Change search
Refine search result
1234 101 - 150 of 154
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 101. Papadimitratos, Panagiotis
    et al.
    Haas, Z. J.
    Securing the Internet Routing Infrastructure2002In: IEEE Communications Magazine, ISSN 0163-6804, E-ISSN 1558-1896, Vol. 40, no 10, p. 60-68Article in journal (Refereed)
    Abstract [en]

    The unprecedented growth of the Internet over the last years, and the expectation of an even faster increase in the numbers of users and networked systems, resulted in the Internet assuming its position as a mass communication medium. At the same time, the emergence of an increasingly large number of application areas and the evolution of the networking technology suggest that in the near future the Internet may become the single integrated communication infrastructure. However, as the dependence on the networking infrastructure grows, its security becomes a major concern, in light of the increased attempt to compromise the infrastructure. In particular, the routing operation is a highly visible target that must be shielded against a wide range of attacks. The injection of false routing information can easily degrade network performance, or even cause denial of service for a large number of hosts and networks over a long period of time. Different approaches have been proposed to secure the routing protocols, with a variety of countermeasures, which, nonetheless, have not eradicated the vulnerability of the routing infrastructure. In this article, we survey the up-to-date secure routing schemes that appeared over the last few years. Our critical point of view and thorough review of the literature are an attempt to identify directions for future research on an indeed difficult and still largely open problem.

  • 102. Papadimitratos, Panagiotis
    et al.
    Haas, Z. J.
    Hubaux, J. P.
    How to Specify and How to Prove Correctness of Secure Routing Protocols for MANET2006In: IEEE-CS Third International Conference on BroadBand Communcations, Networks, and Systems (IEEE BroadNets), 2006Conference paper (Other academic)
  • 103.
    Papadimitratos, Panagiotis
    et al.
    Cornell University, USA.
    Haas, Zygmunt
    Secure message transmission in mobile ad hoc networks2003In: Ad hoc networks, ISSN 1570-8705, E-ISSN 1570-8713, Vol. 1, no 1, p. 193-209Article in journal (Refereed)
    Abstract [en]

    The vision of nomadic computing with its ubiquitous access has stimulated much interest in the mobile ad hoc networking (MANET) technology. However, its proliferation strongly depends on the availability of security provisions, among other factors. In the open, collaborative MANET environment, practically any node can maliciously or selfishly disrupt and deny communication of other nodes. In this paper, we propose the secure message transmission (SMT) protocol to safeguard the data transmission against arbitrary malicious behavior of network nodes. SMT is a lightweight, yet very effective, protocol that can operate solely in an end-to-end manner. It exploits the redundancy of multi-path routing and adapts its operation to remain efficient and effective even in highly adverse environments. SMT is capable of delivering up to 83% more data messages than a protocol that does not secure the data transmission. Moreover, SMT achieves up to 65% lower end-to-end delays and up to 80% lower delay variability, compared with an alternative single-path protocol - a secure data forwarding protocol, which we term secure single path (SSP) protocol. Thus, SMT is better suited to support quality of service for real-time communications in the ad hoc networking environment. The security of data transmission is achieved without restrictive assumptions on the network nodes' trust and network membership, without the use of intrusion detection schemes, and at the expense of moderate multi-path transmission overhead only.

  • 104. Papadimitratos, Panagiotis
    et al.
    Hubaux, J. -P
    Report on the “Secure Vehicular Communications: Results and Challenges Ahead” Workshop2008In: ACM SIGMOBILE Mobile Computing and Communications Review (MC2R), ISSN 1559-1662, Vol. 12, p. 53-64Article in journal (Other academic)
  • 105. Papadimitratos, Panagiotis
    et al.
    Jovanovic, A.
    GNSS-based Positioning: Attacks and Countermeasures2008In: Proceedings of the IEEE Military Communications Conference (MILCOM), 2008, p. 1-7Conference paper (Refereed)
  • 106.
    Papadimitratos, Panagiotis
    et al.
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Jovanovic, A.
    Method to secure GNSS based locations in a device having GNSS receiver2009Patent (Other (popular science, discussion, etc.))
    Abstract [en]

    A method to detect at a GNSS receiver whether the received GNSS signals and navigation messages are the product of an attack. If there is evidence, as provided by the method described here, that the received signals and messages originate from adversarial devices, then receiver equipped with an instantiation of the method notifies the user or the computing platform that integrates the GNSS receiver that the calculated via the GNSS functionality position and time correction are not trustworthy. In other words, our method enables any GNSS receiver, for example, GPS, GLONASS, or Galileo, or any other GNSS system, to detect if the received navigation messages are the legitimate ones (from the satellites) or not (e.g., from attacker devices that generate fake messages that overwrite the legitimate messages).; Based on this detection, neither the user and nor any application running in the computing platform is misled to utilize erroneous position information.

  • 107. Papadimitratos, Panagiotis
    et al.
    Kung, A.
    Hubaux, J. -P
    Kargl, F.
    Privacy and Identity Management for Vehicular Communication Systems: A Position Paper2006In: Workshop on Standards for Privacy in User-Centric Identity Management, 2006Conference paper (Refereed)
    Abstract [en]

    The emerging technology of vehicular communications (VC) raises a number of technical problems that need to be addressed. Among those, security and privacy concerns are paramount for the wide adoption of VC. In this position paper, we are concerned with privacy and identity management in the context of these systems. We identify VC-specific issues and challenges, considering the salient features of these systems. In particular, we view them in the context of other broader privacy protection efforts, as well as in the light of on-going work for VC standardization, and other mobile wireless communication technologies.

