This paper evaluates the performance overhead of implementing ChaCha20-Poly1305 encryption on low-cost edge devices, demonstrating that the added latency remains well within the strict requirements of…

This paper identifies and demonstrates eight novel attack scenarios exploiting the ISO 15765-2 transport protocol over CAN, showing that three can successfully induce denial of diagnostic services in…

The paper introduces CAN-QA, a novel question-answering benchmark that reformulates CAN traffic analysis from a classification task to a reasoning task, demonstrating that current LLMs struggle with c…

The paper analyzes the differential properties of the SIMON32 cipher, identifying high-probability differentials to improve the efficiency and depth of cryptanalysis beyond current state-of-the-art me…

This paper proposes and demonstrates a method to secure high-performance RDMA data transfers by implementing AES-128 encryption directly within a programmable network switch, maintaining high throughp…

This paper analyzes MQTT security in IoT, demonstrating critical vulnerabilities like eavesdropping and DoS due to weak encryption and authentication, and proposes mitigation strategies.

The paper proposes HELO, a novel lightweight and hybridized cryptographic system designed to enhance the security of resource-constrained IoT devices during P2P data transmission without sacrificing p…

immUNITY is a system that enhances network security by combining programmable switches and SmartNICs to efficiently detect and mitigate low-volume and slow network attacks.

GETA is a protocol-agnostic framework that analyzes encrypted network traffic using only metadata, achieving state-of-the-art performance across diverse tasks without needing large labeled datasets.

The paper demonstrates that standard homomorphic encryption (HE) schemes are insufficient to guarantee integrity in networked control systems (NCS) against covert attacks, proposing instead a verifiab…

The paper proposes a hardware-efficient compound IC protection mechanism that combines lightweight cryptography with logic locking and hardware obfuscation to secure integrated circuits against variou…

The paper proposes Shaperd, a real-time traffic shaper designed to enhance the resilience of fully encrypted protocols against censorship by allowing users to generate traffic flows with customizable…

The paper introduces BYOT-CPS, a hybrid cyber-physical testbed that bridges the gap between purely simulated and purely physical IoT testing environments, enabling realistic and scalable security asse…

The paper introduces PLM-NIDS, a novel intrusion detection system that models network flows as a language based solely on L3/L4 metadata, successfully detecting attacks by identifying deviations from…

The paper introduces PLM-NIDS, a novel intrusion detection system that models network flows as a language based solely on L3/L4 metadata, successfully detecting attacks by identifying deviations from…

The paper proposes DAIRE, a lightweight AI model, for highly efficient, real-time detection and classification of various cyberattacks targeting the vulnerable Controller Area Network (CAN) in the Int…

This paper evaluates the security of industrial control systems (ICS) transitioning to 5G communication, finding that while optimal conditions allow for resilience, degraded channel conditions signifi…

This paper investigates the vulnerability of machine learning-based fault detection and localization systems in Cyber-Physical Systems (CPS) to backdoor attacks, demonstrating that such attacks are su…

The Device Context Protocol (DCP) introduces a compact, safety-first communication standard designed to allow LLMs to reliably control resource-constrained physical microcontrollers, significantly imp…

WATSON is a novel, efficient shadow stack protection mechanism for embedded systems that utilizes standard hardware data watchpoints to mitigate control-flow hijacking vulnerabilities without relying…