This paper models PIN entry as a stochastic communication channel, proposing a probabilistic inference framework to quantify reliability loss and QoS degradation caused by partial information leakage.

The paper introduces BFIAttack, a novel attack that exploits Beamforming Feedback Information (BFI) to reconstruct a user's Channel State Information (CSI), thereby compromising Wi-Fi physical-layer s…

The paper demonstrates that even a casual attacker with basic IT skills can perform sophisticated privacy attacks on smart-home networks, extracting detailed daily routines and personal information fr…

The paper proposes a standardized, zonal architecture and an open-source prototype for a dedicated Cyber Range (CR) specifically designed for comprehensive and repeatable Wi-Fi security training and e…

The paper introduces Devilray, a comprehensive adversarial model that systematically tests the realistic operational space of fake base stations, revealing significant blind spots in existing detectio…

The paper introduces ParDef, a generalized defense mechanism that effectively mitigates various types of parameter attacks on deep neural networks while maintaining high performance.

This paper provides the first comprehensive review of threats and defenses specifically targeting on-device AI inference, revealing a significant imbalance where certain attack types, like adversarial…

The paper analyzes the security and practical deployability of advanced Wi-Fi ranging standards (IEEE 802.11az/bk), concluding that while promising, secure implementation is highly sensitive to config…

This paper surveys information-theoretic approaches to secure Integrated Sensing and Communication (ISAC), providing a comprehensive review of models, security formulations, and fundamental limits.

This paper surveys model forensics in AI-native wireless networks, detailing key security problems and demonstrating practical workflows for verifying model authenticity and detecting malicious functi…

LightGuard introduces a dual-link architecture that uses a physically confined LiFi channel to securely bootstrap cryptographic session keys, thereby mitigating the risk of key exposure inherent in tr…

The paper introduces Constraint-Guided Semantic Testing (ConSeT), a novel framework that systematically finds critical, pre-authentication vulnerabilities in 5G User Equipment (UE) by exploiting seman…

This paper analyzes the security vulnerabilities of emerging pay-for-use Wi-Fi hotspots in rural areas, demonstrating practical attacks like connection hijacking and rogue hotspots.

The Device Context Protocol (DCP) introduces a compact, safety-first communication standard designed to allow LLMs to reliably control resource-constrained physical microcontrollers, significantly imp…

The paper introduces TESLA, a novel, contactless electromagnetic (EM) side-channel attack that exploits inherent EM emanations from capacitive touchscreens to extract highly sensitive user data like P…

SMSI is a novel neuro-symbolic pipeline that automates threat modeling for cyber-physical systems by generating a prioritized list of NIST 800-53 security controls directly from a SysML architecture m…

The paper proposes TimeGuard, a novel channel-wise pool training defense, to significantly improve the robustness of time series forecasting against backdoor attacks by addressing signal dilution and…

The paper proposes DA-GC, a certified causal attribution framework that accurately identifies cross-slice attack origins in 6G networks under strict real-time latency constraints by systematically mod…

This paper provides the first comprehensive threat model for IoT-enabled Controlled Environment Agriculture (CEA) systems, identifying 123 unique threats and proposing a defense-in-depth framework to…

This paper evaluates the security of industrial control systems (ICS) transitioning to 5G communication, finding that while optimal conditions allow for resilience, degraded channel conditions signifi…