George (Yorgos) Stergiopoulos

Logo

Assistant Professor of IT/OT Systems Security at the University of the AegeanGreece | Security and Data Privacy Consultant

Google Scholar

University Department

View My GitHub Profile

Back to Main Page

Publications

Journals

  1. [J-23] Lygerou I., Srinivasa S., Vasilomanolakis E., Stergiopoulos G., Gritzalis D., “A decentralized honeypot for IoT Protocols based on Android devices”, Ιnternational Journal of Information Security, July 2022.
  2. [J-22] Dedousis P., Stergiopoulos G., Arampatzis G. and Gritzalis D., A security-aware framework for designing in-dustrial engineering processes, IEEE ACCESS, November 2021.
  3. [J-21] Xarhoulacos C.-G., Anagnostopoulou A., Stergiopoulos G., Gritzalis D., “Misinformation vs. situational awareness: The art of deception and the need for cross-domain detection”, Sensors (Special Issue: Cyber Situational Awareness), August 2021.
  4. [J-20] V. Malamas, F. Chantzis, T. K. Dasaklis, G. Stergiopoulos, P. Kotzanikolaou and C. Douligeris, “Risk Assessment Methodologies for the Internet of Medical Things: A Survey and Comparative Appraisal,” in IEEE Access, vol. 9, pp. 40049-40075, 2021.
  5. [J-19] Stergiopoulos G., Gritzalis D., Anagnostopoulou A., Vasilellis E., “Dropping malware through sound injection: A comparative analysis on Android operating systems”, Computers & Security, February 2021.
  6. [J-18] G. Lykou, P. Dedousis, G. Stergiopoulos, D. Gritzalis, “Assessing Interdependencies and Congestion Delays in the Aviation Network”, IEEE Access, 2020
  7. [J-17] Gkotsis I., Gazi A., Gritzalis D., Stergiopoulos G., Limneos V., Vassiliou V., Koutiva E., Petrantonakis D., Lefkokilos E., Agrafioti E., Chalkidou A., Drakoulis D., Eleftheriou A., Skalidi A., Demestichas P., Fuggini C. (2020) Securing the European Gas Network, the Greek Business Case. Special Issue “Technology Advances and Support for Security Practitioners” of Security Informatics and Law Enforcement, Springer, ISSN: 2523-8507
  8. [J-16] Dedousis P., Stergiopoulos G., Gritzalis D., “An improved bit masking technique to enhance covert channel attacks in everyday IT systems”, in ICETE-2020, Obaidat M., et al. (Eds.), Springer, 2021
  9. [J-15] Stergiopoulos G., Dedousis P., Gritzalis D. “Automatic analysis of attack graphs for risk mitigation and prioritization on large-scale and complex networks in Industry 4.0”, International Journal of Information Security, Springer, 2020, https://doi.org/10.1016/j.cose.2020.101869
  10. [J-14] Dimitris Koutras, George Stergiopoulos, Thomas Dasaklis, Panayiotis Kotzanikolaou, Dimitrios Glynos, Christos Douligeris, “Security in IoMT Communications: A survey”, SENSORS Journal, MDPI, 2020.
  11. [J-13] Stergiopoulos G., Gritzalis D., Limnaios E., “Cyber-attacks on the Oil & Gas sector: A survey on incident assessment and attack patterns”, IEEE Access, 2020.
  12. [J-12] D Gritzalis, G Stergiopoulos, E Vasilellis, A Anagnostopoulou, “Readiness exercises: Are risk assessment methodologies ready for the Cloud?”, Learning and Analytics in Intelligent Systems, Vol. 14, pp. 177-192, Springer, June 2020.
  13. [J-11] George Stergiopoulos, Panagiotis Dedousis, Dimitris Gritzalis, Αutomatic network restructuring and risk mitigation through business process asset dependency analysis, Computers and Security (CoSe), Volume 96, 101869, ISSN 0167-4048, 2020.
  14. [J-10] Malamas V., Dasaklis T., Chantzis F., Stergiopoulos G., Kotzanikolaou P., Douligeris C., Risk Assessment Methodologies for the Internet of Medical Things: A Survey and Comparative Appraisal, IEEE Access, 2021.
  15. [J-9] Stergiopoulos G., Chronopoulou G., Bitsikas E., Tsalis N., Gritzalis D., “Using side channel TCP features for real-time detection of malware connections”, In: Journal of Computer Security, Vol. 27, no. 5, pp. 507-520, 2019.
  16. [J-8] Stergiopoulos G., Kapetanas N., Vasilellis E., Gritzalis D., “Leaking SCADA commands over unpadded TCP/IP encryption through differential packet size analysis”, Security & Privacy, April 2019.
  17. [J-7] Stergiopoulos, G., Valvis, E., Mitrodimas, D., Lekkas, D., & Gritzalis, D. (2018). Analyzing congestion interdependencies of ports and container ship routes in the maritime network infrastructure. In: IEEE Access, 6, 63823-63832.
  18. [J-6] Stergiopoulos, G., Gritzalis, D., & Kouktzoglou, V. (2018). Using formal distributions for threat likelihood estimation in cloud-enabled IT risk assessment. In Computer Networks, Elsevier, 134, 23-45.
  19. [J-5] Stergiopoulos, G., Valvis, E., Anagnou-Misyris, F., Bozovic, N., & Gritzalis, D. (2017). Interdependency analysis of junctions for congestion mitigation in transportation infrastructures. In ACM SIGMETRICS Performance Evaluation Review, 45(2), 119-124.
  20. [J-4] Stergiopoulos, G., Kouktzoglou, V., Theocharidou, M., & Gritzalis, D. (2017). A process-based dependency risk analysis methodology for critical infrastructures. In: International Journal of Critical Infrastructures (Special Issue), 13(2/3), 184-205.
  21. [J-3] Stergiopoulos, G., Katsaros, P., & Gritzalis, D. (2017). Program analysis with risk-based classification of dynamic invariants for logical error detection. In: Computers & Security (CoSe), Elsevier, 71, 36-50.
  22. [J-2] Stergiopoulos, G., Kotzanikolaou, P., Theocharidou, M., Lykou, G., & Gritzalis, D. (2016). Time-based critical infrastructure dependency analysis for large-scale and cross-sectoral failures. In: International Journal of Critical Infrastructure Protection, Elsevier, 12, 46-60.
  23. [J-1] Stergiopoulos, G., Kotzanikolaou, P., Theocharidou, M., & Gritzalis, D. (2015). Risk mitigation strategies for critical infrastructures based on graph centrality analysis. In: International Journal of Critical Infrastructure Protection, Elsevier, 10, 34-44.