  • 108.
    Papadimitratos, Panagiotis
    et al.
    Swiss Federal Institute of Technology in Lausanne, Switzerland .
    Luo, J.
    Hubaux, J. -P
    Randomized Countermeasure Against Parasitic Adversaries in Wireless Sensor Networks2010In: IEEE Journal on Selected Areas in Communications, ISSN 0733-8716, E-ISSN 1558-0008, Vol. 28, no 7, p. 1036-1045Article in journal (Refereed)
    Abstract [en]

    Due to their limited capabilities, wireless sensor nodes are subject to physical attacks that are hard to defend against. In this paper, we first identify a typical attacker, called parasitic adversary, who seeks to exploit sensor networks by obtaining measurements in an unauthorized way. As a countermeasure, we first employ a randomized key refreshing: with low communication cost, it aims at confining (but not eliminating) the effects of the adversary. Moreover, our low-complexity solution, GossiCrypt, leverages on the large scale of sensor networks to protect data confidentiality, efficiently and effectively. GossiCrypt applies symmetric key encryption to data at their source nodes; and it applies re-encryption at a randomly chosen subset of nodes en route to the sink. The combination of randomized key refreshing and GossiCrypt protects data confidentiality with a probability of almost 1; we show this analytically and with simulations. In addition, the energy consumption of GossiCrypt is lower than a public-key based solution by several orders of magnitude.

  • 109. Papadimitratos, Panagiotis
    et al.
    Mishra, A.
    Rosenburgh, D.
    A Cross-Layer Design Approach to Enhance 802.15.42005In: Proceedings of the IEEE Military Communications Conference MILCOM, IEEE , 2005, p. 1719-1726Conference paper (Refereed)
  • 110. Papadimitratos, Panagiotis
    et al.
    Poturalski, M.
    Schaller, P.
    Lafourcade, P.
    Basin, D.
    Čapkun, S.
    Hubaux, J. -P
    Secure Neighborhood Discovery: A Fundamental Element for Mobile Ad Hoc Networking2008In: IEEE Communications Magazine, ISSN 0163-6804, E-ISSN 1558-1896, Vol. 46, no 2, p. 132-139Article in journal (Refereed)
  • 111. Papadimitratos, Panagiotis
    et al.
    Sankaranarayanan, S.
    Mishra, A.
    A Bandwidth Sharing Approach to Improve Licensed Spectrum Utilization2005In: IEEE Communications Magazine, ISSN 0163-6804, E-ISSN 1558-1896, Vol. 43, no 12Article in journal (Refereed)
  • 112. Papadimitratos, Panagiotis
    et al.
    Sirer, E. G.
    Haas, Z. J.
    Path Set Selection in Mobile Ad Hoc Networks2002In: Proceedings of the Third ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc), 2002, p. 1-11Conference paper (Refereed)
    Abstract [en]

    Topological changes in mobile ad hoc networks frequently render routing paths unusable. Such recurrent path failures have detrimental effects on the network ability to support QoS-driven services. A promising technique for addressing this problem is to use multiple redundant paths between the source and the destination. However, while multipath routing algorithms can tolerate network failures well, their failure resilience only holds if the paths are selected judiciously. In particular, the correlation between the failures of the paths in a redundant path set should be as small as possible. However, selecting an optimal path set is an NP-complete problem. Heuristic solutions proposed in the literature are either too complex to be performed in real-time, or too ineffective, or both. This paper proposes a multipath routing algorithm, called Disjoint Pathset Selection Protocol (DPSP), based on a novel heuristic that, in nearly linear time on average, picks a set of highly reliable paths. The convergence to a highly reliable path set is very fast, and the protocol provides flexibility in path selection and routing algorithm. Furthermore, DPSP is suitable for real-time execution, with nearly no message exchange overhead and with minimal additional storage requirements. This paper presents evidence that multipath routing can mask a substantial number of failures in the network compared to single path routing protocols, and that the selection of paths according to DPSP can be beneficial for mobile ad hoc networks, since it dramatically reduces the rate of route discoveries.

  • 113. Papadimitratos, Panos
    Secure and Fault-Tolerant Communication in Mobile Ad Hoc Networks2005Doctoral thesis, monograph (Other academic)
  • 114.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Security and Privacy Mechanisms for Vehicular Networks2010In: Vehicular Networking: Automotive Applications and Beyond / [ed] Marc Emmelmann, Bernd Bochow, C. Christopher Kellum, John Wiley & Sons, 2010, 1, p. 105-127Chapter in book (Other academic)
  • 115. Papadimitratos, Panos
    et al.
    Haas, Z. J.
    Secure Routing for Mobile Ad Hoc Networks2002In: Proceedings of the SCS Commnication Networks and Distributed Systems Modeling and Simulation Conference (CNDS), 2002, p. 193-204Conference paper (Refereed)
    Abstract [en]

    The emergence of the Mobile Ad Hoc Networking (MANET) technology advocates self-organized wireless interconnection of communication devices that would either extend or operate in concert with the wired networking infrastructure or, possibly, evolve to autonomous networks. In either case, the proliferation of MANET-based applications depends on a multitude of factors, with trustworthiness being one of the primary challenges to be met.

    Despite the existence of well-known security mechanisms, additional vulnerabilities and features pertinent to this new networking paradigm might render such traditional solutions inapplicable. In particular, the absence of a central authorization facility in an open and distributed communication environment is a major challenge, especially due to the need for cooperative network operation. In particular, in MANET, any node may compromise the routing protocol functionality by disrupting the route discovery process. In this paper, we present a route discovery protocol that mitigates the detrimental effects of such malicious behavior, as to provide correct connectivity information. Our protocol guarantees that fabricated, compromised, or replayed route replies would either be rejected or never reach back the querying node. Furthermore, the protocol responsiveness is safeguarded under different types of attacks that exploit the routing protocol itself. The sole requirement of the proposed scheme is the existence of a security association between the node initiating the query and the sought destination. Specifically, no assumption is made regarding the intermediate nodes, which may exhibit arbitrary and malicious behavior. The scheme is robust in the presence of a number of non-colluding nodes, and provides accurate routing information in a timely manner.

