Petros Efstathopoulos

Petros Efstathopoulos

Petros Efstathopoulos
Global Head of NortonLifeLock Research Group (NRG)

Dr. Petros Efstathopoulos is currently the Global Head of NortonLifeLock Research Group (NRG).

He holds Ph.D. and M.Sc. degrees in Computer Science from the University of California, Los Angeles (UCLA) and a B.Sc. degree in Electrical and Computer Engineering from the National Technical University of Athens, Greece (NTUA). During his Ph.D. he worked on the Asbestos operating system, which introduced decentralized information flow control to contain the effects of bugs and provide improved security.

Dr. Efstathopoulos has worked on the design and implementation of a variety of computer systems, including operating systems and kernel development, storage and file systems, security, distributed systems, virtualization, and systems networking. Since joining the company in 2009, he has focused particularly on next-generation storage/backup systems, portable storage security, network security, privacy and identity. He has authored multiple research papers and numerous patents.

Selected Academic Papers

TrackAdvisor: Taking back browsing privacy from Third-Party Trackers

In Proceedings of the Passive and Active Measurement Conference (PAM), New York, 2015. A study aiming to measure accurately how widespread third-party tracking is online, and hopefully raise the public awareness to its potential privacy risks.

Lean On Me: Mining Internet Service Dependencies From Large-Scale DNS Data

In Proceedings of the 33th Annual computer Security Applications Conference (ACSAC 2017)
To assess the security risk for a given entity, and motivated by the effects of recent service disruptions, we perform a large-scale analysis of passive and active DNS datasets including more than 2.5 trillion queries in order to discover the dependencies between websites and Internet services.

Utility-Driven Graph Summarization

In Proceedings of the 45th International Conference on Very Large Database (VLDB 2019)
In this work, we present a novel approach to summarize a complex graph driven by the objective of maximizing the utility of the calculated graph summary. Subsequently, we propose a utility-driven summarization algorithm, that allows a user to query a graph summary with a specified utility value.

File Routing Middleware for Cloud Deduplication

In Proceedings of the 2nd International Workshop on Cloud Computing Platforms (CloudCP ’12)
We propose the idea of performing local deduplication operations within each cloud node, and introduce file similarity metrics to determine which node is the best deduplication host for a particular incoming file. This approach reduces the problem of scalable cloud deduplication to a file routing problem, which we can address using a software layer capable of making the necessary routing decisions.

The Case of Adversarial Inputs for Secure Similarity Approximation Protocols

In Proceedings of the 4th IEEE European Symposium on Security and Privacy (EuroS&P 2019)

Ask WINE: Are We Safer Today? Evaluating Operating System Security through Big Data Analysis

In Proceedings of the 5th USENIX Workshop on Large-Scale Exploits and Emerging Threats (LEET '12)
In this position paper, we argue that in order to answer conclusively whether end-users are safer today, we must analyze field data collected on real hosts that are targeted by attacks—e.g., the approximately 50 million records of anti-virus telemetry available through Symantec’s WINE platform.

Harbormaster: Policy Enforcement for Containers

In Proceedings of the 7th IEEE International Conference on Cloud Computing Technology and Science (CloudCom'15) We present Harbormaster, a system that improves the security of running Docker containers on shared infrastructure. Harbormaster enforces policies on container management operations, allowing administrators to implement the principle of least privilege.

The Provenance of WINE

In Proceedings of the 9th European Dependable Computing Conference ( EDCC 2012)
In the WINE benchmark, which provides field data for cyber security experiments, we aim to make the experimental process self-documenting. The data collected includes provenance information—such as when, where and how an attack was first observed or detected—and allows researchers to gauge information quality.

Efficient Routing for Cost Effective Scale-Out Data Architectures

In Proceedings of the IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems (MASCOTS'16) In the context of large-scale data architectures, we propose an efficient technique to speedup the routing of a large number of real-time queries while minimizing the number of machines that each query touches (query span).