of 10th IEEE International Conference on Autonomic and Trusted Computing (ATC-2013), pp. 396-403, IEEE Press, Italy, December 2013 (preprint version).
C115. Kandias M., Stavrou V., Bozovic N., Mitrou L., Gritzalis D., "Can we trust this user? Predicting insider’s attitude via YouTube usage profiling", in Proc. of 10th IEEE International Conference on Autonomic and Trusted Computing (ATC-2013), pp. 347-354, IEEE Press, Italy, December 2013 (preprint version).
C114. Tsalis N., Theoharidou M., Gritzalis D., “Return on security investment for Cloud platforms”, in Proc. of the Economics of Security in the Cloud Workshop (ESC-2013), pp.132-137, IEEE Press, United Kingdom, December 2013 (preprint version).
C113. Theoharidou M., Papanikolaou N., Pearson S., Gritzalis D., “Privacy risks, security and accountability in the Cloud”, in Proc. of the 5th IEEE Conference on Cloud Computing Technology and Science (CloudCom-2013), pp.177-184, IEEE Press, United Kingdom, December 2013 (preprint version).
C112. Mylonas A., Theoharidou M., Gritzalis D., "Assessing privacy risks in Android: A user-centric approach", in Proc. of the 1st Workshop on Risk Assessment and Risk-driven Testing (RISK-2013), pp. 21-37, Springer (LNCS 8418), Turkey, November 2013 (preprint version).
C111. Kandias M., Stavrou V., Bosovic N., Mitrou L., Gritzalis D., “Proactive insider threat detection through social media: The YouTube case”, in Proc. of the 12th Workshop on Privacy in the Electronic Society (WPES-2013), pp. 261-266, ACM Press, Germany, November 2013 (preprint version).
C110. Mylonas A., Tsalis N., Gritzalis D., "Evaluating the manageability of web browsers controls", in Proc. of the 9th International Workshop on Security and Trust Management (STM-2013), pp. 82-98, Springer (LNCS 8203), United Kingdom, September 2013 .
C109. Virvilis N., Gritzalis D., “The Big Four - What we did wrong in Advanced Persistent Threat detection?”, in Proc. of the 8th International Conference on Availability, Reliability and Security (ARES-2013), pp. 248-254, IEEE, Germany, September 2013.
C108. Mylonas A., Gritzalis D., Tsoumas B., Apostolopoulos T., “A qualitative metrics vector for the awareness of smartphone security users”, in Proc. of the 10th International Conference on Trust, Privacy & Security in Digital Business (TRUSTBUS-2013), pp. 173-184, Springer (LNCS 8058) Chech Republic, August 2013.
C107. Lalas E., Mitrou L., Lambrinoudakis C.,"ProCAVE: Privacy-Preserving Collection and Authenticity Validation of Online Evidence", in Proc. of the 10th International Conference on Trust, Privacy & Security in Digital Business (TRUSTBUS-2013), pp. 137-148, Springer (LNCS 8058) Chech Republic, August 2013 (preprint version).
C106. Stergiopoulos G., Kandias M., Gritzalis D., "Approaching Encryption through Complex Number Logarithms" (position paper), in Proc. of the 10th International Conference on Security and Cryptography (SECRYPT-2013), pp. 574-579, Samarati P., et al. (Eds.), ScitePress, Iceland, July 2013 (preprint version).
C105. Kandias M., Mitrou L., Stavrou V., Gritzalis D., “Which side are you on? A new Panopticon vs. privacy”, in Proc. of the 10th International Conference on Security and Cryptography (SECRYPT-2013), pp. 98-110, Samarati P., et al. (Eds.), ScitePress, Iceland, July 2013 (preprint version).
C104. Gritzalis D., Katos V., Katsaros P., Soupionis Y., Psaroudakis J., Mentis A., “The Sphinx enigma in critical VoIP infrastructures: Human or botnet?”, in Proc. of the 4th International Conference on Information, Intelligence, Systems and Applications (IISA-2013), IEEE Press, Greece, July 2013.
C103. Polemi D., Ntouskas T., Georgakakis E., Douligeris C., Theoharidou M., Gritzalis D., “S-Port: Collaborative security management of Port Information Systems”, in Proc. of the 4th International Conference on Information, Intelligence, Systems and Applications (IISA-2013), IEEE Press, Greece, July 2013.