  • 116. Piórkowski, M.
    et al.
    Raya, M.
    Lugo, A. Lezama
    Papadimitratos, Panos
    Grossglauser, M.
    Hubaux, J. -P.
    TraNS: Realistic Joint Traffic and Network Simulator for VANETs2008In: ACM SIGMOBILE Mobile Computing and Communications Review (MC2R), ISSN 1559-1662, Vol. 12, no 1, p. 31-33Article in journal (Refereed)
  • 117. Poturalski, M.
    et al.
    Flury, M.
    Papadimitratos, Panagiotis
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Hubaux, J. -P
    Boudec, J.-Y. Le
    Distance Bounding with IEEE 802.15.4a: Attacks and Countermeasures2011In: IEEE Transactions on Wireless Communications, ISSN 1536-1276, Vol. 10, p. 1334-1344Article in journal (Refereed)
    Abstract [en]

    Impulse Radio Ultra-Wideband, in particular the recent standard IEEE 802.15.4a, is a primary candidate for implementing distance bounding protocols, thanks to its ability to perform accurate indoor ranging. Distance bounding protocols allow two wireless devices to securely estimate the distance between themselves, with the guarantee that the estimate is an upper-bound on the actual distance. These protocols serve as building blocks in security-sensitive applications such as tracking, physical access control, or localization.We investigate the resilience of IEEE 802.15.4a to physical-communication-layer attacks that decrease the distance measured by distance bounding protocols, thus violating their security. We consider two attack types: malicious prover (internal) and distance-decreasing relay (external). We show that if the honest devices use energy-detection receivers (popular due to their low cost and complexity), then an adversary can perform highly effective internal and external attacks, decreasing the distance by hundreds of meters. However, by using more sophisticated rake receivers, or by implementing small modifications to IEEE 802.15.4a and employing energy-detection receivers with a simple countermeasure, honest devices can reduce the effectiveness of external distance-decreasing relay attacks to the order of 10m. The same is true for malicious prover attacks, provided that an additional modification to IEEE 802.15.4a is implemented.

  • 118. Poturalski, M.
    et al.
    Flury, M.
    Papadimitratos, Panagiotis
    Hubaux, J. -P
    Boudec, J.-Y. Le
    The Cicada Attack: Degradation and Denial of Service in IR Ranging2010Conference paper (Refereed)
  • 119. Poturalski, M.
    et al.
    Papadimitratos, P.
    Hubaux, J. -P
    Secure Neighbor Discovery in Wireless Networks: Is It Possible?2007Report (Other academic)
    Abstract [en]

    Wireless communication enables a broad spectrum of appli-cations, ranging from commodity to tactical systems.Neigh-bor discovery(ND), that is, determining which devices arewithin direct radio communication, is a building block ofnetwork protocols and applications, and its vulnerability canseverely compromise their functionalities. A number of pro-posals tosecureND have been published, but none haveanalyzed the problem formally. In this paper, we contributesuch an analysis: We build a formal model capturing salientcharacteristics of wireless systems, most notably obstaclesand interference, and we provide a speciØcation of a basicvariant of the ND problem. Then, we derive animpossibilityresultfor a general class of protocols we term \time-basedprotocols," to which many of the schemes in the literaturebelong. We also identify the conditions under which the im-possibility result is lifted.  Moreover, we explore a secondclass of protocols we term \time- and location-based proto-cols," and prove they can secure ND

  • 120. Poturalski, M.
    et al.
    Papadimitratos, Panagiotis
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Hubaux, J. -P
    Formal Analysis of Secure Neighbor Discovery in Wireless Networks2013Report (Refereed)
    Abstract [en]

    We develop a formal framework for the analysis of security protocols in wireless networks. The framework captures characteristics necessary to reason about neighbor discovery protocols, such as the neighbor relation, device location, and message propagation time. We use this framework to establish general results about the possibility of neighbor discovery. In particular, we show that time-based protocols cannot in general provide secure neighbor discovery. Given this insight, we also use the framework to prove the security of four concrete neighbor discovery protocols, including two novel time-and-location based protocols. We mechanize the model and some proofs in the theorem prover Isabelle.

  • 121. Poturalski, M.
    et al.
    Papadimitratos, Panagiotis
    Hubaux, J. -P
    Secure Neighbor Discovery in Wireless Networks: Formal Investigation of Possibility2008In: ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2008, p. 189-200Conference paper (Refereed)
  • 122. Poturalski, M.
    et al.
    Papadimitratos, Panagiotis
    Hubaux, J. -P
    Towards Provable Secure Neighbor Discovery in Wireless Networks2008In: FMSE '08 Proceedings of the 6th ACM workshop on Formal methods in security engineering, ACM , 2008, p. 31-41Conference paper (Refereed)
  • 123. Poturalski, Marcin
    et al.
    Flury, Manuel
    Papadimitratos, Panos
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Hubaux, Jean-Pierre
    Le Boudec, Jean-Yves
    On Secure and Precise IR-UWB Ranging2012In: IEEE Transactions on Wireless Communications, ISSN 1536-1276, E-ISSN 1558-2248, Vol. 11, no 3, p. 1087-1099Article in journal (Refereed)
    Abstract [en]

    To provide high ranging precision in multipath environments, a ranging protocol should find the first arriving path, rather than the strongest path. We demonstrate a new attack vector that disrupts such precise Time-of-Arrival (ToA) estimation, and allows an adversary to decrease the measured distance by a value in the order of the channel spread (10-20 meters). This attack vector can be used in previously reported physical-communication-layer (PHY) attacks against secure ranging (or distance bounding). Furthermore, it creates a new type of attack based on malicious interference: This attack is much easier to mount than the previously known external PHY attack (distance-decreasing relay) and it can work even if secret preamble codes are used. We evaluate the effectiveness of this attack for a PHY that is particularly well suited for precise ranging in multipath environments: Impulse Radio Ultra-Wideband (IR-UWB). We show, with PHY simulations and experiments, that the attack is effective against a variety of receivers and modulation schemes. Furthermore, we identify and evaluate three types of countermeasures that allow for precise and secure ranging.

