Harun Oz, Abbas Acar, Ahmet Aris, Güliz Seray Tuncay, Amin Kharraz, Selcuk Uluagac
(In)Security of File Uploads in Node.js Conference Paper
Proceedings of the ACM on Web Conference, 2024.
Abstract | Links | BibTeX | Tags: Web Security
@inproceedings{Oz:2024,
title = {(In)Security of File Uploads in Node.js},
author = {Harun Oz and Abbas Acar and Ahmet Aris and Güliz Seray Tuncay and Amin Kharraz and Selcuk Uluagac},
url = {https://doi.org/10.1145/3589334.3645342
https://research.google/pubs/insecurity-of-file-uploads-in-nodejs/},
year = {2024},
date = {2024-05-13},
urldate = {2024-05-13},
booktitle = {Proceedings of the ACM on Web Conference},
series = {WWW '24},
abstract = {File upload is a critical feature incorporated by a myriad of web applications in an effort to enable users to share and manage their files conveniently. It has been used in many useful services such as file-sharing and social media. While file upload is an essential component of web applications, the lack of rigorous checks on the file name, type, and content of the uploaded files can result in security issues, often referred to as Unrestricted File Upload (UFU). In this study, we analyze the (in)security of popular file upload libraries and real-world applications in the Node.js ecosystem. To automate our analysis, we propose and implement NodeSEC- a tool designed to analyze file upload insecurities in Node.js applications and libraries. NodeSEC generates unique payloads and thoroughly evaluates the application's file upload security against 13 distinct UFU-type attacks. Utilizing NodeSEC, we analyze the most popular file upload libraries and real-world applications in the Node.js ecosystem. Our analysis results reveal that some real-world web applications are vulnerable to UFU attacks and disclose serious security bugs in file upload libraries. As of this writing, we received 19 CVEs and two US-CERT cases for the security issues that we reported. Our findings provide strong evidence that dynamic features of Node.js applications introduce security shortcomings and that web developers should be cautious when implementing file upload features in their applications. Finally, combining our responsible disclosure experience and root cause analysis, we identified the main causes of significant security weaknesses in file uploads in Node.js.},
keywords = {Web Security},
pubstate = {published},
tppubtype = {inproceedings}
}
Derin Cayir, Abbas Acar, Ricardo Lazzeretti, Marco Angelini, Mauro Conti, Selcuk Uluagac
Augmenting Security and Privacy in the Virtual Realm: An Analysis of Extended Reality Devices Journal Article
IEEE Security & Privacy Magazine, 2024.
Abstract | Links | BibTeX | Tags: AR/VR/XR Security/Privacy
@article{CayirSoKARVR,
title = {Augmenting Security and Privacy in the Virtual Realm: An Analysis of Extended Reality Devices},
author = {Derin Cayir and Abbas Acar and Ricardo Lazzeretti and Marco Angelini and Mauro Conti and Selcuk Uluagac},
url = {https://www.computer.org/csdl/magazine/sp/5555/01/10339392/1SBLbYamDfi
https://github.com/cslfiu/Augmenting_Security_and_Privacy_in_the_Virtual_Realm-Methodology
https://csl.fiu.edu/wp-content/uploads/2024/02/Derin_SOK_Augmenting-1.pdf},
year = {2024},
date = {2024-01-10},
urldate = {2024-01-10},
booktitle = {IEEE Security & Privacy Magazine},
journal = {IEEE Security & Privacy Magazine},
abstract = {We present a device-centric analysis of security and privacy attacks and defenses on extended reality (XR) devices. We present future research directions and propose design considerations to help ensure the security and privacy of XR devices.
},
keywords = {AR/VR/XR Security/Privacy},
pubstate = {published},
tppubtype = {article}
}
Abbas Acar, Güliz Seray Tuncay, Esteban Luques, Harun Oz, Ahmet Aris, Selcuk Uluagac
50 Shades of Support: A Device-Centric Analysis of Android Security Updates Conference Paper
In the Proceedings of the 31st Network and Distributed System Security Symposium (NDSS), 2024.
Abstract | Links | BibTeX | Tags: Android Security, Mobile Security
@conference{acar2024fifty,
title = {50 Shades of Support: A Device-Centric Analysis of Android Security Updates},
author = {Abbas Acar and Güliz Seray Tuncay and Esteban Luques and Harun Oz and Ahmet Aris and Selcuk Uluagac},
url = {https://research.google/pubs/50-shades-of-support-a-device-centric-analysis-of-android-security-updates/},
year = {2024},
date = {2024-01-01},
urldate = {2024-01-01},
booktitle = {In the Proceedings of the 31st Network and Distributed System Security Symposium (NDSS)},
abstract = {Android is by far the most popular OS with over three billion active mobile devices. As in any software, uncovering vulnerabilities on Android devices and applying timely patches are both critical. Android Open Source Project (AOSP) has initiated efforts to improve the traceability of security updates through Security Patch Levels (SPLs) assigned to devices. While this initiative provided better traceability for the vulnerabilities, it has not entirely resolved the issues related to the timeliness and availability of security updates for end users. Recent studies on Android security updates have focused on the issue of delay during the security update roll-out, largely attributing this to factors related to fragmentation. However, these studies fail to capture the entire Android ecosystem as they primarily examine flagship devices or do not paint a comprehensive picture of the Android devices’ lifecycle due to the datasets spanning over a short timeframe. To address this gap in the literature, we utilize a device-centric approach to analyze the security update behavior of Android devices. Our approach aims to understand the security update distribution behavior of OEMs (e.g., Samsung) by using a representative set of devices from each OEM and characterize the complete lifecycle of an average Android device. We obtained 367K official security update records from public sources, span- ning from 2014 to 2023. Our dataset contains 599 unique devices from four major OEMs that are used in 97 countries and are associated with 109 carriers. We identify significant differences in the roll-out of security updates across different OEMs, device models/types, and geographical regions across the world. Our findings show that the reasons for the delay in the roll-out of security updates are not limited to fragmentation but also involve OEM-specific factors. Our analysis also uncovers certain key issues that can be readily addressed as well as exemplary practices that can be immediately adopted by OEMs in practice.},
keywords = {Android Security, Mobile Security },
pubstate = {published},
tppubtype = {conference}
}
Nazli Tekin, Ahmet Aris, Abbas Acar, Selcuk Uluagac, Vehbi Cagri Gungor
A review of on-device machine learning for IoT: An energy perspective Journal Article
Elsevier Ad Hoc Networks Journal, 2024.
Abstract | Links | BibTeX | Tags: IoT Security
@article{TEKIN2024103348,
title = {A review of on-device machine learning for IoT: An energy perspective},
author = {Nazli Tekin and Ahmet Aris and Abbas Acar and Selcuk Uluagac and Vehbi Cagri Gungor},
url = {https://www.sciencedirect.com/science/article/pii/S1570870523002688},
year = {2024},
date = {2024-01-01},
urldate = {2024-01-01},
journal = { Elsevier Ad Hoc Networks Journal},
abstract = {Recently, there has been a substantial interest in on-device Machine Learning (ML) models to provide intelligence for the Internet of Things (IoT) applications such as image classification, human activity recognition, and anomaly detection. Traditionally, ML models are deployed in the cloud or centralized servers to take advantage of their abundant computational resources. However, sharing data with the cloud and third parties degrades privacy and may cause propagation delay in the network due to a large amount of transmitted data impacting the performance of real-time applications. To this end, deploying ML models on-device (i.e., on IoT devices), in which data does not need to be transmitted, becomes imperative. However, deploying and running ML models on already resource-constrained IoT devices is challenging and requires intense energy consumption. Numerous works have been proposed in the literature to address this issue. Although there are considerable works that discuss energy-aware ML approaches for on-device implementation, there remains a gap in the literature on a comprehensive review of this subject. In this paper, we provide a review of existing studies focusing on-device ML models for IoT applications in terms of energy consumption. One of the key contributions of this study is to introduce a taxonomy to define approaches for employing energy-aware on-device ML models on IoT devices in the literature. Based on our review in this paper, our key findings are provided and the open issues that can be investigated further by other researchers are discussed. We believe that this study will be a reference for practitioners and researchers who want to employ energy-aware on-device ML models for IoT applications.},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {article}
}
Tayebeh Rajabi, Alvi Ataur Khalil, Mohammad Hossein Manshaei, Mohammad Ashiqur Rahman, Mohammad Dakhilalian, Maurice Ngouen, Murtuza Jadliwala, A. Selcuk Uluagac
Feasibility Analysis for Sybil Attacks in Shard-Based Permissionless Blockchains Journal Article
ACM Distributed Ledger Technologies: Research and Practice Journal, 2023.
Abstract | Links | BibTeX | Tags: Blockchain Security, Network Security, Smart Home Security
@article{Tayabeh2023,
title = {Feasibility Analysis for Sybil Attacks in Shard-Based Permissionless Blockchains},
author = {Tayebeh Rajabi and Alvi Ataur Khalil and Mohammad Hossein Manshaei and Mohammad Ashiqur Rahman and Mohammad Dakhilalian and Maurice Ngouen and Murtuza Jadliwala and A. Selcuk Uluagac},
url = {https://doi.org/10.1145/3618302},
doi = {10.1145/3618302},
year = {2023},
date = {2023-12-01},
urldate = {2023-12-01},
journal = {ACM Distributed Ledger Technologies: Research and Practice Journal},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
abstract = {Committee-based permissionless blockchain approaches overcome single leader consensus protocols’ scalability issues by partitioning the outstanding transaction set into shards and selecting multiple committees to process these transactions in parallel. However, by design, shard-based blockchain solutions are vulnerable to Sybil attacks. An adversary with enough computational/hash power can easily manipulate the consensus protocol by generating multiple valid node identifiers/IDs (i.e., multiple Sybil committee members).Despite the straightforward nature of these attacks, they have not been systematically investigated. This article fills this research gap by analyzing Sybil attacks in shard-based consensus of proof-of-work blockchain systems. Specifically, we provide a detailed analysis for Elastico, one of the prominent shard-based blockchain models. We show that the proof-of-work technique used for ID generation in the initial phase of such protocols is vulnerable to Sybil attacks when an adversary (could be a group of colluding nodes) possesses enough hash power. We analytically derive conditions for two different Sybil attacks and perform numerical simulations to validate our theoretical results under various parameters. Further, we utilize the BlockSim simulator to validate our mathematical computation, and results confirm the correctness of the analysis.},
keywords = {Blockchain Security, Network Security, Smart Home Security},
pubstate = {published},
tppubtype = {article}
}
Harun Oz, Ahmet Aris, Abbas Acar, Güliz Seray Tuncay, Leonardo Babun, Selcuk Uluagac
RøB: Ransomware over Modern Web Browsers Conference Paper
In the Proceedings of the 32nd USENIX Security Symposium, 2023.
Abstract | Links | BibTeX | Tags: Malware, Ransomware, Web Security
@conference{OZRans2023,
title = {RøB: Ransomware over Modern Web Browsers},
author = {Harun Oz and Ahmet Aris and Abbas Acar and Güliz Seray Tuncay and Leonardo Babun and Selcuk Uluagac},
url = {https://www.usenix.org/conference/usenixsecurity23/presentation/oz
https://www.youtube.com/watch?v=MUVNz6p3_jk
https://research.google/pubs/r%C3%B8b-ransomware-over-modern-web-browsers/},
year = {2023},
date = {2023-08-01},
urldate = {2023-08-01},
booktitle = {In the Proceedings of the 32nd USENIX Security Symposium},
abstract = {File System Access (FSA) API enables web applications to interact with files on the users' local devices. Even though it can be used to develop rich web applications, it greatly extends the attack surface, which can be abused by adversaries to cause significant harm. In this paper, for the first time in the literature, we extensively study this new attack vector that can be used to develop a powerful new ransomware strain over a browser. Using the FSA API and WebAssembly technology, we demonstrate this novel browser-based ransomware called RøB as a malicious web application that encrypts the user's files from the browser. We use RøB to perform impact analysis with different OSs, local directories, and antivirus solutions as well as to develop mitigation techniques against it. Our evaluations show that RøB can encrypt the victim's local files including cloud-integrated directories, external storage devices, and network-shared folders regardless of the access limitations imposed by the API. Moreover, we evaluate and show how the existing defense solutions fall short against RøB in terms of their feasibility. We propose three potential defense solutions to mitigate this new attack vector. These solutions operate at different levels (i.e., browser-level, file-system-level, and user-level) and are orthogonal to each other. Our work strives to raise awareness of the dangers of RøB-like browser-based ransomware strains and shows that the emerging API documentation (i.e., the popular FSA) can be equivocal in terms of reflecting the extent of the threat.},
keywords = {Malware, Ransomware, Web Security},
pubstate = {published},
tppubtype = {conference}
}
Oscar G. Bautista, Mohammad Hossein Manshaei, Richard Hernandez, Kemal Akkaya, Soamar Homsi, Selcuk Uluagac
MPC-ABC: Blockchain-Based Network Communication for Efficiently Secure Multiparty Computation Journal Article
Springer Journal of Network and Systems Management Journal, 2023.