C102. Theoharidou M., Tsalis N., Gritzalis D., "In Cloud we Trust: Risk-Assessment-as-a-Service", in Proc. of the 7th IFIP International Conference on Trust Management (IFIP TM-2013), pp. 100-110, Springer (AICT 401), Spain, June 2013.
C101. Kandias M., Galbogini K., Mitrou L., Gritzalis D., "Insiders trapped in the mirror reveal themselves in social media", in Proc. of the 7th International Conference on Network and System Security (NSS 2013), pp. 220-235, Springer (LNCS 7873), Spain, June 2013.
C100. Stergiopoulos G., Tsoumas V., Gritzalis D., "On Business Logic Vulnerabilities Hunting: The APP_LogGIC Framework", in Proc. of the 7th International Conference on Network and System Security (NSS 2013), pp. 236-249, Springer (LNCS 7873), Spain, June 2013.
C99. Kotzanikolaou P., Theoharidou M., Gritzalis D., “Cascading effects of common-cause failures on Critical Infrastructures", in Proc. of the 7th IFIP International Conference on Critical Infrastructure Protection (CIP-2013), pp. 171-182, Springer (AICT 417), USA, March 2013 (presentation).
C98. Pitropakis N., Lambrinoudakis C., Geneiatakis D., Gritzalis D., “A practical Steganography approach for Matroska-based high quality video files”, in Proc. of the 7th International Symposium on Security and Multimodality in Pervasive Environment (SMPE-2013), pp. 684-688, IEEE Press, Spain, March 2013.
2012
C97. Stachtiari E., Soupionis Y., Katsaros P., Mentis A., Gritzalis D., “Probabilistic model checking of CAPTCHA admission control for DoS resistant anti-SPIT protection”, in Proc. of the 7th International Conference on Critical Information Infrastructures Security (CRITIS-2012), pp. 143-154, Springer (LNCS 7722), Norway, September 2012.
C96. Theoharidou M., Kandias M., Gritzalis D., “Securing Transportation-Critical Infrastructures: Trends and Perspectives”, in Proc. of the 7th IEEE International Conference in Global Security, Safety and Sustainability (ICGS3-2011), pp. 171-178, Springer (LNICST 0099), Greece, 2012.
C95. A. Tassidou, P. Efraimidis, Y. Soupionis, L. Mitrou, V. Katos, "User-centric privacy-preserving adaptation for VoIP CAPTCHA challenges", in Proc. of the 6th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2012), Furnell S., et al. (Eds.), Greece, June 2012.
C94. Theoharidou M., Mylonas A., Gritzalis D., “A risk assessment method for smartphones”, in Proc. of the 27th IFIP International Information Security and Privacy Conference, pp. 428-440, Springer (AICT 267), Greece, June 2012.
C93. Υ. Soupionis, M. Kandias, "Web services security assessment: An authentication-focused approach", in Proc. of the 27th IFIP Information Security and Privacy Conference, pp. 561-566, Gritzalis D., et al (Eds.), Springer (AICT 376), June 2012.
C92. Mylonas A., Meletiadis V., Tsoumas B. Mitrou L., Gritzalis D., “Smartphone forensics: A proactive investigation scheme for evidence acquisition”, in Proc. of the 27th IFIP International Information Security and Privacy Conference, pp. 245-256, Springer (AICT 267), Greece, June 2012.
C91. Stergiopoulos G, Tsoumas B., Gritzalis D., “Hunting application-level logical errors”, in Proc. of the 4th International Symposium on Engineering Secure Software and Systems (ESSOS-2012), Livshits B., et al (Eds.), pp. 135-142, Springer (LNCS 7159), The Netherlands, February 2012.
C90. Tsiakis T., Katsaros P., Gritzalis D., “Economic evaluation of interactive audio media for securing Internet services”, in Proc. of the 7th IEEE International Conference in Global Security, Safety and Sustainability (ICGS3-2011), R. Bashroush, et al. (Eds.), pp. 46-53, Springer (LNICST 0099), Greece, 2012.
C89. Theoharidou M., Kandias M., Gritzalis D., “Securing Transportation-Critical Infrastructures: Trends and Perspectives”, in Proc. of the 7th IEEE International Conference in Global Security, Safety and Sustainability (ICGS3-2011), R. Bashroush, et al. (Eds.), pp. 171-178, Springer (LNICST 0099), Greece, 2012.
2011
C88 Kandias M., Virvilis N., Gritzalis D., "The Insider Threat in Cloud Computing", in Proc. of the 6th International Conference on Critical Infrastructure Security (CRITIS-2011), pp. 93-103, Springer (LNCS 6983), Switzerland, September 2011.
