English
Related papers

Related papers: How Effective is Multiple-Vantage-Point Domain Con…

200 papers

Web content delivery is one of the most important services on the Internet. Access to websites is typically secured via TLS. However, this security model does not account for prefix hijacking on the network layer, which may lead to traffic…

Networking and Internet Architecture · Computer Science 2015-11-03 Matthias Wählisch , Robert Schmidt , Thomas C. Schmidt , Olaf Maennel , Steve Uhlig , Gareth Tyson

Gradient inversion attacks threaten client privacy in federated learning by reconstructing training samples from clients' shared gradients. Gradients aggregate contributions from multiple records and existing attacks may fail to disentangle…

Machine Learning · Computer Science 2026-04-17 Francesco Diana , Chuan Xu , André Nusser , Giovanni Neglia

To protect against prefix hijacks, Resource Public Key Infrastructure (RPKI) has been standardized. To enjoy the security guarantees of RPKI validation, networks need to install a new component, the relying party validator, which fetches…

Cryptography and Security · Computer Science 2024-05-02 Jens Friess , Donika Mirdita , Haya Schulmann , Michael Waidner

DNS dynamic updates represent an inherently vulnerable mechanism deliberately granting the potential for any host to dynamically modify DNS zone files. Consequently, this feature exposes domains to various security risks such as domain…

Cryptography and Security · Computer Science 2024-06-06 Yevheniya Nosyk , Maciej Korczyński , Carlos H. Gañán , Michał Król , Qasim Lone , Andrzej Duda

The Border Gateway Protocol (BGP) remains a fragile pillar of Internet routing. BGP hijacks still occurr daily. While full deployment of Route Origin Validation (ROV) is ongoing, attackers have already adapted, launching post-ROV attacks…

Cryptography and Security · Computer Science 2025-07-29 Alessandro Giaconia , Muoi Tran , Laurent Vanbever , Stefano Vissicchio

The sophistication of modern malware, specifically regarding communication with Command and Control (C2) servers, has rendered static blacklist-based defenses obsolete. The use of Domain Generation Algorithms (DGA) allows attackers to…

Machine Learning · Computer Science 2025-12-10 Maria Milena Araujo Felix

The Transport Layer Security (TLS) protocol is a de facto standard of secure client-server communication on the Internet. Its security can be diminished by a variety of attacks that leverage on weaknesses in its design and implementations.…

Cryptography and Security · Computer Science 2018-04-04 Pawel Szalachowski

A crucial technical challenge for cybercriminals is to keep control over the potentially millions of infected devices that build up their botnets, without compromising the robustness of their attacks. A single, fixed C&C server, for…

Cryptography and Security · Computer Science 2021-08-03 Fran Casino , Nikolaos Lykousas , Ivan Homoliak , Constantinos Patsakis , Julio Hernandez-Castro

Malicious domain detection (MDD) is an open security challenge that aims to detect if an Internet domain is associated with cyber-attacks. Among many approaches to this problem, graph neural networks (GNNs) are deemed highly effective.…

Cryptography and Security · Computer Science 2023-08-24 Mahmoud Nazzal , Issa Khalil , Abdallah Khreishah , NhatHai Phan , Yao Ma

Control-flow hijacking attacks manipulate orchestration mechanisms in multi-agent systems into performing unsafe actions that compromise the system and exfiltrate sensitive information. Recently proposed defenses, such as LlamaFirewall,…

Machine Learning · Computer Science 2026-03-06 Rishi Jha , Harold Triedman , Justin Wagle , Vitaly Shmatikov

DGA-based botnet, which uses Domain Generation Algorithms (DGAs) to evade supervision, has become a part of the most destructive threats to network security. Over the past decades, a wealth of defense mechanisms focusing on domain features…

Cryptography and Security · Computer Science 2020-09-22 Xin Fang , Xiaoqing Sun , Jiahai Yang , Xinran Liu

In this paper, we design and deploy a synchronized multi-vantage point web measurement study to explore the comparability of web measurements across vantage points (VPs). We describe in reproducible detail the system with which we performed…

Networking and Internet Architecture · Computer Science 2019-05-22 Jordan Jueckstock , Shaown Sarker , Peter Snyder , Panagiotis Papadopoulos , Matteo Varvello , Benjamin Livshits , Alexandros Kapravelos

Nowadays, malware campaigns have reached a high level of sophistication, thanks to the use of cryptography and covert communication channels over traditional protocols and services. In this regard, a typical approach to evade botnet…

Cryptography and Security · Computer Science 2021-01-25 Constantinos Patsakis , Fran Casino

This paper proposes a generic classification system designed to detect security threats based on the behavior of malware samples. The system relies on statistical features computed from proxy log fields to train detectors using a database…

Machine Learning · Statistics 2017-02-09 Lukas Machlica , Karel Bartos , Michal Sofka

Software vulnerabilities can result in catastrophic cyberattacks that increasingly threaten business operations. Consequently, ensuring the safety of software systems has become a paramount concern for both private and public sectors.…

Software Engineering · Computer Science 2024-12-10 Boyu Zhang , Triet H. M. Le , M. Ali Babar

Vehicular Ad hoc Networks (VANETs) are becoming a reality where secure communication is a prerequisite. Public key infrastructure (PKI) can be used to secure VANETs where an onboard tamper proof device (TPD) stores a number of encryption…

Networking and Internet Architecture · Computer Science 2016-05-17 Ahmed H. Salem , Ayman Abdel-Hamid , Mohamad Abou El-Nasr

Since security was not among the original design goals of the Domain Name System (herein called Vanilla DNS), many secure DNS schemes have been proposed to enhance the security and privacy of the DNS resolution process. Some proposed…

Cryptography and Security · Computer Science 2026-04-20 Ali Sadeghi Jahromi , AbdelRahman Abdou , Paul C. van Oorschot

Networks today rely on expensive and proprietary hard- ware appliances, which are deployed at fixed locations, for DDoS defense. This introduces key limitations with respect to flexibility (e.g., complex routing to get traffic to these…

Networking and Internet Architecture · Computer Science 2015-08-07 Seyed K. Fayaz , Yoshiaki Tobioka , Vyas Sekar , Michael Bailey

This letter presents an approach to guarantee online safety of a cyber-physical system under multiple state and input constraints. Our proposed framework, called gatekeeper, recursively guarantees the existence of an infinite-horizon…

Systems and Control · Electrical Eng. & Systems 2025-08-14 Devansh R. Agrawal , Dimitra Panagou

This paper proposes a defense scheme against malicious use of DNS tunnel. A tunnel validator is designed to provide trustworthy tunnel-aware defensive recursive service. In addition to the detection algorithm of malicious tunnel domains,…

Cryptography and Security · Computer Science 2016-05-05 Zheng Wang