ShieldShare is a novel, non-root Android application that enables secure, VPN-backed hotspot sharing with accurate per-user traffic accounting, addressing limitations in current mobile VPN implementat…

The paper proposes a standardized, zonal architecture and an open-source prototype for a dedicated Cyber Range (CR) specifically designed for comprehensive and repeatable Wi-Fi security training and e…

The paper proposes a RADIUS-based framework to maintain persistent device identity for Network Access Control (NAC) despite modern operating system MAC address randomization, ensuring regulatory compl…

The paper introduces PINSIGHT, a novel methodology that rigorously assesses Wi-Fi PIN code inference attacks by separating environmental effects from typing effects, concluding that current state-of-t…

The paper analyzes the security and practical deployability of advanced Wi-Fi ranging standards (IEEE 802.11az/bk), concluding that while promising, secure implementation is highly sensitive to config…

This study comparatively assessed the usability of passkeys versus passwords for Wi-Fi captive portal authentication, finding that while passkeys were perceived as more usable, captive portal limitati…

The paper addresses the lack of independent measurement tools for modern mobile communication by designing and implementing open-source platforms to study cellular radio networks, operator services, a…

This study analyzed I2P's routing topology and found no significant evidence that peer selection is influenced by geographic location, suggesting highly random global mixing.

This paper proposes a cloud-edge-end collaborative defense framework to secure UAV swarms against various threats like GPS spoofing and multi-hop intrusions, demonstrating its effectiveness through ex…

This study provides the first measurement of authentication security in real-world remote Model Context Protocol (MCP) servers, finding pervasive and critical authentication weaknesses, particularly i…

The paper identifies and demonstrates the existence of a covert sublayer, called the Exclusive Network, within the I2P anonymous network, which allows nodes to host services without being discoverable…

This paper analyzes RPKI specifications, demonstrating that vague or conflicting requirements in dozens of RFCs cause systemic vulnerabilities in real-world implementations, leading to 61 undocumented…

Analyzing 10 days of global internet traffic from a network telescope reveals that a small fraction of source IPs dominate traffic, with a notable focus on exploiting legacy IoT devices via Telnet por…

This paper systematically identifies and demonstrates multiple session manipulation attacks against VPN connection tracking frameworks, revealing widespread vulnerabilities in popular VPN services.

This paper evaluates the security of industrial control systems (ICS) transitioning to 5G communication, finding that while optimal conditions allow for resilience, degraded channel conditions signifi…

This paper provides a comprehensive review of the security vulnerabilities and privacy challenges inherent in the Open Radio Access Network (O-RAN) architecture for the 6G era, systematically categori…

MeshGuard is a framework that extends MUD-based network access control to complex, large-scale Thread IoT networks by adapting the MLE protocol and using SDN for scalable policy enforcement.

This paper presents an open-source 5G testbed for simulating emergency alert spoofing attacks and proposes a cross-cell verification mechanism to detect single-source, potentially fake, warnings.

The paper introduces PriSrv+, an advanced service discovery protocol that significantly enhances privacy, usability, and efficiency in wireless networks through a novel matchmaking encryption scheme c…

FIDEM introduces a standard-compliant framework that uses Zero-Knowledge Proofs to securely bind IoT devices to their Manufacturer Usage Description (MUD) profiles, mitigating risks associated with in…