Abstract | Links | BibTeX | Tags: Secure Multipart Computation
@article{OscarSecure2023,
title = {MPC-ABC: Blockchain-Based Network Communication for Efficiently Secure Multiparty Computation},
author = {Oscar G. Bautista and Mohammad Hossein Manshaei and Richard Hernandez and Kemal Akkaya and Soamar Homsi and Selcuk Uluagac},
url = {https://doi.org/10.1007/s10922-023-09739-y},
year = {2023},
date = {2023-07-01},
urldate = {2023-07-01},
journal = {Springer Journal of Network and Systems Management Journal},
publisher = {Plenum Press},
address = {USA},
abstract = {Secure Multiparty Computation (MPC) offers privacy-preserving computation that could be critical in many health and finance applications. Specifically, two or more parties jointly compute a function on private inputs by following a protocol executed in rounds. The MPC network typically consists of direct peer-to-peer (P2P) connections among parties. However, this significantly increases the computation time as parties need to wait for messages from each other, thus making network communication a bottleneck. Most recent works tried to address the communication efficiency by focusing on optimizing the MPC protocol rather than the underlying network topologies and protocols. In this paper, we propose the MPC over Algorand Blockchain (MPC-ABC) protocol that packs messages into Algorand transactions and utilizes its fast gossip protocol to transmit them efficiently among MPC parties. Our approach, therefore},
keywords = {Secure Multipart Computation},
pubstate = {published},
tppubtype = {article}
}
N. Haque, M. Ngouen, M. Rahman, S. Uluagac, L. Njilla
SHATTER: Control and Defense-Aware Attack Analytics for Activity-Driven Smart Home Systems Conference Paper
In the Proceedings of the 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2023.
Abstract | Links | BibTeX | Tags: Cryptojacking, Smart Home Security
@conference{Haque2023,
title = {SHATTER: Control and Defense-Aware Attack Analytics for Activity-Driven Smart Home Systems},
author = {N. Haque and M. Ngouen and M. Rahman and S. Uluagac and L. Njilla},
url = {https://doi.ieeecomputersociety.org/10.1109/DSN58367.2023.00015},
year = {2023},
date = {2023-06-01},
urldate = {2023-06-01},
booktitle = {In the Proceedings of the 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)},
abstract = {Modern smart home control systems utilize realtime occupancy and activity monitoring to ensure control efficiency, occupants' comfort, and optimal energy consumption. Moreover, adopting machine learning-based anomaly detection models (ADMs) enhances security and reliability. However, sufficient system knowledge allows adversaries/attackers to alter sensor measurements through stealthy false data injection (FDI) attacks. Although ADMs limit attack scopes, the availability of information like occupants' location, conducted activities, and alteration capability of smart appliances increase the attack surface. Therefore, performing an attack space analysis of modern home control systems is crucial to design robust defense solutions. However, state-of-the-art analyzers do not consider contemporary control and defense solutions and generate trivial attack vectors. To address this, we propose a control and defense-aware novel attack analysis framework for a modern smart home control system, efficiently extracting ADM rules. We verify and validate our framework using a state-of-the-art dataset and a prototype testbed.},
keywords = {Cryptojacking, Smart Home Security},
pubstate = {published},
tppubtype = {conference}
}
Luis Puche Rondon, Leonardo Babun, Ahmet Aris, Kemal Akkaya, A. Selcuk Uluagac
LGuard: Securing Enterprise-IoT Systems against Serial-Based Attacks via Proprietary Communication Buses Journal Article
ACM Digital Threats: Research and Practice Journal, 2023.
Abstract | Links | BibTeX | Tags: Enterprise Security, IoT Security
@article{PucheIoT,
title = {LGuard: Securing Enterprise-IoT Systems against Serial-Based Attacks via Proprietary Communication Buses},
author = {Luis Puche Rondon and Leonardo Babun and Ahmet Aris and Kemal Akkaya and A. Selcuk Uluagac},
url = {https://doi.org/10.1145/3555721},
year = {2023},
date = {2023-03-01},
urldate = {2023-03-01},
journal = {ACM Digital Threats: Research and Practice Journal},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
abstract = {Enterprise Internet of Things (E-IoT) systems allow users to control audio, video, scheduled events, lightning fixtures, door access, and relays in complex smart installations. These systems are widely used in government or smart private offices, smart buildings/homes, conference rooms, schools, hotels, and similar professional settings. However, even with their widespread use, the security of many E-IoT systems and components has not been researched in the literature. To address this research gap, we focus on E-IoT communication buses, one of the core components used to connect E-IoT devices, and introduce LightningStrike attacks that demonstrate several weaknesses with E-IoT proprietary communication protocols used in E-IoT communication buses. Specifically, we show that popular E-IoT proprietary communication protocols are susceptible to Denial-of-Service (DoS), eavesdropping, impersonation, and replay attacks. As such threats cannot be mitigated through traditional defense mechanisms due to the limitations posed by E-IoT, we propose LGuard, a defense system to protect E-IoT systems against the attacks over communication buses. LGuard uses closed-circuit television footage and computer vision techniques to detect replay attacks. For impersonation and DoS attacks, LGuard utilizes traffic analysis. Finally, LGuard obfuscates the E-IoT traffic via inserting redundant traffic to the bus against eavesdropping attacks. We evaluated the performance of LGuard in a realistic E-IoT deployment, and our detailed evaluations show that LGuard achieves an overall accuracy and precision of 99% in detecting DoS, impersonation, and replay attacks while effectively increasing the difficulty of extracting valuable information for eavesdroppers. In addition, LGuard does not incur any operational overhead or modification to the existing E-IoT system.},
keywords = {Enterprise Security, IoT Security},
pubstate = {published},
tppubtype = {article}
}
Ehsan Nowroozi, Mohammadreza Mohammadi, Pargol Golmohammadi, Yassine Mekdad, Mauro Conti, A. Selcuk Uluagac
Resisting Deep Learning Models Against Adversarial Attack Transferability Via Feature Randomization Journal Article
IEEE Transactions on Services Computing Journal, 2023.
Abstract | Links | BibTeX | Tags: Adverserial Machine Learning, Machine Learning Security
@article{Ehsan2023ML,
title = {Resisting Deep Learning Models Against Adversarial Attack Transferability Via Feature Randomization},
author = {Ehsan Nowroozi and Mohammadreza Mohammadi and Pargol Golmohammadi and Yassine Mekdad and Mauro Conti and A. Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10315205},
year = {2023},
date = {2023-01-01},
urldate = {2023-01-01},
journal = {IEEE Transactions on Services Computing Journal},
abstract = {In the past decades, the rise of artificial intelligence has given us the capabilities to solve the most challenging problems in our day-to-day lives, such as cancer prediction and autonomous navigation. However, these applications might not be reliable if not secured against adversarial attacks. In addition, recent works demonstrated that some adversarial examples are transferable across different models. Therefore, it is crucial to avoid such transferability via robust models that resist adversarial manipulations. In this paper, we propose a feature randomization-based approach that resists eight adversarial attacks targeting deep learning models in the testing phase. Our novel approach consists of changing the training strategy in the target network classifier and selecting random feature samples. We consider the attacker with a Limited-Knowledge and Semi-Knowledge conditions to undertake the most prevalent types of adversarial attacks. We evaluate the robustness of our approach using the well-known UNSW-NB15 datasets that include realistic and synthetic attacks. Afterward, we demonstrate that our strategy outperforms the existing state-of-the-art approach, such as the Most Powerful Attack, which consists of fine-tuning the network model against specific adversarial attacks. Further, we demonstrate the practicality of our approach using the VIPPrint dataset through a comprehensive set of experiments. Finally, our experimental results show that our methodology can secure the target network and resists adversarial attack transferability by over 60%.},
keywords = {Adverserial Machine Learning, Machine Learning Security},
pubstate = {published},
tppubtype = {article}
}
Yassine Mekdad, Ahmet Aris, Leonardo Babun, Abdeslam El Fergougui, Mauro Conti, Riccardo Lazzeretti, A. Selcuk Uluagac
A survey on security and privacy issues of UAVs Journal Article
Elsevier Computer Networks Journal, 2023.
Abstract | Links | BibTeX | Tags: UAV Security
@article{MekdadUAV2023,
title = {A survey on security and privacy issues of UAVs},
author = {Yassine Mekdad and Ahmet Aris and Leonardo Babun and Abdeslam El Fergougui and Mauro Conti and Riccardo Lazzeretti and A. Selcuk Uluagac},
url = {https://www.sciencedirect.com/science/article/pii/S1389128623000713},
year = {2023},
date = {2023-01-01},
urldate = {2023-01-01},
journal = {Elsevier Computer Networks Journal},
abstract = {In the 21st century, the industry of drones, also known as Unmanned Aerial Vehicles (UAVs), has witnessed a rapid increase with its large number of airspace users. The tremendous benefits of this technology in civilian applications such as hostage rescue and parcel delivery will integrate smart cities in the future. Nowadays, the affordability of commercial drones expands their usage on a large scale. However, the development of drone technology is associated with vulnerabilities and threats due to the lack of efficient security implementations. Moreover, the complexity of UAVs in software and hardware triggers potential security and privacy issues. Thus, posing significant challenges for the industry, academia, and governments.
In this paper, we extensively survey the security and privacy issues of UAVs by providing a systematic classification at four levels: Hardware-level, Software-level, Communication-level, and Sensor-level. In particular, for each level, we thoroughly investigate (1) common vulnerabilities affecting UAVs for potential attacks from malicious actors, (2) existing threats that are jeopardizing the civilian application of UAVs, (3) active and passive attacks performed by the adversaries to compromise the security and privacy of UAVs, (4) possible countermeasures and mitigation techniques to protect UAVs from such malicious activities. In addition, we summarize the takeaways that highlight lessons learned about UAVs’ security and privacy issues. Finally, we conclude our survey by presenting the critical pitfalls and suggesting promising future research directions for security and privacy of UAVs.},
keywords = {UAV Security},
pubstate = {published},
tppubtype = {article}
}
In this paper, we extensively survey the security and privacy issues of UAVs by providing a systematic classification at four levels: Hardware-level, Software-level, Communication-level, and Sensor-level. In particular, for each level, we thoroughly investigate (1) common vulnerabilities affecting UAVs for potential attacks from malicious actors, (2) existing threats that are jeopardizing the civilian application of UAVs, (3) active and passive attacks performed by the adversaries to compromise the security and privacy of UAVs, (4) possible countermeasures and mitigation techniques to protect UAVs from such malicious activities. In addition, we summarize the takeaways that highlight lessons learned about UAVs’ security and privacy issues. Finally, we conclude our survey by presenting the critical pitfalls and suggesting promising future research directions for security and privacy of UAVs.
Yassine Mekdad, Ahmet Arış, Abbas Acar, Mauro Conti, Riccardo Lazzeretti, Abdeslam El Fergougui, Selcuk Uluagac
A comprehensive security and performance assessment of UAV authentication schemes Journal Article
Wiley Security and Privacy Journal, 2023.
