Standardized Vehicular Communication (VC), mainly Cooperative Awareness Messages (CAMs) and Decentralized Environmental Notification Messages (DENMs), is paramount to vehicle safety, carrying vehicle status information and reports of traffic/road-related events respectively. Broadcasted CAMs and DENMs are pseudonymously authenticated for security and privacy protection, with each node needing to have all incoming messages validated within an expiration deadline. This creates an asymmetry that can be easily exploited by external adversaries to launch a clogging Denial of Service (DoS) attack: each forged VC message forces all neighboring nodes to cryptographically validate it; at increasing rates, easy to generate forged messages gradually exhaust processing resources and severely degrade or deny timely validation of benign CAMs/DENMs. The result can be catastrophic when awareness of neighbor vehicle positions or critical reports are missed. We address this problem making the standardized VC pseudonymous authentication DoS-resilient. We propose efficient cryptographic constructs, which we term message verification facilitators, to prioritize processing resources for verification of potentially valid messages among bogus messages and verify multiple messages based on one signature verification. Any message acceptance is strictly based on public-key based message authentication/verification for accountability, i.e., non-repudiation is not sacrificed, unlike symmetric key based approaches. This further enables drastic misbehavior detection, also exploiting the newly introduced facilitators, based on probabilistic signature verification and cross-checking over multiple facilitators verifying the same message; while maintaining verification latency low even when under attack, trading off modest communication overhead. Our facilitators can also be used for efficient discovery and verification of DENM or any event-driven message, including misbehavior evidence used for our scheme. Even when vehicles are saturated by adversaries mounting a clogging DoS attack, transmitting high-rate bogus CAMs/DENMs, our scheme achieves an average 50 ms verification delay with message expiration ratio less than 1%- a huge improvement over the current standard that verifies every message signature in a First-Come First-Served (FCFS) manner and suffers from having 50% to nearly 100% of the received benign messages expiring.

In Vehicular Communication (VC) systems, neighboring vehicles exchange authenticated transportation safety messages, informing about own mobility and the environment. Verifying all received messages in a dense neighborhood introduces significant cryptographic computation overhead for resource-constrained vehicular On-Board Units (OBUs). Attackers can exploit this to launch Denial of Service (DoS) attacks to clog OBUs by broadcasting bogus messages at a high rate. This attack is particularly effective due to an inherent asymmetry and amplification factor: each safety message is to be validated by all receiving neighboring vehicles. This imbalance can lead to significant delays in sifting benign messages amidst a deluge of bogus messages. Even worse, failure to promptly verify a significant amount of benign messages can paralyze Vehicle-to-Vehicle (V2V) enabled applications. We address this challenge, proposing a mechanism that thwarts such attacks: puzzle-based pre-validation that prioritizes verification of potentially valid messages with yet unknown (i.e., unverified) Pseudonymous Certificates (PCs). Verification of such PCs (and their corresponding messages) can bootstrap the efficient pre-validation of follow-up messages authenticated by the same PCs. We show experimental results confirming our scheme can effectively mitigate unsophisticated clogging DoS attacks that do not attempt to solve puzzles. We further show our scheme also significantly raises the bar for sophisticated adversaries: it can be configured to force attackers to solve puzzles for their bogus messages actively - something possible only by investing in significantly higher (hundreds of times more) computational power than that of the targeted benign vehicles. Last but not least, our scheme can be adaptive while remaining compatible to standardized V2V security.

Global Navigation Satellite Systems enable precise localization and timing even for highly mobile devices, but legacy implementations provide only limited support for the new generation of security-enhanced signals. Inertial Measurement Units have proved successful in augmenting the accuracy and robustness of the GNSS-provided navigation solution, but effective navigation based on inertial techniques in denied contexts requires high-end sensors. However, commercially available mobile devices usually embed a much lower-grade inertial system. To counteract an attacker transmitting all the adversarial signals from a single antenna, we exploit carrier phase-based observations coupled with a low-end inertial sensor to identify spoofing and meaconing. By short-time integration with an inertial platform, which tracks the displacement of the GNSS antenna, the high-frequency movement at the receiver is correlated with the variation in the carrier phase. In this way, we identify legitimate transmitters, based on their geometrical diversity with respect to the antenna system movement. We introduce a platform designed to effectively compare different tiers of commercial INS platforms with a GNSS receiver. By characterizing different inertial sensors, we show that simple MEMS INS perform as well as high-end industrial-grade sensors. Sensors traditionally considered unsuited for navigation purposes offer great performance at the short integration times used to evaluate the carrier phase information consistency against the high-frequency movement. Results from laboratory evaluation and through field tests at Jammertest 2024 show that the detector is up to 90% accurate in correctly identifying spoofing (or the lack of it), without any modification to the receiver structure, and with mass-production grade INS typical for mobile phones.

