2026-05-11 | | Total: 11
The current state of the art in the agricultural industry for inter-manufacturer, plug-and-play communications is the ISO 11783 standard series, which mandates the use of 250 Kb/s CAN bus. To support higher data rates, the ISO 23870 series is under development, defining a gigabit automotive Ethernet physical layer for next-generation machine-to-machine communication networks. However, middleware is needed to handle the complexity of the system by providing an additional layer of abstraction. It should address the future needs of the industry such as higher levels of automation, additional data logging, modern data types, quality of service configuration, and best-practice cybersecurity. Data Distribution Service (DDS) is a potential middleware for use in such a network. DDS provides many features not present in the current ISO 11783, it is a standardised protocol for data sharing between distributed applications. This work analyses the extent to which DDS can be used to develop a system which meets the requirements for next-generation communication networking for agricultural machinery. A proof-of-concept design is presented, including a Task Controller and implement and it is shown that the requirements are fulfilled. A new DDI concept is proposed that decomposes the monolithic numeric DDI of ISO 11783 into separate typed Enums for handling group, handling feature, and SI units, enabling more flexible signal definitions. Four security configurations are tested in the proof-of-concept implementation and it is shown that enabling security features has a significant impact on throughput.
The forthcoming deployment of 6G Integrated Sensing and Communication (ISAC) will transform cellular infrastructure into pervasive, continuous environmental and biometric sensing grids. While current telecom standardization efforts (e.g., 3GPP, ETSI) have formally recognized privacy and trustworthiness as critical pillars for 6G, their proposed mitigations remain overwhelmingly technocentric, relying on cryptographic anonymization and physical layer security. This approach critically underestimates the sociotechnical and legal complexities of the downstream machine learning (ML) models required to interpret raw sensing data, creating a profound collision with existing digital rights legislation. This position paper argues that technical security is insufficient. ISAC trustworthiness must be redefined as mandatory regulatory and sociotechnical compliance. We identify the specific legal friction points between continuous ISAC surveillance and the mandates of emerging global digital rights regimes, using the stringent requirements of the EU AI Act and GDPR as our primary regulatory baselines. To bridge this gap, we propose a governance framework centered on three pillars: Purpose-bound sensing activation, citizen transparency mechanisms, and algorithmic accountability for ISAC-driven ML models. Ultimately, this paper provides a regulatory roadmap to prevent the illegal deployment of 6G sensing infrastructures and ensure they remain viable before physical deployment.
The TCP/IP protocol stack uses IP addresses for two distinct roles: identifying hosts and locating their attachment points in the network topology. This dual purpose creates a fundamental tension that has led to routing and forwarding scalability challenges throughout the history of the Internet in unicast packet delivery and, more notably, in multicast delivery. This paper reviews the evolution of routing scalability solutions over the years and makes four observations. First, map-and-encap is a recurring architectural solution shared by all scalable unicast and multicast delivery methods, developed independently across different problem contexts. Second, a new solution tends to succeed when it can bring immediate local gains to early adopters without requiring coordination across administrative domains. Third, network routing and forwarding designs that depend on external factors, such as the number of distinct end sites or even application-specific deliveries, inherently preclude an upper bound on their scalability. Fourth, today's inter-domain routing protocol, BGP, lacks a topological abstraction equivalent to an egress router within a routing domain, thereby inherently preventing a map-and-encap solution for scalability. These observations offer insights into the design of future scalable routing system architectures.
6G networks will require quantum-secure cryptography deployed across core infrastructure, edge nodes, resource-constrained IoT devices. Although post-quantum cryptographic (PQC) algorithms have been standardized by NIST, their practical deployability in bandwidth and latency limited wireless systems remains unclear. This paper presents a practical evaluation of NIST selected PQC schemes, including ML-KEM (Kyber), ML-DSA (Dilithium), and Falcon. Benchmarks conducted with OpenSSL and the OQS provider on heterogeneous platforms show that while computational performance is acceptable, ciphertext and signature size expansion significantly impact handshake reliability and bandwidth efficiency, particularly at the network edge. The results highlight key system-level trade-offs and motivate the need for PQC optimization and deployment-aware design for future quantum-secure 6G networks.
