convex in c, since the linear combination of the continuous and strictly convex functions pi(ci)xi’s is continuous and strictly convex. Finally, the summation of the two continuous and strictly convex functions is continuous and strictly convex. Remarks: Note that we assume that the defender and the attacker have the same target valuations xi’s. If that does not hold, the objective function as ...

Humans are experts at reading others’ actions in social contexts. They efficiently process others’ movements in real-time to predict intended goals. Here we designed a two-person reaching task to investigate real-time body reading in a naturalistic setting. Two Subjects faced each other separated by a plexiglass screen. One (Attacker) was instructed to tap one of two targets on the screen and t...

Network-based intrusions have become a serious treat to the users of the Internet. To help cover their tracks, attackers launch attacks from a series of previously compromised systems called stepping stones. Timing correlations on incoming and outgoing packets can lead to detection of the stepping stone and can be used to trace the attacker through each link. Existing approaches, however, delib...

1570-8705/$ see front matter 2009 Elsevier B.V doi:10.1016/j.adhoc.2009.07.002 * Corresponding author. Tel.: +1 858 740 4505. E-mail addresses: [email protected], v2 Kim), [email protected] (A. Helmy). Flooding-type Denial-of-Service (DoS) and Distributed DoS (DDoS) attacks can cause serious problems in mobile multi-hop networks due to its limited network/host resources. Attacker traceback...

Attack trees are a well-known formalism for quantitative analysis of cyber attacks consisting of multiple steps and alternative paths. It is possible to derive properties of the overall attacks from properties of individual steps, such as cost for the attacker and probability of success. However, in existing formalisms, such properties are considered independent. For example, investing more in ...

Fault analysis is a powerful attack to stream ciphers. Up to now, the major idea of fault analysis is to simplify the cipher system by injecting some soft faults. We call it soft fault analysis. As a hardware–oriented stream cipher, Trivium is weak under soft fault analysis. In this paper we consider another type of fault analysis of stream cipher, which is to simplify the cipher system by inje...

Profiled side-channel attacks represent the most powerful category of side-channel attacks. In this context, the attacker gains access of a profiling device to build a precise model which is used to attack another device in the attacking phase. Mostly, it is assumed that the attacker has unlimited capabilities in the profiling phase, whereas the attacking phase is very restricted. We step away ...

We consider a two-stage defender-attacker game that takes place on a network, in which the attacker seeks to take control over (or “influence”) as many nodes as possible. The defender acts first in this game by protecting a subset of nodes that cannot be influenced by the attacker. With full knowledge of the defender’s action, the attacker can then influence an initial subset of unprotected nod...

to relinquish its shell, allowing the attacker to evict it by pulling it out through the aperture; or the attacker may give up, and release the defender, without effecting an eviction. If the attacker is successful, it will perform the usual investigatory activities on the vacated shell and decide whether to occupy it permanently. During this process the evicted defender is left without a shell...

The performance of networks can be severely damaging by the use of wireless spoofing networks. Since they can be easily established, the attacker doesn’t find much hassles in destroying these networks. Although the identity of a node can be verified through cryptographic authentication, conventional security approaches are not always desirable because of their overhead requirements. We will use...