The Domain Name System (DNS) is central to all Internet user activity, resolving accessed domain names into Internet Protocol (IP) addresses. As a result, curious DNS resolvers can learn everything about Internet users' interests. Public DNS resolvers are rising in popularity, offering low-latency resolution, high reliability, privacy-preserving policies, and support for encrypted DNS queries. However, client-resolver traffic encryption, increasingly deployed to protect users from eavesdroppers, does not protect users against curious resolvers. Similarly, privacy-preserving policies are based solely on written commitments and do not provide technical safeguards. Although DNS query relay schemes can separate duties to limit data accessible by each entity, they cannot prevent colluding entities from sharing user traffic logs. Thus, a key challenge remains: organizations operating public DNS resolvers, accounting for the majority of DNS resolutions, can potentially collect and analyze massive volumes of Internet user activity data. With DNS infrastructure that cannot be fully trusted, can we safeguard user privacy? We answer positively and advocate for a user-driven approach to reduce exposure to DNS services. We will discuss key ideas of the proposal, which aims to achieve a high level of privacy without sacrificing performance: maintaining low latency, network bandwidth, memory/storage overhead, and computational overhead.

Global Navigation Satellite Systems (GNSS) are fundamental in ubiquitously providing position and time to a wide gamut of systems. Jamming remains a realistic threat in many deployment settings, civilian and tactical. Specifically, in Unmanned Aerial Vehicles (UAVs) sustained denial raises safety critical concerns. This work presents a strategy that allows detection, localization, and classification both in the frequency and time domain of interference signals harmful to navigation. A high-performance Vertical Take Off and Landing (VTOL) UAV with a single antenna and a commercial GNSS receiver is used to geolocate and characterize RF emitters at long range, to infer the navigation impairment. Raw IQ baseband snapshots from the GNSS receiver make the application of spectral correlation methods possible without extra software-defined radio payload, paving the way to spectrum identification and monitoring in airborne platforms, aiming at RF situational awareness. Live testing at Jammertest, in Norway, with portable, commercially available GNSS multi-band jammers demonstrates the ability to detect, localize, and characterize harmful interference. Our system pinpointed the position with an error of a few meters of the transmitter and the extent of the affected area at long range, without entering the denied zone. Additionally, further spectral content extraction is used to accurately identify the jammer frequency, bandwidth, and modulation scheme based on spectral correlation techniques.

The limited or no protection for civilian Global Navigation Satellite System (GNSS) signals makes spoofing attacks relatively easy. With modern mobile devices often featuring network interfaces, state-of-the-art signals of opportunity (SOP) schemes can provide accurate network positions in replacement of GNSS. The use of onboard inertial sensors can also assist in the absence of GNSS, possibly in the presence of jammers. The combination of SOP and inertial sensors has received limited attention, yet it shows strong results on fully custom-built platforms. We do not seek to improve such special-purpose schemes. Rather, we focus on countering GNSS attacks, notably detecting them, with emphasis on deployment with consumer-grade platforms, notably smartphones, that provide off-the-shelf opportunistic information (i.e., network position and inertial sensor data). Our Position-based Attack Detection Scheme (PADS) is a probabilistic framework that uses regression and uncertainty analysis for positions. The regression optimization problem is a weighted mean square error of polynomial fitting, with constraints that the fitted positions satisfy the device velocity and acceleration. Then, uncertainty is modeled by a Gaussian process, which provides more flexibility to analyze how sure or unsure we are about position estimations. In the detection process, we combine all uncertainty information with the position estimations into a fused test statistic, which is the input utilized by an anomaly detector based on outlier ensembles. The evaluation shows that the PADS outperforms a set of baseline methods that rely on SOP or inertial sensor-based or statistical tests, achieving up to 3 times the true positive rate at a low false positive rate.

Location-based service (LBS) applications proliferate and support transportation, entertainment, and more. Modern mobile platforms, with smartphones being a prominent example, rely on terrestrial and satellite infrastructures (e.g., global navigation satellite system (GNSS) and crowdsourced Wi-Fi, Bluetooth, cellular, and IP databases) for correct positioning. However, they are vulnerable to attacks that manipulate positions to control and undermine LBS functionality-Thus enabling the scamming of users or services. Our work reveals that GNSS spoofing attacks succeed even though smartphones have multiple sources of positioning information. Moreover, that Wi-Fi spoofing attacks with GNSS jamming are surprisingly effective. More concerning is the evidence that sophisticated, coordinated spoofing attacks are highly effective. Attacks can target GNSS in combination with other positioning methods, thus defenses that assume that only GNSS is under attack cannot be effective. More so, resilient GNSS receivers and special-purpose antennas are not feasible on smartphones. To address this gap, we propose an extended receiver autonomous integrity monitoring (RAIM) framework that leverages the readily available, redundant, often so-called opportunistic positioning information on off-The-shelf platforms. We jointly use onboard sensors, terrestrial infrastructures, and GNSS. We show that our extended RAIM framework improves resilience against location spoofing, e.g., achieving a detection accuracy improvement of up to 24-58% compared to the state-of-The-Art algorithms and location providers; detecting attacks within 5 seconds, with a low false positive rate.

