Dr Maria Papadaki BSc(Hons) MSc PhD MBCS FHEA GCIA GPEN CEH
Associate Professor of Cyber Security
Brief biographical firstname.lastname@example.org
Intrusion Prevention Detection and Response
Security Information and Event Management
2013 Certified Ethical Hacker (CEH), EC-Council, USA.
2012 GIAC Penetration Tester (GPEN), SANS Institute, USA.
2007-2008 Postgraduate Certificate in Learning and Teaching in Higher Education (LTHE), University of Plymouth, UK.
2006 GIAC Certified Intrusion Analyst (GCIA), SANS Institute, USA.
2000-2004 PhD in Classifying and Responding to Network Intrusions, University of Plymouth, UK.
1999-2000 MSc in Integrated Networks and Intelligent Networks Engineering, University of Plymouth, UK.
1994-1997 BSc (Hons) in Software Engineering, University of Applied Sciences Athens, Greece.
Member of the GIAC Advisory Board, 2010
Fellow of the Higher Education Academy, 2008
Member of British computer Society (MBCS), 2004
2012-present External Examiner for Computing and Communications Engineering Programmes, University of Greenwich, UK
2009-present External Examiner for ICBS Business College Computing degrees, Kingston University, UK
2004-2006 Security Analyst, Symantec Managed Security Services (MSS), UK.
A toolkit approach to information security awareness and education
The impact of security and its antecedents in behaviour intention of using e-government services
Graphical One-Time Password (GOTPass): A usability evaluation
Secure Graphical One Time Password (GOTPass): An Empirical Study
Security Factors Influencing End Users' Adoption of E-Government
Active authentication for mobile devices utilising behaviour profiling
A response selection model for intrusion response systems: Response Strategy Model (RSM)
Application Outsourcing in Europe: Long-term Outcomes, Success Factors and Implications for IT Industrialisation
Incident prioritisation using analytic hierarchy process (AHP): Risk Index Model (RIM)
Evaluation of anomaly-based IDS for mobile devices using machine learning classifiers
Misuse Detection for Mobile Devices Using Behaviour Profiling
Online Addiction: A Cultural Comparison of Privacy Risks in Online Gaming Environments
A preliminary two-stage alarm correlation and filtering system using SOM neural network and K-means algorithm
IT-Outsourcing in Banking Industry – Stage of Maturity Model as Strategic Approach
Social engineering: assessing vulnerabilities in practice
Testing our defences or defending our tests: the obstacles to performing security assessment
Informing the decision process in an automated intrusion response system
IDS or IPS: what is best?
An experimental comparison of secret-based user authentication
23 Journal papers
A Review of Graphical Authentication Utilising a Keypad Input Method
Security challenges of e-government adoption based on end users' perspective
Alternative Graphical Authentication for Online Banking Environments
IT Application Outsourcing in Europe: Long-term Outcomes, Success Factors and Implications for ITO Maturity
A Response Strategy Model for Intrusion Response Systems
Education in the 'Virtual' Community: Can beating Malware Man teach users about Social Networking Security?
A Risk Index Model for Security Incident Prioritisation
Emerging risks in massively multiplayer online role playing games
Behaviour Profiling for Transparent Authentication for Mobile Devices
LUARM – An Audit Engine for Insider Misuse Detection
Online Addiction: Privacy Risks in Online Gaming Environments
Behaviour Profiling on Mobile Devices
Assessing the Usability of End-User Security Software
An investigation and survey of response options for Intrusion Response Systems (IRSs)
ITO Success Factor Model - First Steps Towards a Guide for IT Outsourcing (ITO) Success
Improving Awareness of Social Engineering Attacks
Assessing the Usability of Personal Internet Security Tools
Intrusion Detection System for Mobile Devices: Investigation on Calling Activity
Evaluating the usability impacts of security interface adjustments in Word
The Problem of False Alarms: Evaluation with Snort and DARPA 1999 Dataset
Investigating the problem of IDS false alarms: An experimental study using Snort
A Practical Assessment of Social Engineering Vulnerabilities
Assessing the challenges of Intrusion Detection Systems
Investigating the Evasion Resilience of Network Intrusion Detection Systems
Attack Pattern Analysis: Trends in Malware Variant Development
Automating the process of intrusion response
Operational Characteristics of an Automated Intrusion Response System
Keystroke Analysis as a Method of Advanced User Authentication and
Security Vulnerabilities and System Intrusions ? The need for Automatic Response Frameworks
A Generic Taxonomy for Intrusion Specification and Response
31 Conference papers
Enhancing Intrusion Response in Networked System
Advanced Authentication and Intrusion Detection Technologies
Education in the 'Virtual' Community: Can beating Malware Man Teach Users about Social Networking Security?
