Attack tree (AT) is one of the widely used non-state-space models for security analysis. The basic formalism of AT does not take into account defense mechanisms. Defense trees (DTs) have been developed to investigate the effect of defense mechanisms using measures such as attack cost, security investment cost, return on attack (ROA) and return on investment (ROI). DT, however, places defense me...

This document describes how to further extend the Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) extension [RFC4556] to exchange an opaque data blob which a KDC can validate to ensure that the client is currently in possession of the private key during a PKInit AS exchange.

During the SA3-31 meeting in Munich, it was decided that the Bluetooth link between peripheral devices did not require integrity protection (see section 6.1.1 of [1]). This contribution indicates that a man-in-the-middle attack may be possible on the bluetooth link in a WLAN in-terworking environment. The attacker lures the victim to connect to a malicious WLAN access point. The attack does not...

A wireless ad-hoc network is a collection of autonomous nodes that communicate with each other by each node acting as router and maintaining connectivity in a decentralized manner. The network topology is dynamic because the connectivity among the nodes may vary with time due to node departure, new arrivals and the possibility of having mobilenodes. In this paper, weexplore the effect on per se...

The harmful attack against Wireless Sensor Networks (WSN) is Node Replication attack, where one or more node(s) illegitimately claims an identity, are also called clone attack due to identity theft. The Node replication attack can be exceedingly injurious to many important functions of the sensor network such as routing, resource allocation, misbehavior detection, This study proposes a method R...

Causing packet loss due to attacks by malicious nodes is one of the most important problem in MANETs. There are many ways by which packet loss can occur in MANETs such as broken links, transmission errors, no route to the destination and attacks caused by malicious nodes. To determine the exact cause of packet loss in wireless network is a challenging task. In this paper, we have investigated p...

In this paper, we describe a new ID-based authenticated key agreement protocol that makes use of bilinear pairings. We then discuss the security properties of our scheme, including known-key security, perfect forward secrecy and no key control. It is also able to withstand both passive and active attacks. An important advantage of our scheme is that it preserves the perfect forward secrecy even...

Collaborative spectral sensing can fuse the perceived results of multiple cognitive users, and thus will improve the accuracy of perceived results. However, the multi-source features of the perceived results result in security problems in the system. When there is a high probability of a malicious user attack, the traditional algorithm can correctly identify the malicious users. However, when t...

In this article we present a lattice attack done on a NTRU-like scheme introduced by Verkhovsky in [1]. We show how, based on the relation between the public and private key, we can construct an attack which allows any passive adversary to decrypt the encrypted messages. We explain, step by step, how an attacker can construct an equivalent private key and guess what the original plaintext was. ...