Abstract | Links | BibTeX | Tags: Authentication
@article{mekdadCompAUV2022,
title = {A comprehensive security and performance assessment of UAV authentication schemes},
author = {Yassine Mekdad and Ahmet Arış and Abbas Acar and Mauro Conti and Riccardo Lazzeretti and Abdeslam El Fergougui and Selcuk Uluagac},
url = {https://onlinelibrary.wiley.com/doi/abs/10.1002/spy2.338},
year = {2023},
date = {2023-01-01},
urldate = {2023-01-01},
journal = {Wiley Security and Privacy Journal},
abstract = {In the past few years, unmanned aerial vehicles (UAVs) have significantly gained attention and popularity from industry, government, and academia. With their rapid development and deployment into the civilian airspace, UAVs play an important role in different applications, including goods delivery, search-and-rescue, and traffic monitoring. Therefore, providing secure communication through authentication models for UAVs is necessary for a successful and reliable flight mission. To satisfy such requirements, numerous authentication mechanisms have been proposed in the literature. However, the literature lacks a comprehensive study evaluating the security and performance of these solutions. In this article, we analyze the security and performance of 27 recent UAV authentication works by considering ten different key metrics. First, in the performance analysis, we show that the majority of UAV authentication schemes are lightweight in their communication cost. However, the storage overhead or the energy consumption is not reported by many authentication studies. Then, we reveal in the security analysis the widely employed formal models (i.e., abstract description of an authentication protocol through a mathematical model), while most of the studies lack coverage of many attacks that can target UAV systems. Afterwards, we highlight the challenges that need to be addressed in order to design and implement secure and reliable UAV authentication schemes. Finally, we summarize the lessons learned on the authentication strategies for UAVs to motivate promising direction for further research.},
keywords = {Authentication},
pubstate = {published},
tppubtype = {article}
}
Nazli Tekin, Abbas Acar, Ahmet Aris, A. Selcuk Uluagac, Vehbi Cagri Gungor
Energy consumption of on-device machine learning models for IoT intrusion detection Journal Article
Elsevier Internet of Things Journal, 2023.
Abstract | Links | BibTeX | Tags: IoT Security, Machine Learning Security
@article{TekinEnergyConsumption,
title = {Energy consumption of on-device machine learning models for IoT intrusion detection},
author = {Nazli Tekin and Abbas Acar and Ahmet Aris and A. Selcuk Uluagac and Vehbi Cagri Gungor},
url = {https://www.sciencedirect.com/science/article/pii/S2542660522001512},
year = {2023},
date = {2023-01-01},
urldate = {2023-01-01},
journal = {Elsevier Internet of Things Journal},
abstract = {Recently, Smart Home Systems (SHSs) have gained enormous popularity with the rapid
development of the Internet of Things (IoT) technologies. Besides offering many tangible
benefits, SHSs are vulnerable to attacks that lead to security and privacy concerns for SHS
users. Machine learning (ML)-based Intrusion Detection Systems (IDS) are proposed to address
such concerns. Conventionally, ML models are trained and tested on computationally powerful
platforms such as cloud services. Nevertheless, the data shared with the cloud is vulnerable to
privacy attacks and causes latency, which decreases the performance of real-time applications
like intrusion detection systems. Therefore, on-device ML models, in which the user data is kept
locally, have emerged as promising solutions to ensure the security and privacy of the data for
real-time applications. However, performing ML tasks requires high energy consumption. To
the best of our knowledge, no study has been conducted to analyze the energy consumption
of ML-based IDS. Therefore, in this paper, we perform a comparative analysis of on-device
ML algorithms in terms of energy consumption for IoT intrusion detection applications. For
a thorough analysis, we study the training and inference phases separately. For training, we
compare the cloud computing-based ML, edge computing-based ML, and IoT device-based ML
approaches. For the inference, we evaluate the TinyML approach to run the ML algorithms on
tiny IoT devices such as Micro Controller Units (MCUs). Comparative performance evaluations
show that deploying the Decision Tree (DT) algorithm on-device gives better results in terms
of training time, inference time, and power consumption.},
keywords = {IoT Security, Machine Learning Security},
pubstate = {published},
tppubtype = {article}
}
development of the Internet of Things (IoT) technologies. Besides offering many tangible
benefits, SHSs are vulnerable to attacks that lead to security and privacy concerns for SHS
users. Machine learning (ML)-based Intrusion Detection Systems (IDS) are proposed to address
such concerns. Conventionally, ML models are trained and tested on computationally powerful
platforms such as cloud services. Nevertheless, the data shared with the cloud is vulnerable to
privacy attacks and causes latency, which decreases the performance of real-time applications
like intrusion detection systems. Therefore, on-device ML models, in which the user data is kept
locally, have emerged as promising solutions to ensure the security and privacy of the data for
real-time applications. However, performing ML tasks requires high energy consumption. To
the best of our knowledge, no study has been conducted to analyze the energy consumption
of ML-based IDS. Therefore, in this paper, we perform a comparative analysis of on-device
ML algorithms in terms of energy consumption for IoT intrusion detection applications. For
a thorough analysis, we study the training and inference phases separately. For training, we
compare the cloud computing-based ML, edge computing-based ML, and IoT device-based ML
approaches. For the inference, we evaluate the TinyML approach to run the ML algorithms on
tiny IoT devices such as Micro Controller Units (MCUs). Comparative performance evaluations
show that deploying the Decision Tree (DT) algorithm on-device gives better results in terms
of training time, inference time, and power consumption.
Luis Puche Rondon, Leonardo Babun, Ahmet Aris, Kemal Akkaya, Selcuk Uluagac
Ivycide: Smart Intrusion Detection System Against E-IoT Driver Threats Journal Article
IEEE Internet of Things Journal, 2023.
Abstract | Links | BibTeX | Tags: Enterprise Security, IoT Security
@article{LuisiVYCIDE,
title = {Ivycide: Smart Intrusion Detection System Against E-IoT Driver Threats},
author = {Luis Puche Rondon and Leonardo Babun and Ahmet Aris and Kemal Akkaya and Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/document/9849838},
year = {2023},
date = {2023-01-01},
urldate = {2023-01-01},
journal = {IEEE Internet of Things Journal},
abstract = {The rise of Internet of Things (IoT) devices has led to the proliferation of smart environments worldwide. Although commodity IoT devices are employed by ordinary end users, complex environments, such as smart buildings, government, or private offices, or conference rooms require customized and highly reliable IoT solutions. Enterprise IoT (E-IoT) connect such environments to the Internet and are professionally managed solutions usually offered by dedicated vendors As E-IoT systems require specialized training, closed-source software, and proprietary equipment to deploy. In effect, E-IoT systems present an unprecedented, under-researched, and unexplored threat vector for an attacker. In this work, we focus on E-IoT drivers, software modules used to integrate devices into E-IoT systems, as an attack mechanism. We first present PoisonIvy, a series of generalized proof-of-concept attacks used to demonstrate that an attacker can use a malicious driver to perform denial-of-service attacks, gain remote control, and abuse E-IoT system resources. To defend against E-IoT driver-based threats, we introduce Ivycide, a novel intrusion detection system used to detect unexpected E-IoT network traffic from an E-IoT system. Ivycide operates as a passive monitoring system within an E-IoT system using machine learning and signature-based classification to detect Poisonivy attacks. We evaluated the performance of Ivycide in a realistic E-IoT deployment. Our detailed evaluation results show that Ivycide achieves an average accuracy of 97% in classifying the type of Poisonivy attack and operates without modifications or operational overhead to the existing E-IoT systems.},
keywords = {Enterprise Security, IoT Security},
pubstate = {published},
tppubtype = {article}
}
Javier R Franco, Ahmet Aris, Leonardo Babun, Selcuk Uluagac
S-Pot: A Smart Honeypot Framework with Dynamic Rule Configuration for SDN Conference Paper
In the Proceedings of the 37th IEEE Global Communications Conference (GLOBECOM), Rio de Janeiro, Brazil, 2022.
Abstract | Links | BibTeX | Tags: Honeypot/Honeynet, SDN Security
@conference{franco2022s-pot,
title = {S-Pot: A Smart Honeypot Framework with Dynamic Rule Configuration for SDN},
author = {Javier R Franco and Ahmet Aris and Leonardo Babun and Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/10000682/},
year = {2022},
date = {2022-12-01},
urldate = {2022-12-01},
booktitle = {In the Proceedings of the 37th IEEE Global Communications Conference (GLOBECOM)},
address = {Rio de Janeiro, Brazil},
abstract = {Enterprise networks are becoming increasingly heterogeneous where enterprise devices and IoT devices coexist, requiring tools for effective management and security. Software Defined Networking (SDN) has emerged in response to such needs of modern networks. SDN lacks adequate security features and Intrusion Detection and Protection Systems (IDPS) have been used to protect SDN from attacks. However, they have limited knowledge of zero day attacks. Machine Learning (ML) has become a valuable tool against these limitations and improve (SDN) network security. However, the solutions that solely rely on ML can struggle to discriminate benign traffic from malicious, and suffer from false negatives. To solve these problems and improve security of SDN-based enterprise networks, we propose S-Pot, an open-source smart honeypot framework. S-Pot uses enterprise and IoT honeypots to attract attackers},
keywords = {Honeypot/Honeynet, SDN Security},
pubstate = {published},
tppubtype = {conference}
}
Harun Oz, Ahmet Aris, Albert Levi, A. Selcuk Uluagac
A Survey on Ransomware: Evolution, Taxonomy, and Defense Solutions Journal Article
ACM Computing Surveys (CSUR), 2022.
Abstract | Links | BibTeX | Tags: Malware, Ransomware
@article{OzSurveyRansomware,
title = {A Survey on Ransomware: Evolution, Taxonomy, and Defense Solutions},
author = {Harun Oz and Ahmet Aris and Albert Levi and A. Selcuk Uluagac},
url = {https://doi.org/10.1145/3514229},
year = {2022},
date = {2022-09-01},
urldate = {2022-09-01},
journal = {ACM Computing Surveys (CSUR)},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
abstract = {In recent years, ransomware has been one of the most notorious malware targeting end-users, governments, and business organizations. It has become a very profitable business for cybercriminals with revenues of millions of dollars, and a very serious threat to organizations with financial losses of billions of dollars. Numerous studies were proposed to address the ransomware threat, including surveys that cover certain aspects of ransomware research. However, no study exists in the literature that gives the complete picture on ransomware and ransomware defense research with respect to the diversity of targeted platforms. Since ransomware is already prevalent in PCs/workstations/desktops/laptops, and is becoming more prevalent in mobile devices, and has already hit IoT/CPS recently, and will likely grow further in the IoT/CPS domain very soon, understanding ransomware and analyzing defense mechanisms},
keywords = {Malware, Ransomware},
pubstate = {published},
tppubtype = {article}
}
Amit Kumar Sikder, Leonardo Babun, Z. Berkay Celik, Hidayet Aksu, Patrick McDaniel, Engin Kirda, A. Selcuk Uluagac
Who’s Controlling My Device? Multi-User Multi-Device-Aware Access Control System for Shared Smart Home Environment Journal Article
ACM Transactions on Internet of Things Journal, 2022.
Abstract | Links | BibTeX | Tags: Adverserial Machine Learning, Malware
@article{SikderControl2022,
title = {Who’s Controlling My Device? Multi-User Multi-Device-Aware Access Control System for Shared Smart Home Environment},
author = {Amit Kumar Sikder and Leonardo Babun and Z. Berkay Celik and Hidayet Aksu and Patrick McDaniel and Engin Kirda and A. Selcuk Uluagac},
url = {https://doi.org/10.1145/3543513},
year = {2022},
date = {2022-09-01},
urldate = {2022-09-01},
journal = {ACM Transactions on Internet of Things Journal},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
abstract = {Multiple users have access to multiple devices in a smart home system typically through a dedicated app installed on a mobile device. Traditional access control mechanisms consider one unique, trusted user that controls access to the devices. However, multi-user multi-device smart home settings pose fundamentally different challenges to traditional single-user systems. For instance, in a multi-user environment, users have conflicting, complex, and dynamically-changing demands on multiple devices that cannot be handled by traditional access control techniques. Moreover, smart devices from different platforms/vendors can share the same home environment, making existing access control obsolete for smart home systems. To address these challenges, in this paper, we introduce Kratos+, a novel multi-user and multi-device-aware access control mechanism that allows smart home users to flexibly specify their},
keywords = {Adverserial Machine Learning, Malware},
pubstate = {published},
tppubtype = {article}
}
Leonardo Babun, Amit Kumar Sikder, Abbas Acar, A. Selcuk Uluagac
The Truth Shall Set Thee Free: Enabling Practical Forensic Capabilities in Smart Environments Conference Paper
In the Proceedings of the 30th Network and Distributed System Security Symposium (NDSS), 2022.