Evading IDS Detection
Snort IDS Ability to Detect Nmap and Metasploit Framework Evasion Techniques
Evading IDS Detection
Educating Social Networking Users
Evading Intrusion Detection Systems
Comparing Anti-Spyware Products – A different approach
Response of Software Vendors to Vulnerabilities
Improving Awareness on Social Engineering Attacks
Guidelines/Recommendations on Best Practices in Fine Tuning IDS Alarms
Home Users Vulnerabilities in Audio/Video Players
Social Engineering Vulnerabilities
Critical Success Factors in IT-Outsourcing: a Literature Analysis
Response Mechanisms for Intrusion Response Systems (IRSs)
Security Risks Associated With the Use of Web Browsing, Instant Messaging and File Sharing software
Network Intrusion Detection Systems Evasion Techniques – an Investigation Using Snort
Intrusion Detection System for Mobile Devices: Preliminary Investigation
User security awareness of social engineering and phishing
Uses and dangers of peer-to-peer and instant messaging in a business environment
Changing Trends in Vulnerability Discovery
Social Engineering: A growing threat, with diverging directions
Attack Pattern Analysis: Trends in Malware Variant Development
25 Internal publications
Social Engineering: How vulnerable are we?
Threats and Impacts in Maritime Cyber Security
Social Engineering: Exploiting the Weakest Links
3 Technical articles
85 publication(s) - all categories.
Editorships / Refereeing for journals
Referee, Computers & Security, Elsevier
Referee, Computer Communications, Elsevier
Referee, Security and Communication Networks, John Wiley and Sons
Other international conference activitiesReviewer, 23rd International Information Security conference (SEC 2008), September 8-10, 2008, Milan.
Programme Committee Member, 5th International Conference on Trust, Privacy & Security in Digital Business (TrustBus ‘08), September 1-5, 2008, Turin, Italy
Programme Committee Member, IADIS International Conference e-Commerce 2008, 25-27 July, 2008, Amsterdam, Netherlands
Programme Committee Member, 2nd International Symposium on Security and Multimodality in Pervasive Environments, July 21-25, 2008, Trinity College Dublin, Ireland
Technical Program Committee Member, International Conference on Telecommunications and Multimedia (TEMU 2008), July 16-18, 2008, Ierapetra, Crete, Greece
Programme Committee Member, 2nd International Symposium on Human Aspects of Information Security & Assurance (HAISA 2008), July 8-10, 2008, Plymouth, UK
Conference Executive, 7th European Conference on Information Warfare and Security (ECIW 2008), 30 June – 1 July 2008, Plymouth, UK
Programme Committee Member, 7th European Conference on Information Warfare and Security (ECIW 2008), 30 June – 1 July 2008, Plymouth, UK
COMTEC Programme Committee, EUROMEDIA 2008, April 9-11, 2008, University of Porto, Porto, Portugal
International Programme Committee Member, 5th IASTED Asian Conference on Communication Systems and Networks (AsiaCSN 2008), April 2-4, 2008, Langkawi, Malaysia
Programme Committee Member, 2007 International Workshop on Secure and Multimodal Pervasive Environments, September 17, 2007, Nice, France
Programme Committee Member, 4th International Conference on Trust, Privacy & Security in Digital Business (TrustBus ‘07), September 3-7, 2007, Regensburg, Germany
COMTEC Programme Committee, EUROMEDIA 2007, April 25-27, 2007, Delft University of Technology, Delft, Netherlands
Programme Committee, International Conference on Human Aspects of Information Security and Assurance (HAISA 2007), Plymouth, UK, 10-12 July 2007.
Programme Committee, 6th European Conference on Information Warfare and Security, Shrivenham, UK, 2-3 July 2007.
Programme Committee, The Second International Conference on Availability, Reliability and Security (AReS 2007), Vienna, Austria, 10-13 April 2007.
Programme Committee, The Fourth IASTED Asian Conference on Communication Systems and Networks (AsiaCSN 2007), Phuket, Thailand, 2-4 April 2007.
Programme Committee, First International Workshop on Information Security (IS'06), Montpellier, France, 29 October - 3 November 2006.
Reviewer, 1st International Workshop on Security (IWSEC 2006), Kyoto, Japan, 23-24 October 2006.
Reviewer, 1st International Workshop on Critical Information Infrastructures Security (CRITIS'06), Samos Island, Greece, 30 August – 2 September 2006.
