The expert of network security and applied cryptography

The expert of network security and applied cryptography

Dr. Angelos D. Keromytis is Professor, John H. Weitnauer, Jr. Chair, and Georgia Research Alliance (GRA) Eminent Scholar at the Georgia Institute of Technology. His field of research is systems and network security, and applied cryptography.

He received a Bachelor of Science in Computer Science at the University of Crete and a Masters and Doctorate in the same field from the University of Pennsylvania. He has worked at Active Networks, the predecessor to what is now called Software Defined Networks (SDN), co-developed the KeyNote trust-management system, which is a widely used and cited decentralized access control mechanism used in a variety of tasks, including network-layer access control, distributed file systems, offline micro-payments, MANET security, network QoS, distributed firewalls, and the STRONGMAN access control management system.

He also designed and implemented a large part of a high-performance and full-functionality open-source IPsec stack (which is still in use as part of the OpenBSD project. This included a new kernel architecture for hardware-accelerated cryptography and firewall functionality. I had a part in developing a secure bootstrap architecture. I was also an active participant in the IETF (Internet Engineering Task Force), and in particular the IPsec and IPSP Working Groups.



During his 2009 leave, he trained himself on Voice over IP security (where he eventually developed a comprehensive survey) and helped analyze rogue anti-virus software campaigns.

From 2001 to 2017, he was an associate professor at Columbia University, where he led a series of projects, including SOS, its web-oriented variant WebSOS, and MOVE, an overlay-based system for mitigating network denial of service attacks, ASSURE, a system that introduces rescue points to recover software from unknown faults, while maintaining both system integrity and availability, by mimicking system behavior under known error conditions, and FlowOS, a new operating system architecture that removes the memory and CPU from the data path, enabling the OS kernel to perform data-flow management while applications operate purely at the signaling level.

In 2012, he was elected ACM Distinguished Scientist, and from July 2013 to July 2014, he was Program Director with the National Science Foundation (NSF), in the Computer and Network Systems (CNS) Division, Directorate for Computer & Information Science & Engineering (CISE). primary responsibility was with the Secure and Trustworthy Cyberspace (SaTC) program, which is the primary NSF source of funding for academic research in cybersecurity across the nation.


With his colleagues from the SBE and ENG Directorates, he helped create the Resilient Interdependent Infrastructure Processes and Systems (RIPS) program, which seeks to enhance the understanding and design of interdependent critical infrastructure (ICI) systems and processes that provide basic commodities and services despite breaks and failures of any cause, physical, technological or malicious.

Moreover, he led the creation of the NSF/Intel Partnership on Cyber-Physical Systems Security and Privacy (CPS-Security) program, which seeks to foster a research community committed to advancing research and education at the confluence of cybersecurity, privacy, and cyber-physical systems, and to transitioning its findings into engineering practice. He also the Active Authentication (AA), Active Cyber Defense (ACD), Anomaly Detection at Multiple Scales (ADAMS), and Computer Science Study Group (CSSG) programs.

From 2014, he has been serving as Program Manager with the Information Innovation Office (I2O) at the Defense Advanced Research Projects Agency (DARPA), part of the Department of Defense. At DARPA, he designed and launched several new programs, including The Transparent Computing (TC) program aims to make currently opaque computing systems transparent by providing high-fidelity visibility into component interactions during system operation across all layers of software abstraction, while imposing a minimal performance overhead.



As well as the Leveraging the Analog Domain for Security (LADS) program will develop new cybersecurity capabilities by exploring the intersection of the analog and digital domains, motivated by advances inside channel analysis techniques. The initial focus of the program will be on embedded and low-resource devices such as the Internet of Things (IoT) sensors.

The Enhanced Attribution (EA) program seeks to provide high-fidelity visibility into all aspects of malicious cyber operator actions and to increase the government’s ability to publicly reveal the actions of such individuals without damaging sources and methods. The program will develop techniques and tools for generating operationally and tactically relevant information about multiple concurrent independent malicious cyber campaigns, each involving several operators, and the means to share such information with any of a number of interested parties.

And, The Harnessing Autonomy for Countering Cyber adversary Systems (HACCS) program will investigate the feasibility of creating safe and reliable autonomous software agents that can effectively and at scale counter the various types of malicious botnet implants and similar large-scale malware in compromised devices and networks.

In 2017, he was named ACM Fellow, with the citation “for contributions to the theory and practice of systems and network security” and a year later he was named IEEE Fellow in the 2018 class with the citation “for contributions to network security systems”

Dr. Keromytis is an elected Fellow of the ACM and the IEEE. He has 49 issued U.S. patents and over 250 refereed publications. His work has been cited over 18,000 times, with an h-index of 69 and i10-index of 221. He has founded two new technology ventures, StackSafe and Allure Security Technology. His recent and ongoing research projects include system self-healing, high-performance dynamic information flow tracking, clean-slate system design, cloud security, information/network/system deception, virtual private social networks, auditable cloud services, and private information retrieval.



In his spare time, he is a certified PADI Master Instructor, with over 500 dives.