Abstract | Links | BibTeX | Tags: Forensics, IoT Security
@conference{babun2022truth,
title = {The Truth Shall Set Thee Free: Enabling Practical Forensic Capabilities in Smart Environments},
author = {Leonardo Babun and Amit Kumar Sikder and Abbas Acar and A. Selcuk Uluagac},
url = {https://www.ndss-symposium.org/wp-content/uploads/2022-133-paper.pdf},
year = {2022},
date = {2022-04-01},
urldate = {2022-04-01},
booktitle = {In the Proceedings of the 30th Network and Distributed System Security Symposium (NDSS)},
abstract = {In smart environments such as smart homes and offices, the interaction between devices, users, and apps generate abundant data. Such data contain valuable forensic information about events and activities occurring in the smart environment. Nonetheless, current smart platforms do not provide any digital forensic capability to identify, trace, store, and analyze the data produced in these environments. To fill this gap, in this paper, we introduce VERITAS, a novel and practical digital forensic capability for the smart environment. VERITAS has two main components: Collector and Analyzer. The Collector implements mechanisms to automatically collect forensically-relevant data from the smart environment. Then, in the event of a forensic investigation, the Analyzer uses a First Order Markov Chain model to extract valuable and usable forensic information from the collected data. VERITAS then uses the forensic information to infer activities and behaviors from users, devices, and apps that violate the security policies defined for the environment. We implemented and tested VERITAS in a realistic smart office environment with 22 smart devices and sensors that generated 84209 forensically-valuable incidents. The evaluation shows that VERITAS achieves over 95 percent of accuracy in inferring different anomalous activities and forensic behaviors within the smart environment. Finally, VERITAS is extremely lightweight, yielding no overhead on the devices and minimal overhead in the backend resources (ie, the cloud servers).},
keywords = {Forensics, IoT Security},
pubstate = {published},
tppubtype = {conference}
}
Harun Oz, Faraz Naseem, Ahmet Aris, Abbas Acar, Guliz Seray Tuncay, A Selcuk Uluagac
Feasibility of Malware Visualization Techniques against Adversarial Machine Learning Attacks Demo/Poster
In the Proceedings of the 43rd IEEE Symposium on Security and Privacy (S&P), 2022.
BibTeX | Tags: Adverserial Machine Learning, Malware
@Demo/Posters{Oz2022MalwareVisualization,
title = {Feasibility of Malware Visualization Techniques against Adversarial Machine Learning Attacks},
author = {Harun Oz and Faraz Naseem and Ahmet Aris and Abbas Acar and Guliz Seray Tuncay and A Selcuk Uluagac},
year = {2022},
date = {2022-01-01},
urldate = {2022-01-01},
booktitle = {In the Proceedings of the 43rd IEEE Symposium on Security and Privacy (S&P)},
keywords = {Adverserial Machine Learning, Malware},
pubstate = {published},
tppubtype = {Demo/Posters}
}
Ege Tekiner, Abbas Acar, Arif Selcuk Uluagac
A Lightweight IoT Cryptojacking Detection Mechanism in Heterogeneous Smart Home Networks Conference Paper
In the Proceedings of the 30th Network and Distributed System Security Symposium (NDSS), 2022.
@conference{Tekiner2022ALI,
title = {A Lightweight IoT Cryptojacking Detection Mechanism in Heterogeneous Smart Home Networks},
author = {Ege Tekiner and Abbas Acar and Arif Selcuk Uluagac},
url = {https://api.semanticscholar.org/CorpusID:248223996},
year = {2022},
date = {2022-01-01},
booktitle = {In the Proceedings of the 30th Network and Distributed System Security Symposium (NDSS)},
journal = {Proceedings 2022 Network and Distributed System Security Symposium},
keywords = {},
pubstate = {published},
tppubtype = {conference}
}
Akm Iqtidar Newaz, Ahmet Aris, Amit Kumar Sikder, A Selcuk Uluagac
Systematic Threat Analysis of Modern Unified Healthcare Communication Systems Conference Paper
In the Proceedings of the 37th IEEE Global Communications Conference (GLOBECOM), 2022.
Abstract | Links | BibTeX | Tags: Healthcare Security, Network Security
@conference{iqtidarThreatAnalysis,
title = {Systematic Threat Analysis of Modern Unified Healthcare Communication Systems},
author = {Akm Iqtidar Newaz and Ahmet Aris and Amit Kumar Sikder and A Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/10001605/},
year = {2022},
date = {2022-01-01},
urldate = {2022-01-01},
booktitle = {In the Proceedings of the 37th IEEE Global Communications Conference (GLOBECOM)},
abstract = {Recently, smart medical devices have become preva-lent in remote monitoring of patients and the delivery of medication. The ongoing Covid-19 pandemic situation has boosted the upward trend of the popularity of smart medical devices in the healthcare system. Simultaneously, different device manufacturers and technologies compete for a share in a smart medical device's market, which forces the integration of diverse smart medical de-vices into a common healthcare ecosystem. Hence, modern unified healthcare communication systems (UHCSs) combine ISO/IEEE 11073 and Health Level Seven (HL7) communication standards to support smart medical devices' interoperability and their communication with healthcare providers. Despite their advantages in supporting various smart medical devices and communication technologies, these standards do not provide any security and suffer from vulnerabilities},
keywords = {Healthcare Security, Network Security},
pubstate = {published},
tppubtype = {conference}
}
Ehsan Nowroozi, Yassine Mekdad, Mauro Conti, Simone Milani, Selcuk Uluagac, Berrin Yanikoglu
Real or Virtual: A Video Conferencing Background Manipulation-Detection System Conference Paper
Arxiv, 2022.
Abstract | Links | BibTeX | Tags: Network Security, Web Security
@conference{EhsanRealOrVirtual,
title = {Real or Virtual: A Video Conferencing Background Manipulation-Detection System},
author = {Ehsan Nowroozi and Yassine Mekdad and Mauro Conti and Simone Milani and Selcuk Uluagac and Berrin Yanikoglu},
url = {https://arxiv.org/abs/2204.11853},
year = {2022},
date = {2022-01-01},
urldate = {2022-01-01},
booktitle = {Arxiv},
journal = {arXiv },
abstract = {Recently, the popularity and wide use of the last-generation video conferencing technologies created an exponential growth in its market size. Such technology allows participants in different geographic regions to have a virtual face-to-face meeting. Additionally, it enables users to employ a virtual background to conceal their own environment due to privacy concerns or to reduce distractions, particularly in professional settings. Nevertheless, in scenarios where the users should not hide their actual locations, they may mislead other participants by claiming their virtual background as a real one. Therefore, it is crucial to develop tools and strategies to detect the authenticity of the considered virtual background. In this paper, we present a detection strategy to distinguish between real and virtual video conferencing user backgrounds. We demonstrate that our detector is robust against two attack scenarios. The first scenario considers the case where the detector is unaware about the attacks and inn the second scenario, we make the detector aware of the adversarial attacks, which we refer to Adversarial Multimedia Forensics (i.e, the forensically-edited frames are included in the training set). Given the lack of publicly available dataset of virtual and real backgrounds for video conferencing, we created our own dataset and made them publicly available [1]. Then, we demonstrate the robustness of our detector against different adversarial attacks that the adversary considers. Ultimately, our detector's performance is significant against the CRSPAM1372 [2] features, and post-processing operations such as geometric transformations with different quality.},
keywords = {Network Security, Web Security},
pubstate = {published},
tppubtype = {conference}
}
Maryna Veksler, David Langus Rodríguez, Ahmet Aris, Kemal Akkaya, A. Selcuk Uluagac
LoFin: LoRa-based UAV Fingerprinting Framework Conference Paper
In the Proceedings of the 41st IEEE Military Communications Conference (MILCOM) , 2022.
Abstract | Links | BibTeX | Tags: Fingerprinting, Network Security, UAV Security
@conference{10017584,
title = {LoFin: LoRa-based UAV Fingerprinting Framework},
author = {Maryna Veksler and David Langus Rodríguez and Ahmet Aris and Kemal Akkaya and A. Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/10017584/},
year = {2022},
date = {2022-01-01},
urldate = {2022-01-01},
booktitle = {In the Proceedings of the 41st IEEE Military Communications Conference (MILCOM)
},
abstract = {The emerging proliferation of unmanned aerial vehicles (UAV) combined with their autonomous capabilities established the solid incorporation of UAVs for military applications. However, seamless deployment of drones into the adversarial environment and on the battlefield requires a robust and secure network stack, protected from adversarial intrusion. As LoRa became a low-cost solution for the long-distance control channel, it solved the challenge of long-range connectivity and prolonged lifespan present in UAV applications. However, the existing implementations lack protection mechanisms against unauthorized access. In this paper, we present LoFin, the first fingerprinting framework used to identify telemetry transceivers that communicate over the LoRa channel. LoFin exploits information leaked due to the differences in hardware structure, which results in processing time variations. Passively collecting},
keywords = {Fingerprinting, Network Security, UAV Security},
pubstate = {published},
tppubtype = {conference}
}
Shrenik Bhansali, Ahmet Aris, Abbas Acar, Harun Oz, Selcuk Uluagac
A First Look at Code Obfuscation for WebAssembly Conference Paper
In the Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec) , 2022.
Abstract | Links | BibTeX | Tags: Malware, WebAssembly
@conference{ShrenikCodeObfus,
title = {A First Look at Code Obfuscation for WebAssembly},
author = {Shrenik Bhansali and Ahmet Aris and Abbas Acar and Harun Oz and Selcuk Uluagac},
url = {https://doi.org/10.1145/3507657.3528560},
year = {2022},
date = {2022-01-01},
urldate = {2022-01-01},
booktitle = {In the Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec) },
abstract = {WebAssembly (Wasm) has seen a lot of attention lately as it spreads through the mobile computing domain and becomes the new standard for performance-oriented web development. It has diversified its uses far beyond just web applications by acting as an execution environment for mobile agents, containers for IoT devices, and enabling new serverless approaches for edge computing. Within the numerous uses of Wasm, not all of them are benign. With the rise of Wasm-based cryptojacking malware, analyzing Wasm applications has been a hot topic in the literature, resulting in numerous Wasm-based cryptojacking detection systems. Many of these methods rely on static analysis, which traditionally can be circumvented through obfuscation. However, the feasibility of the obfuscation techniques for Wasm programs has never been investigated thoroughly. In this paper, we address this gap and perform the first look at code obfuscation for Wasm. We apply numerous obfuscation techniques to Wasm programs, and test their effectiveness in producing a fully obfuscated Wasm program. Particularly, we obfuscate both benign Wasm-based web applications and cryptojacking malware instances and feed them into a state-of-the-art Wasm cryptojacking detector to see if current Wasm analysis methods can be subverted with obfuscation. Our analysis shows that obfuscation can be highly effective and can cause even a state-of-the-art detector to misclassify the obfuscated Wasm samples.
},
keywords = {Malware, WebAssembly},
pubstate = {published},
tppubtype = {conference}
}
Alvi Ataur Khalil, Javier Franco, Imtiaz Parvez, Selcuk Uluagac, Hossain Shahriar, Mohammad Ashiqur Rahman
A Literature Review on Blockchain-enabled Security and Operation of Cyber-Physical Systems Conference Paper
In the Proceedings of 46th Annual Computers, Software and Applications Conference (COMPSAC), 2022.