  • 124. Poturalski, Marcin
    et al.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Hubaux, Jean-Pierre
    Formal Analysis of Secure Neighbor Discovery in Wireless Networks2013In: IEEE Transactions on Dependable and Secure Computing, ISSN 1545-5971, E-ISSN 1941-0018, Vol. 10, no 6, p. 355-367Article in journal (Refereed)
    Abstract [en]

    We develop a formal framework for the analysis of security protocols in wireless networks. The framework captures characteristics necessary to reason about neighbor discovery protocols, such as the neighbor relation, device location, and message propagation time. We use this framework to establish general results about the possibility of neighbor discovery. In particular, we show that time-based protocols cannot in general provide secure neighbor discovery. Given this insight, we also use the framework to prove the security of four concrete neighbor discovery protocols, including two novel time-and-location-based protocols. We mechanize the model and some proofs in the theorem prover Isabelle.

  • 125. Raya, M.
    et al.
    Jungels, D.
    Papadimitratos, Panos
    Aad, I.
    Hubaux, J.-P.
    Certificate Revocation List Distribution in Vehicular Communication Systems: EPFL Technical  Report, LCA-REPORT-2008-0192008Report (Other academic)
  • 126. Raya, M.
    et al.
    Papadimitratos, Panagiotis
    Aad, I.
    Jungels, D.
    Hubaux, J. -P
    Eviction of Misbehaving and Faulty Nodes in Vehicular Networks2007In: IEEE Journal on Selected Areas in Communications, ISSN 0733-8716, E-ISSN 1558-0008, Vol. 25, no 8, p. 1557-1568Article in journal (Refereed)
  • 127. Raya, M.
    et al.
    Papadimitratos, Panagiotis
    Gligor, V.
    Hubaux, J-P
    On Data-Centric Trust Establishment in Ephemeral Ad hoc Networks2008In: Proceedings of the 27th IEEE Conference on Computer Communications (INFOCOM), IEEE , 2008, p. 1238-1246Conference paper (Refereed)
  • 128. Raya, M.
    et al.
    Papadimitratos, Panagiotis
    EPFL, Switzerland.
    Hubaux, J. -P
    Securing Vehicular Communications2006In: IEEE wireless communications, ISSN 1536-1284, E-ISSN 1558-0687, Vol. 13, no 5, p. 8-15Article in journal (Refereed)
    Abstract [en]

    The road to a successful introduction of vehicular communications has to pass through the analysis of potential security threats and the design of a robust security architecture able to cope with these threats. In this article we undertake this challenge. In addition to providing a survey of related academic and industrial efforts, we also outline several open problems.

  • 129.
    Raya, Maxim
    et al.
    Laboratory for computer Communications and Applications (LCA), School of Computer and Communication Sciences, EPFL.
    Jungels, Daniel
    Laboratory for computer Communications and Applications (LCA), School of Computer and Communication Sciences, EPFL.
    Papadimitratos, Panos
    Laboratory for computer Communications and Applications (LCA), School of Computer and Communication Sciences, EPFL.
    Aad, Imad
    Laboratory for computer Communications and Applications (LCA), School of Computer and Communication Sciences, EPFL.
    Hubaux, Jean-Pierre
    Laboratory for computer Communications and Applications (LCA), School of Computer and Communication Sciences, EPFL.
    Certificate Revocation in Vehicular Networks2006Report (Other academic)
    Abstract [en]

    Among civilian communication systems, vehicular net-works emerge as one of the most convincing and yetmost challenging instantiations of the mobile ad hocnetworking technology. Towards their deployment, se-curity is a critical factor and signiØcant challenge to bemet. In this paper, we are concerned with the problemof certiØcate revocation in vehicular networks, a prob-lem of central importance for any security architectureand particularly di±cult for vehicular networks.  Wecontribute a set of protocols for e±cient and eÆectiverevocation, to evict illegitimate or faulty network nodes.Furthermore, we propose a protocol that enables nodesto collectively shield themselves against faulty of mali-cious operation of other nodes and contribute to theireviction. We show, by means of simulations, that oursolution is feasible and achieves a su±cient level of ro-bustness in spite of the unique challenges of the vehic-ular networking environment.

  • 130. Ristanovic, N.
    et al.
    Papadimitratos, P.
    Theodorakopoulos, G.
    Hubaux, J. -P
    Leboudec, J. -Y
    Adaptive Message Authentication for Vehicular Networks2009In: Proceedings of the Sixth International Workshop on Vehicular Ad Hoc Networks, VANET 2009., 2009, p. 121-122Conference paper (Refereed)
    Abstract [en]

    Public key cryptography can introduce significant processing delays in vehicular communication platforms. This can lead to serious performance issues; especially in the case of multi-hop Inter-Vehicle Communication. In this paper we propose Adaptive Message Authentication (AMA), a lightweight filtering scheme that reduces the number of cryptographic operations performed by the nodes. Based only on local observations and with no additional communication channel, our scheme achieves global improvement of network performance. We show through simulation that the scheme successfully adapts the number of cryptographic operations to the locally observed number of adversaries.