C87. Kotzanikolaou P., Theoharidou M., Gritzalis D., "Interdependencies between Critical Infrastructures: Analyzing the Risk of Cascading Effects”, in Proc. of the 6th International Conference on Critical Infrastructure Security (CRITIS-2011), pp. 104-115, Springer (LNCS 6983), Switzerland, September 2011.
C86. Virvilis N., Dritsas S., Gritzalis D., “Secure Cloud Storage: Available Infrastructure and Architecture Review and Evaluation”, in Proc. of the 8th International Conference on Trust, Privacy & Security in Digital Business (TRUSTBUS-2011), Furnell S., et al. (Eds.), pp 74-85, LNCS-6863, Springer, France, August 2011.
C85. Mylonas A., Tsoumas B., Dritsas S., Gritzalis D., “A secure smartphone applications roll-out scheme”, in Proc. of the 8th International Conference on Trust, Privacy & Security in Digital Business (TRUSTBUS-2011), Furnell S., et al. (Eds.), pp. 49-61, LNCS-6863, Springer, France, August 2011.
C84. Soupionis Y., Gritzalis D., "ASPF: An adaptive anti-SPIT policy-based framework", in Proc. of the 6th International Conference on Availability, Reliability and Security (ARES-2011), Pernul G., et al. (Eds.), pp. 153-160, Austria, August 2011.
C83. Kandias M., Mylonas A., Theoharidou M., Gritzalis D., “Exploitation of auctions for outsourcing security-critical projects”, in Proc. of the 16th IEEE Symposium on Computers and Communications (ISCC ‘11), Tinnirello I., et al (Eds.), pp. 646-651, Greece, June 2011.
C82. Mylonas A., Dritsas S, Tsoumas V., Gritzalis D., “Smartphone Security Evaluation: The Malware Attack Case”, in Proc. of the 8th International Conference on Security and Cryptography (SECRYPT-2011), P. Samarati, J. Lopez (Eds.), pp. 25-36, SciTePress, Spain, July 2011.
2010
C81. Virvilis N., Dritsas S., Gritzalis D., “A cloud provider-agnostic secure storage protocol”, in Proc. of the 5th International Conference on Critical Information Infrastructure Security (CRITIS-2010), Wolthusen S., et al. (Eds.), pp. 104-115, Springer (LNCS 6712), Greece, September 2010.
C80. Soupionis Y., Basagiannis S., Katsaros P., Gritzalis D., “A formally verified mechanism for countering SPIT”, in Proc. of the 5th International Conference on Critical Information Infrastructure Security (CRITIS-2010), Wolthusen S., et al. (Eds.), pp. 128-139, Springer (LNCS 6712), Greece, September 2010.
C79. Kandias M., Mylonas A., Virvilis N., Theoharidou M., Gritzalis D., “An Insider Threat Prediction Model”, in Proc. of the 7th International Conference on Trust, Privacy, and Security in Digital Business (TrustBus-2010), pp. 26-37, Lopez J., et al. (Eds.), Springer (LNCS 6264), Spain, August 2010.
2009
C78. Mylonas Α., Virvilis N., Soupionis Y., Gritzalis D., "A "human-or-bot" authentication means for VoIP systems in the AmI context", in Proc. of The Future of Ambient Intelligence and ICT for Security Conference, Belgium, November 2009.
C77. Dritsas S., Gritzalis D., “An ontology-driven antiSPIT architecture”, in Proc. of the 3rd International Conference on e-Democracy (eDemocracy-2009), Sideridis A., et al. (Eds.), pp. 189-198, Springer (LNICST 26), Greece, March 2010.
C76. Gritzalis D., Soupionis Y., "Human or Bot? Let an audio CAPTCHA decide", in Proc. of the 4th Workshop on Practical Aspects of Security (PRACSE '09), Dimitriou T. (Ed.), Athens, June 2009 (invited).
C75. Mallios Y., Modi S., Agarwala A., Johns C., "Persona: Network Layer Anonymity and Accountability for Next Generation Internet", in Proc. of the 24th IFIP International Information Security Conference (SEC-2009), pp. 410-420, Gritzalis D., Lopez J. (Eds.), IFIP AICT 297, Springer, Cyprus, May 2009.
C74. Theoharidou M., Kotzanikolaou P., Gritzalis D., "Towards a Criticality Analysis Methodology: Redefining Risk Analysis for Critical Infrastructure Protection", in Proc. of the 3rd IFIP International Conference on Critical Infrastructure Protection (CIP-2009), C. Palmer, S. Shenoi (Eds.), Springer, USA, March 2009 (preprint version).
