Manos Antonakakis
Assistant Professor
Room 3366A, Klaus Advanced Computing
Georgia Institute of Technology
266 Ferst Drive
Atlanta, GA 30332-0765
MyFirstName@gatech.edu





    News

    Research


    My main research interests revolve around network security, computer security and anomaly detection. I am very happy when our research has operational impact (csocircleiddarkreadingtnewsisss, darkreading, threatpost, eweek, scmagazine, pcadvisor, NYTimes, crn, scmagazine, ars, iw, The Economist). 


    Students

    • Graduate Level

      1. [CS] Yacin Nadli (co-advise with Wenke Lee)
      2. [CS] Yizheng Chen (co-advise with Wenke Lee)
      3. [CS] Chaz Lever
      4. [ECE] Panagiotis Kintis

      • Undergraduate Level
        1. [ECE] Kim Yie
        2. [ECE] Michael Evzonas

      Teaching


      Selected Publications (Google Scholar)

      1. Yizheng Chen, Manos Antonakakis, Roberto Perdisci, Yacin Nadji, David Dagon, Wenke Lee. "DNS Noise: Measuring the Pervasiveness of Disposable Domains in Modern DNS Traffic." The 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2014), June 23 - 26, 2014 Atlanta, Georgia USA. 
      2. Yacin Nadji, Manos Antonakakis, Roberto Perdisci, Wenke Lee, David Dagon. "Beheading Hydras: Performing Effective Botnet Takedowns." 20th ACM Conference on Computer and Communications Security (CCS '13), November 4 – 8, Berlin, Germany. [pdf|cite]
      3. Babak Rahbarinia, Roberto Perdisci, Manos Antonakakis, David Dagon, "SinkMiner: Mining Botnet Sinkholes for Fun and Profit", 6th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET '13), Washington-DC, August 14-16, 2013. [pdf|slides|cite]
      4. Phani Vadrevu, Babak Rahbarinia, Roberto Perdisci, Kang Li, Manos Antonakakis. "Measuring and Detecting Malware Downloads in Live Network Traffic." 18th European Symposium on Research in Computer Security (ESORICS '13), RHUL, Egham, UK, 2013. [pdf|cite] (Source code for Amico is here: https://code.google.com/p/amico/)
      5. Yacin Nadji, Manos Antonakakis, Roberto Perdisci, and Wenke Lee. "Connected Colors: Unveiling the Structure of Criminal Networks." 16th International Symposium on Research in Attacks, Intrusions and Defenses (RAID '13), St. Lucia, October 23-25, 2013. [pdf|cite]
      6. Charles Lever, Manos Antonakakis, Bradley Reaves, Patrick Traynor and Wenke Lee. "The Core of the Matter: Analyzing Malicious Traffic in Cellular Carriers", to appear in the Proceedings of The 20th Annual Network and Distributed System Security Symposium (NDSS '13), San Diego, CA, 24-27 February 2013. [pdf|slides|cite]
      7. Manos Antonakakis, Roberto Perdisci, Yacin Nadji, Nikolaos Vasiloglou, Saeed Abu-Nimeh, Wenke Lee,  David Dagon, "From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware", in the 21th USENIX Security Symposium, Bellevue, WA, August 8–10, 2012. [pdf|slides|cite]
      8. Yacin Nadji, Manos Antonakakis, Roberto Perdisci, Wenke Lee, "Understanding the Prevalence and Use of Alternative Plans in Malware with Network Games", in the Proceedings of The 27th Annual Computer Security Applications Conference (ACSAC '11), Orlando, FL, December 2011. [pdf|slides|cite]
      9. Manos Antonakakis, Roberto Perdisci, Wenke Lee, Nikolaos Vasiloglou, David Dagon, "Detecting Malware Domains at the Upper DNS Hierarchy", in the 20th USENIX Security Symposium, San Francisco, CA, August 8-12, 2011. [pdf|slides|cite]
      10. Manos Antonakakis, David Dagon, Luo Xiapu, Roberto Perdisci, Wenke Lee and Justin Bellmor. "A Centralized Monitoring Infrastructure for Improving DNS Security", in the 13th International Symposium on Recent Advances in Intrusion Detection (RAID 2010), Ottawa, Ontario, Canada, September 15-17, 2010. [pdf|slides|cite]
      11. Manos Antonakakis, Roberto Perdisci, David Dagon, Wenke Lee and Nick Feamster. "Building a Dynamic Reputation System for DNS", in the 19th USENIX Security Symposium, Washington D.C., August 11, 2010. (Recipient of Google Research Award, liaison at Google; Niels Provos.) [pdf|slides|cite]
      12. Roberto Perdisci, Manos Antonakakis, Xiapu Luo and Wenke Lee. "WSEC DNS: Protecting Recursive DNS Resolvers from Poisoning Attacks", in the Proceedings of Dependable Computing and Communications Symposium at  the International Conference on Dependable Systems and Networks (DSN-DCCS '09), Estoril, Lispon, June 29 - July 2 2009. [pdf|slides|cite]
      13. David Dagon, Manos Antonakakis, Kevin Day, Xiapu Luo, Christopher P.Lee, and Wenke Lee. "Recursive DNS Architectures and Vulnerability Implications", in the Proceedings of The 16th Annual Network and Distributed System Security Symposium (NDSS '09), San Diego, CA, February 2009. [pdf|cite]
      14. David Dagon, Manos Antonakakis, Paul Vixie, Tatuya Jinmei, Wenke Lee, "Increased DNS Forgery Resistance Through 0x20-Bit Encoding",  in the 15th ACM Computer and Communications Security Conference (CCS '08), Alexandria, VA, USA, October 2008. [pdf|cite]

