Dimitris Mitropoulos

...

E-mail: dimitro@aueb.gr
Web site: https://dimitro.gr
Blog: http://xrds.acm.org/blog/author/dimitrism/

Biographical Information

Dimitris Mitropoulos is the Security Officer of the Greek Research and Technology Network (GRNET). Dimitris holds a PhD in Computer Security from the Athens University of Economics and Business, and has been a Postdoctoral Researcher at the Network Security Laboratory (NSL) of Columbia University in the City of New York. He has worked in the industry as a Software Engineer and has been involved in several EU and US funded R&D projects. His research interests include application and system security, applied cryptography and software engineering. He is a member of ACM, IEEE, SysSec, OWASP, and an official writer for the XRDS:Crossroads blog of ACM.

Publications

Journal Articles

    • Dimitris Mitropoulos and Diomidis Spinellis. Fatal injection: a survey of modern code injection attack countermeasures. PeerJ Computer Science, 2017. To appear.
    • Dimitris Mitropoulos, Panos Louridas, Michalis Polychronakis, and Angelos D. Keromytis. Defending against Web application attacks: approaches, challenges and implications. IEEE Transactions on Dependable and Secure Computing, March 2017.
    • Dimitris Mitropoulos, Konstantinos Stroggylos, Diomidis Spinellis, and Angelos D. Keromytis. How to train your browser: preventing XSS attacks using contextual script fingerprints. ACM Transactions on Privacy and Security, 19(1):2:1–2:31, July 2016.
    • Vaggelis Atlidakis, Jeremy Andrus, Roxana Geambasu, Dimitris Mitropoulos, and Jason Nieh. POSIX has become outdated. USENIX ;login: Magazine, Fall 2016.
    • Maria Kechagia, Dimitris Mitropoulos, and Diomidis Spinellis. Charting the API minefield using software telemetry data. Empirical Software Engineering, 20(6):1785–1830, December 2015.
    • Vassilios Karakoidas, Dimitris Mitropoulos, Panagiotis Louridas, and Diomidis Spinellis. A type-safe embedding of SQL into Java using the extensible compiler framework J. Computer Languages, Systems & Structures, 41:1–20, April 2015.
    • Dimitris Mitropoulos, Vassilios Karakoidas, Panagiotis Louridas, and Diomidis Spinellis. Countering code injection attacks: a unified approach. Information Management and Computer Security, 19(3):177–194, 2011. Highly Commended Paper Award.
    • Dimitris Mitropoulos and Diomidis Spinellis. SDriver: location-specific signatures prevent SQL injection attacks. Computers & Security, 28:121–129, May 2009.

Book Chapters

    • Dimitris Mitropoulos. Securing software. In Phillip A. Laplante, editor, Encyclopedia of Computer Science and Technology, Second Edition. CRC Press, Taylor and Francis Group, 2016.