C73. Theoharidou M., Gritzalis D., "Situational Crime Prevention and Insider Threat: Countermeasures and Ethical Considerations", in Proc. of the 8th International Computer Ethics Conference (CEPE-2009), pp.808-820, M. Botis (Ed.), Nomiki Bibliothiki Group, Greece, June 2009.
C72. Soupionis Y., Tountas G., Gritzalis D., "Audio CAPTCHA for SIP-based VoIP", in Proc. of the 24th IFIP International Information Security Conference (SEC-2009), pp. 25-38, Gritzalis D., Lopez J. (Eds.), Springer (LNCS 297), Cyprus, May 2009.
2008
C71. Y. Rebahi, S. Dritsas, T. Golubenco, A. Bergmann, J. F. Juell, "A conceptual architecture for SPIT Mitigation", in Proc. of the 5th IFIP/IEEE International Workshop on Next Generation Networking Middleware (NGNM 2008), Samos Island, Greece, September 2008.
C70. Soupionis Y., Dritsas S., Gritzalis D., "An adaptive policy-based approach to SPIT management", in Proc. of the 13th European Symposium on Research in Computer Security (ESORICS 2008), Lopez J., Jajodia S. (Eds.), pp. 446-460, Springer, Malaga, October 2008.
C69. Dritsas S., Soupionis J., Theoharidou M., Mallios J., Gritzalis D., "SPIT Identification Criteria Implementations: Effectiveness and Lessons Learned", in Proc. of the 23rd International Information Security Conference (SEC-2008), Samarati P., et al. (Eds.), pp. 381-395, Springer, Milan, September 2008.
C68. Mallios J., Dritsas S., Tsoumas B., Gritzalis D., "Attack modelling of SIP-oriented SPIT", in Proc. of the 2nd IEEE-IFIP International Workshop on Critical Information Infrastructures Security (CRITIS' 07), Lopez J., B. Haemmerli (Eds.), pp. 299-310, Springer (LNCS 5141), Spain, May 2008.
2007
C67. Gritzalis D., Theoharidou M., Soupionis Y., "VoIP spam: Trends and perspectives", 2nd Workshop on Practical Aspects of Security (PRACSE '07), Αθήνα, Νοέμβρης 2007 (invited).
C66. Tsochou A., Theoharidou M., Kokolakis S., Gritzalis D., "Addressing cultural dissimilarity in the information security management outsourcing relationship", in Proc. of the 4th International Conference on Trust, Privacy and Security in the Digital Business (TRUSTBUS '07), pp. 24-33, Springer, Germany, September 2007.
C65. Marias G.F., Dritsas S., Theoharidou M., Mallios J., Gritzalis D., "SIP vulnerabilities and antiSPIT mechanisms assessment", in Proc. of the 16th IEEE International Conference on Computer Communications and Networks (ICCCN '07), pp. 597-604, IEEE Press, Hawaii, August 2007 .
C64. Lekkas D., Gritzalis D., "e-Passports as a means towards the first world-wide Public Key Infrastructure", in Proc. of the 4th European PKI Workshop (EuroPKI '07), J. Lopez, P. Samarati (Eds.), pp. 34-48, Springer (LNCS 4582), Spain, June 2007.
C63. Theoharidou M., Stougiannou E., Gritzalis D., "A CBK for Information Security and Critical Infrastructure Protection", in Proc. of the 5th IFIP Conference on Information Security Education (WISE-5), Dodge R., et al. (Eds.), pp. 49-56, Springer, USA, June 2007.
C62. Dritsas S., Mallios J., Theoharidou M., Marias G. F., Gritzalis D., "Threat analysis of the Session Initiation Protocol, regarding spam", in Proc. of the 3rd IEEE International Workshop on Information Assurance (in conjunction with the 26th IEEE International Performance Computing and Communications Conference (IPCCC-2007)), pp. 426-433, IEEE Press, New Orleans, April 2007.
2006
C61. Theoharidou M., Marias G.F., Dritsas S., Gritzalis D., "The Ambient Intelligence Paradigm: A review of security and privacy strategies in leading economies", in Proc. of the 2nd IET International Conference on Intelligent Environments (IE '06), Kameas A., Papalexopoulos D. (Eds.), Vol.2, pp. 213- 219, Athens, 5-6 July 2006.
