I am a Doctoral Researcher in the Information Security Group at University College London, advised by Prof. George Danezis and Dr. Emiliano De Cristofaro. My research interests lie in Systems Security, Machine Learning and Privacy.

Currently, I am studying how deep neural networks could be used to launch privacy attacks (e.g., website fingerprinting), as well as potential countermeasures to such practices. I am also investigating potential defenses based on adversarial samples produced by GANs. Recently, we concluded our work on how machine learning models can be used to launch and amplify side-channel attacks against secure chips (see Location, location, location).

Besides these, I have worked on a variety of other projects (see Publications). Snappy is a fast-payment solution for slow permisionless blockchains. Myst is a high-assurance cryptographic hardware prototype which was the first trojan-resilient deployment that achieved performance similar to that of conventional hardware security modules used in production (CSAW 2018 Competition Finalist). Our study on ultrasound tracking received wide-spread attention and is considered the seminal work in this area. With Petr Svenda, we released the first open-source cryptographic library for JavaCards. Finally, I recently published a stream of papers studying market fairness & manipulation as security problems.

For my research, I have been kindly supported by Oasis Labs, Binance Labs, the Allan & Nesta Ferguson Charitable Trust and the UCL Public Engagement Unit. I was also honored to be in the 10-of-200 young researchers' list by the Heidelberg Laureate Forum, a recipient of the Werner Romberg Grant, as well as a finalist at the CSAW Europe 2018 Applied Research Competition.

Vasilios Mavroudis

v.mavroudis at ucl.ac.uk
Computer Science Department
University College London
Gower Street
London WC1E 6BT
United Kingdom

Recent News

August 2019: Our paper on neural net-based side-channel attacks was accepted at IACR Asiacrypt 2019! July 2019: Our paper with Refinitiv will appear at the ACM conference on Advances in Financial technologies! June 2019: I was awarded one of the three Oasis Labs' fellowships for 2019-2020! May 2019: Our project on market manipulation is live! Visit our website here: Tradescope Feb 2019: I will attend the 3rd AI Safety Camp to work on Intelligent Agent side-effects and ML Robustness! Feb 2019: Stream of works on "Market manipulation as a security problem" accepted on Eurosec 2019 and the 27th Workshop on Security Protocols! Jan 2019: My interview at the Heidelberg Laureate Forum is now online! [Link] Jan 2019: I am a fellow in the ConceptionX commercialization and entrepreneurship program! Jan 2019: I completed a 5-course Deep Learning Specialization on Coursera! [Link] [1, 2, 3, 4, 5] Nov 2018: I was awarded a grant from the generous Allan & Nesta Ferguson Charitable Trust! [Link] Oct 2018: Our paper ''High-Assurance Cryptographic Hardware from Untrusted Components'' is a finalist for the CSAW Europe Applied Research Award. [Link] Oct 2018: I'm quoted in ''Wired'' about our work on hardware trojans. [Link] Sep 2018: My interview on Süddeutsche Zeitung is online. [Link] Sep 2018: I am listed in the 10 out of 200 young scientists by Heidelberg Laureate Forum! [Link] Sep 2018: Our article on Javacard was published at Hackernoon! [Link] Aug 2018: Our "Cryptogame" session proposal has been accepted in Mozfest 2108. [Link] Aug 2018: Our "Cryptogame" project has been funded by the public engagement unit at UCL. [Link] July 2018: Received the Werner Romberg grant to attend the Heidelberg Laureate Forum! [Link] Jul 2018: Our write up on the JavaCard ecosystem was published by the Software Sustainability Institute and the Benthem's Gaze blog. [Link 1] [Link 2] Jun 2018: Thrilled to serve as a publications co-chair for the Privacy Enhancing Technologies symposium 2019. [Link] May 2018: Our preprint on verifiable data access is out. [Link] May 2018: Started my research visit at the systems security group in ETHz. [Link] Apr 2018: Cyber World Magazine features my article on the future of hardware-trojans and the security of chips in critical systems. [Link] Apr 2018: Presented our work on ultrasonic signals at Stanford security seminar. [Link] Apr 2018: More press coverage for our work on ultrasonic signals. [Link] Apr 2018: Presented with Giovanni Vigna (UCSB, Lastline) our work on the security of ultrasonic communications at RSA Conference. [Link] Mar 2018: Our preprint on tracking technologies found in the retail spaces is out. [Link] Feb 2018: Completed our cryptography masterclass for year-11 students. [Link]

