Related papers: REMOTEGATE: Incentive-Compatible Remote Configurat…
There are often situations where two remote users each have data, and wish to (i) verify the equality of their data, and (ii) whenever a discrepancy is found afterwards, determine which of the two modified his data. The most common example…
Data theft and leakage, caused by external adversaries and insiders, demonstrate the need for protecting user data. Trusted Execution Environments (TEEs) offer a promising solution by creating secure environments that protect data and code…
Translating security intent into deployable network enforcement rules and maintaining their effectiveness despite evolving cyber threats remains a largely manual process in most Security Operations Centers (SOCs). In large and heterogeneous…
Delegated quantum computing enables a client with weak computational power to delegate quantum computing to a remote quantum server in such a way that the integrity of the server can be efficiently verified by the client. Recently, a new…
This paper presents a Secure Edge Gateway Architecture for Wi-Fi-Enabled IoT designed to strengthen local network protection without altering existing infrastructure. The proposed gateway acts as an intermediate control point between Wi-Fi…
Anonymous communication networks are important building blocks for online privacy protection. One approach to achieve anonymity is to relay messages through multiple routers, where each router shuffles messages independently. To achieve…
Remote attestation schemes have been utilized for assuring the integrity of a network node to a remote verifier. In recent years, a number of remote attestation schemes have been proposed for various contexts such as cloud computing,…
Ransomware is a growing threat to individuals and enterprises alike, constituting a major factor in cyber insurance and in the security planning of every organization. Although the game theoretic lens often frames the game as a competition…
Sophisticated mass attacks, especially when exploiting zero-day vulnerabilities, have the potential to cause destructive damage to organizations and critical infrastructure. To timely detect and contain such attacks, collaboration among the…
With high scalability, high video streaming quality, and low bandwidth requirement, peer-to-peer (P2P) systems have become a popular way to exchange files and deliver multimedia content over the internet. However, current P2P systems are…
Researchers in the past have shown that Symmetric key cryptography is generally considered infeasible and public key cryptography, at times, fails to provide sufficient security and integrity to data. In contrast to this prejudice, our…
In this paper, we conduct an empirical study on remote DoS attacks targeting NAT networks. We show that Internet attackers operating outside local NAT networks can remotely identify a NAT device and subsequently terminate TCP connections…
Distance bounding protocols are security countermeasures designed to thwart relay attacks. Such attacks consist in relaying messages exchanged between two parties, making them believe they communicate directly with each other. Although…
Validators in permissionless, large-scale blockchains, such as Ethereum, are typically payoff-maximizing, rational actors. Ethereum relies on in-protocol incentives, like rewards for correct and timely votes, to induce honest behavior and…
IP prefix hijacks allow adversaries to redirect and intercept traffic, posing a threat to the stability and security of the Internet. To prevent prefix hijacks, networks should deploy RPKI and filter bogus BGP announcements with invalid…
Denial of Service (DoS) attacks frequently happen on the Internet, paralyzing Internet services and causing millions of dollars of financial loss. This work presents NetFence, a scalable DoS-resistant network architecture. NetFence uses a…
This paper studies the evaluation of routing algorithms from the perspective of reachability routing, where the goal is to determine all paths between a sender and a receiver. Reachability routing is becoming relevant with the changing…
Mobile agent technology offers a dramatically evolving computing paradigm in which a program, in the form of a software agent, can suspend its execution on a host computer, transfers itself to another agent-enabled host on the network, and…
Mobile Ad hoc Networks (MANETs) are subject to various kinds of attacks. Deploying security mechanisms is difficult due to inherent properties of ad hoc networks, such as the high dynamics of their topology, restricted bandwidth, and…
We provide a game-theoretic analysis of the problem of front-running attacks. We use it to distinguish attacks from legitimate competition among honest users for having their transactions included earlier in the block. We also use it to…