Conferences

  1. [C-21] Konstantinou, C., Stergiopoulos, G., Parvania, M., & Esteves-Verissimo, P. (2021). Chaos engineering for enhanced resilience of cyber-physical systems. Resilience Week (RWS) 2021, INL Idaho National Laboratory, Washincton D.C., October 2021.
  2. [C-20] Dedousis P., Stergiopoulos G., Gritzalis D., “Towards integrating security in industrial engineering design practices”, in Proc. of the 18th International Conference on Security & Cryptography (SECRYPT-2021), July 2021.
  3. [C-19] K. Nomikos, A. Papadimitriou, G. Stergiopoulos, D. Koutras, M. Psarakis and P. Kotzanikolaou, “On a Security-oriented Design Framework for Medical IoT Devices: The Hardware Security Perspective,” 2020 23rd Euromicro Conference on Digital System Design (DSD), Kranj, Slovenia, 2020, pp. 301-308, doi: 10.1109/DSD51259.2020.00056.
  4. [C-18] Stergiopoulos G., Lygerou E., Tsalis N., Tomaras D., Gritzalis D., Avoiding network and host detection using packet bit-masking, In Proc. of the 17th International Conference Security and Cryptography (SECRYPT-2020), ICETE, 2020.
  5. [C-17] Lykou, G., Anagnostopoulou, A., Stergiopoulos, G., & Gritzalis, D. (2018, September). Cybersecurity Self-assessment Tools: Evaluating the Importance for Securing Industrial Control Systems in Critical Infrastructures. In International Conference on Critical Information Infrastructures Security (CRITIS 2018), pp. 129-142. Springer, Cham.
  6. [C-16] G. Stergiopoulos, A. Talavari, E. Bitsikas, D. Gritzalis, “Automatic detection of multiple types of malicious traffic using timing attacks and differential size analysis”, in Proc. of the 23rd European Symposium on Research in Computer Security (ESORICS-2018), Springer, Spain, September 2018.
  7. [C-15] Tsalis, N., Stergiopoulos, G., Bitsikas, E., Gritzalis, D., & Apostolopoulos, T. K. (2018). Side Channel Attacks over Encrypted TCP/IP Modbus Reveal Functionality Leaks. In: Proc. of the 15th International Conference Security and Cryptography (SECRYPT-2018), ICETE (2) (pp. 219-229).
  8. [C-14] Stergiopoulos G., Valvis E., Anagnou-Misyris F., Bozovic N., Gritzalis D., “Interdependency analysis of junctions for congestion mitigation in Transportation Infrastructures”, In 1st ACM SIGMETRICS International Workshop on Critical Infrastructure Network Security (CINS-2017), USA, June 2017.
  9. [C-13] Lykou G., Stergiopoulos G., Papachrysanthou A., Gritzalis D., “Climate adaption: Addressing risks and impacts of climate change on Transport Sector”, In 11th International Conference on Critical Infrastructure Protection (IFIP WG 11.0 2017), USA, March 2017.
  10. [C-12] Gritzalis, D., Stergiopoulos, G., Kotzanikolaou, P., Magkos, E., & Lykou, G. (2016, September). Critical infrastructure protection: a holistic methodology for Greece. In International Workshop on the Security of Industrial Control Systems and Cyber-Physical Systems (pp. 19-34). Springer, Cham.