Abstract | Links | BibTeX | Tags: Blockchain Security, CPS Security
@conference{9842711,
title = {A Literature Review on Blockchain-enabled Security and Operation of Cyber-Physical Systems},
author = {Alvi Ataur Khalil and Javier Franco and Imtiaz Parvez and Selcuk Uluagac and Hossain Shahriar and Mohammad Ashiqur Rahman},
url = {https://ui.adsabs.harvard.edu/abs/2021arXiv210707916A/abstract},
year = {2022},
date = {2022-01-01},
urldate = {2022-01-01},
booktitle = {In the Proceedings of 46th Annual Computers, Software and Applications Conference (COMPSAC)},
abstract = {Blockchain has become a key technology in a plethora of application domains owing to its decentralized public nature. The cyber-physical systems (CPS) is one of the prominent application domains that leverage blockchain for myriad operations, where the Internet of Things (IoT) is utilized for data collection. Although some of the CPS problems can be solved by simply adopting blockchain for its secure and distributed nature, others require complex considerations for overcoming blockchain-imposed limitations while maintaining the core aspect of CPS. Even though a number of studies focus on either the utilization of blockchains for different CPS applications or the blockchain-enabled security of CPS, there is no comprehensive survey including both perspectives together. To fill this gap, we present a comprehensive overview of contemporary advancement in using blockchain for enhancing different CPS.},
keywords = {Blockchain Security, CPS Security},
pubstate = {published},
tppubtype = {conference}
}
Amit Kumar Sikder, Hidayet Aksu, A Selcuk Uluagac
System and Method for Secure and Resilient Industrial Control Systems Patent
US Patent, 2022.
Abstract | Links | BibTeX | Tags: IoT Security
@patent{Sikder2022SecureResilientICSb,
title = {System and Method for Secure and Resilient Industrial Control Systems},
author = {Amit Kumar Sikder and Hidayet Aksu and A Selcuk Uluagac},
url = {https://patents.google.com/patent/US20220182400A1/en},
year = {2022},
date = {2022-01-01},
urldate = {2022-01-01},
abstract = {Context-aware security frameworks to detect malicious behavior in a smart environment (eg, a home, office, or other building) are provided. The framework can address the emerging threats to smart environments by observing the changing patterns of the conditions (eg, active/inactive) of smart entities (eg, sensors and other devices) of the smart environment for different user activities, and building a contextual model to detect malicious activities in the smart environment.},
howpublished = {US Patent},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {patent}
}
Michael Thompson, Suat Mercan, Mumin Cebe, Kemal Akkaya, Arif Selcuk Uluagac
Cost-efficient IoT Forensics Framework with Blockchain Patent
US Patent, 2021.
Abstract | Links | BibTeX | Tags: Forensics, IoT Security
@patent{Thompson2021CostEfficient,
title = {Cost-efficient IoT Forensics Framework with Blockchain},
author = {Michael Thompson and Suat Mercan and Mumin Cebe and Kemal Akkaya and Arif Selcuk Uluagac},
url = {https://patentscope.wipo.int/search/en/detail.jsf?docId=US336296346},
year = {2021},
date = {2021-09-21},
urldate = {2021-09-21},
booktitle = {US Patent},
pages = {332–333},
publisher = {Association for Computing Machinery},
series = {WiSec '19},
abstract = {A cost-effective and reliable digital forensics framework is provided by exploiting multiple blockchain networks in two levels. The selected data collected from sensors on a boat is sent to a remote company database and calculated hash of the data is saved in two blockchain platforms in the first level. Hash of each block is retrieved and inserted onto a Merkle tree on a periodic basis to be stored on another blockchain in the second level which is used to detect any error in the first level blockchains. A secure platform is created with the combination of several blockchains.},
howpublished = {US Patent},
keywords = {Forensics, IoT Security},
pubstate = {published},
tppubtype = {patent}
}
Kyle Denney, Enes Erdin, Leonardo Babun, A Selcuk Uluagac, Kemal Akkaya
Systems and methods for inhibiting threats to a computing environment Patent
US Patent, 2021.
Abstract | Links | BibTeX | Tags: IoT Security
@patent{denney2021systemsp,
title = {Systems and methods for inhibiting threats to a computing environment},
author = {Kyle Denney and Enes Erdin and Leonardo Babun and A Selcuk Uluagac and Kemal Akkaya},
url = {https://patents.google.com/patent/US20200356665A1/en},
year = {2021},
date = {2021-09-01},
urldate = {2021-09-01},
publisher = {Google Patents},
abstract = {Novel hardware-based frameworks and methods for the detection and inhibition or prevention of insider threats utilizing machine learning methods and data collection done at the physical layer are provided. Analysis is done on unknown USB-powered devices, such as a keyboard or mouse, introduced to a computing environment and, through the utilization of machine learning, the behavior of the unknown device is determined before it can potentially cause harm to the computing environment.},
howpublished = {US Patent},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {patent}
}
Abbas Acar, Shoukat Ali, Koray Karabina, Cengiz Kaygusuz, Hidayet Aksu, Kemal Akkaya, Selcuk Uluagac
A Lightweight Privacy-Aware Continuous Authentication Protocol-PACA Journal Article
ACM Transactions on Privacy and Security (TOPS) Journal, 2021.
Abstract | Links | BibTeX | Tags: Authentication, Privacy Preserving
@article{AcarPACA,
title = {A Lightweight Privacy-Aware Continuous Authentication Protocol-PACA},
author = {Abbas Acar and Shoukat Ali and Koray Karabina and Cengiz Kaygusuz and Hidayet Aksu and Kemal Akkaya and Selcuk Uluagac},
url = {https://doi.org/10.1145/3464690},
year = {2021},
date = {2021-09-01},
urldate = {2021-09-01},
journal = {ACM Transactions on Privacy and Security (TOPS) Journal},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
abstract = {As many vulnerabilities of one-time authentication systems have already been uncovered, there is a growing need and trend to adopt continuous authentication systems. Biometrics provides an excellent means for periodic verification of the authenticated users without breaking the continuity of a session. Nevertheless, as attacks to computing systems increase, biometric systems demand more user information in their operations, yielding privacy issues for users in biometric-based continuous authentication systems. However, the current state-of-the-art privacy technologies are not viable or costly for the continuous authentication systems, which require periodic real-time verification. In this article, we introduce a novel, lightweight, privacy-aware, and secure continuous authentication protocol called PACA. PACA is initiated through a password-based key exchange (PAKE) mechanism, and it continuously},
keywords = {Authentication, Privacy Preserving},
pubstate = {published},
tppubtype = {article}
}
Luis C Puche Rondon, Leonardo Babun, Kemal Akkaya, A Selcuk Uluagac
Systems and methods for monitoring activity in an HDMI network Patent
US Patent, 2021.
Abstract | Links | BibTeX | Tags: IoT Security, Smart Home Security
@patent{rondon2021systems,
title = {Systems and methods for monitoring activity in an HDMI network},
author = {Luis C Puche Rondon and Leonardo Babun and Kemal Akkaya and A Selcuk Uluagac},
url = {https://patents.google.com/patent/US10929530B1/en},
year = {2021},
date = {2021-02-01},
urldate = {2021-02-01},
publisher = {Google Patents},
abstract = {Systems and methods for monitoring activity within High Definition Multimedia Interface (HDMI) enabled consumer electronics control (CEC) devices and their networks and identifying unexpected and/or suspicious activity within the network are provided. CEC message packets and packet attribute analysis can be used to identify unexpected and/or suspicious CEC activity within two or more interconnected HDMI devices. Three fundamental steps can be used: a data collection step can capture CEC activity occurring within an HDMI distribution; a data processing step can correlate data into a packet analysis process to create a model later used for evaluation; and a decision process step can use the model created in the data processing step to determine if activity occurring within the HDMI distribution is expected or unexpected.},
howpublished = {US Patent},
keywords = {IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {patent}
}
Akm Iqtidar Newaz, Amit Kumar Sikder, Mohammad Ashiqur Rahman, A Selcuk Uluagac
A survey on security and privacy issues in modern healthcare systems: Attacks and defenses Journal Article
ACM Transactions on Computing for Healthcare Journal, 2021.
Abstract | BibTeX | Tags: Healthcare Security
@article{newaz2021survey,
title = {A survey on security and privacy issues in modern healthcare systems: Attacks and defenses},
author = {Akm Iqtidar Newaz and Amit Kumar Sikder and Mohammad Ashiqur Rahman and A Selcuk Uluagac},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {ACM Transactions on Computing for Healthcare Journal},
publisher = {ACM New York, NY, USA},
abstract = {Recent advancements in computing systems and wireless communications have made healthcare systems more efficient than before. Modern healthcare devices can monitor and manage different health conditions of patients automatically without any manual intervention from medical professionals. Additionally, the use of implantable medical devices, body area networks, and Internet of Things technologies in healthcare systems improve the overall patient monitoring and treatment process. However, these systems are complex in software and hardware, and optimizing between security, privacy, and treatment is crucial for healthcare systems because any security or privacy violation can lead to severe effects on patients treatments and overall health conditions. },
keywords = {Healthcare Security},
pubstate = {published},
tppubtype = {article}
}
Leonardo Babun, Kyle Denney, Z Berkay Celik, Patrick McDaniel, A Selcuk Uluagac
A survey on IoT platforms: Communication, security, and privacy perspectives Journal Article
Computer Networks Journal, 2021.
Abstract | BibTeX | Tags: IoT Security
@article{babun2021survey,
title = {A survey on IoT platforms: Communication, security, and privacy perspectives},
author = {Leonardo Babun and Kyle Denney and Z Berkay Celik and Patrick McDaniel and A Selcuk Uluagac},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {Computer Networks Journal},
publisher = {Elsevier},
abstract = {The Internet of Things (IoT) redefines the way how commodity and industrial tasks are performed every day. The integration of sensors, lightweight computation, and the proliferation of different wireless technologies on IoT platforms enable human beings to easily interact with their surrounding physical world thoroughly. With the recent rise of IoT, several different IoT platforms have been introduced for researchers and developers to ease the management and control of various IoT devices. In general, the IoT platforms act as a bridge between core IoT functionalities and users by providing APIs. Due to their wide variety of applications, IoT platforms are mostly unique in their architectures and designs. Thus, IoT administrators, developers, and researchers (i.e.,IoT users) are challenged with substantial configuration differences in the proper configuration, implementation, and protection of the IoT solutions.},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {article}
}
Javier Franco, Ahmet Aris, Berk Canberk, A Selcuk Uluagac
A survey of honeypots and honeynets for internet of things, industrial internet of things, and cyber-physical systems Journal Article
IEEE Communications Surveys & Tutorials, 2021.
Abstract | BibTeX | Tags: CPS Security, IoT Security
@article{franco2021survey,
title = {A survey of honeypots and honeynets for internet of things, industrial internet of things, and cyber-physical systems},
author = {Javier Franco and Ahmet Aris and Berk Canberk and A Selcuk Uluagac},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {IEEE Communications Surveys & Tutorials},
publisher = {IEEE},
abstract = {The Internet of Things (IoT), the Industrial Internet of Things (IIoT), and Cyber-Physical Systems (CPS) have become essential for our daily lives in contexts such as our homes, buildings, cities, health, transportation, manufacturing, infrastructure, and agriculture. However, they have become popular targets of attacks, due to their inherent limitations which create vulnerabilities. Honeypots and honeynets can prove essential to understand and defend against attacks on IoT, IIoT, and CPS environments by attracting attackers and deceiving them into thinking that they have gained access to the real systems. Honeypots and honeynets can complement other security solutions (i.e., firewalls, Intrusion Detection Systems - IDS) to form a strong defense against malicious entities. This paper provides a comprehensive survey of the research that has been carried out on honeypots and honeynets for IoT, IIoT, and CPS. },
keywords = {CPS Security, IoT Security},
pubstate = {published},
tppubtype = {article}
}
Luis Puche Rondon, Leonardo Babun, Ahmet Aris, Kemal Akkaya, A Selcuk Uluagac
LightningStrike: (in) secure practices of E-IoT systems in the wild Conference Paper
In the Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2021.