The security of wireless challenge-response Physical Layer Authentication (PLA) based on Orthogonal Frequency Division Multiplexing (OFDM) relies on a sufficiently random fading channel condition, which is commonly assumed in existing studies. However, in practical scenarios, such a condition is not always guaranteed and the responses of OFDM subchannels may exhibit correlation.} Consequently, ensuring the security of such PLA systems remains an unsolved problem. In this paper, we propose a novel adversary model, called Maximum Differential Likelihood Generator (MDLG), which exploits the weak correlation property in practical wireless channel to launch effective attacks against PLA. Based on this model, we create a measurable guideline using randomness testing to decide when we can in fact use PLA in a practical wireless channel condition. Extensive real-world experiments validate the effectiveness of the MDLG attack and demonstrate how the proposed guideline can help protect the security of PLA.
Federated fine-tuning (FFT) has emerged as a privacy-preserving paradigm for collaboratively adapting large language models (LLMs). Built upon federated learning, FFT enables distributed agents to jointly refine a shared pretrained LLM by aggregating local LLM updates without sharing local raw data. However, FFT-based LLMs remain vulnerable to model manipulation threats, in which adversarial participants upload manipulated LLM updates that corrupt the aggregation process and degrade the performance of the global LLM. In this paper, we propose an Augmented Model maniPulation (AugMP) strategy against FFT-based LLMs. Specifically, we design a novel graph representation learning framework that captures feature correlations among benign LLM updates to guide the generation of malicious updates. To enhance manipulation effectiveness and stealthiness, we develop an iterative manipulation algorithm based on an augmented Lagrangian dual formulation. Through this formulation, malicious updates are optimized to embed adversarial objectives while preserving benign-like parameter characteristics. Experimental results across multiple LLM backbones demonstrate that the AugMP strategy achieves the strongest manipulation performance among all competing baselines, reducing the global LLM accuracy by up to 26% and degrading the average accuracy of local LLM agents by up to 22%. Meanwhile, AugMP maintains high statistical and geometric consistency with benign updates, enabling it to evade conventional distance- and similarity-based defense methods.
AI-RAN consolidates AI services and Radio Access Network (RAN) functions onto a unified, GPU-accelerated infrastructure at the network edge. However, compute sharing between real-time RAN functions and highly heterogeneous AI services requires coordination of scheduling decisions at mismatched timescales, and placement adaptation may require service migration across nodes with non-negligible interruptions. This paper proposes a hierarchical agentic framework (HAF) for compute sharing in AI-RAN that combines a large language model (LLM)-based agent for slow-timescale placement of AI services and RAN functions with a closed-form, deadline-aware convex algorithm for fast-timescale GPU/CPU allocation. The LLM agent is further equipped with a predictive critic that filters out migrations when the induced service interruption outweighs the expected service-level objective (SLO) benefit. Experimental results show that HAF reaches 90.0% overall SLO fulfillment, a 20.5% improvement over the strongest baseline, and raises AI service request fulfillment from 51% to 85.3%. Further evaluations show that HAF retains its advantage under diverse load conditions, while the critic consistently improves SLO fulfillment across multiple open-source LLM agents.
The harvest-now, decrypt-later (HNDL) threat--adversaries intercepting and archiving ciphertext today for retrospective decryption once quantum computers mature--turns the future quantum threat into a present liability for the public-key primitives (RSA, Diffie-Hellman, ECC) that anchor modern session-key exchange. We present Aquaman, a transparent-proxy architecture for quantum-resilient session-key establishment. A transparent proxy intercepts session-key requests at the edge of a trusted network without requiring client-side configuration, deploying quantum-resistant capability at the network boundary on behalf of clients that may themselves lack post-quantum cryptography (PQC). Aquaman supports four operating modes: PQC offloaded to the proxy for clients without trusted PQC stacks; classical multi-path key fragmentation over heterogeneous media (with an optional anonymous proxy-pool variant); QKD with the SKIP/ETSI GS QKD 014 key-delivery interface; and classical/PQC hybrid handshakes. We implement and evaluate the first two modes; the latter two are well-trodden in the PQC literature and we discuss but do not implement them. The implemented multi-path mode splits the session key into ciphertext fragments distributed across diverse media (Wi-Fi, Bluetooth, NFC, cellular, Ethernet); reconstruction requires all fragments. We formalize the security argument and prove that recovery probability decays as (B/d)^n in the diversity dimension. A 1,000-run prototype evaluation on AWS EC2 shows that latency is dominated by network transmission, not by multi-path overhead.
