BZPEERReading, trust and collaboration for research
Menu

Discover

GraphFollow connections around a paper, topic or saved view.

Workspaces

HomePick up where your research flow left off.InboxHandle requests, replies and notifications from one place.CollectionsCurate reading lists, evidence sets and shareable dossiers.ResearchSee your private provenance graph, trail and imports.CollaborationMove from discovery into focused discussion rooms.PublishDraft, preview and publish full-text research articles.

Network

ExpertsFind specialists worth following or asking for help.CommunitiesJoin research circles organized around shared work.PartnersSee external organizations active around the same topics.

Opportunities

ListingsBrowse roles, calls and collaborations with clearer fit signals.

Account

Log inReturn to your reading and collaboration workspace.Create accountStart saving work, following people and joining teams.
Log inCreate account

Researcher profile

Rolando Trujillo-Rasua

Rolando Trujillo-Rasua contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate
Cryptography and SecurityDatabasesmath.COSocial and Information Networks

Trust snapshot

Quick read

Trust 21 - EmergingVerification L1Unclaimed author
6works
0followers
4topics
4close collaborators

Actions

Decide how to stay connected

Follow researcher0

Identity and collaboration

How to connect with this researcher

Claiming links this public author record to a researcher profile and unlocks direct collaboration workflows.

Log in to claim

Direct collaboration

Open a focused conversation when the fit is right

Claim this author entity first to unlock direct invitations.

Research graph

See the researcher in context

Open full explorer

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

Published work

6 published item(s)

preprint2026arXiv

A Systematic Security Analysis for Path-based Traceability Systems in RFID-Enabled Supply Chains

Traceability systems have become prevalent in supply chains because of the rapid development of RFID and IoT technologies. These systems facilitate product recall and mitigate problems such as counterfeiting, tampering, and theft by tracking the manufacturing and distribution life-cycle of a product. Therefore, traceability systems are a defense mechanism against supply chain attacks and, consequently, have become a target for attackers to circumvent. For example, a counterfeiter may change the trace of a fake product for the trace of an authentic product, fooling the system into accepting a counterfeit product as legit and thereby giving a false sense of security. This systematic analysis starts with the observation that security requirements in existing traceability solutions are often unstructured or incomplete, leaving critical vulnerabilities unaddressed. We synthesized the properties of current state-of-the-art traceability solutions within a single security framework that allows us to analyze and compare their security claims. Using this framework, we objectively compared the security of $17$ traceability solutions and identified several weaknesses and vulnerabilities. This article reports on these flaws, the methodology we used to identify them, and the first security evaluation of traceability solutions on a large scale.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

Preventing active re-identification attacks on social graphs via sybil subgraph obfuscation

This paper addresses active re-identification attacks in the context of privacy-preserving social graph publication. Active attacks are those where the adversary can leverage fake accounts, a.k.a. sybil nodes, to enforce structural patterns that can be used to re-identify their victims on anonymised graphs. In this paper we present a new probabilistic interpretation of this type of attacks. Unlike previous privacy properties, which model the protection from active adversaries as the task of making victim nodes indistinguishable in terms of their fingerprints with respect to all potential attackers, our new formulation introduces a more complete view, where the attack is countered by jointly preventing the attacker from retrieving the set of sybil nodes, and from using these sybil nodes for re-identifying the victims. Under the new formulation, we show that the privacy property $k$-symmetry, introduced in the context of passive attacks, provides a sufficient condition for the protection against active re-identification attacks leveraging an arbitrary number of sybil nodes. Moreover, we show that the algorithm K-Match, originally devised for efficiently enforcing the related notion of $k$-automorphism, also guarantees $k$-symmetry. Empirical results on several collections of synthetic graphs corroborate that our approach allows, for the first time, to publish anonymised social graphs (with formal privacy guarantees) that effectively resist the strongest active re-identification attack reported in the literature, even when it leverages a large number of sybil nodes.

0 citations0 reviewsNo code linkedOpen access
preprint2015arXiv

Attack Trees with Sequential Conjunction

We provide the first formal foundation of SAND attack trees which are a popular extension of the well-known attack trees. The SAND attack tree formalism increases the expressivity of attack trees by introducing the sequential conjunctive operator SAND. This operator enables the modeling of ordered events. We give a semantics to SAND attack trees by interpreting them as sets of series-parallel graphs and propose a complete axiomatization of this semantics. We define normal forms for SAND attack trees and a term rewriting system which allows identification of semantically equivalent trees. Finally, we formalize how to quantitatively analyze SAND attack trees using attributes.