C60. Dritsas S., Tsaparas J., Gritzalis D., "A Generic Privacy Enhancing Technology for Pervasive Computing Environments", in Proc. of the 3rd International Conference on Trust, Privacy and Security in Digital Business (TrustBus 2006/DEXA 2006), Furnell S., et al. (Eds.), pp. 103-113, Lecture Notes in Computer Science (LNCS 4083), Springer, Poland, September 2006.
C59. Tsoumas V., Papagiannakopoulos P., Dritsas S., Gritzalis D., "Security-by-Ontology: A knowledge-centric approach", in Proc. of the 21st IFIP International Information Security Conference (SEC-2006), Runnenberg K., et al. (Eds.), pp. 99-110, Sweden, May 2006.
C58. Lekkas D., Gritzalis D., "Long-term verifiability of healthcare records authenticity", in Proc. of the 9th IMIAWorking Conference on Data Protection, Roger-France F., et al. (Eds.), IOS Press, France, April 2006.
C57. Tsoumas B., Gritzalis D., "Towards an ontology-based security management", in Proc. of the 20th International IEEE Conference on Advanced Information Networking and Applications (AINA 2006), pp. 985-990, IEEE Press, Austria, April 2006
2005
C56. K. Papapanagiotou, E. Kellinis, G. F. Marias, "Alternatives for Multimedia Messaging System Steganography," IEEE Computational Intelligence and Security (CIS), pp. 589- 596, Dec 2005, Xian, China.
C55. V. Tsetsos, G. F. Marias, and S. Paskalis, " Trust management issues for ad hoc and self-organized networks," The 2nd IFIP TC6 International Workshop on Autonomic Communication (WAC 2005), pp. 153-164, Oct. 2005, Athens, Greece
C54. G. F. Marias, K. Papapanagiotou, and P. Georgiadis, "Caching Alternatives for a MANET-Oriented OCSP Scheme," IEEE/CREATE-NET Workshop on Security and QoS in Communications Networks (IEEE SecQoS), pp. 203-211, Sept. 2005, Athens, Greece
C53. G. F. Marias, V. Tsetsos, O. Sekkas, and P. Georgiadis, " Performance Evaluation of a self-evolving trust building framework," IEEE SECOVAL Workshop, pp. 134-143, Athens, Sept. 2005
C52. G. F. Marias, V. Tsetsos, O. Sekkas, and P. Georgiadis, "A generic framework towards trust building in self-organized, peer, networks", 1st IEEE International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (IEEE SecPerU2005), pp. 101-110, Santorini, July 2005
C51. D. Drossos, G. F. Marias, and D. Gouscos, "M-GOV: A proposed architecture for mobile government transactions", 1st Euro Conference on Mobile Government, pp. 221- 233, Brighton, UK, July 2005
C50. G. F. Marias, C. Delakouridis, L. Kazatzopoulos, and P. Georgiadis, "Location Privacy Through Secret Sharing Techniques", 1st IEEE International Workshop on Trust, Security and Privacy for Ubiquitous Computing, pp. 614- 620, TSPUC 2005, Taormina, Italy, June 2005
C49. C. Delakouridis, L. Kazatzopoulos, G. F. Marias, and P. Georgiadis, "Share The Secret: Enabling location privacy in ubiquitous environments" Location and Context-Awareness Workshop, LoCA 2005, pp. 289-305, Munich, Germany, May 2005
C48. G. F. Marias, K. Papapanagiotou, and P. Georgiadis, "ADOPT. A Distributed OCSP for Trust Establishment in MANETs", 11th European Wireless Conference 2005, pp. 565-588, Nicosia, Cyprus, April 2005
C47. G. F. Marias, K. Papapanagiotou, and P. Georgiadis, "A Distributed OCSP Framework For Ad-Hoc Networks", International Conference Applied Computing 2005, pp. 105-112, Algarve, Portugal, Febr. 2005
C46. Dritsas S., Gymnopoulos L., Karyda M., Balopoulos T., Kokolakis S., Lambrinoudakis C.,Gritzalis S., "Employing Ontologies for the Development of Security Critical Applications: The Secure e-Poll Paradigm", in Proc. of the IFIP I3E International Conference on eBusiness, eCommerce, and eGovernemnt, Funabashi M., Grzech A. (Eds.), pp.187-201, Poznan, Poland, Springer, October 2005.