  • 131. Ristanovic, N.
    et al.
    Papadimitratos, Panagiotis
    Theodorakopoulos, G.
    Hubaux, J. -P
    Boudec, J.-Y. Le
    Adaptive Message Authentication for Multi-Hop Networks2011In: International Conference on Wireless On-Demand Network Systems and Services (IEEE/IFIP WONS), IEEE , 2011, p. 96-103Conference paper (Other academic)
  • 132.
    Salimi, Somayeh
    et al.
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Jorswieck, Eduard
    Skoglund, Mikael
    KTH, School of Electrical Engineering (EES), Communication Theory. KTH, School of Electrical Engineering (EES), Centres, ACCESS Linnaeus Centre.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Key Agreement over an Interference Channel with Noiseless Feedback: Achievable Region & Distributed Allocation2015In: IEEE Conference on Communications and Network Security (CNS), Institute of Electrical and Electronics Engineers (IEEE), 2015, p. 59-64, article id 7346811Conference paper (Refereed)
    Abstract [en]

    Secret key establishment leveraging the physical layer as a source of common randomness has been investigated in a range of settings. We investigate the problem of establishing, in an information-theoretic sense, a secret key between a user and a base-station (BS) (more generally, part of a wireless infrastructure), but for two such user-BS pairs attempting the key establishment simultaneously. The challenge in this novel setting lies in that a user can eavesdrop another BS-user communications. It is thus paramount to ensure the two keys are established with no leakage to the other user, in spite the interference across neighboring cells. We model the system with BS-user communication through an interference channel and user-BS communication through a public channel. We find the region including achievable secret key rates for the general case that the interference channel (IC) is discrete and memoryless. Our results are examined for a Gaussian IC. In this setup, we investigate the performance of different transmission schemes for power allocation. The chosen transmission scheme by each BS essentially affects the secret key rate of the other BS-user. Assuming base stations are trustworthy but that they seek to maximize the corresponding secret key rate, a game-theoretic setting arises to analyze the interaction between the base stations. We model our key agreement scenario in normal form for different power allocation schemes to understand performance without cooperation. Numerical simulations illustrate the inefficiency of the Nash equilibrium outcome and motivate further research on cooperative or coordinated schemes.

  • 133. Sankaranarayanan, S.
    et al.
    Papadimitratos, Panagiotis
    Mishra, A.
    A Bandwidth Sharing Approach to Improve Licenced Spectrum Utilization2005In: IEEE International Symposium on New Frontiers in Dynamic Spectrum Access Networks (DySPAN), IEEE , 2005, p. 279-288Conference paper (Refereed)
  • 134. Sankaranarayanan, S.
    et al.
    Papadimitratos, Panagiotis
    Mishra, A.
    Enhancing Wireless Spectrum Utilization with a Cellular-Ad hoc Overlay Architecture2005In: Proceedings of the IEEE Military Communications Conference (MILCOM), IEEE , 2005, Vol. 1, p. 405-415Conference paper (Refereed)
  • 135. Schoch, E.
    et al.
    Kargl, F.
    Leinmüller, T.
    Schlott, S.
    Papadimitratos, Panagiotis
    Impact of Pseudonym Changes on Geographic Routing in VANETs2006In: LECTURE NOTES IN COMPUTER SCIENCE, Springer , 2006, Vol. 4357, p. 43-57Conference paper (Refereed)
  • 136.
    Shokri, R.
    et al.
    Tehran University of Medical Sciences.
    Nayyeri, A.
    Tehran University of Medical Sciences.
    Yazdani, N.
    Tehran University of Medical Sciences.
    Papadimitratos, P.
    Tehran University of Medical Sciences.
    Efficient and Adjustable Recipient Anonymity in Mobile Ad Hoc Networks2007In: 2007 IEEE INTERNATIONAL CONFERENCE ON MOBILE AD-HOC AND SENSOR SYSTEMS, VOLS 1-3, 2007, p. 1-3Conference paper (Refereed)
    Abstract [en]

    The privacy of users of mobile devices has been at stake, with emerging systems based on the mobile ad hoc networking technology raising additional concerns. The establishment of a connection between two nodes could readily reveal information to an eavesdropper One approach to prevent this is to provide receiver anonymity, i.e., conceal the identity of the receiver, during the establishment of a communication path. In this paper, we introduce such a scheme that improves the efficiency of anonymous discovery, balances its cost among network nodes, and can be adaptive, trading off the degree of anonymity for the receiver.

  • 137. Shokri, R.
    et al.
    Poturalski, M.
    Ravot, G.
    Papadimitratos, Panagiotis
    Hubaux, J. -P
    A Practical Secure Neighbor Verification Protocol for Wireless Sensor Networks2009In: Second ACM Conference on Wireless Network Security (WiSec’09), 2009Conference paper (Refereed)
  • 138. Shokri, Reza
    et al.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Theodorakopoulos, George
    Hubaux, Jean-Pierre
    Collaborative Location Privacy2011In: 8th IEEE International Conference on Mobile Adhoc and Sensor Systems (MASS), IEEE , 2011, p. 500-509Conference paper (Refereed)
    Abstract [en]

    Location-aware smart phones support various location-based services (LBSs): users query the LBS server and learn on the fly about their surroundings. However, such queries give away private information, enabling the LBS to identify and track users. We address this problem by proposing the first, to the best of our knowledge, user-collaborative privacy preserving approach for LBSs. Our solution, MobiCrowd, is simple to implement, it does not require changing the LBS server architecture, and it does not assume third party privacy-protection servers; still, MobiCrowd significantly improves user location-privacy. The gain stems from the collaboration of MobiCrowd-ready mobile devices: they keep their context information in a buffer, until it expires, and they pass it to other users seeking such information. Essentially, the LBS does not need to be contacted unless all the collaborative peers in the vicinity lack the sought information. Hence, the user can remain hidden from the server, unless it absolutely needs to expose herself through a query. Our results show that MobiCrowd hides a high fraction of location-based queries, thus significantly enhancing user location-privacy. To study the effects of various parameters, such as the collaboration level and contact rate between mobile users, we develop an epidemic model. Our simulations with real mobility datasets corroborate our model-based findings. Finally, our implementation of MobiCrowd on Nokia platforms indicates that it is lightweight and the collaboration cost is negligible.