Conference Publications

    • Vaggelis Atlidakis, Jeremy Andrus, Roxana Geambasu, Dimitris Mitropoulos, and Jason Nieh. POSIX abstractions in modern operating systems: the old, the new, and the missing. In Proceedings of the 11th European Conference on Computer Systems (EuroSys '16), 19:1–19:17. ACM, 2016.
    • Vassilios Karakoidas, Dimitris Mitropoulos, Panos Louridas, Georgios Gousios, and Diomidis Spinellis. Generating the blueprints of the Java ecosystem. In MSR '15: Proceedings of the 2015 International Working Conference on Mining Software Repositories, 510–513. IEEE Computer Society, 2015.
    • Konstantinos Stroggylos, Dimitris Mitropoulos, Zacharias Tzermias, Panagiotis Papadopoulos, Fotios Rafailidis, Diomidis Spinellis, Sotiris Ioannidis, and Panagiotis Katsaros. TRACER: a platform for securing legacy code. In TRUST '14: Proceedings of 7th International Conference on Trust & Trustworthy Computing - Poster Presentation Track, 218–219. Springer, June 2014.
    • Konstantinos Stroggylos, Dimitris Mitropoulos, Zacharias Tzermias, Panagiotis Papadopoulos, Fotios Rafailidis, Diomidis Spinellis, Sotiris Ioannidis, and Panagiotis Katsaros. Securing legacy code with the TRACER platform. In PCI 2014: Proceedings of 18th Panhellenic Conference on Informatics, 25:1–25:6. ACM, 2014.
    • Dimitris Mitropoulos, Vassilios Karakoidas, Panos Louridas, Georgios Gousios, and Diomidis Spinellis. The bug catalog of the Maven ecosystem. In MSR '14: Proceedings of the 2014 International Working Conference on Mining Software Repositories, 372–365. ACM, June 2014.
    • Dimitris Mitropoulos, Georgios Gousios, Panagiotis Papadopoulos, Vassilios Karakoidas, Panos Louridas, and Diomidis Spinellis. The vulnerability dataset of a large software ecosystem. In Proceedings of the 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS 2014), colocated with the 19th European Symposium on Research in Computer Security (ESORICS 2014). IEEE Computer Society, September 2014.
    • Dimitris Mitropoulos, Vassilios Karakoidas, Panos Louridas, Georgios Gousios, and Diomidis Spinellis. Dismal code: studying the evolution of security bugs. In Proceedings of the LASER Workshop 2013, Learning from Authoritative Security Experiment Results, 37–48. Usenix Association, October 2013.
    • Maria Kechagia, Dimitris Mitropoulos, and Diomidis Spinellis. Improving the quality of APIs through the analysis of software crash reports. In Andrew V. Jones and Nicholas Ng, editors, 2013 Imperial College Computing Student Workshop, volume 35 of OpenAccess Series in Informatics (OASIcs), 57–64. Dagstuhl, Germany, 2013. Schloss Dagstuhl–Leibniz-Zentrum fuer Informatik.
    • Dimitris Mitropoulos, Georgios Gousios, and Diomidis Spinellis. Measuring the occurrence of security-related bugs through software evolution. In PCI 2012: Proceedings of 16th Panhellenic Conference on Informatics (PCI 2012), 117–122. IEEE Computer Society, 2012.
    • Konstantinos Kravvaritis, Dimitris Mitropoulos, and Diomidis Spinellis. Cyberdiversity: measures and initial results. In Costas Vassilakis and Nikolaos Tselikas, editors, PCI 2010: Proceedings of 14th Panhellenic Conference on Informatics (PCI 2010), 135–140. IEEE Computer Society, September 2010.
    • Dimitris Mitropoulos and Diomidis Spinellis. Securing e-voting against MITM attacks. In Vassilios Chrissikopoulos, Nikolaos Alexandris, Christos Douligeris, and Spyros Sioutas, editors, Proceedings of the 13th Pan-Hellenic Conference on Informatics (PCI 2009). September 2009.
    • Dimitris Mitropoulos, Vassilios Karakoidas, and Diomidis Spinellis. Fortifying applications against XPath injection attacks. In A. Poulymenakou, N. Pouloudi, and K. Pramatari, editors, 4th Mediterranean Conference on Information Systems, 1169–1179. September 2009.
    • Dimitris Mitropoulos and Diomidis Spinellis. Countering SQL injection attacks with a database driver. In Theodore S. Papatheodorou, Dimitris N. Christodoulakis, and Nikitas N. Karanikolas, editors, Current Trends in Informatics: 11th Panhellenic Conference on Informatics, PCI 2007, volume B, 105–115. Athens, May 2007. New Technologies Publications.

Technical Reports

    • Theofilos Petsios, Adrian Tang, Dimitris Mitropoulos, Salvatore J. Stolfo, Angelos D. Keromytis, and Suman Jana. Tug-of-war: observations on unified content handling. Technical Report, CoRR abs/1708.09334, 2017.
    • Roxana Geambasu, Dimitris Mitropoulos, Simha Sethumadhavan, Junfeng Yang, Angelos Stravrou, Dan Fleck, Matthew Elder, and Azzedine Benameur. Maintaining enterprise resiliency via kaleidoscopic adaption and transformation of software services (MEERKATS). Technical Report, Air Force Research Laboratory, Sensors Directorate, Wright-Patterson, Air Force Base, OH 45433-7320, Air Force Materiel Command, United States Air Force, April 2016.

Magazine Articles

    • Dimitris Mitropoulos. How 1 million app calls can tell you a bit about malware. XRDS: Crossroads, The ACM Magazine for Students, 24(1):17–19, 2017.
    • Dimitris Mitropoulos. On the evolution of security bugs. XRDS: Crossroads, The ACM Magazine for Students, 21(3):18–19, 2015.
    • Dimitris Mitropoulos. Security bugs in large software ecosystems. XRDS: Crossroads, The ACM Magazine for Students, 20(2):15–16, 2013.
    • Dimitris Mitropoulos. Data security in the cloud environment. XRDS: Crossroads, The ACM Magazine for Students, 19(3):11–11, 2013.
    • Dimitris Mitropoulos. How secure is your software? XRDS: Crossroads, The ACM Magazine for Students, 19(1):11–13, 2012.
    • Dimitris Mitropoulos. Fatal injection: the server's side. XRDS: Crossroads, The ACM Magazine for Students, 19(2):12–14, 2012.
    • Dimitris Mitropoulos. Better safe than sorry: backup your backups. XRDS: Crossroads, The ACM Magazine for Students, 18(2):6–6, 2012.