C45. Tsoumas V., Dritsas S., Gritzalis D., "An ontology-based approach to information system security management", in Proc. of the 3 rd International Conference on Mathematical Models, Methods and Architectures for Computer Network Security (MMM-2005), Gorodetsky V., et al. (Eds.), pp. 151-164, Springer, St. Petersburg, September 2005.
C44. Dritsas S., Mallios J., Gritzalis D., Labrinoudakis C., "Applicability of Privacy Enhancing Technologies in Ubiquitous Computing environments", in Proc. of the IEEE Workshop on Security, Privacy and Trust in Ubiquitous Computing (SecPerU-2005), pp. 61-70, IEEE Press, Greece, August 2005.
C43. Balopoulos T., Dritsas S., Gymnopoulos L., Karyda M., Kokolakis S., Gritzalis S., "Incorporating Security Requirements into the Software Development Process", in Proceedings of the ECIW 2005 4th European Conference on Information Warfare and Security, A. Jone, B. Hutchinson (Eds.), July 2005, Glamorgan, UK, published by University of Glamorgan
C42. Gritzalis D., Theoharidou M., Kalimeri E., "Towards an interdisciplinary information security education model", in Proc. of the 4th World Conference on Information Security Education (WISE-4), Armstrong H., et al. (Eds.), pp. 22-35, Moscow, May 2005.
C41. Gymnopoulos L., Tsoumas V., Soupionis J., Gritzalis S., "Enhancing security policy negotiation in the Grid", in Proc. of the 5th International Network Conference ( ΙΝC '05), S. Furnell, S. Katsikas (Eds.), Plymouth, July 2005.
2004
C40. Kabouraki K., Gritzalis S., Moulinos K., "Towards a privacy audit programmes comparison framework", in Proc. of the 15th ΙΕΕΕ International Conference on Database and Expert Systems Applications (DEXA '04), Springer, 2004.
C39. N. Priggouris, G. Papazafeiropoulos, G. F. Marias, S. Hadjiefthymiades and L. Merakos, "A network independent broker for obtaining position of nomadic users," 19th ACM Symposium on Applied Computing, SAC 2004, Mobile Computing and Applications Track (MCA), poster session, Nicosia, Cyprus, March 2004
C38. Kambourakis G., Rouskas A., Gritzalis D., "Performance Evaluation of Certificate-based Authentication in Integrated Emerging 3G and WiFi Networks", in Proc. of the 1st European PKI Workshop, pp. 287-296, Katsikas S., et al. (Eds.), Lecture Notes in Computer Sciences (LNCS 3093), Springer, June 2004.
C37. Karyda M., Kokolakis S., Kiountouzis, E., "Information systems security and the structuring of organisations", in Proc. of the 7th International Conference on the Social and Ethical Impacts of Information and Communication Technologies (ETHICOMP '04), pp. 451-461, Syros, April 2004.
2003
C36. Gymnopoulos L., Dritsas S., Gritzalis S., Lambrinoudakis C., "Grid security review", in Proc. of the MMM-ACNS-2003 2nd International Workshop on Mathematical Methods, Models and Architectures for Computer Networks Security (MMM '03), V. Gorodetski (Ed.), Lecture Notes in Computer Science (LNCS 2776) , Springer, St. Petersburg, September 2003.
C35. Karyda M., Kokolakis S. and Kiountouzis E., "Content, context, process analysis of information systems security policy formation", in Proc. of the 18th IFIP International Information Security Conference (SEC '03), Gritzalis D., et al., (Eds.), pp. 145-156, Kluwer Academic Publishers, Athens, June 2003.
C34. Kokolakis S., Lambrinoudakis C., Gritzalis D., "A knowledge-based repository model for security policies management", in Proc. of the 2nd International Conference on Methods, Models and Architectures for Network Security (MMM-2003), pp. 112-121, V. Gorodetski, et al. (Eds.), Springer (LNCS 2776), St. Petersburg, September 2003.
C33. Lambrinoudakis C., Kokolakis S., Karyda M., Tsoumas V., Gritzalis D., "Electronic voting systems: Security implications of the administrative overflow", in Proc. of the 14th IEEE Databases and Expert Systems Applications Conference (DEXA'03/Trustbus Workshop), Prague, September 2003 .
C32. Mitrou L., Moulinos K., "Privacy and data protection in electronic communications", in Proc. of the 2nd International Conference on Mathematical Methods, Models and Architectures for Computer Networks Security, p. 432-435, Springer-Verlag, 2003.