  • 139.
    Shokri, Reza
    et al.
    Laboratory for Computer Communications and Applications, EPFL.
    Poturalski, Marcin
    Laboratory for Computer Communications and Applications, EPFL.
    Ravot, Gael
    Laboratory for Computer Communications and Applications, EPFL.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering (EES). Laboratory for Computer Communications and Applications, EPFL.
    Hubaux, Jean Pierre
    Laboratory for Computer Communications and Applications, EPFL.
    A low-cost secure neighbor verification protocol for wireless sensor networks2008Report (Other academic)
    Abstract [en]

    Wireless networking relies on a fundamental building block,neighbor  discovery(ND).  However,  the  nature  of  wirelesscommunications makes attacks against ND easy:  an adver-sary can simply replay or relay (wormhole) packets acrossthe network and misleaddisconnectednodes they commu-nicate  directly.   Such  attacks  can  compromise  the  overly-ing protocols and applications.  Proposals in the literatureseek tosecureND, allowing nodes toverifythey are neigh-bors.  However, they either rely on specialized hardware orinfrastructure,  or  oer  limited  security,  often  only  againstan  attack  mounted  by  at  most  two  adversarial  nodes  (a2-end  wormhole).   In  this  paper,  we  address  these  prob-lems,  designing  a  secureneighbor  vericationprotocol  forlow-costandconstrainedWireless Sensor networks (WSN).Our scheme relies on nodes' distance estimation and simplegeometric  tests,  and  it  is  fullydistributed.   We  prove  ourprotocol secure against the classical 2-end wormhole attack,and we show it makes it hard to mount ak-end wormholeattack (k >2):  For non-negligible yet limited chance of suc-cess,  the  adversary  must  know  the  locations  of  all  victimnodes and deploy a relay (wormhole) node close toeachvic-tim.  We provided a proof-of-concept implementation witho-the-shelfWSN equipment, Cricket Motes.  The protocolis the rst applicable method that achieves a high level ofsecurity for WSN against sophisticated wormhole attacks.

  • 140. Shokri, Reza
    et al.
    Theodorakopoulos, George
    Papadimitratos, Panos
    KTH, School of Electrical Engineering (EES).
    Kazemi, Ehsan
    Hubaux, Jean-Pierre
    Hiding in the Mobile Crowd: Location Privacy through Collaboration2014In: IEEE Transactions on Dependable and Secure Computing, ISSN 1545-5971, E-ISSN 1941-0018, Vol. 11, no 3, p. 266-279Article in journal (Refereed)
    Abstract [en]

    Location-aware smartphones support various location-based services (LBSs): users query the LBS server and learn on the fly about their surroundings. However, such queries give away private information, enabling the LBS to track users. We address this problem by proposing a user-collaborative privacy-preserving approach for LBSs. Our solution does not require changing the LBS server architecture and does not assume third party servers; yet, it significantly improves users' location privacy. The gain stems from the collaboration of mobile devices: they keep their context information in a buffer and pass it to others seeking such information. Thus, a user remains hidden from the server, unless all the collaborative peers in the vicinity lack the sought information. We evaluate our scheme against the Bayesian localization attacks that allow for strong adversaries who can incorporate prior knowledge in their attacks. We develop a novel epidemic model to capture the, possibly time-dependent, dynamics of information propagation among users. Used in the Bayesian inference framework, this model helps analyze the effects of various parameters, such as users' querying rates and the lifetime of context information, on users' location privacy. The results show that our scheme hides a high fraction of location-based queries, thus significantly enhancing users' location privacy. Our simulations with real mobility traces corroborate our model-based findings. Finally, our implementation on mobile platforms indicates that it is lightweight and the cost of collaboration is negligible.

  • 141.
    Stylianos, Gisdakis
    et al.
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Giannetsos, Thanassis
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Android privacy C(R)ache: Reading your external storage and sensors for fun and profit2016In: PAMCO 2016 - Proceedings of the 2nd MobiHoc International Workshop on Privacy-Aware Mobile Computing, Association for Computing Machinery (ACM), 2016, p. 1-10Conference paper (Refereed)
    Abstract [en]

    Android's permission system empowers informed privacy decisions when installing third-party applications. However, examining the access permissions is not enough to assess privacy exposure; even seemingly harmless applications can severely expose user data. This is what we demonstrate here: an application with the common READ-EXTERNAL-STORAGE and the INTERNET permissions can be the basis of extracting and inferring a wealth of private information. What has been overlooked is that such a "curious" application can prey on data stored in the Android's commonly accessible external storage or on unprotected phone sensors. By accessing and stealthily extracting data thought to be unworthy of protection, we manage to access highly sensitive information: user identifiers and habits. Leveraging data-mining techniques, we explore a set of popular applications, establishing that there is a clear privacy danger for numerous users installing innocent-looking and but, possibly, "curious" applications.

  • 142. Stylianos, Gisdakis
    et al.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering (EES), Communication Networks.
    On the Optimal Allocation of Adversarial Resources2012In: Mobicom'12 The 18th Annual International Conference on Mobile Computing and Networking: Proceedings of the first ACM international workshop on Mission-oriented wireless sensor networking / [ed] ACM, Association for Computing Machinery (ACM), 2012, p. 33-38Conference paper (Refereed)
    Abstract [en]

    Security is important for mission-critical wireless sensor net-works (WSNs). This is especially so because powerful ad-versaries could compromise and control a significant frac-tion of the network nodes. A plethora of schemes has beendeveloped to secure wireless sensor networks and resilienceto sophisticated attacks has been analyzed. However, thequestion of how the adversary could deploy her resources tomaximally affect the attacked system has remained largelyunaddressed. This is the problem this paper is concernedwith: Given a number of compromised entities (nodes) andcryptographic keys, how can the adversary devise a close-to-optimal attack tactic? To the best of our knowledge, this isthe first investigation of its kind: while the basic adversarialbehavior is well-known, the problem of how the adversarycan optimally deploy her resources to maximize the attackimpact has not been considered for WSNs. We consideran abstract model of the mission-critical WSN and the ad-versary, and we find that the determination of an optimalattack is computationally hard, thus, we devise an efficientheuristic approach. An intelligent adversarial resource allo-cation indeed yields disproportional gains for the attacker.Our analysis is the first necessary step to comprehend howto best address vulnerabilities.