Large Language Models (LLMs) are increasingly deployed for task automation and content generation, yet their safety mechanisms remain vulnerable to circumvention through different jailbreaking techniques. In this paper, we introduce Content Concretization (CC), a novel jailbreaking technique that iteratively transforms abstract malicious requests into concrete, executable implementations. CC is a two-stage process: first, generating initial LLM responses using lower-tier, less constrained safety filters models, then refining them through higher-tier models that process both the preliminary output and original prompt. We evaluate our technique using 350 cybersecurity-specific prompts, demonstrating substantial improvements in jailbreak Success Rates (SRs), increasing from 7% (no refinements) to 62% after three refinement iterations, while maintaining a cost of 7.5¢ per prompt. Comparative A/B testing across nine different LLM evaluators confirms that outputs from additional refinement steps are consistently rated as more malicious and technically superior. Moreover, manual code analysis reveals that generated outputs execute with minimal modification, although optimal deployment typically requires target-specific fine-tuning. With eventual improved harmful code generation, these results highlight critical vulnerabilities in current LLM safety frameworks.

As Large Language Models (LLMs) become increasingly integrated into many technological ecosystems across various domains and industries, identifying which model is deployed or being interacted with is critical for the security and trustworthiness of the systems. Current verification methods typically rely on analyzing the generated output to determine the source model. However, these techniques are susceptible to adversarial attacks, operate in a post-hoc manner, and may require access to the model weights to inject a verifiable fingerprint. In this paper, we propose a novel passive fingerprinting framework that operates in real-time and remains effective even under encrypted network traffic conditions. Our method leverages the intrinsic autoregressive generation nature of language models, which generate text one token at a time based on all previously generated tokens, creating a unique temporal pattern–like a rhythm or heartbeat–that persists even when the output is streamed over a network. We find that measuring the Inter-Token Times (ITTs)–time intervals between consecutive tokens–can identify different language models with high accuracy. We develop a Deep Learning (DL) pipeline to capture these timing patterns using network traffic analysis and evaluate it on 16 Small Language Models (SLMs) and 10 proprietary LLMs across different deployment scenarios, including local host machine (GPU/CPU), Local Area Network (LAN), Remote Network, and when using Virtual Private Network (VPN). Our experimental results demonstrate high classification performance with weighted F1-scores of 85% when tested on a different day, 74% across different networks, and 71% when traffic is tunneled through a VPN connection. This work opens a new avenue for model identification in real-world scenarios and contributes to more secure and trustworthy language model deployment.

The Domain Name System (DNS) is involved in practically all web activity, translating easy-to-remember domain names into Internet Protocol (IP) addresses. Due to its central role on the Internet, DNS exposes user web activity in detail. The privacy challenge is honest-but-curious DNS servers/resolvers providing the translation/lookup service. In particular, with the majority of DNS queries handled by public DNS resolvers, the organizations running them can track, collect, and analyze massive user activity data. Existing solutions that encrypt DNS traffic between clients and resolvers are insufficient, as the resolver itself is the privacy threat. While DNS query relays separate duties among multiple entities, to limit the data accessible by each entity, they cannot prevent colluding entities from sharing user traffic logs. To achieve near-zero-trust DNS privacy compatible with the existing DNS infrastructure, we propose LLUAD: it locally stores a Popularity List, the most popular DNS records, on user devices, formed in a privacy-preserving manner based on user interests. In this way, LLUAD can both improve privacy and reduce access times to web content. The Popularity List is proactively retrieved from a (curious) public server that continually updates and refreshes the records based on user popularity votes, while efficiently broadcasting record updates/changes to adhere to aggressive load-balancing schemes (i.e., name servers actively load-balancing user connections by changing record IP addresses). User votes are anonymized using a novel, efficient, and highly scalable client-driven Voting Mix Network – with packet lengths independent of the number of hops, centrally enforced limit on number of votes cast per user, and robustness against poor client participation – to ensure a geographically relevant and correctly/securely instantiated Popularity List. We find that with a 25 000 entries long Popularity List, LLUAD provides both privacy-preserving and high performance DNS: this is due to the instant local (and anonymous) resolution of around 94% of queries based on the Popularity List, with the few remaining queries using other privacy-preserving, but latency-costly, alternatives, such as querying a public resolver over a public anonymous network, e.g., Tor. Beyond strong DNS privacy and low average lookup latency, LLUAD maintains network traffic overhead on par with widely deployed secure DNS protocols, with a memory/storage overhead of less than 2 MB.