Abstract | BibTeX | Tags: IoT Security, Smart Home Security
@conference{rondon2021lightningstrike,
title = {LightningStrike: (in) secure practices of E-IoT systems in the wild},
author = {Luis Puche Rondon and Leonardo Babun and Ahmet Aris and Kemal Akkaya and A Selcuk Uluagac},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
booktitle = {In the Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)},
abstract = {The widespread adoption of specialty smart ecosystems has changed the everyday lives of users. As a part of smart ecosystems, Enterprise Internet of Things (E-IoT) allows users to integrate and control more complex installations in comparison to off-the-shelf IoT systems. With E-IoT, users have a complete control of audio, video, scheduled events, lightning fixtures, shades, door access, and relays via available user interfaces. As such, these systems see widespread use in government or smart private offices, schools, smart buildings, professional conference rooms, hotels, smart homes, yachts, and similar professional settings. },
keywords = {IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {conference}
}
Enes Erdin, Mumin Cebe, Kemal Akkaya, Eyuphan Bulut, Selcuk Uluagac
A scalable private Bitcoin payment channel network with privacy guarantees Journal Article
Journal of Network and Computer Applications, 2021.
Abstract | BibTeX | Tags: Blockchain Security
@article{erdin2021scalable,
title = {A scalable private Bitcoin payment channel network with privacy guarantees},
author = {Enes Erdin and Mumin Cebe and Kemal Akkaya and Eyuphan Bulut and Selcuk Uluagac},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {Journal of Network and Computer Applications},
publisher = {Elsevier},
abstract = {While Bitcoin heavily dominates the cryptocurrency markets, its use in micropayments is still a challenge due to long transaction confirmation times and high fees. Recently, the concept of off-chain transactions is introduced that led to the idea of establishing a payment channel network called Lightning Network (LN), which utilizes multi-hop payments. Off-chain links provide the ability to make instant payments without a need to writing to Blockchain. However, LN's design still favors fees, and it is creating hub nodes or relays that defeat the purpose of Blockchain. In addition, it is still not reliable, as not all transactions are guaranteed to be delivered to their destinations. These issues hinder its wide adoption by retailers. To address this issue, in this paper, we argue that the retailers could create a private payment channel network among them to serve their business needs, just like the concept of private Blockchains.},
keywords = {Blockchain Security},
pubstate = {published},
tppubtype = {article}
}
Amit Kumar Sikder, Giuseppe Petracca, Hidayet Aksu, Trent Jaeger, A Selcuk Uluagac
A survey on sensor-based threats and attacks to smart devices and applications Journal Article
IEEE Communications Surveys & Tutorials, 2021.
Abstract | BibTeX | Tags: Smart Home Security
@article{sikder2021survey,
title = {A survey on sensor-based threats and attacks to smart devices and applications},
author = {Amit Kumar Sikder and Giuseppe Petracca and Hidayet Aksu and Trent Jaeger and A Selcuk Uluagac},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {IEEE Communications Surveys & Tutorials},
publisher = {IEEE},
abstract = {Modern electronic devices have become smart as well as omnipresent in our day-to-day lives. From small household devices to large industrial machines, smart devices have become very popular in every possible application domain. Smart devices in our homes, offices, buildings, and cities can connect with other devices as well as with the physical world around them. This increasing popularity has also placed smart devices as the center of attention among attackers. Already, several types of malicious activities exist that attempt to compromise the security and privacy of smart devices. One interesting and noteworthy emerging threat vector is the attacks that abuse the use of sensors on smart devices. Smart devices are vulnerable to sensor-based threats and attacks due to the lack of proper security mechanisms available to control the use of sensors by installed apps.},
keywords = {Smart Home Security},
pubstate = {published},
tppubtype = {article}
}
Nur Imtiazul Haque, Mohammad Ashiqur Rahman, Md Hasan Shahriar, Alvi Ataur Khalil, Selcuk Uluagac
A novel framework for threat analysis of machine learning-based smart healthcare systems Journal Article
arXiv, 2021.
Abstract | Links | BibTeX | Tags: Healthcare Security
@article{haque2021novel,
title = {A novel framework for threat analysis of machine learning-based smart healthcare systems},
author = {Nur Imtiazul Haque and Mohammad Ashiqur Rahman and Md Hasan Shahriar and Alvi Ataur Khalil and Selcuk Uluagac},
url = {https://arxiv.org/abs/2103.03472},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {arXiv},
abstract = {Smart healthcare systems (SHSs) are providing fast and efficient disease treatment leveraging wireless body sensor networks (WBSNs) and implantable medical devices (IMDs)-based internet of medical things (IoMT). In addition, IoMT-based SHSs are enabling automated medication, allowing communication among myriad healthcare sensor devices. However, adversaries can launch various attacks on the communication network and the hardware/firmware to introduce false data or cause data unavailability to the automatic medication system endangering the patient's life. In this paper, we propose SHChecker, a novel threat analysis framework that integrates machine learning and formal analysis capabilities to identify potential attacks and corresponding effects on an IoMT-based SHS. Our framework can provide us with all potential attack vectors, each representing a set of sensor measurements to be altered, for an SHS given a specific set of attack attributes, allowing us to realize the system's resiliency, thus the insight to enhance the robustness of the model. We implement SHChecker on a synthetic and a real dataset, which affirms that our framework can reveal potential attack vectors in an IoMT system. This is a novel effort to formally analyze supervised and unsupervised machine learning models for black-box SHS threat analysis.},
keywords = {Healthcare Security},
pubstate = {published},
tppubtype = {article}
}
Amit Kumar Sikder, Leonardo Babun, A Selcuk Uluagac
Aegis+ a context-aware platform-independent security framework for smart home systems Journal Article
Digital Threats: Research and Practice Journal, 2021.
Abstract | Links | BibTeX | Tags: CPS Security, IoT Security
@article{sikder2021aegis+,
title = {Aegis+ a context-aware platform-independent security framework for smart home systems},
author = {Amit Kumar Sikder and Leonardo Babun and A Selcuk Uluagac},
url = {https://dl.acm.org/doi/pdf/10.1145/3359789.3359840},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {Digital Threats: Research and Practice Journal},
publisher = {ACM New York, NY, USA},
abstract = {The introduction of modern Smart Home Systems (SHSs) is redefining the way we perform everyday activities. Today, myriad SHS applications and the devices they control are widely available to users. Specifically, users can easily download and install the apps from vendor-specific app markets, or develop their own, to effectively implement their SHS solutions. However, despite their benefits, app-based SHSs unfold diverse security risks. Several attacks have already been reported to SHSs and current security solutions only consider smart home devices and apps individually to detect malicious actions, rather than the context of the SHS as a whole. Thus, the current security solutions applied to SHSs cannot capture user activities and sensor-device-user interactions in a holistic fashion. To address these limitations, in this article, we introduce Aegis+, a novel context-aware platform-independent security framework.},
keywords = {CPS Security, IoT Security},
pubstate = {published},
tppubtype = {article}
}
Ahmet Kurt, Enes Erdin, Kemal Akkaya, Selcuk Uluagac, Mumin Cebe
D-LNBot: A Scalable, Cost-Free and Covert Hybrid Botnet on Bitcoin's Lightning Network Journal Article
IEEE Transactions on Dependable and Secure Computing Journal, 2021.
Abstract | Links | BibTeX | Tags: Blockchain Security, Network Security
@article{Kurt2021DLNBotAS,
title = {D-LNBot: A Scalable, Cost-Free and Covert Hybrid Botnet on Bitcoin's Lightning Network},
author = {Ahmet Kurt and Enes Erdin and Kemal Akkaya and Selcuk Uluagac and Mumin Cebe},
url = {https://api.semanticscholar.org/CorpusID:245131355},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {IEEE Transactions on Dependable and Secure Computing Journal},
abstract = {While various covert botnets were proposed in the past, they still lack complete anonymization for their servers/botmasters or suffer from slow communication between the botmaster and the bots. In this paper, we first propose a new generation hybrid botnet that covertly and efficiently communicates over Bitcoin Lightning Network (LN), called LNBot. Exploiting various anonymity features of LN, we show the feasibility of a scalable two-layer botnet which completely anonymizes the identity of the botmaster. In the first layer, the botmaster anonymously sends the commands to the command and control (C&C) servers through regular LN payments. Specifically, LNBot allows botmaster's commands to be sent in the form of surreptitious multi-hop LN payments, where the commands are either encoded with the payments or attached to the payments to provide covert communications. In the second layer, C&C servers further},
keywords = {Blockchain Security, Network Security},
pubstate = {published},
tppubtype = {article}
}
Luis Puche, Ahmet Aris, Leonardo Babun, Kemal Akkaya, A. Selcuk Uluagac
Survey on Enterprise Internet-of-Things Systems (E-IoT): A Security Perspective Journal Article
Elsevier Ad Hoc Networks Journal, 2021.
Abstract | Links | BibTeX | Tags: Enterprise Security, IoT Security
@article{puche2021survey,
title = {Survey on Enterprise Internet-of-Things Systems (E-IoT): A Security Perspective},
author = {Luis Puche and Ahmet Aris and Leonardo Babun and Kemal Akkaya and A. Selcuk Uluagac},
url = {https://www.sciencedirect.com/science/article/pii/S1570870521002171},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {Elsevier Ad Hoc Networks Journal},
abstract = {As technology becomes more widely available, millions of users worldwide have installed some form of smart device in their homes or workplaces. These devices are often off-the-shelf commodity systems, such as Google Home or Samsung SmartThings, that are installed by end-users looking to automate a small deployment. In contrast to these plug-and-play systems, purpose-built Enterprise Internet-of-Things (E-IoT) systems such as Crestron, Control4, RTI, Savant offer a smart solution for more sophisticated applications (e.g., complete lighting control, A/V management, security). In contrast to commodity systems, E-IoT systems are usually closed source, costly, require certified installers, and are overall more robust for their use cases. Due to this, E-IoT systems are often found in expensive smart homes, government and academic conference rooms, yachts, and smart private offices. However, while there has},
keywords = {Enterprise Security, IoT Security},
pubstate = {published},
tppubtype = {article}
}
Ege Tekiner, Abbas Acar, A Selcuk Uluagac, Engin Kirda, Ali Aydin Selcuk
In-Browser Cryptomining for Good: An Untold Story Conference Paper
In the Proceedings of the IEEE International Conference on Decentralized Applications and Infrastructures (DAPPS), 2021.
Abstract | Links | BibTeX | Tags: Cryptojacking, Malware
@conference{untoldStory,
title = {In-Browser Cryptomining for Good: An Untold Story},
author = {Ege Tekiner and Abbas Acar and A Selcuk Uluagac and Engin Kirda and Ali Aydin Selcuk},
url = {https://ieeexplore.ieee.org/abstract/document/9566204/},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
booktitle = {In the Proceedings of the IEEE International Conference on Decentralized Applications and Infrastructures (DAPPS)},
abstract = {In-browser cryptomining uses the computational power of a website's visitors to mine cryptocurrency, i.e., to create new coins. With the rise of ready-to-use mining scripts distributed by service providers (e.g., Coinhive), it has become trivial to turn a website into a cryptominer by copying and pasting the mining script. Both legitimate webpage owners who want to raise an extra revenue under users' explicit consent and malicious actors who wish to exploit the computational power of the users' computers without their consent have started to utilize this emerging paradigm of cryptocurrency operations. In-browser cryptomining, though mostly abused by malicious actors in practice, is indeed a promising funding model that can be utilized by website owners, publishers, or non-profit organizations for legitimate business purposes, such as to collect revenue or donations for humanitarian projects, inter alia. However, our analysis in this paper shows that in practice, regardless of their being legitimate or not, all in-browser mining scripts are treated the same as malicious cryptomining samples (aka cryptojacking) and blacklisted by browser extensions or antivirus programs. Indeed, there is a need for a better understanding of the in-browser cryptomining ecosystem. Hence, in this paper, we present an in-depth empirical analysis of in-browser cryptomining processes, focusing on the samples explicitly asking for user consent, which we call permissioned cryptomining. To the best of our knowledge, this is the first study focusing on the permissioned cryptomining samples. For this, we created a dataset of 6269 unique web sites containing cryptomining scripts in their source codes to characterize the in-browser cryptomining ecosystem by differentiating permissioned and permissionless cryptomining samples. We believe that (1) this paper is the first attempt showing that permissioned in-browser cryptomining could be a legitimate and viable monetization tool if implemented responsibly and without interrupting the user, and (2) this paper will catalyze the widespread adoption of legitimate crvptominina with user consent and awareness.},
keywords = {Cryptojacking, Malware},
pubstate = {published},
tppubtype = {conference}
}
Ahmet Arış, Faraz Naseem, Leonardo Babun, Ege Tekiner, Selcuk Uluagac
MINOS: A Lightweight Real-Time Cryptojacking Detection System Conference Paper
In the Processings of 28th the Network and Distributed System Security Symposium (NDSS), 2021.