  • 143.
    Vaas, Christian
    et al.
    Univ Oxford, Syst Secur Lab, Oxford, England..
    Khodaei, Mohammad
    KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems engineering.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems engineering.
    Martinovic, Ivan
    Univ Oxford, Syst Secur Lab, Oxford, England..
    Nowhere to hide?: Mix-Zones for Private Pseudonym Change using Chaff Vehicles2018In: 2018 IEEE Vehicular Networking Conference (VNC) / [ed] Altintas, O Tsai, HM Lin, K Boban, M Wang, CY Sahin, T, Institute of Electrical and Electronics Engineers (IEEE), 2018Conference paper (Refereed)
    Abstract [en]

    In vehicular communication systems, cooperative awareness messages provide contextual information required for transportation safety and efficiency applications. However, without the appropriate design, these messages introduce a new attack vector to compromise passenger privacy. The use of ephemeral credentials - pseudonyms - was therefore proposed, essentially to split a journey into unlinkable segments. To protect segment transitions, encrypted mix-zones provide regions where vehicles can covertly change their pseudonyms. While previous work focused on the placement, shape, and protocols for mix-zones, attacks that correlate vehicles entering and existing these zones still remain a problem. Furthermore, existing schemes have only considered homogeneous traffic, disregarding variations in vehicle density due to differences in driver population, road layout, and time of day. Without realistic experimental results, any conclusion on real-world applicability is precarious. In this paper, we address this challenge and present a novel scheme that works independent of vehicles' mobility patterns. More precisely, our system generates fictive chaff vehicles when needed and broadcasts their traces, while it remains unobtrusive if sufficiently many vehicles are present. This greatly improves privacy protection in situations with inherently low traffic density, e.g., suburban areas, and during low traffic periods. Our scheme ensure that an external attacker cannot distinguish between real and chaff vehicles, while legitimate vehicles can recognize chaff messages; this is important, because chaff vehicles (and messages) must not affect the operation of safety applications. In our evaluation, we compare our chaff-based approach with an existing cryptographic mix-zone scheme. Our results under realistic traffic conditions show that by introducing fictive vehicles, traffic flow variations can be smoothed and privacy protection can be enhanced up to 76%.

  • 144.
    Vaas, Christian
    et al.
    University of Oxford, Oxford, United Kingdom.
    Papadimitratos, Panagiotis
    KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems engineering.
    Martinovic, Ivan
    University of Oxford, Oxford, United Kingdom.
    Increasing mix-zone eicacy for pseudonym change in VANETs using cha messages2018In: WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Association for Computing Machinery, Inc , 2018, p. 287-288Conference paper (Refereed)
    Abstract [en]

    Vehicular ad-hoc networks (VANETs) are designed to play a key role in the development of future transportation systems. Although cooperative awareness messages provide the required situational awareness for new safety and eciency applications, they also introduce a new aack vector to compromise privacy. The use of ephemeral credentials called pseudonyms for privacy protection was proposed while ensuring the required security properties. In order to prevent an aacker from linking old to new pseudonyms, mix-zones provide a region in which vehicles can covertly change their signing material. In this poster, we extend the idea of mix-zones to mitigate pseudonym linking aacks with a mechanism inspired by cha-based privacy defense techniques for mix-networks. By providing cha trajectories, our system restores the ecacy of mix-zones to compensate for a lack of vehicles available to participate in the mixing procedure. Our simulation results of a realistic trac scenario show that a signicant improvement is possible.

  • 145.
    Vaas, Christian
    et al.
    Univ Oxford, Syst Secur Lab, Oxford, England..
    Roeschlin, Marc
    Univ Oxford, Syst Secur Lab, Oxford, England..
    Papadimitratos, Panos
    KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems engineering.
    Martinovic, Ivan
    Univ Oxford, Syst Secur Lab, Oxford, England..
    Poster: Tracking Vehicles Through Encrypted Mix-Zones Using Physical Layer Properties2018In: 2018 IEEE Vehicular Networking Conference (VNC) / [ed] Altintas, O Tsai, HM Lin, K Boban, M Wang, CY Sahin, T, IEEE, 2018Conference paper (Refereed)
    Abstract [en]

    The main objective of Vehicular Ad-hoc Networks (VANETs) is to enable a safer and more efficient driving experience by augmenting situational awareness on the road. Therefore, vehicles participating in a VANET continuously broadcast their state and location in Cooperative Awareness Messages (CAMs). While this information can be of great value to all road users, the transmission of such sensitive data poses a huge threat to privacy if messages can be linked to the sender. Signing messages using ephemeral pseudonyms is a widely accepted mitigation strategy that provides the security properties to guarantee the safe operation of VANET applications while offering conditional privacy to users. Pseudonym schemes allow On-Board Units (OBUs) to acquire a set of credentials and periodically exchange the signing material, dividing a journey into smaller, less meaningful segments. However, it is crucial to prevent an attacker from observing when pseudonym changes occur. In this poster, we investigate the resilience of a pseudonym change strategy based on encrypted mix-zones against the tracking of the physical properties inherent in the message transmission. By encrypting vehicle messages, Cryptographic mix-zones (CMIXs) offer protection against an eavesdropper external to the VANET, while at the same time preserving the integrity of safety applications. Even though CAMs containing location information are illegible for the attacker, the physical properties of radio signals, such as time of flight, cannot be obfuscated using encryption. To evaluate these properties, we acquired raw In-phase and Quadrature (I/Q) samples from transmissions of a NEXCOM OBU using Software Defined Radios (SDRs). Our results indicate that physical signal properties could be used to track vehicles through a CMIX.