  11. [C-11] Stergiopoulos G, Katsaros P., Gritzalis D., Apostolopoulos T., “Combining invariant violation with execution path classification for detecting multiple types of logical errors and race conditions”, in Proc. of the 13th International Conference on Security & Cryptography (SECRYPT-2016), ICETE, Vol. 4, pp. 28-40, Portugal, July 2016.
  12. [C-10] Stergiopoulos G., Vasilellis E., Lykou G., Kotzanikolaou P., Gritzalis D., “Critical Infrastructure Protection tools: Classification and comparison”, in Proc. of the 10th International Conference on Critical Infrastructure Protection (IFIP WG 11.10 2016), USA, March 2016
  13. [C-9] Faily S., Stergiopoulos G., Katos V., Gritzalis D., “Water, water, everywhere: Nuances for a Water Industry Critical Infrastructure specification exemplar”, in Proc. of the 10th International Conference on Critical Infrastructures Security (CRITIS-2015), pp. 243-246, Springer (LNCS 9578), Germany, October 2015.
  14. [C-8] Stergiopoulos G., Theoharidou M., Gritzalis D., “Using logical error detection in Remote-Terminal Units to predict initiating events of Critical Infrastructures failures”, in Proc. of the 3rd International Conference on Human Aspects of Information Security, Privacy and Trust (HCI-2015), pp. 672-683, Springer (LNCS 9190), USA, August 2015.
  15. [C-7] Stergiopoulos G., Petsanas P., Katsaros P., Gritzalis D., “Automated exploit detection using path profiling: The disposition should matter, not the position”, in Proc. of the 12th International Conference on Security and Cryptography (SECRYPT-2015), pp. 100-111, ICETE, France, July 2015.
  16. [C-6] Stergiopoulos G., Kotzanikolaou P., Theoharidou M., Gritzalis D., “Using centrality metrics in CI dependency risk graphs for efficient risk mitigation”, in Proc. of the 9th IFIP International Conference on Critical Infrastructure Protection (IFIP WG 11.0 2015), Springer, USA, March 2015.
  17. [C-5] Stergiopoulos, G., Katsaros, P., & Gritzalis, D. Automated detection of logical errors in programs. In International Conference on Risks and Security of Internet and Systems (pp. 35-51). Springer, Cham, August 2014.
  18. [C-4] Gritzalis, D., Stavrou, V., Kandias, M., & Stergiopoulos, G.. Insider threat: enhancing BPM through social media. In 2014 6th International Conference on New Technologies, Mobility and Security (NTMS) (pp. 1-6). IEEE, March 2014.
  19. [C-3] Stergiopoulos, George, Miltiadis Kandias, and Dimitris Gritzalis. “Approaching encryption through complex number logarithms.” In 2013 International Conference on Security and Cryptography (SECRYPT), pp. 1-6. IEEE, 2013.
  20. [C-2] Stergiopoulos, G., Tsoumas, B., & Gritzalis, D.. On business logic vulnerabilities hunting: the APP_LogGIC framework. In International Conference on Network and System Security (pp. 236-249). Springer, Berlin, Heidelberg, June 2013.
  21. [C-1] Stergiopoulos, G., Tsoumas, B., & Gritzalis, D. Hunting application-level logical errors. In International Symposium on Engineering Secure Software and Systems (pp. 135-142). Springer, Berlin, Heidelberg, February 2012.