We study problems related to connecting multi-interface networks of wireless devices. These problems are modeled using graphs, where vertices represent the devices and edges represent potential communication links. Each vertex can activate multiple interfaces, and a connection between two vertices is established if they share at least one common active interface. We consider two problems arising in multi-interface networks: Coverage and Connectivity. In the Coverage problem, every connection defined in the network must be established, while in the Connectivity problem, groups of terminals specified in the input should be connected. The solution should minimize the maximum cost incurred by a vertex or the total cost incurred by all vertices. In this work we are interested in approximating the former of the two cost criterions. We model both problems using ILPs and we design approximation algorithms based on a randomized rounding of the solution of the linear programming relaxation. For the Coverage problem, this yields an $O(\log m)$-approximation algorithm, which is tight, since the problem generalizes Set-Cover. This improves upon the $O(b\cdot\log n)$-approximation algorithm, where $b$ is a certain graph parameter which can be as large as $Ω(n)$ [Algorithmica '12]. The same relaxation can also be used to get an $k$-approximation algorithm, where $k$ is the number of different interfaces. This generalizes a similar result for the uniform cost case. For the Connectivity problem, we obtain an $O(\log^2 m)$-approximation algorithm, which is the first non-trivial approximation algorithm for this problem. The algorithm is based on a similar LP relaxation with additional cut constraints to ensure connectivity. The rounding procedure is similar to the one for the Coverage problem but requires a more careful analysis to ensure that the connectivity constraints are satisfied.
DNS integrations leverage the discovery, trust, and uniqueness of the global Domain Name System with a linkage to another naming ecosystem, so the DNS name can help identify resources such as a cryptocurrency wallet or software component. While DNS ownership is verified at linkage creation, many ecosystems do not track subsequent DNS changes. The result is zombie linkages, where the DNS ownership has expired or changed, but the mapping to the linked resource persists. We define a threat model for DNS integrations, identifying five classes of attacks that leverage or exploit zombie linkages. We measure zombie occurrence across three DNS integrations -- Web PKI; ENS, a blockchain naming system; and Maven Central, a Java software repository. We show that zombies exist in every ecosystem, but at very different fractions -- zombies make up roughly 3% of TLS certificates for new domains, 24% of ENS on-chain imports, and 15% of Maven Central namespaces. We evaluate how integration design choices affect outcomes, with validate-once integrations (ENS on-chain, Maven Central) accumulating long-lasting zombies, linkages with expiration (Web PKI) limiting damage, while integrations that validate on every use (ENS gasless) are zombie-free by design. We look for specific attacks, finding attacks actively available for exploitation in both Web PKI and Maven Central. Finally, we recommend steps to reduce zombie occurrence.
Misbehavior detection in Vehicle-to-Everything (V2X) networks is a second line of defense against insider falsification attacks that cryptographic mechanisms alone cannot address. Existing learning-based Misbehavior Detection Schemes (MDSs) are supervised, requiring labeled attack samples at training time, thus failing to counter unseen falsification attacks. We present PAMPOS, a causal transformer-decoder trained on benign VeReMi++ trajectories to learn normal mobility patterns. At inference time, misbehavior is identified as a deviation from the model's next-step kinematic predictions using a top-K normalized anomaly scoring mechanism that localizes falsification to specific kinematic features, without requiring attack-labeled training data. We evaluate PAMPOS across all 19 attack types in VeReMi++ under rush-hour and afternoon scenarios, achieving Area Under the Curve (AUC) values of up to 0.98 and F1-scores of up to 0.95 for most attack categories.