  • 146. Wiedersheim, B.
    et al.
    Ma, Z.
    Kargl, F.
    Papadimitratos, P.
    Privacy in Inter-Vehicular Networks: Why Simple Pseudonym Change Is Not Enough2010In: International Conference on Wireless On-Demand Network Systems and Services (IEEE/IFIP WONS), IEEE , 2010, p. 176-183Conference paper (Other academic)
  • 147.
    Wiese, Moritz
    et al.
    KTH, School of Electrical Engineering (EES), Communication Theory. KTH, School of Electrical Engineering (EES), Centres, ACCESS Linnaeus Centre.
    Johansson, Karl H.
    KTH, School of Electrical Engineering (EES), Automatic Control. KTH, School of Electrical Engineering (EES), Centres, ACCESS Linnaeus Centre.
    Oechtering, Tobias J.
    KTH, School of Electrical Engineering (EES), Communication Theory. KTH, School of Electrical Engineering (EES), Centres, ACCESS Linnaeus Centre.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering (EES), Communication Networks. KTH, School of Electrical Engineering (EES), Centres, ACCESS Linnaeus Centre.
    Sandberg, Henrik
    KTH, School of Electrical Engineering (EES), Automatic Control. KTH, School of Electrical Engineering (EES), Centres, ACCESS Linnaeus Centre.
    Skoglund, Mikael
    KTH, School of Electrical Engineering (EES), Communication Theory. KTH, School of Electrical Engineering (EES), Centres, ACCESS Linnaeus Centre.
    Uncertain wiretap channels and secure estimation2016In: 2016 IEEE International Symposium on Information Theory, Institute of Electrical and Electronics Engineers (IEEE), 2016, p. 2004-2008Conference paper (Refereed)
    Abstract [en]

    The zero-error secrecy capacity of uncertain wiretap channels is defined. If the sensor-estimator channel is perfect, it is also calculated. Further properties are discussed. The problem of estimating a dynamical system with nonstochastic disturbances is studied where the sensor is connected to the estimator and an eavesdropper via an uncertain wiretap channel. The estimator should obtain a uniformly bounded estimation error whereas the eavesdropper's error should tend to infinity. It is proved that the system can be estimated securely if the zero-error capacity of the sensor-estimator channel is strictly larger than the logarithm of the system's unstable pole and the zero-error secrecy capacity of the uncertain wiretap channel is positive.

  • 148.
    Wiese, Moritz
    et al.
    KTH, School of Electrical Engineering and Computer Science (EECS).
    Oechtering, Tobias J.
    KTH, School of Electrical Engineering and Computer Science (EECS), Information Science and Engineering.
    Johansson, Karl H.
    KTH, School of Electrical Engineering and Computer Science (EECS), Automatic Control.
    Papadimitratos, Panagiotis
    KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems engineering.
    Sandberg, Henrik
    KTH, School of Electrical Engineering and Computer Science (EECS), Automatic Control.
    Skoglund, Mikael
    KTH, School of Electrical Engineering and Computer Science (EECS), Information Science and Engineering.
    Secure Estimation and Zero-Error Secrecy Capacity2019In: IEEE Transactions on Automatic Control, ISSN 0018-9286, E-ISSN 1558-2523, Vol. 64, no 3, p. 1047-1062Article in journal (Refereed)
    Abstract [en]

    We study the problem of securely estimating the states of an unstable dynamical system subject to non-stochastic disturbances. The estimator obtains all its information through an uncertain channel, which is subject to nonstochastic disturbances as well, and an eavesdropper obtains a disturbed version of the channel inputs through a second uncertain channel. An encoder observes and block encodes the states in such a way that, upon sending the generated codeword, the estimator's error is bounded and a security criterion is satisfied, thereby ensuring that the eavesdropper obtains as little state information as possible. Two security criteria are considered and discussed with the help of a numerical example. A sufficient condition on the uncertain wiretap channel, i.e., the pair formed by the uncertain channel from the encoder to the estimator and the uncertain channel from the encoder to the eavesdropper is derived, which ensures that a bounded estimation error and security are achieved. This condition is also shown to be necessary for a subclass of uncertain wiretap channels. To formulate the condition, the zero-error secrecy capacity of uncertain wiretap channels is introduced, i.e., the maximal rate at which data can be transmitted from the encoder to the estimator in such a way that the eavesdropper is unable to reconstruct the transmitted data. Finally, the zero-error secrecy capacity of uncertain wiretap channels is studied.

  • 149.
    Wiese, Moritz
    et al.
    KTH, School of Electrical Engineering (EES), Communication Theory.
    Papadimitratos, Panos
    KTH, School of Electrical Engineering (EES), Communication Networks.
    Frequency hopping does not increase anti-jamming resilience of wireless channels2016Conference paper (Refereed)
  • 150.
    Ye, Lin
    et al.
    KTH, School of Electrical Engineering (EES), Centres, ACCESS Linnaeus Centre.
    Fodor, Viktoria
    KTH, School of Electrical Engineering (EES), Communication Networks. KTH, School of Electrical Engineering (EES), Centres, ACCESS Linnaeus Centre.
    Giannetsos, Athanasios
    KTH, School of Electrical Engineering (EES), Centres, ACCESS Linnaeus Centre.
    Papadimitratos, Panagiotis
    KTH, School of Electrical Engineering (EES), Communication Networks. KTH, School of Electrical Engineering (EES), Centres, ACCESS Linnaeus Centre.
    Path metric authentication for low-power and lossy networks2015In: 1st ACM International Workshop on Cyber-Physical Systems for Smart Water Networks, CySWater 2015, Association for Computing Machinery (ACM), 2015Conference paper (Refereed)
    Abstract [en]

    Cyber physical systems often require sensor networks to perform unattended operation for a long time, while providing performance guarantees for monitoring and control applications. Since this poses requirements on the formed wireless sensor network topology, routing protocols provide a means to construct topologies according to complex objective functions, involving several routing metrics. As the metric values affect the emerging topology significantly, they need to be protected, to avoid topology formation attacks from malicious users. In this paper we consider the specific case of RPL based routing and propose a lightweight authentication approach to protect RPL path metrics. We evaluate the cost of metric authentication and show how to tradeoff the introduced tree construction delay and the achieved metric accuracy.

1234 101 - 150 of 154
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf