Marinos Tsantekidis

AEGIS IT RESEARCH, Braunschweig, Germany
m.tsantekidis@aegisresearch.eu

Hi there! I am Marinos Tsantekidis, a project manager/software engineer at AEGIS IT RESEARCH. I hold a Ph.D. from the Institute of Computer and Network Engineering at TU Braunschweig - Germany, where I worked under the supervision of Prof. Vassilis Prevelakis at the Embedded Computer Security Workgroup. I received my Master of Science degree in Digital Systems Security from the University of Piraeus, Greece in 2015 and my Bachelor of Science degree in Computer Science from the Technological Educational Institute of Thessaloniki, Greece in 2011. My research focuses on security at the operating system level. This is my personal website where you can find some info on me, including a list of my publications, prior working experience and education, etc.

Publications

2023

Marinos Tsantekidis, Souleima Abdelghani, Mohammad Hamad, and Vassilis Prevelakis, "Creating a Security Enforcement Environment for a Vehicular Platform", in IEEE Conference on Standards for Communications and Networking (CSCN), Munich - Germany, 2023 (Accepted).

K. Fysarakis, A. Lekidis, V. Mavroeidis, k. Lampropoulos, G. Lyberopoulos, I. Garcia-Milà Vidal, J.C. Terés i Casals, E. Rodriguez Luna, A.A.M Sancho, A. Mavrelos, M. Tsantekidis, S. Pape, A. Chatzopoulou, C. Nanou, G. Drivas, V. Photiou, G. Spanoudakis and O. Koufopavlou, "PHOENI2X - A European Cyber Resilience Framework With Artificial-Intelligence-Assisted Orchestration, Automation and Response Capabilities for Business Continuity and Recovery, Incident Response, and Information Exchange", in IEEE International Conference on Cyber Security and Resilience (CSR), Venice - Italy, 2023.

2022

Marinos Tsantekidis, "Monitoring and Securing Execution at the OS Level", Ph.D. Thesis, Braunschweig - Germany, 2022.

2021

Marinos Tsantekidis and Vassilis Prevelakis, "Securing Runtime Memory via MMU manipulation", in the 15th International Conference on Emerging Security Information, Systems and Technologies (SECURWARE), Athens - Greece, 2021.
Marinos Tsantekidis and Vassilis Prevelakis, "MMU-based Access Control for Libraries", in the 18th International Conference on Security and Cryptography (SECRYPT), Virtual, 2021.
Marinos Tsantekidis, "libC compartmentalization How-To", Technical report at ICS-FORTH, Greece, 2021.

Mohammad Hamad, Marinos Tsantekidis and Vassilis Prevelakis, "Intrusion Response System for Vehicles: Challenges and Vision", in Helfert M., Klein C., Donnellan B., Gusikhin O. (eds) Smart Cities, Green Technologies and Intelligent Transport Systems. SMARTGREENS 2019, VEHITS 2019. Communications in Computer and Information Science, vol 1217, pp 321-341.

2020

Marinos Tsantekidis and Vassilis Prevelakis, "Software System Exploration using Library Call Analysis" in the 2nd Workshop on Model-driven Simulation and Training Environments for Cybersecurity (MSTEC), Virtual, 2020.

2019

Marinos Tsantekidis and Vassilis Prevelakis, "Efficient Monitoring of Library Call Invocation" in the 2nd IEEE International Symposium on Future Cyber Security Technologies (FCST), Granada - Spain, 2019.

Marinos Tsantekidis, Mohammad Hamad, Vassilis Prevelakis and Mustafa R. Agha, "Security for Heterogeneous Systems", in Heterogeneous Computing Architecture - Challenges and Vision, chapter 10, pp. 221-232. Taylor & Francis Ltd, 1st Edition ed., 2019.

Mohammad Hamad, Marinos Tsantekidis and Vassilis Prevelakis, "Red-Zone: Towards an Intrusion Response Framework for Intra-Vehicle System" in the 5th International Conference on Vehicle Technology and Intelligent Transport Systems (VEHITS), Crete - Greece, 2019.

2018

Marinos Tsantekidis, "Report on efforts on compromising Sophos AV", Internal report at TU Braunschweig, Germany, 2018.

2017

Marinos Tsantekidis and Vassilis Prevelakis, "Library-Level Policy Enforcement" in SECURWARE: The 11th International Conference on Emerging Security Information, Systems and Technologies (SECURWARE), Rome - Italy, 2017.

