BZPEERReading, trust and collaboration for research
Menu

Discover

GraphFollow connections around a paper, topic or saved view.

Workspaces

HomePick up where your research flow left off.InboxHandle requests, replies and notifications from one place.CollectionsCurate reading lists, evidence sets and shareable dossiers.ResearchSee your private provenance graph, trail and imports.CollaborationMove from discovery into focused discussion rooms.PublishDraft, preview and publish full-text research articles.

Network

ExpertsFind specialists worth following or asking for help.CommunitiesJoin research circles organized around shared work.PartnersSee external organizations active around the same topics.

Opportunities

ListingsBrowse roles, calls and collaborations with clearer fit signals.

Account

Log inReturn to your reading and collaboration workspace.Create accountStart saving work, following people and joining teams.
Log inCreate account

Researcher profile

Panos Papadimitratos

Panos Papadimitratos contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate
Cryptography and SecurityNetworking and Internet ArchitectureArtificial Intelligenceeess.SPInformation TheoryMachine Learningmath.IT

Trust snapshot

Quick read

Trust 21 - EmergingVerification L1Unclaimed author
11works
0followers
7topics
4close collaborators

Actions

Decide how to stay connected

Follow researcher0

Identity and collaboration

How to connect with this researcher

Claiming links this public author record to a researcher profile and unlocks direct collaboration workflows.

Log in to claim

Direct collaboration

Open a focused conversation when the fit is right

Claim this author entity first to unlock direct invitations.

Research graph

See the researcher in context

Open full explorer

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

Published work

11 published item(s)

preprint2026arXiv

PAMPOS: Causal Transformer-based Trajectory Prediction for Attack-Agnostic Misbehavior Detection in V2X Networks

Misbehavior detection in Vehicle-to-Everything (V2X) networks is a second line of defense against insider falsification attacks that cryptographic mechanisms alone cannot address. Existing learning-based Misbehavior Detection Schemes (MDSs) are supervised, requiring labeled attack samples at training time, thus failing to counter unseen falsification attacks. We present PAMPOS, a causal transformer-decoder trained on benign VeReMi++ trajectories to learn normal mobility patterns. At inference time, misbehavior is identified as a deviation from the model's next-step kinematic predictions using a top-K normalized anomaly scoring mechanism that localizes falsification to specific kinematic features, without requiring attack-labeled training data. We evaluate PAMPOS across all 19 attack types in VeReMi++ under rush-hour and afternoon scenarios, achieving Area Under the Curve (AUC) values of up to 0.98 and F1-scores of up to 0.95 for most attack categories.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

Digital Twin-based Intrusion Detection for Industrial Control Systems

Digital twins have recently gained significant interest in simulation, optimization, and predictive maintenance of Industrial Control Systems (ICS). Recent studies discuss the possibility of using digital twins for intrusion detection in industrial systems. Accordingly, this study contributes to a digital twin-based security framework for industrial control systems, extending its capabilities for simulation of attacks and defense mechanisms. Four types of process-aware attack scenarios are implemented on a standalone open-source digital twin of an industrial filling plant: command injection, network Denial of Service (DoS), calculated measurement modification, and naive measurement modification. A stacked ensemble classifier is proposed as the real-time intrusion detection, based on the offline evaluation of eight supervised machine learning algorithms. The designed stacked model outperforms previous methods in terms of F1-Score and accuracy, by combining the predictions of various algorithms, while it can detect and classify intrusions in near real-time (0.1 seconds). This study also discusses the practicality and benefits of the proposed digital twin-based security framework.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

Participatory Sensing for Localization of a GNSS Jammer

GNSS receivers are vulnerable to jamming and spoofing attacks, and numerous such incidents have been reported worldwide in the last decade. It is important to detect attacks fast and localize attackers, which can be hard if not impossible without dedicated sensing infrastructure. The notion of participatory sensing, or crowdsensing, is that a large ensemble of voluntary contributors provides the measurements, rather than relying on dedicated sensing infrastructure. This work considers embedded GNSS receivers to provide measurements for participatory jamming detection and localization. Specifically, this work proposes a novel jamming localization algorithm, based on participatory sensing, that exploits AGC and C/N_0 estimates from commercial GNSS receivers. The proposed algorithm does not require knowledge of the jamming power nor of the channels, but automatically estimates all parameters. The algorithm is shown to outperform similar state-of-the-art localization algorithms in relevant scenarios.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

DoS-resilient Cooperative Beacon Verification for Vehicular Communication Systems

Authenticated safety beacons in Vehicular Communication (VC) systems ensure awareness among neighboring vehicles. However, the verification of beacon signatures introduces significant processing overhead for resource-constrained vehicular On-Board Units (OBUs). Even worse in dense neighborhood or when a clogging Denial of Service (DoS) attack is mounted. The OBU would fail to verify for all received (authentic or fictitious) beacons. This could significantly delay the verifications of authentic beacons or even affect the awareness of neighboring vehicle status. In this paper, we propose an efficient cooperative beacon verification scheme leveraging efficient symmetric key based authentication on top of pseudonymous authentication (based on traditional public key cryptography), providing efficient discovery of authentic beacons among a pool of received authentic and fictitious beacons, and can significantly decrease waiting times of beacons in queue before their validations. We show with simulation results that our scheme can guarantee low waiting times for received beacons even in high neighbor density situations and under DoS attacks, under which a traditional scheme would not be workable.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

Proactive Certificate Validation for VANETs

Security and privacy in Vehicular Ad-hoc Networks (VANETs) mandates use of short-lived credentials (pseudonyms) and cryptographic key pairs. This implies significant computational overhead for vehicles, needing to validate often numerous such pseudonyms within a short period. To alleviate such a bottleneck that could even place vehicle safety at risk, we propose a proactive pseudonym validation approach based on Bloom Filters (BFs). We show that our scheme could liberate computational resources for other (safety- and time-critical) operations with reasonable communication overhead without compromising security and privacy.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