Publications

Peer-reviewed & Preprints

Location, location, location: Revisiting modeling and exploitation for location-based side channel leakages.
Andrikos C., Batina L., Chmielewski L., Lerman L., Mavroudis V., Papagiannopoulos K., Perin G., Rassias G., Sonnino A.,
25th Annual International Conference on the Theory and Application of Cryptology and Information Security, Asiacrypt 2019 [PDF]
Libra: Fair Order-Matching for Electronic Financial Exchanges.
Mavroudis V., Melton H., Advances in Financial Technologies AFT 2019, October 2019
Market Manipulation as a Security Problem: The case of decentralized exchanges.
Mavroudis V., 26th International Workshop on Security Protocols, April 2019
Market Manipulation as a Security Problem: Attacks and Defenses [PDF]
Mavroudis V., 12th European Workshop on Systems Security (EuroSec), March 2019
Snappy: Fast Blockchain Payments.
Mavroudis V., , Wuest K., Dhar A., Kostiainen K., Capkun S., Under submission. Feb 2019
Towards Low-level Cryptographic Primitives for JavaCards.
Mavroudis V., Svenda P., Oct 2018
VAMS: Verifiable Auditing of Access to Confidential Data.
Hicks A., Mavroudis V., Al-Bassam M., Meiklejohn S., Murdoch S., May 2018
Eavesdropping Whilst Youre Shopping: Balancing Personalisation and Privacy in Connected Retail Spaces [PDF]
Mavroudis V., Veale M. (Equal Contribution), PETRAS/IoTUK/IET Living in the IoT Conference, 2018.
A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components [PDF, ArXiv]
Mavroudis V., Cerulli A., Svenda P., Cvrcek D., Klinec D., Danezis G., 24th ACM Conference on Computer and Communications Security, 2017.
CSAW 2018 Applied Research Competition Finalist.
On the Privacy and Security of the Ultrasound Tracking Ecosystem [PDF]
Mavroudis V., Hao S., Fratantonio Y., Maggi F., Kruegel C., Vigna G., Proceedings of the Privacy Enhancing Technologies Symposium, 2017
Visual Analytics for Enhancing Supervised Attack Attribution in Mobile Networks [PDF]
Papadopoulos S., Mavroudis V., Drosou A., Tzovaras D., 29th International Symposium on Computer and Information Sciences, 2014
Development of Realtime Mobile Security Monitoring System
Mavroudis V., Mavridis I., 2nd Conference on Information Technology Applications and Administration Strategies, 2010.
Use and Effective Application of Free and Open Source Software in Education
Mavroudis V., Mouratis S., 4th National Conference of Information Technology Educators, 2010.

Technical Reports

The Ultrasound Tracking Ecosystem.
Vasilios Mavroudis, Shuang Hao, Yanick Fratantonio, Federico Maggi, Giovanni Vigna, and Christopher Kruegel. November 2016
Correlation Analysis and Abnormal Event Detection Module.
EU FP7 Project: Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem
Anomaly detection based on real-time exploitation of billing systems.
EU FP7 Project: Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem
Anomaly detection within femtocell architectures.
EU FP7 Project: Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem
Network information sources.
EU FP7 Project: Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem

Theses

Crux: Privacy-preserving Statistics for Tor, Information Security Group, University College London, UK, 2015.
Supervisor: George Danezis
Cassiopeia: Real-time mobile security monitoring system, Dept. of Applied Informatics, University of Macedonia, Greece, 2012.
Supervisor: Ioannis Mavridis

Media

Talks

Cryptographic Hardware from Untrusted Components, RISE Annual Conference, London, UK, 14 November 2018. [Link] A touch of Evil: Cryptographic Hardware from Untrusted Components (poster), CSAW 2018, Valence, France, 9 November 2018. Cryptogame: Pirates & Guardians of the Galaxy, London, UK, 27 October 2018. [Link] High-Assurance Cryptographic Hardware from Untrusted Components. Stanford Security Seminar, Palo Alto, US, 19 April 2018. [Link] The Good, the Bad and the Ugly of the Ultrasonic Communications Ecosystem. RSA Conference 2018, San Fransisco US, 17 April 2018. [Link] A witch-hunt for trojans in our chips. London Enterprise Tech Meetup, London, UK, 12 February 2018. [Link] Cryptographic Hardware from Untrusted Components. Cryptacus Workshop, Nijmegen, Netherlands, 16-18 November 2017. [Link] Cryptographic Hardware from Untrusted Components. IMDEA Software Inst., Madrid, Spain, 28 Sept 2017. [Link] Towards Trojan-tolerant Cryptographic Hardware. ZISC Seminar ETH, Zurich, Switzerland, 20 Sept 2017. [Link] OpenCrypto: Unchaining the JavaCard Ecosystem. Blackhat US, Las Vegas, US, 22-27 July 2017. [Link] Trojan-tolerant Hardware & Supply Chain Security in Practice. Defcon 25, Las Vegas, US, 27-30 July 2017. [Link] On the Privacy & Security of the Ultrasound Tracking Ecosystem. Computer Laboratory Security Seminar, Cambridge, UK, 21 February 2017. [Link] Talking Behind Your Back: On the Privacy & Security of the Ultrasound Tracking Ecosystem. Mozilla International Privacy Day, London, UK, 28 Jan 2017. [Link] Talking Behind Your Back: On the Privacy & Security of the Ultrasound Ecosystem. Information Security Seminar, UCL, London, UK, 19 January 2017. [Link] Talking Behind Your Back: Tough Love for the Ugly Ultrasound Tracking Ecosystem. Chaos Communication Congress, Hamburg, Germany, 27-30 Dec. 2016. [Link] Cross-device Tracking Canaries. Data Transparency Lab Conference 2016, New York, US, 17-19 Nov 2017. [Link] Talking Behind Your Back: Attacks and Countermeasures of Ultrasonic Cross-device Tracking. Blackhat Europe, London, UK, 3–4 November 2016. [Link][Slides] Cassiopeia: Mobile security monitoring. FOSS conference 2011, Greece.

Academic Service & Teaching

Publications co-chair for the Privacy Enhancing Technologies symposium 2019. Co-organizing the Hacking Seminars at UCL (September 2017-present). Organizing the Information Security Seminars at UCL (January 2017-present). External Reviewer for Privacy Enhancing Technologies Symposium (April 2017-present). Teaching Assistant for Computer Security I module, Information Security MSc (Winter term 2017-2018). Guest Lecture on Acedemic Research, In2ScienceUK Organization (August 2017). Teaching Assistant for Computer Security II module, Information Security MSc (Spring term 2016-2017).