2002
C31. Gritzalis D., Karyda M., Gymnopoulos L., "Elaborating quantitative approaches for IT security evaluation", in Proc. of the 17th IFIP International Information Security Conference (SEC-2002), M. Hadidi (Ed.), pp. 67-78, Kluwer Academics, Egypt, May 2002.
C30. Ikonomopoulos S., Gritzalis D., Lambrinoudakis C., "Functional requirements of a secure electronic voting system", in Proc. of the 17th IFIP International Information Security Conference (SEC-2002), M. Hadidi, et al. (Ed.), pp. 507-520, Kluwer Academics, Egypt, May 2002.
C29. Mitrou L., Gritzalis D., Katsikas S., "Revisiting legal and regulatory requirements for secure e-voting", in Proc. of the 17th IFIP International Information Security Conference (SEC-2002), M. Hadidi (Ed.), pp. 469-480, Kluwer Academics, Egypt, May 2002.
2001
C28. Gritzalis D., Moulinos K., "Cryptographic libraries as a means to support privacy-enhanced information systems", in Proc. of the 7th ACM Workshop on Security and Privacy in e-Commerce (WSPEC-2000), ACM Press, Νovember 2001.
C27. Gritzalis D., Moulinos K., Kostis K., "A privacy-enhancing e-business model based on infomediaries", in Proc. of the 1st International Conference on Methods, Models and Architectures for Network Security (MMM-2001), V. Gorodetski, et al. (Eds.), pp. 118-129, Lecture Notes in Computer Science (Vol. 2052), Springer-Verlag, St. Petersburg, May 2001.
C26. Gritzalis D., Moulinos K., Iliadis J., Lambrinoudakis C., Xarhoulacos S., "PyTHIA: Towards anonymity in authentication", in Proc. of the 16th IFIP International Information Security Conference (SEC-2001), Dupuy M., Paradinas P. (Eds.), pp. 1-18, Kluwer Academics, Paris, June 2001.
C25. Gritzalis D., Tryfonas T., "Action learning in practice: Pilot delivery of an INFOSEC University laboratory course", in Proc. of the 2nd IFIP World Conference on Information Security Education (WISE-2), H. Armstrong (Ed.), IFIP Publications, pp. 169-182, Australia, July 2001.
C24. Gritzalis D., Kyrloglou N., "Consumer online-privacy and anonymity protection using infomediary schemes", in Proc. of the 21st IEEE/SCCC Computer Science Conference, R. Yates, M. Marin (Eds.), pp. 115-123, IEEE Computer Society Press, Chile, November 2001.
C23. Karyda M., Kokolakis S., Kiountouzis E., "Redefining information systems security: Viable information systems", in the Proc. of the 16th IFIP International Information Security Conference (SEC '01), Dupuy M., Paradinas P. (Eds.), pp. 453-467, Kluwer Academic Publishers, Paris, June 2001.
C22. Lambrinoudakis C., Kokolakis S., Gritzalis D., "Recurrent IT security issues and recommendations: Learning from risk assessment reviews", in Proc. of the 2nd IFIP Conference on Security and Control of IT in Society (SCITS-II), S. Fischer-Hubner, et al. (Eds.), Kluwer Academics, Bratislava, pp. 185-195, June 2001.
2000
C21. Iliadis J., Gritzalis D., Spinellis D., Preneel B., Katsikas S., "Evaluating certificate status information mechanisms", in Proc. of the 7th ACM Computer and Communications Security Conference (CCS-2000), S. Jajodia, P. Samarati (Eds.), pp. 1-9, ACM Press, October 2000.
C20. Kokolakis S., Karyda M., Gritzalis D., "Information systems security management in virtual organizations", in Proc. of the 4th IFIP Information Systems Security Conference (SIS-2000), Zurich, October 2000.
C19. Moulinos K., Κyrloglou N., Tryfonas T., "A framework for comparing cryptographic libraries", in Proc.of the IFIP 15th International Conference on Information Security, (SEC '2000), Qing S., Eloff J. (Eds.), Chapman & Hall, Peijing, August 2000.
C18. Pavlopoulos S., Gritzalis D., et al., "Vital signs monitoring from home with open systems", in Proc. of the 16th International Congress for Medical Informatics (MEDINFO '2000), Hasman A., et al. (Eds.), pp. 1141-1145, IOS Press, Germany, August 2000.
C17. Spinellis D., Gritzalis D., "A domain-specific language for intrusion detection", in Proc. of the 1st ACM Workshop on Intrusion Detection and Prevention Systems (IDS-2000), November 2000.