Abstract | Links | BibTeX | Tags: Cryptojacking, Machine Learning Security, Malware
@conference{FarazMinos,
title = {MINOS: A Lightweight Real-Time Cryptojacking Detection System},
author = {Ahmet Arış and Faraz Naseem and Leonardo Babun and Ege Tekiner and Selcuk Uluagac},
url = {https://www.researchgate.net/profile/Ahmet-Aris/publication/349109071_MINOS_A_Lightweight_Real-Time_Cryptojacking_Detection_System/links/61488e123c6cb310697fba33/MINOS-A-Lightweight-Real-Time-Cryptojacking-Detection-System.pdf},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
booktitle = {In the Processings of 28th the Network and Distributed System Security Symposium (NDSS)},
abstract = {Emerging WebAssembly (Wasm)-based cryptojacking malware covertly uses the computational resources of users without their consent or knowledge. Indeed, most victims of this malware are unaware of such unauthorized use of their computing power due to techniques employed by cryptojacking malware authors such as CPU throttling and obfuscation. A number of dynamic analysis-based detection mechanisms exist that aim to circumvent such techniques. However, since these mechanisms use dynamic features, the collection of such features, as well as the actual detection of the malware, require that the cryptojacking malware run for a certain amount of time, effectively mining for that period, and therefore causing significant overhead. To solve these limitations, in this paper, we propose MINOS, a novel, extremely lightweight cryptojacking detection system that uses deep learning techniques to accurately detect the presence of unwarranted Wasm-based mining activity in real-time. MINOS uses an image-based classification technique to distinguish between benign webpages and those using Wasm to implement unauthorized mining. Specifically, the classifier implements a convolutional neural network (CNN) model trained with a comprehensive dataset of current malicious and benign Wasm binaries. MINOS achieves exceptional accuracy with a low TNR and FPR. Moreover, our extensive performance analysis of MINOS shows that the proposed detection technique can detect mining activity instantaneously from the most current in-the-wild cryptojacking malware with an accuracy of 98.97 percent, in an average of 25.9 milliseconds while using a},
keywords = {Cryptojacking, Machine Learning Security, Malware},
pubstate = {published},
tppubtype = {conference}
}
Ege Tekiner, Abbas Acar, A. Selcuk Uluagac, Engin Kirda, Ali Aydin Selcuk
SoK: Cryptojacking Malware Conference Paper
In the Processings of 6th IEEE European Symposium on Security and Privacy (EuroS&P), Virtual, 2021.
Abstract | Links | BibTeX | Tags: Blockchain Security, Cryptojacking, Malware
@conference{tekiner2021,
title = {SoK: Cryptojacking Malware},
author = {Ege Tekiner and Abbas Acar and A. Selcuk Uluagac and Engin Kirda and Ali Aydin Selcuk},
url = {https://ieeexplore.ieee.org/abstract/document/9581251/},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
booktitle = {In the Processings of 6th IEEE European Symposium on Security and Privacy (EuroS&P)},
address = {Virtual},
abstract = {Emerging blockchain and cryptocurrency-based technologies are redefining the way we conduct business in cyberspace. Today, a myriad of blockchain and cryp-tocurrency systems, applications, and technologies are widely available to companies, end-users, and even malicious actors who want to exploit the computational resources of regular users through cryptojacking malware. Especially with ready-to-use mining scripts easily provided by service providers (e.g., Coinhive) and untraceable cryptocurrencies (e.g., Monero), cryptojacking malware has become an indispensable tool for attackers. Indeed, the banking industry, major commercial websites, government and military servers (e.g., US Dept. of Defense), online video sharing platforms (e.g., Youtube), gaming platforms (e.g., Nintendo), critical infrastructure resources (e.g., routers), and even recently widely popular remote video conferencing/meeting},
keywords = {Blockchain Security, Cryptojacking, Malware},
pubstate = {published},
tppubtype = {conference}
}
Leonardo Babun, Hidayet Aksu, A. Selcuk Uluagac
CPS Device-Class Identification via Behavioral Fingerprinting: From Theory to Practice Journal Article
IEEE Transactions on Information Forensics and Security (TIFS) Journal, 2021.
Abstract | Links | BibTeX | Tags: CPS Security
@article{BabunCPS,
title = {CPS Device-Class Identification via Behavioral Fingerprinting: From Theory to Practice},
author = {Leonardo Babun and Hidayet Aksu and A. Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/9340269/},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {IEEE Transactions on Information Forensics and Security (TIFS) Journal},
abstract = {Cyber-Physical Systems (CPS) utilize different devices to collect sensitive data, communicate with other systems, and monitor essential processes in critical infrastructure applications. However, in the ecosystem of CPS, unauthorized or spoofed devices may danger or compromise the performance and security of the critical infrastructure. The unauthorized and spoofed devices may include tampered pieces of software or hardware components that can negatively impact CPS operations or collect vital CPS metrics from the network. Such devices can be outsider or insider threats trying to impersonate other real CPS devices via spoofing their legitimate identifications to gain access to systems, steal information, or spread malware. Device fingerprinting techniques are promising approaches to identify unauthorized or illegitimate devices. However, current fingerprinting solutions are not suitable as they disrupt critical},
keywords = {CPS Security},
pubstate = {published},
tppubtype = {article}
}
Ahmet Kurt, Nico Saputro, Kemal Akkaya, A. Selcuk Uluagac
Distributed Connectivity Maintenance in Swarm of Drones During Post-Disaster Transportation Applications Journal Article
IEEE Transactions on Intelligent Transportation Systems Journal, 2021.
Abstract | Links | BibTeX | Tags: Network Security, UAV Security
@article{9385994,
title = {Distributed Connectivity Maintenance in Swarm of Drones During Post-Disaster Transportation Applications},
author = {Ahmet Kurt and Nico Saputro and Kemal Akkaya and A. Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/9385994/},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {IEEE Transactions on Intelligent Transportation Systems Journal},
abstract = {Considering post-disaster scenarios for intelligent traffic management and damage assessment where communication infrastructure may not be available, we advocate a swarm-of-drones mesh communication architecture that can sustain in-network connectivity among drones. The connectivity sustenance requirement stems from the fact that drones may move to various locations in response to service requests but they still need to cooperate for data collection and transmissions. To address this need, we propose a fully distributed connectivity maintenance heuristic which enables the swarm to quickly adapt its formation in response to the service requests. To select the moving drone(s) that would bring minimal overhead in terms of time and moving distance, the connected dominating set (CDS) concept from graph theory is utilized. Specifically, a variation of CDS, namely E-CDS, is introduced to address the needs},
keywords = {Network Security, UAV Security},
pubstate = {published},
tppubtype = {article}
}
Adrien Cosson, Amit Kumar Sikder, Leonardo Babun, Z Berkay Celik, Patrick McDaniel, A Selcuk Uluagac
Sentinel: A robust intrusion detection system for IoT networks using kernel-level system information Conference Paper
In the Proceedings of the International Conference on Internet-of-Things Design and Implementation, 2021.
Abstract | Links | BibTeX | Tags: IoT Security
@conference{cosson2021sentinel,
title = {Sentinel: A robust intrusion detection system for IoT networks using kernel-level system information},
author = {Adrien Cosson and Amit Kumar Sikder and Leonardo Babun and Z Berkay Celik and Patrick McDaniel and A Selcuk Uluagac},
url = {https://dl.acm.org/doi/abs/10.1145/3450268.3453533},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
booktitle = {In the Proceedings of the International Conference on Internet-of-Things Design and Implementation},
abstract = {The concept of Internet of Things (IoT) has changed the way we live by integrating commodity devices with cyberspace to automate our everyday tasks. Nowadays, IoT devices in the home environment are becoming ubiquitous with seamless connectivity and diverse application domains. Modern IoT devices have adopted a many-to-many connectivity model to enhance user experience and device functionalities compared to early IoT devices with standalone device setup and limited functionalities. However, the continuous connection between devices and cyberspace has introduced new cyber attacks targeting IoT devices and networks. Due to the resource-constrained nature of IoT devices as well as the opacity of the IoT framework, traditional intrusion detection systems cannot be applied here. In this paper, we introduce Sentinel, a novel intrusion detection system that uses kernel-level information to detect},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {conference}
}
Hidayet Aksu, A Selcuk Uluagac, Elizabeth S Bentley
Internet of things (IoT) identifying system and associated methods Patent
US Patent, 2020.
Abstract | Links | BibTeX | Tags: IoT Security, Smart Home Security
@patent{aksu2020internet,
title = {Internet of things (IoT) identifying system and associated methods},
author = {Hidayet Aksu and A Selcuk Uluagac and Elizabeth S Bentley},
url = {https://uspto.report/patent/grant/10,826,902},
year = {2020},
date = {2020-11-01},
urldate = {2020-11-01},
publisher = {Google Patents},
abstract = {A wireless Internet-of-Things (IoT) device identification method and framework incorporates machine learning (ML) techniques with information from the protocol used (eg, Bluetooth, Bluetooth Low Energy/Bluetooth Smart, and others). A passive, non-intrusive feature selection technique targets IoT device captures with an ML classifier selection algorithm for the identification of IoT devices (ie, picking the best performing ML algorithm among multiple ML algorithms available). Using an input training label and training dataset (eg, training wireless IoT packets) associated with the IoT device, a classifier and a filter are selected. An inter-arrival-time (IAT) associated with the filtered training data set and a density distribution for the IAT are then calculated. After converting the density distribution to the training feature vector, a prediction model and the selected classifier are stored for subsequent application to testing.},
howpublished = {US Patent},
keywords = {IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {patent}
}
Kyle Denney, Enes Erdin, Leonardo Babun, Michael Vai, Selcuk Uluagac
USB-Watch: A Dynamic Hardware-Assisted USB Threat Detection Framework Conference Paper
In the Proceedings of the Security and Privacy in Communication Networks, 2020.
Abstract | Links | BibTeX | Tags: Hardware Security
@conference{Denney2019USB-Watchb,
title = {USB-Watch: A Dynamic Hardware-Assisted USB Threat Detection Framework},
author = {Kyle Denney and Enes Erdin and Leonardo Babun and Michael Vai and Selcuk Uluagac},
url = {https://link.springer.com/chapter/10.1007/978-3-030-37228-6_7},
year = {2020},
date = {2020-02-15},
urldate = {2020-02-15},
booktitle = {In the Proceedings of the Security and Privacy in Communication Networks},
abstract = {The USB protocol is among the most widely adopted protocols today thanks to its plug-and-play capabilities and the vast number of devices which support the protocol. However, this same adaptability leaves unwitting computing devices prone to attacks. Malicious USB devices can disguise themselves as benign devices (e.g., keyboard, mouse, etc.) to insert malicious commands on end devices. These malicious USB devices can mimic an actual device or a human typing pattern and appear as a real device to the operating system. Typically, advanced software-based detection schemes are used to identify the malicious nature of such devices. However, a powerful adversary (e.g., as rootkits or advanced persistent threats) can still subvert those software-based detection schemes. To address these concerns, in this work, we introduce a novel hardware-assisted, dynamic USB-threat detection framework called USB-Watch. Specifically, USB-Watch utilizes hardware placed between a USB device and the host machine to hook into the USB communication, collect USB data, and provides the capability to view unaltered USB protocol communications. This unfettered data is then fed into a machine learning-based classifier which dynamically determines the true nature of the USB device. Using real malicious USB devices (i.e., Rubber-Ducky) mimicking as a keyboard, we perform a thorough analysis of typing dynamic features (e.g., typing time differentials, key press durations, etc.) to effectively classify malicious USB devices from normal human typing behaviors. In this work, we show that USB-Watch provides a lightweight, OS-independent framework which effectively distinguishes differences between normal and malicious USB behaviors with a ROC curve of 0.89. To the best of our knowledge, this is the first hardware-based detection mechanism to dynamically detect threats coming from USB devices.},
howpublished = {In the proceedings of the Security and Privacy in Communication Networks (SecureComm)},
keywords = {Hardware Security},
pubstate = {published},
tppubtype = {conference}
}
Abbas Acar, Hossein Fereidooni, Tigist Abera, Amit Kumar Sikder, Markus Miettinen, Hidayet Aksu, Mauro Conti, Ahmad-Reza Sadeghi, Selcuk Uluagac
Peek-a-boo: I see your smart home activities, even encrypted! Conference Paper
In the Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks, 2020.