      Professional Service
      • Chaired
        • IEEE eCrime Researchers Summit [2014]
      • Program Committees 
        • International Symposium on Research in Attacks, Intrusions and Defenses (RAID) [2014]
        • International Conference on Internet Monitoring and Protection [2009-2012]
        • ASE/IEEE Cyber Security Conference [2012]
        • IEEE eCrime Researchers Summit [2012]
        • International Journal on Advances in Security [2012]
      • External Reviewer
        • IEEE Security and Privacy [2009, 2011, 2012]
        • ACM Computer and Communications Security [2007, 2012]
        • Usenix Security [2009]
        • International Symposium on Recent Advances in Intrusion Detection (RAID) [2010, 2011]
        • WWW [2010]
        • WISE [2008]
        • Security and Communication Networks (Wiley) [2010-2012]
        • International Journal of Information Security (Springer - IJIS) [2012]
        • Transactions on Dependable and Secure Computing (IEEE - TDSC) [2011,2013,2014]
        • Journal of Applied Soft Computing (Elsevier) [2010]
        • Computer Communication (Elsevier) [2009,2014]
        • Computer Networks (COMNET - Elsevier) [2009]
        • Transactions of Mobile Computing (IEEE) [2009]
        • Computers & Security (COSE - Elsevier) [2009]
        • Computer Standards & Interfaces (Elsevier) [2008]
        • Information Systems (Elsevier) [2014]

      Patents 

      1. Manos Antonakakis, Roberto Perdisci, Wenke Lee, and Nikolaos Vasiloglou, “Method and systems for detecting DGA-based malware”, U.S. Provisional Application 61/590,633 - 361917-000042, January 24, 2013. 
      2. Manos Antonakakis, Roberto Perdisci, Wenke Lee, and Nikolaos Vasiloglou, “Method and systems  for detecting malicious domain names at the upper DNS hierarchy”, U.S. Provisional Application 61/438,492 - 361917-000032, February 1, 2011. 
      3. Manos Antonakakis, R. Perdisci, D. Dagon and W. Lee. “Method and System for Determining Whether Domain Names are Legitimate or Malicious”, U.S. Provisional Patent Application No. 13/205,928 - 361917-000033, May 1st, 2010. 
      4. Manos Antonakakis, and G. Ollmann, “Method and systems for detecting malware”, U.S. Provisional Patent Application 61/292,592 - 61/295,060, November 6, 2010. 


      Technical Reports & Articles

      1. Manos Antonakakis, Brett Stone-Gross, Jeremy Demar, Kevin Stevens, and David Dagon. “Unveiling The Latest Variant of Pushdo Mv20: A case study on the new Pushdo-DGA.” Technical Report, Damballa Inc., Dell SecureWorks CTU, Georgia Institute of Technology (GTISC), September 2012. [pdf]
      2. Manos Antonakakis, Roberto Perdisci, Nikolaos Vasiloglou, and Wenke Lee. "Detecting and Tracking the Rise of DGA-Based Malware". Usenix ;login: Magazine, December 2012, Volume 37, Number 6. [pdf]
      3. Manos Antonakakis, Jeremy Demar, Kevin Stevens and David Dagon. “Unveiling the Network Criminal Infrastructure of TDSS/TDL4 DGAv14: A case study on a new TDSS/TDL4 variant.” Technical Report, Damballa Inc.,Georgia Institute of Technology (GTISC), September 2012. [pdf|site]
      4. Manos Antonakakis, Christopher Elisan, Aldrich de Mata, Gunter Ollmann and Erik Wu. “The IMDDOS Botnet: Discovery and Analysis” Technical Report, Damballa Inc., September 2010. [pdf|site]
      5. Manos Antonakakis, Christopher Elisan, David Dagon, Gunter Ollmann and Erik Wu. “The Command Structure of the Aurora Botnet.” Technical Report, Damballa Inc., March 2009. [pdf]
      6. Roberto Perdisci, Manos Antonakakis, and Wenke Lee. “Solving the DNS Cache Poisoning Problem Without Changing the Protocol.” Technical Report, GTISC, Georgia Institute of Technology, May 16, 2008. [pdf]

        Short Bio

        I received my engineering diploma in 2004 from the University of the Aegean, Department of Information and Communication Systems Engineering. From November 2004 up to July 2006, I worked as a guest researcher at the National Institute of Standards and Technology (NIST-DoC), in the area of wireless ad hoc network security, at the Computer Security Division. Between 2009 and 2014, I worked at Damballa, leaving under the chief scientist role. While at Damballa, I was responsible for advanced research projects, university collaborations, and technology transfer efforts. 

        In May 2012, I received my Ph.D. in computer science from the Georgia Institute of Technology, School of Computer Science, under Wenke Lee's supervision. Currently, I am an Assistant Professor at the Georgia Institute of Technology, School of Electrical and Computer Engineering and adjunct faculty at the School of Computer Science. At the same time, I serve as the co-chair of the Academic Committee for the Messaging Anti Abuse Working Group (MAAWG). I am a member of Georgia Tech Information Security Center