R&D Projects

Current

PHOENi2X aims to design, develop, and deliver a Cyber Resilience Framework providing Artificial Intelligence (AI) – assisted orchestration, automation & response capabilities for business continuity and recovery, incident response, and information exchange, tailored to the needs of Operators of Essential Services (OES) and of the EU Member State (MS) National Authorities entrusted with cybersecurity. Through the deployment PHOENi²X Cyber Resilience Centres (PHOENi²X CRCs), OES will gain: (i) enhanced Situational Awareness with AI-assisted Prediction, Prevention, Detection & Response capabilities, and business risk impact assessment-based prioritisation; (ii) proactive and reactive Resilience Automation, Orchestration, and Response (ROAR) mechanisms, providing Business Continuity, Recover and Cyber & Physical Incident Response; (iii) Increased Preparedness through relevant Serious Games and realistic Resilience Cyber Range (RCR) Assessment & Training; (iv) timely and actionable Information Exchange between OES, National Authorities and EU actors, leveraging interoperable and standardised alerting and reporting mechanisms and processes.

PHOENi2X is funded by the European Commission Horizon 2020 programme under Grant Agreement No. 101070586.

Project duration: 36 months. Started on July 1st, 2022.

Project URL: https://phoeni2x.eu/

SENTINEL will bridge the security and personal data protection gap for European SMEs/MEs, by raising awareness and boosting their capabilities in the domain through innovation at a cost-effective level. This vision will be realised by integrating tried-and-tested security and privacy technologies into a unified digital architecture and then applying disruptive Intelligence for Compliance. Combined with a well-researched methodology for application and knowledge sharing and a wide-reaching plan for experimentation for innovation, SENTINEL will help small enterprises feel considerably more secure and safeguard their and their customers’ assets.

SENTINEL is funded by the European Commission Horizon 2020 programme under Grant Agreement No. 101021659.

Project duration: 36 months. Started on June 1st, 2021.

Project URL: https://www.sentinel-project.eu/

Previous

AI4HEALTHSEC will deliver an Artificial Intelligence Dynamic Situational Awareness Framework (DSAF) able to (a) improve, intensify and coordinate the overall security efforts for the effective and efficient identification, evaluation, investigation and mitigation of realistic risks, threats and multi-dimensional attacks within the cyber assets and (b) support, prepare and help the Interdependent HCIIs participating in different types of Health Care Supply Chain Services. The DSAF will support (a) the HCIIs and the other stakeholders comprising the Health Care ecosystem to recognize, identify, model, and dynamically analyse cyber risks and (b) forecasting, treatment and response to advanced persistent threats and handle daily cyber-security and privacy risks, incidents and data breaches

AI4HEALTHSEC is funded by the European Commission Horizon 2020 programme under Grant Agreement No. 883273.

Project duration: 36 months. Started on October 1st, 2020. Ended on September 30th, 2023.

Project URL: https://www.ai4healthsec.eu/

PUZZLE aims to design, develop, and deliver a Cyber Resilience Framework providing Artificial Intelligence (AI) – assisted orchestration, automation & response capabilities for business continuity and recovery, incident response, and information exchange, tailored to the needs of Operators of Essential Services (OES) and of the EU Member State (MS) National Authorities entrusted with cybersecurity. Through the deployment PHOENi²X Cyber Resilience Centres (PHOENi²X CRCs), OES will gain: (i) enhanced Situational Awareness with AI-assisted Prediction, Prevention, Detection & Response capabilities, and business risk impact assessment-based prioritisation; (ii) proactive and reactive Resilience Automation, Orchestration, and Response (ROAR) mechanisms, providing Business Continuity, Recover and Cyber & Physical Incident Response; (iii) Increased Preparedness through relevant Serious Games and realistic Resilience Cyber Range (RCR) Assessment & Training; (iv) timely and actionable Information Exchange between OES, National Authorities and EU actors, leveraging interoperable and standardised alerting and reporting mechanisms and processes.

PUZZLE is funded by the European Commission Horizon 2020 programme under Grant Agreement No. 883540.

Project duration: 36 months. Started on September 1st, 2020. Ended on August 31st, 2023.

Project URL: https://puzzle-h2020.com/

CONCORDIA (standing for Cyber security cOmpeteNCe fOr Research anD InnovAtion) aims to build the European Secure, Resilient and Trusted Ecosystem. The vision of CONCORDIA is to build a community with a strong cooperation between all stakeholders, understanding that all stakeholders have their KPIs, bridging among them and fostering the development of IT products and solutions along the whole supply chain. Technologically, it projects a broad and evolvable data-driven and cognitive E2E Security approach for the ever-complex ever-interconnected compositions of emergent data-driven cloud, IoT and edge-assisted ICT ecosystems.

CONCORDIA is funded by the European Commission Horizon 2020 programme under Grant Agreement No. 830927.

Project duration: 48 months. Started on January 1st, 2019.

Project URL: https://www.concordia-h2020.eu/

SmartShip aims to bring together Information and Communication Technologies (ICT) of focused Universities, Research Institutions and Companies oriented into the maritime sector in order to build a holistic integrated ICT-based framework for the sustainable, individualized and completely automated energy management of ships.

SmartShip is funded by the European Commission Horizon 2020 programme under Grant Agreement No. 823916.

Project duration: 48 months. Started on January 1st, 2019.

