Related papers: SoK: Attacks on Modern Card Payments
We introduce the MoveEVM Weakness Classification (MWC) system -- a dedicated vulnerability taxonomy for smart contracts built with Move and executed in EVM-compatible environments. While Move was originally designed to prevent common…
Autonomous vehicles, including self driving cars, ground robots, and drones, rely on multi-modal sensor pipelines for safe operation, yet remain vulnerable to adversarial sensor attacks. A critical gap is the lack of a systematic end-to-end…
The unique identities of every mobile user (phone number,IMSI) and device (IMEI) are far from secure and are increasingly vulnerable to a variety of network-level threats. The exceedingly high reliance on the weak SIM authentication layer…
The increasing need for reducing greenhouse gas emissions and the drive for green cities have promoted the use of electric vehicles due to their environmental benefits. In fact, countries have set their own targets and are offering…
We present a novel proof-of-concept attack named Trojan of Things (ToT), which aims to attack NFC- enabled mobile devices such as smartphones. The key idea of ToT attacks is to covertly embed maliciously programmed NFC tags into common…
Interconnected embedded devices are increasingly used invarious scenarios, including industrial control, building automation, or emergency communication. As these systems commonly process sensitive information or perform safety critical…
The proliferation of electric vehicles in recent years has significantly expanded the charging infrastructure while introducing new security risks to both vehicles and chargers. In this paper, we investigate the security of major charging…
Electric Vehicles (EVs) share common technologies with classical fossil-fueled cars, but they also employ novel technologies and components (e.g., Charging System and Battery Management System) that create an unexplored attack surface for…
It is obvious that fossil fuels are a limited resource and will be replaced by other energy sources in the future considering economic and en-vironmental problems. Electricity comes to the forefront among the sources that are candidates to…
Ethereum has emerged as a leading platform for decentralized applications (dApps) due to its robust smart contract capabilities. One of the critical issues in the Ethereum ecosystem is Maximal Extractable Value (MEV), a concept that has…
Callbacks are essential in many programming environments, but drastically complicate program understanding and reasoning because they allow to mutate object's local states by external objects in unexpected fashions, thus breaking…
Electric vehicles (EVs) are key to alleviate our dependency on fossil fuels. The future smart grid is expected to be populated by millions of EVs equipped with high-demand batteries. To avoid an overload of the (current) electricity grid,…
This paper presents a security analysis of the InfiniBand architecture, a prevalent RDMA standard, and NVMe-over-Fabrics (NVMe-oF), a prominent protocol for industrial disaggregated storage that exploits RDMA protocols to achieve…
Card payment fraud is a serious problem, and a roadblock for an optimally functioning digital economy, with cards (Debits and Credit) being the most popular digital payment method across the globe. Despite the occurrence of fraud could be…
The emergence of decentralized finance has transformed asset trading on the blockchain, making traditional financial instruments more accessible while also introducing a series of exploitative economic practices known as Maximal Extractable…
The project envisages the implementation of an e-payment system utilizing FIPS-201 Smart Card. The system combines hardware and software modules. The hardware module takes data insertions (e.g. currency notes), processes the data and then…
Network-on-Chip (NoC) is widely used to facilitate communication between components in sophisticated System-on-Chip (SoC) designs. Security of the on-chip communication is crucial because exploiting any vulnerability in shared NoC would be…
Smartphones handle sensitive tasks such as messaging and payment and may soon support critical electronic identification through initiatives such as the European Digital Identity (EUDI) wallet, currently under development. Yet the…
Side-channel attacks on mobile devices have gained increasing attention since their introduction in 2007. While traditional side-channel attacks, such as power analysis attacks and electromagnetic analysis attacks, required physical…
The ongoing electrification of the transportation sector requires the deployment of multiple Electric Vehicle (EV) charging stations across multiple locations. However, the EV charging stations introduce significant cyber-physical and…