Reviewer, Sixth International Network Conference (INC 2006), Plymouth, UK, 11-14 July 2006.
Reviewer, 9th Information Security Conference (ISC 2006), Samos, Greece, 30 August - 2 September 2006.
Programme Committee, Third International Conference on Trust, Privacy, and Security of Digital Business (TrustBus’06), Krakov, Poland, 4-8 September 2006.
Programme Committee, Fifth European Conference on Information Warfare and Security, Helsinki, Finland, 1-2 June 2006.
Programme Committee, Euromedia 2006, Athens, Greece, April 2006.
Programme Committee, IASTED International Conference on Networks and Communication Systems (NCS 2006), Chiang Mai, Thailand, 29-31 March 2006.
Reviewer, Fourth IASTED International Conference on Communications, Internet and Information Technology (CIIT 2005), Cambridge, USA, 31 October – 2 November 2005.
Programme Committee, Fourth European Conference on Information Warfare and Security, Glamorgan, South Wales, 11-12 July 2005
Organising Committee, Fourth International Network Conference 2004 (INC 2004), Plymouth, UK, 6-9 July 2004.
Organising Committee, Third International Network Conference 2002 (INC 2002), Plymouth, UK, 16-18 July 2002.
Organising Committee, Art libraries: their role and peculiarity, Athens, Greece, 18-19 June 1998.
Current MPhil/PhD Supervisions
- Ms Moneerah Alotaibi, Usable security for young users
- Miss Opeoluwa Balogun, Cloud Security for medical radiological images provision in healthcare
- Mr Ram Herkanaidu, To investigate effective learning strategies to raise awareness around security and privacy issues amongst young people
- Mrs Alaa Tolah, Factors influencing security expenditure
- James Weston, The impact of effective cyber security awareness within Critical National Infrastructure Operational Technology environments
Completed MPhil/PhD Supervisions
- Dr Nawaf Alharbi, The role of security and its antecedents in e-government adoption (2016)
- Dr Faisal Alotaibi, Evaluation and Enhancement of Public Cyber Security Awareness (2019)
- Dr Hussain Alsaiari, Graphical One-Time-Password Authentication (2016)
- Dr Tarik Ibrahim, Improving Intrusion Prevention, Detection and Response (2011)
- Dr Nor Badrul Anuar Jumaat, Incident Prioritisation for Intrusion Response Systems (2012)
- Dr Sevasti Karatzouni, Non-Intrusive Continuous User Authentication for Mobile Devices (2014)
- Dr Peter Korovessis, Establishing an Information Security Awareness and Culture (2015)
- Dr Christopher Kosmas, Secure tracking system for next generation CIT products (2014)
- Dr Karin Kronawitter, Application Outsourcing in the Banking Industry - ITO Model (2013)
- Dr Fudong Li, Behaviour Profiling for Mobile Devices (2012)
- Mr Joerg Preuss, Profiling methods for computer crime and abuse (2008)
- Dr Benjamin G Sanders, Opportunities and Risks in Online Gaming Environments (2016)
- Dr Gina C Tjhai, Anomaly-Based Correlation of IDS Alarms (2011)
Examination of research degrees
2013 Enhancing Usability using Automated Security Interface Adaptation (ASIA), PhD Thesis, Plymouth University, UK
2013 Performance Metrics for Network Intrusion Systems, PhD Thesis, Plymouth University, UK
2012 Security Usability in IT Systems, MPhil Thesis, Plymouth University, UK
2008 Exploring Sociotechnical Systems Perspectives in Global Software Development, Master of Commerce, Deakin University, Australia
2007 Enhancing Application Repurposing Techniques using Graphical Information, MSc in Engineering and Information Sciences, University of Reading, UK
2007 Misuse Detection in IT and Information Systems, PhD Thesis, University of Plymouth, UK (internal examiner)
Invited Presentations, Lectures, etc.“Testing our Security Defences”, invited presentation at Secure South West, March 2013.
“Intrusion Prevention, Detection and Response”, invited lecture at Technical Educational Institute of Crete, 2010.
”Intrusion Prevention Systems Overview” invited presentation at BrightTalk Intrusion Prevention Summit, 12 January 2010
“Social Engineering: How vulnerable are we?”, invited presentation at the Special Financial Investigation Service for Electronic Trade & Electronic Crime (YPEE), Ministry of Economy and Finance, Athens, Greece, 31 March 2008.
“The Challenges of Intrusion Response”, invited lecture at University of Malaga, Spain, 28 October 2005.