Other publications

  1. G. Stergiopoulos, Power Sector Dependency on Time Service: Attacks against time sensitive services, European Union Agency for Cybersecurity (ENISA), April 2020.
  2. Stergiopoulos, G., Katsaros, P., & Gritzalis, D. (2014, July). Source code profiling and classification for automated detection of logical errors. In 3rd International Seminar on Program Verification, Automated Debugging and Symbolic Computation, Germany.
  3. ICT Security World 2017, “WORD-OF-MOUTH: Private Gossiping of Geolocation News”, June 2017.
  4. Stergiopoulos G., Mentzelioti D., “Security in the Internet of Things: A primer”, 3rd ICT Security Forum, Athens, Greece, June 2017.

Editorial chapters

  1. [Ed-1] Gritzalis D, Theocharidou M, Stergiopoulos G. Critical Infrastructure Security and Resilience. Springer, Cham; 2019.

Dissertation

  1. [Δ-1] Γ. Στεργιόπουλος, «Securing Critical Infrastructures from failures at interdependency and software inteconnection levels», PhD Thesis, Department of Computer Science, Athens University of Economics and Business, December 2015.

Book Chapter Publications

  1. [Β-2] Stergiopoulos G., Katsaros P., Gritzalis D., “Execution path classification for vulnerability analysis and detection”, in E-Business and Telecommunications, Obaidat M., et al. (Eds.), pp. 293-317, Springer (CCIS 585), 2016.
  2. [Β-1] Stergiopoulos G., Theocharidou M., Kotzanikolaou P., Gritzalis D., “Using centrality measures in dependency risk graphs for efficient risk mitigation”, in Critical Infrastructure Protection IX, Shenoi S. (Ed.), pp. 25-40, Springer, 2015.
  3. Stergiopoulos G., Gritzalis D., “Critical Infrastructure: The Nervous System of any Welfare State”, 4th Information Security Conference, Athens, February 2017.
  4. Stergiopoulos G., Kotzanikolaou P., Theocharidou M., Gritzalis D., “Risk Mitigation for Critical Infrastructures: AUEB INFOSEC Lab Initiatives”, Risk-Tea Workshop, Athens, January 2017.
  5. Stergiopoulos G., Gritzalis D., “Critical Infrastructure Protection: A Policy Proposal and Action Plan for Greece”, NATO 1st NMIOTC Cyber Security Conference, Greece, October 2016.
  6. Stergiopoulos G., “Critical infrastructure interdependencies: The nervous system of a technologically developed country and how to protect it”, 4th International e-Life Congress (eLife-2015), Athens, November 2015.
  7. Stergiopoulos G., Kotzanikolaou P., Theocharidou M., Gritzalis D., “Topics and Research Initiatives in Risk Mitigation for Critical Infrastructures”, 19th Panhellenic Conference on Informatics (PCI-2015), Workshop on Security in Critical Information Infrastructures, October 2015.