Project URL: https://smartship2020.eu

THREAT-ARREST developed an advanced training platform incorporating emulation, simulation, serious gaming and visualization capabilities to adequately prepare stakeholders with different types of responsibility and levels of expertise in defending high-risk cyber systems and organizations to counter advanced, known and new cyber-attacks.

THREAT-ARREST was funded by the European Commission Horizon 2020 programme under Grant Agreement No. 786890.

Project duration: 36 months. Started on September 1st, 2018. Ended on August 31st, 2021.

Project URL: https://www.threat-arrest.eu

SHARCS (standing for Secure Hardware-Software Architectures for Robust Computing Systems) designed, built and demonstrated secure-by-design system architectures that achieved end-to-end security for their users. SHARCS achieved this by systematically analyzing and extending, as necessary, every hardware and software layer in a computing system.

SHARCS was funded by the European Commission Horizon 2020 programme under Grant Agreement No. 644571.

Project duration: 36 months. Started on January 1st, 2015. Ended on January 1st, 2018.

Project URL: http://sharcs-project.eu

Reviewing

IOSEC 2023

Member of the Technical Program Committee of the 4th International workshop on Information & Operational Technology (IT & OT) Security (IOSEC) 2023

MSTEC 2020

Member of the Technical Program Committee of the 2nd Workshop on Model-driven Simulation and Training Environments for Cybersecurity (MSTEC) 2020

MSTEC 2019

Member of the Technical Program Committee of the 1st Workshop on Model-driven Simulation and Training Environments for Cybersecurity (MSTEC) 2019

Work Experience

Project manager / Software Engineer

AEGIS IT RESEARCH, Braunschweig, Germany
  • Manage and support EU H2020 research projects
  • Aid in the development of commercial products

March 2022 - Present

Ph.D. candidate

TU Braunschweig, Germany
  • Develop an intermediate library that monitors calls to external functions of the OpenSSL library and examines their arguments to ensure that they comply with the security policy associated with the running program.
  • Develop a Linux kernel extension that separates the memory into regions based on the loaded libraries. So, at any point in time, only pages belonging to a specific region are marked as executable. When code branches to a page outside the "home" region, it lands in a non-executable page, a fault occurs and the kernel takes over. This way, the flow of execution can be manipulated, access to executables/libraries can be monitored and their functionality changed when there is suspicion of foul play.

September 2016 - Present

Research assistant

ICS-FORTH, Crete, Greece

January 2021 - February 2022

Programmer / Web Developer

KATAGRAMMA, Kiato - Korinthos, Greece
  • Web / 3D applications developer
  • Mobile applications programmer
  • Database programmer

May 2014 - April 2016

Programmer / Web Developer

GEOSET Ltd, Papagos - Athens, Greece
  • Web applications developer
  • Applications programmer
  • Database programmer
  • Design and installation of GIS websites

October 2013 - April 2014

Informatics Intern

LARSINOS, Korinthos, Greece
  • Database programmer
  • Computer / network technician
  • Technical support

November 2009 - April 2010

Portfolio

Avatar
mtsantekidis.gr
mhamad.me
kprotopapas.gr
Embedded Computer Security Workgroup
E-auction Market
Castles of Peloponnese - Vitrual tour

Education

Technical University of Braunschweig, Germany

Ph.D. candidate
Operating Systems Security

Ph.D. dissertation on building a secure execution environment that leverages both kernel-side as well as user-space approaches in Linux, that work transparently and efficiently towards strengthening the runtime security of applications against several types of attacks.

September 2016 - Present

University of Piraeus, Greece

Master of Science
Techno-economical Management and Digital Systems Security
Digital Systems Security track

Master thesis on developing a custom Android CAPTCHA mechanism (modification of Android's source code to intercept outgoing calls and SMS and display a CAPTCHA puzzle to solve, in order to continue)

October 2012 - January 2015

Technological Educational Institute of Thessaloniki, Greece

Bachelor of Science
Informatics Engineer

Bachelor thesis on RFID (Radio Frequency Identification) systems security

September 2004 - September 2011

Skills

  • HTML5
  • CSS3
  • Bootstrap
  • WebGL
  • Javascript
  • jQuery
  • SQL
  • Drupal
  • C / C++
  • Java
  • Python

  • Languages

  • Greek: Native speaker
  • English: Listening: C1 | Reading: C1 | Spoken interaction: B2 | Spoken production: C1 | Writing: C2 *
  • French: Listening: B1 | Reading: A2 | Spoken interaction: A2 | Spoken production: A2 | Writing: A2 *
  • German: No formal training. Whatever I learned in practice, for several years that I've been living in Germany
  • * Based on the Common European Framework of Reference for Languages

Interests

Apart from being a security researcher / web developer, I enjoy being outdoors. In the winter, I like to go hiking in the mountains. During the warmer months I enjoy going camping, spending time at the beach and doing watersports.

However, I also like spending time at home. I follow many kinds of movies and television shows, I am an aspiring cook and I spend a large amount of my free time exploring the latest technolgy achievements.