C16. Tryfonas T., Gritzalis D., Kokolakis S., "A qualitative approach to information availability", in Proc. of the 15th IFIP International Information Security Conference (SEC-2000), Eloff J., Sihan Q. (Eds.), pp. 37-48, Kluwer Academic Publishers, China, August 2000.
1999
C15. Spinellis D., Gritzalis D., "Information Security Best Practice Dissemination: The ISA-EUNET Approach", in Proc. of the 1st IFIP World International Conference on Information Security Education (WISE '99) , Yngstrom L. (Ed.), pp. 111-136, Sweden, June 1999.
1998
C14. Apostolopoulos T., Daskalou V., Katsikas S., Moulinos K., "A security policy enforcement model for large scale networks", in Proc. of the IEEE Symposium on Reliable Distributed Systems, U.S.A December 1998.
C13. Apostolopoulos T., Moulinos C., "Security management using a security related MIB approach", in Proc. of the IFIP 4th International Conference on Multimedia and Computer Security, p. 567-572, Taylor & Francis, Vienna, September 1998.
C12. Furnell S., Gritzalis D., Katsikas S., Mavroudakis K., Sanders P., Warren M., "Methods of responding to healthcare security incidents", in Proc. of the 9th World Congress on Medical Informatics (MEDINFO '98), B. Cesnic, et al. (Eds.), pp. 1138-1142, South Korea, August 1998.
1997
C11. Mavroudakis K., Katsikas S., Gritzalis D., "Forming a Health Care Incident Reporting Scheme", in Proc. of the 13th International Congress for Medical Informatics (MIE '97), Scherrer J.R., et al. (Eds.), IOS Press, May 1997.
1996
C10. Katsikas S., Gritzalis D., Spirakis P., "Attack Modeling in Open Network Environments", in Proc. of the 2nd Communications and Multimedia Security Conference (CMS '96), Chapman & Hall, pp. 268-277, Germany 1996.
1995
C09. Laopodis V., Fernandez F., Gritzalis D., Darzentas J., "Evaluation of ICT policy options by the public, using the awareness scenario workshops methodology", in Proc. of the 2nd European Conference on IT Investment Evaluation, Brown A., Remenyi D. (Eds.), pp. 302-310, Operational Research Society Press, 1995.
C08. Laopodis V., Gritzalis D., "Information Services for Assessing the Impact of Technology in an Information Society", in Proc. of the European Conference on Information Systems (Information Systems Evaluation Workshop), Farbey B., et. al. (Eds.), pp. 49-57, Athens 1995.
C07. Pangalos G., Gritzalis D., Κhair M., Bozios L., "Improving Medical Database System Security", in Proc. of the 11th International Information Security Conference (SEC '95), Eloff J., von Solms S. (Eds.), pp. 11-25, Chapman & Hall 1995.
C06. Gritzalis D., Kantzavelou I., Katsikas S., Patel A., "A classification of health information systems security flaws", in Proc. of the 11th International Information Security Conference (SEC '95), Eloff J., von Solms S. (Eds.), pp. 453-464, Chapman & Hall 1995.
1994
C05. Spirakis P., Katsikas S ., Gritzalis D., Allegre F., Darzentas J., Gigante C., Karagiannis D., Putkonen H., Spyrou T., "SECURENET: A Network-oriented intrusion prevention and detection intelligent system", in Proc. of the 10th International Information Security Conference (SEC '94), The Netherlands 1994.
C04. Gritzalis D., Katsikas S., Darzentas J., "A High Level Security Policy for Health Care Εstablishments", in Proc. of the 10th International Information Security Conference (SEC '94), The Netherlands 1994.
1993
C03. Gritzalis D., Katsikas S., Pangalos G., "A methodology for the development of secure health information systems", in Proc. of the 11th International Congress for Medical Informatics (MIE '93), Reichert A. (Ed.), pp. 402-409, Freund Publishers, Israel 1993.
1992
C02. Gritzalis D., Katsikas S., "Data confidentiality and user access rights in medical information systems", in Proc. of the 7th World Congress on Medical Informatics (MEDINFO '92), Lun K. (Ed.), pp. 1566-1571, North-Holland, Switzerland 1992.
1991
C01. Gritzalis D., Katsikas S., "Protection of personal information: Aims, principles, technical issues", in Proc. of the 2nd IFIP Conference on Governmental Information Systems, R. Traunmuller (Ed.), pp. 73-81, North-Holland, Hungary 1991.