0 citations0 reviewsNo code linkedOpen access
preprint2015arXiv

Comparing Distance Bounding Protocols: a Critical Mission Supported by Decision Theory

Distance bounding protocols are security countermeasures designed to thwart relay attacks. Such attacks consist in relaying messages exchanged between two parties, making them believe they communicate directly with each other. Although distance bounding protocols have existed since the early nineties, this research topic resurrected with the deployment of contactless systems, against which relay attacks are particularly impactful. Given the impressive number of distance bounding protocols that are designed every year, it becomes urgent to provide researchers and engineers with a methodology to fairly compare the protocols in spite of their various properties. This paper introduces such a methodology based on concepts from the decision making field. The methodology allows for a multi-criteria comparison of distance bounding protocols, thereby identifying the most appropriate protocols once the context is provided. As a side effect, this paper clearly identifies the protocols that should no longer be considered, regardless of the considered scenario.

0 citations0 reviewsNo code linkedOpen access
preprint2015arXiv

k-Metric Antidimension: a Privacy Measure for Social Graphs

Let $G = (V, E)$ be a simple connected graph and $S = \{w_1, \cdots, w_t\} \subseteq V$ an ordered subset of vertices. The metric representation of a vertex $u\in V$ with respect to $S$ is the $t$-vector $r(u|S) = (d_G(u, w_1), \cdots, d_G(u, w_t))$, where $d_G(u, v)$ represents the length of a shortest $u-v$ path in $G$. The set $S$ is called a resolving set for $G$ if $r(u|S) = r(v|S)$ implies $u = v$ for every $u, v \in V$. The smallest cardinality of a resolving set is the metric dimension of $G$. In this article we propose, to the best of our knowledge, a new problem in Graph Theory that resembles to the aforementioned metric dimension problem. We call $S$ a $k$-antiresolving set if $k$ is the largest positive integer such that for every vertex $v \in V-S$ there exist other $k-1$ different vertices $v_1, \cdots, v_{k-1} \in V-S$ with $r(v|S) = r(v_1|S) = \cdots = r(v_{k-1}|S)$, \emph{i.e.}, $v$ and $v_1, \cdots, v_{k-1}$ have the same metric representation with respect to $S$. The $k$-metric antidimension of $G$ is the minimum cardinality among all the $k$-antiresolving sets for $G$. In this article, we introduce a novel privacy measure, named $(k, \ell)$-anonymity and based on the $k$-metric antidimension problem, aimed at evaluating the resistance of social graphs to active attacks. We, therefore, propose a true-biased algorithm for computing the $k$-metric antidimension of random graphs. The success rate of our algorithm, according to empirical results, is above $80 \%$ and $90 \%$ when looking for a $k$-antiresolving basis and a $k$-antiresolving set respectively. We also investigate theoretical properties of the $k$-antiresolving sets and the $k$-metric antidimension of graphs. In particular, we focus on paths, cycles, complete bipartite graphs and trees.

0 citations0 reviewsNo code linkedOpen access
preprint2014arXiv

Complexity of distance fraud attacks in graph-based distance bounding

Distance bounding (DB) emerged as a countermeasure to the so-called \emph{relay attack}, which affects several technologies such as RFID, NFC, Bluetooth, and Ad-hoc networks. A prominent family of DB protocols are those based on graphs, which were introduced in 2010 to resist both mafia and distance frauds. The security analysis in terms of distance fraud is performed by considering an adversary that, given a vertex labeled graph $G = (V, E)$ and a vertex $v \in V$, is able to find the most frequent $n$-long sequence in $G$ starting from $v$ (MFS problem). However, to the best of our knowledge, it is still an open question whether the distance fraud security can be computed considering the aforementioned adversarial model. Our first contribution is a proof that the MFS problem is NP-Hard even when the graph is constrained to meet the requirements of a graph-based DB protocol. Although this result does not invalidate the model, it does suggest that a \emph{too-strong} adversary is perhaps being considered (i.e., in practice, graph-based DB protocols might resist distance fraud better than the security model suggests.) Our second contribution is an algorithm addressing the distance fraud security of the tree-based approach due to Avoine and Tchamkerten. The novel algorithm improves the computational complexity $O(2^{2^n+n})$ of the naive approach to $O(2^{2n}n)$ where $n$ is the number of rounds.

0 citations0 reviewsNo code linkedOpen access