Resilient Collaborative Privacy for Location-Based Services

Location-based Services (LBSs) provide valuable services, with convenient features for users. However, the information disclosed through each request harms user privacy. This is a concern particularly with honest-but-curious LBS servers, which could, by collecting requests, track users and infer additional sensitive user data. This is the motivation of both centralized and decentralized location privacy protection schemes for LBSs: anonymizing and obfuscating LBS queries to not disclose exact information, while still getting useful responses. Decentralized schemes overcome the disadvantages of centralized schemes, eliminating anonymizers and enhancing users' control over sensitive information. However, an insecure decentralized system could pose even more serious security threats than privacy leakage. We address exactly this problem, by proposing security enhancements for mobile data sharing systems. We protect user privacy while preserving accountability of user activities, leveraging pseudonymous authentication with mainstream cryptography. Our design leverages architectures proposed for large scale mobile systems, while it incurs minimal changes to LBS servers as it can be deployed in parallel to the LBS servers. This further motivates the adoption of our design, in order to cater to the needs of privacy-sensitive users. We provide an analysis of security and privacy concerns and countermeasures, as well as a performance evaluation of basic protocol operations showing the practicality of our design.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

Resilient Privacy Protection for Location-Based Services through Decentralization

Location-Based Services (LBSs) provide valuable services, with convenient features for mobile users. However, the location and other information disclosed through each query to the LBS erodes user privacy. This is a concern especially because LBS providers can be honest-but-curious, collecting queries and tracking users' whereabouts and infer sensitive user data. This motivated both centralized and decentralized location privacy protection schemes for LBSs: anonymizing and obfuscating LBS queries to not disclose exact information, while still getting useful responses. Decentralized schemes overcome disadvantages of centralized schemes, eliminating anonymizers, and enhancing users' control over sensitive information. However, an insecure decentralized system could create serious risks beyond private information leakage. More so, attacking an improperly designed decentralized LBS privacy protection scheme could be an effective and low-cost step to breach user privacy. We address exactly this problem, by proposing security enhancements for mobile data sharing systems. We protect user privacy while preserving accountability of user activities, leveraging pseudonymous authentication with mainstream cryptography. We show our scheme can be deployed with off-the-shelf devices based on an experimental evaluation of an implementation in a static automotive testbed.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

Scalable & Resilient Vehicle-Centric Certificate Revocation List Distribution in Vehicular Communication Systems

In spite of progress in securing Vehicular Communication (VC) systems, there is no consensus on how to distribute Certificate Revocation Lists (CRLs). The main challenges lie exactly in (i) crafting an efficient and timely distribution of CRLs for numerous anonymous credentials, pseudonyms, (ii) maintaining strong privacy for vehicles prior to revocation events, even with honest-but-curious system entities, (iii) and catering to computation and communication constraints of on-board units with intermittent connectivity to the infrastructure. Relying on peers to distribute the CRLs is a double-edged sword: abusive peers could "pollute" the process, thus degrading the timely CRLs distribution. In this paper, we propose a vehicle-centric solution that addresses all these challenges and thus closes a gap in the literature. Our scheme radically reduces CRL distribution overhead: each vehicle receives CRLs corresponding only to its region of operation and its actual trip duration. Moreover, a "fingerprint" of CRL 'pieces' is attached to a subset of (verifiable) pseudonyms for fast CRL 'piece' validation (while mitigating resource depletion attacks abusing the CRL distribution). Our experimental evaluation shows that our scheme is efficient, scalable, dependable, and practical: with no more than 25 KB/s of traffic load, the latest CRL can be delivered to 95% of the vehicles in a region (15 x 15 KM) within 15s, i.e., more than 40 times faster than the state-of-the-art. Overall, our scheme is a comprehensive solution that complements standards and can catalyze the deployment of secure and privacy-protecting VC systems.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

Security and Privacy in Vehicular Social Networks

We surveyed and presented the state-of-the-art VC systems, security and privacy architectures and technologies, emphasizing on security and privacy challenges and their solutions for P2P interactions in VSNs towards standardization and deployment. We note that beyond safety applications that have drawn a lot of attention in VC systems, there is significant and rising interest in vehicle-to-vehicle interaction for a range of transportation efficiency and infotainment applications, notably LBS as well as a gamut of services by mobile providers. While this enriches the VC systems and the user experience, security and privacy concerns are also intensified. This is especially so, considering (i) the privacy risk from the exposure of the users to the service providers, and (ii) the security risk from the interaction with malicious or selfish and thus misbehaving users or infrastructure. We showed existing solutions can in fact evolve and address the VSN-specific challenges, and improve or even accelerate the adoption of VSN applications.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

Towards Scalable Security in Interference Channels With Arbitrary Number of Users

In this paper, we present an achievable security scheme for an interference channel with arbitrary number of users. In this model, each receiver should be able to decode its intended message while it cannot decode any meaningful information regarding messages intended for other receivers. Our scheme achieves individual secure rates which scale linearly with log(SNR) and achieves sum secure rates which is within constant gap of sum secure capacity. To design the encoders at the transmitters side, we combine nested lattice coding, random i.i.d. codes, and cooperative jamming techniques. Asymmetric compute-and-forward framework is used to perform the decoding operation at the receivers. The novelty of our scheme is that it is the first asymptotically optimal achievable scheme for this security scenario which scales to arbitrary number of users and works for any finite-valued SNR. Also, our scheme achieves the upper bound sum secure degrees of freedom of $1$ without using external helpers.

0 citations0 reviewsNo code linkedOpen access