My main research interests are network security and anomaly detection. Some of my active research projects are on attack attribution, cellular traffic analysis, large-scale DNS data mining, DNS caching and DNS reputation systems.
During my years at NIST, I worked under Tom Karygiannis
and Tim Grance supervision. At Georgia Tech
, I had the privilege to closely collaborate with a set of very bright people. My closest research peers Wenke
and David constantly influence my research.
I have been fortunate enough to closely collaborate with Nick Feamster
, Saeed Abu-Nimeh
(now@Paypal), Nick Vasiloglou
, Yacin Nadji
and Yizheng Chen
. I have also worked closely with Patrick Traynor
and his students Chaz Lever
, and Brad Reaves
. I am very happy when our research has impact (cso, circleid, darkreading, tnews, isss, darkreading, threatpost, eweek, scmagazine, pcadvisor, NYTimes).
- Program Committees
- International Conference on Internet Monitoring and Protection [2009-2012]
- ASE/IEEE Cyber Security Conference 
- IEEE eCrime Researchers Summit 
- International Journal on Advances in Security 
- External Reviewer
- IEEE Security and Privacy [2009, 2011, 2012]
- ACM Computer and Communications Security [2007, 2012]
- Usenix Security 
- RAID [2010, 2011]
- WWW 
- WISE 
- Security and Communication Networks (Wiley) [2010-2012]
- International Journal of Information Security (Springer - IJIS) 
- Transactions on Dependable and Secure Computing (IEEE - TDSC) 
- Journal of Applied Soft Computing (Elsevier) 
- Computer Communication (Elsevier) 
- Computer Networks (COMNET - Elsevier) 
- Transactions of Mobile Computing (IEEE) 
- Computers & Security (COSE - Elsevier) 
- Computer Standards & Interfaces (Elsevier) 
- Charles Lever, Manos Antonakakis, Bradley Reaves, Patrick Traynor and Wenke Lee. "The Core of the Matter: Analyzing Malicious Traffic in Cellular Carriers", to appear in the Proceedings of The 20th Annual Network and Distributed System Security Symposium (NDSS 2013), San Diego, CA, 24-27 February 2013.
- Manos Antonakakis, Roberto Perdisci, Yacin Nadji, Nikolaos Vasiloglou, Saeed Abu-Nimeh, Wenke Lee, David Dagon, "From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware", in the 21th USENIX Security Symposium, Bellevue, WA, August 8–10, 2012. [pdf|slides|cite]
- Yacin Nadji, Manos Antonakakis, Roberto Perdisci, Wenke Lee, "Understanding the Prevalence and Use of Alternative Plans in Malware with Network Games", in the Proceedings of The 27th Annual Computer Security Applications Conference (ACSAC 2011), Orlando, FL, December 2011. [pdf|cite]
- Manos Antonakakis, Roberto Perdisci, Wenke Lee, Nikolaos Vasiloglou, David Dagon, "Detecting Malware Domains at the Upper DNS Hierarchy", in the 20th USENIX Security Symposium, San Francisco, CA, August 8-12, 2011. [pdf|slides|cite]
- Manos Antonakakis, David Dagon, Luo Xiapu, Roberto Perdisci, Wenke Lee and Justin Bellmor. "A Centralized Monitoring Infrastructure for Improving DNS Security", in the 13th International Symposium on Recent Advances in Intrusion Detection (RAID 2010), Ottawa, Ontario, Canada, September 15-17, 2010. [pdf|slides|cite]
- Manos Antonakakis, Roberto Perdisci, David Dagon, Wenke Lee and Nick Feamster. "Building a Dynamic Reputation System for DNS", in the 19th USENIX Security Symposium, Washington D.C., August 11, 2010. (Recipient of Google Research Award, liaison at Google; Niels Provos.) [pdf|slides|cite]
- Roberto Perdisci, Manos Antonakakis, Xiapu Luo and Wenke Lee. "WSEC DNS: Protecting Recursive DNS Resolvers from Poisoning Attacks", in the Proceedings of Dependable Computing and Communications Symposium at the International Conference on Dependable Systems and Networks (DSN-DCCS 2009), Estoril, Lispon, June 29 - July 2 2009. [pdf|slides|cite]
- David Dagon, Manos Antonakakis, Kevin Day, Xiapu Luo, Christopher P.Lee, and Wenke Lee. "Recursive DNS Architectures and Vulnerability Implications", in the Proceedings of The 16th Annual Network and Distributed System Security Symposium (NDSS 2009), San Diego, CA, February 2009. [pdf|cite]
- David Dagon, Manos Antonakakis, Paul Vixie, Tatuya Jinmei, Wenke Lee, "Increased DNS Forgery Resistance Through 0x20-Bit Encoding", in the 15th ACM Computer and Communications Security Conference (CCS 2008), Alexandria, VA, USA, October 2008. [pdf|cite]
- Remley, K., Grosvenor, C.A., Johnk, R.T., Novotny, D.R., Hale, P.D., McKinley, M.D., Karygiannis, A., Antonakakis, E., "Electromagnetic Signatures of WLAN Cards and Network Security", in the 5th IEEE International Symposium on Signal Processing and Information Technology, Athens, Greece, December 18-21, 2005. [pdf|cite]
- Manos Antonakakis, Roberto Perdisci, Wenke Lee, and Nikolaos Vasiloglou, “Method and systems for detecting malicious domain names at the upper DNS hierarchy”, U.S. Provisional Application 61/438,492 - 361917-000032, February 1, 2011.
- Manos Antonakakis, R. Perdisci, D. Dagon and W. Lee. “Method and System for Determining Whether Domain Names are Legitimate or Malicious”, U.S. Provisional Patent Application No. 13/205,928 - 361917-000033, May 1st, 2010.
- Manos Antonakakis, and G. Ollmann, “Method and systems for detecting malware”, U.S. Provisional Patent Application 61/292,592 - 61/295,060, November 6, 2010.
Technical Reports & Articles
- Manos Antonakakis, Roberto Perdisci, Nikolaos Vasiloglou, and Wenke Lee. "Detecting and Tracking the Rise of DGA-Based Malware". Usenix ;login: Magazine, December 2012, Volume 37, Number 6. [pdf]
- Manos Antonakakis, Jeremy Demar, Kevin Stevens and David Dagon. “Unveiling the Network Criminal Infrastructure of TDSS/TDL4 DGAv14: A case study on a new TDSS/TDL4 variant.” Technical Report, Damballa Inc., September 2012. [pdf|site]
- Manos Antonakakis, Christopher Elisan, Aldrich de Mata, Gunter Ollmann and Erik Wu. “The IMDDOS Botnet: Discovery and Analysis” Technical Report, Damballa Inc., September 2010. [pdf|site]
- Manos Antonakakis, Christopher Elisan, David Dagon, Gunter Ollmann and Erik Wu. “The Command Structure of the Aurora Botnet.” Technical Report, Damballa Inc., March 2009. [pdf]
- Roberto Perdisci, Manos Antonakakis, and Wenke Lee. “Solving the DNS Cache Poisoning Problem Without Changing the Protocol.” Technical Report, GTISC, Georgia Institute of Technology, May 16, 2008. [pdf]