Communication between vehicles is a very promising technology to reduce fatalities and injuries in road traffic. Vehicles spontaneously form communication networks where they exchange messages to warn surrounding vehicles. Theoretically, this system is open to any communication node that is equipped with the required communication technology. This openness demands appropriate security mechanism...

Remote attackers use network reconnaissance techniques, such as port scanning, to gain information about a victim machine and then use this information to launch an attack. Current network reconnaissance techniques, that are typically below the application layer, are limited in the sense that they can only give basic information, such as what services a victim is running. Furthermore, modern re...

Given a labelled transition system LTS partially observed by an attacker, and a regular predicate Sec over the runs of LTS, enforcing opacity of the secret Sec in LTS means computing a supervisory controller K such that an attacker who observes a run of K/LTS cannot ascertain that the trace of this run belongs to Sec based on the knowledge of LTS and K. We lift the problem from a single labelle...

In spite of the great success of the fully autonomous distributed AIBO robot soccer league, a standing challenge is the creation of an effective planned, rather than emergent, coordinated two-robot attack, where one robot is the main attacker and goes to the ball and the other robot “supports the attack.” While the main attacker has its navigation conceptually driven by following the ball and a...

The Internet introduces a variety of vulnerabilities that put the security and privacy of computer based systems under risk. One of the most perilous threats in the Internet is the Denial of Service (DoS) attack and its variants such as Distributed DoS (DDoS). In this work we propose a novel probabilistic packet marking scheme to infer forward paths from attacker sites to a victim site and enab...

W e present a game-theoretic model to explore how uncertainty about terrorist preferences can affect optimal resource allocations for infrastructure protection. We consider a dynamic game with incomplete information , in which the defender chooses how to allocate her defensive resources, and then an attacker chooses which target to attack according to a multiattribute utility function. Our mode...

There are a number of attacker models in the area of anonymous communication. Most of them are either very simplified or pretty abstract therefore difficult to generalize or even identify in real networks. While some papers distinct different attacker types, the usual approach is to present an anonymization technique and then to develop an attacker model for it in order to identify properties o...

We study timely status updates of a real-time system in an adversarial setting. The system samples a physical process, and sends the samples from the source (e.g., a sensor) to the destination (e.g, a control center) through a channel. For realtime monitoring/control tasks, it is crucial for the system to update the status of the physical process “timely”. We measure the timeliness of status up...

350 Abstract One of the greatest threats that network security faces nowadays is Distributed Denial of Service attacks. A newer version of the Denial of Service attack, also called Distributed Denial of Service attack or DDoS. In a distributed denialof-service (DDoS) attack, an attacker may use your computer to attack another computer. An attacker may attempt to: “flood” a network and thus redu...

Network interdiction refers to disrupting a network in an attempt to either analyze the network’s vulnerabilities or to undermine a network’s communication capabilities. A vast majority of the works that have studied network interdiction assume a priori knowledge of the network topology. However, such knowledge may not be available in real-time settings. For instance, in practical electronic wa...