Abstract | BibTeX | Tags: IoT Security, Smart Home Security
@conference{acar2020peek,
title = {Peek-a-boo: I see your smart home activities, even encrypted!},
author = {Abbas Acar and Hossein Fereidooni and Tigist Abera and Amit Kumar Sikder and Markus Miettinen and Hidayet Aksu and Mauro Conti and Ahmad-Reza Sadeghi and Selcuk Uluagac},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
booktitle = {In the Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks},
abstract = {A myriad of IoT devices such as bulbs, switches, speakers in a smart home environment allow users to easily control the physical world around them and facilitate their living styles through the sensors already embedded in these devices. Sensor data contains a lot of sensitive information about the user and devices. However, an attacker inside or near a smart home environment can potentially exploit the innate wireless medium used by these devices to exfiltrate sensitive information from the encrypted payload (i.e., sensor data) about the users and their activities, invading user privacy. With this in mind, in this work, we introduce a novel multi-stage privacy attack against user privacy in a smart environment. },
keywords = {IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {conference}
}
Amit Kumar Sikder, Leonardo Babun, Z Berkay Celik, Abbas Acar, Hidayet Aksu, Patrick McDaniel, Engin Kirda, A Selcuk Uluagac
Kratos: Multi-user multi-device-aware access control system for the smart home Conference Paper
In the Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2020.
Abstract | Links | BibTeX | Tags: IoT Security, Smart Home Security
@conference{sikder2020kratos,
title = {Kratos: Multi-user multi-device-aware access control system for the smart home},
author = {Amit Kumar Sikder and Leonardo Babun and Z Berkay Celik and Abbas Acar and Hidayet Aksu and Patrick McDaniel and Engin Kirda and A Selcuk Uluagac},
url = {https://dl.acm.org/doi/10.1145/3395351.3399358},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
booktitle = {In the Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)},
abstract = {In a smart home system, multiple users have access to multiple devices, typically through a dedicated app installed on a mobile device. Traditional access control mechanisms consider one unique trusted user that controls the access to the devices. However, multi-user multi-device smart home settings pose fundamentally different challenges to traditional single-user systems. For instance, in a multi-user environment, users have conflicting, complex, and dynamically changing demands on multiple devices, which cannot be handled by traditional access control techniques. To address these challenges, in this paper, we introduce Kratos, a novel multi-user and multi-device-aware access control mechanism that allows smart home users to flexibly specify their access control demands. Kratos has three main components: user interaction module, back-end server, and policy manager. },
keywords = {IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {conference}
}
Leonardo Babun, Hidayet Aksu, Lucas Ryan, Kemal Akkaya, Elizabeth S Bentley, A Selcuk Uluagac
Z-iot: Passive device-class fingerprinting of zigbee and z-wave iot devices Conference Paper
In the proceedings of the IEEE International Conference on Communications (ICC) Conference, IEEE 2020.
Abstract | Links | BibTeX | Tags: IoT Security, Smart Home Security
@conference{babun2020z,
title = {Z-iot: Passive device-class fingerprinting of zigbee and z-wave iot devices},
author = {Leonardo Babun and Hidayet Aksu and Lucas Ryan and Kemal Akkaya and Elizabeth S Bentley and A Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/document/9149285},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
booktitle = {In the proceedings of the IEEE International Conference on Communications (ICC) Conference},
organization = {IEEE},
abstract = {In addition to traditional networking devices (e.g., gateways, firewalls), current corporate and industrial networks integrate resource-limited Internet of Things (IoT) devices like smart outlets and smart sensors. In these settings, cyber attackers can bypass traditional security solutions and spoof legitimate IoT devices to gain illegal access to the systems. Thus, IoT device-class identification is crucial to protect critical networks from unauthorized access. In this paper, we propose Z-IoT, the first fingerprinting framework used to identify IoT device classes that utilize ZigBee and Z-Wave protocols. Z-IoT monitors idle network traffic among IoT devices to implement signature-based device-class fingerprinting mechanisms. Utilizing passive packet capturing techniques and optimal selection of filtering criteria and machine learning algorithms, Z-IoT identifies different types of IoT devices while guaranteeing the anonymity.},
keywords = {IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {conference}
}
Suat Mercan, Mumin Cebe, Ege Tekiner, Kemal Akkaya, Melissa Chang, Selcuk Uluagac
A cost-efficient iot forensics framework with blockchain Conference Paper
In the Proceedings of the IEEE International Conference on Blockchain and Cryptocurrency (ICBC), IEEE 2020.
Abstract | Links | BibTeX | Tags: Blockchain Security
@conference{mercan2020cost,
title = {A cost-efficient iot forensics framework with blockchain},
author = {Suat Mercan and Mumin Cebe and Ege Tekiner and Kemal Akkaya and Melissa Chang and Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=9169397},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
booktitle = {In the Proceedings of the IEEE International Conference on Blockchain and Cryptocurrency (ICBC)},
organization = {IEEE},
abstract = {IoT devices have been adopted widely in the last decade which enabled collection of various data from different environments. Data storage poses challenges since the data may be compromised during the storage and the integrity might be violated without being noticed. In such cases, integrity and data provenance are required in order to be able to detect the source of any incident and prove it in legal cases. To address these issues, blockchain provides excellent opportunities since it can protect the integrity of the data thanks to its distributed structure. However, it comes with certain costs as storing huge amount of data in a public blockchain will come with significant transaction fees. In this paper, we propose a highly cost effective and reliable digital forensics framework by exploiting multiple inexpensive blockchain networks as a temporary storage before the data is committed to Ethereum. },
keywords = {Blockchain Security},
pubstate = {published},
tppubtype = {conference}
}
AKM Iqtidar Newaz, Amit Kumar Sikder, Leonardo Babun, A Selcuk Uluagac
Heka: A novel intrusion detection system for attacks to personal medical devices Conference Paper
In the proceedings of the IEEE Conference on Communications and Network Security (CNS), IEEE 2020.
Abstract | Links | BibTeX | Tags: Healthcare Security, IoT Security, Smart Home Security
@conference{newaz2020heka,
title = {Heka: A novel intrusion detection system for attacks to personal medical devices},
author = {AKM Iqtidar Newaz and Amit Kumar Sikder and Leonardo Babun and A Selcuk Uluagac},
url = {https://csl.fiu.edu/wp-content/uploads/2023/05/heka.pdf},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
booktitle = {In the proceedings of the IEEE Conference on Communications and Network Security (CNS)},
organization = {IEEE},
abstract = {Modern Smart Health Systems (SHS) involve the concept of connected personal medical devices. These devices significantly improve the patient's lifestyle as they permit remote monitoring and transmission of health data (i.e., telemedicine), lowering the treatment costs for both the patient and the healthcare providers. Although specific SHS communication standards (i.e., ISO/IEEE 11073) enable real-time plug-and-play interoperability and communication between different personal medical devices, they do not specify any features for secure communications. In this paper, we demonstrate how personal medical device communication is indeed vulnerable to different cyber attacks. Specifically, we show how an external attacker can hook into the personal medical device's communication and eavesdrop the sensitive health data traffic, and implement manin-the-middle, replay, false data injection, and denial-of service.},
keywords = {Healthcare Security, IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {conference}
}
Abbas Acar, Hidayet Aksu, A Selcuk Uluagac, Kemal Akkaya
A usable and robust continuous authentication framework using wearables Journal Article
IEEE Transactions on Mobile Computing Journal, 2020.
Abstract | BibTeX | Tags: Authentication, IoT Security, Smart Home Security
@article{acar2020usable,
title = {A usable and robust continuous authentication framework using wearables},
author = {Abbas Acar and Hidayet Aksu and A Selcuk Uluagac and Kemal Akkaya},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
journal = {IEEE Transactions on Mobile Computing Journal},
publisher = {IEEE},
abstract = {One-time login process in conventional authentication systems does not guarantee that the identified user is the actual user throughout the session. However, it is necessary to re-verify the user identity periodically throughout a login session, which is lacking in existing one-time login systems. Continuous authentication, which re-verifies the user identity without breaking the continuity of the session, can address this issue. However, existing methods for Continuous Authentication are either not reliable or not usable. In this paper, we introduce a usable and reliable Wearable-Assisted Continuous Authentication (WACA), which relies on the sensor-based keystroke dynamics and the authentication data is acquired through the built-in sensors of a wearable (e.g., smartwatch) while the user is typing. },
keywords = {Authentication, IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {article}
}
Nico Saputro, Samet Tonyali, Abdullah Aydeger, Kemal Akkaya, Mohammad A Rahman, Selcuk Uluagac
A review of moving target defense mechanisms for internet of things applications Journal Article
Modeling and Design of Secure Internet of Things Journal, 2020.
Abstract | Links | BibTeX | Tags: IoT Security, Smart Home Security
@article{saputro2020review,
title = {A review of moving target defense mechanisms for internet of things applications},
author = {Nico Saputro and Samet Tonyali and Abdullah Aydeger and Kemal Akkaya and Mohammad A Rahman and Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/9124015},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
journal = {Modeling and Design of Secure Internet of Things Journal},
publisher = {Wiley Online Library},
abstract = {The chapter presents a review of proactive Moving Target Defense (MTD) paradigm and investigates the feasibility and potential of specific MTD approaches for the resourceconstrained Internet of Things (IoT) applications. The aim is not only to provide taxonomy of various MTD approaches but also to advocate MTD techniques in the dynamic network domain in conjunction with the emerging Software Defined Networking (SDN) for more effective proactive IoT defense. The Internet of Battlefield Things (IoBT) and Industrial IoT (IIoT), which subject to more attacks, are identified as two critical IoT domains that can reap from the SDNbased MTD approaches. Finally, the chapter also discusses potential future research challenges of the MTD approaches in the IoT domain.},
keywords = {IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {article}
}
Luis Puche Rondon, Leonardo Babun, Kemal Akkaya, A Selcuk Uluagac
HDMI-watch: Smart intrusion detection system against HDMI attacks Journal Article
IEEE Transactions on Network Science and Engineering Journal, 2020.
Abstract | BibTeX | Tags: CPS Security, IoT Security, Smart Home Security
@article{rondon2020hdmi,
title = {HDMI-watch: Smart intrusion detection system against HDMI attacks},
author = {Luis Puche Rondon and Leonardo Babun and Kemal Akkaya and A Selcuk Uluagac},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
journal = {IEEE Transactions on Network Science and Engineering Journal},
publisher = {IEEE},
abstract = {The High Definition Multimedia Interface (HDMI) is the backbone and the de-facto standard for Audio/Video connections between video-enabled devices. Today, nearly ten billion HDMI devices are used to distribute A/V signals in homes, offices, concert halls, and sporting events. An important component in HDMI is the Consumer Electronics Control (CEC) protocol, which allows HDMI devices to share an HDMI distribution to communicate and interact with each other. In this work, we identify security and privacy issues in HDMI networks by taping into CEC protocol vulnerabilities, using them to implement realistic proof-of-work attacks on HDMI distribution networks. We study how current insecure CEC protocol practices and carelessly implemented HDMI distributions may grant an adversary a novel attack surface for HDMI devices, otherwise thought to be unreachable through traditional network means.},
keywords = {CPS Security, IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {article}
}
Enes Erdin, Mumin Cebe, Kemal Akkaya, Senay Solak, Eyuphan Bulut, Selcuk Uluagac
A Bitcoin payment network with reduced transaction fees and confirmation times Journal Article
Computer Networks Journal, 2020.
Abstract | BibTeX | Tags: Blockchain Security
@article{erdin2020bitcoin,
title = {A Bitcoin payment network with reduced transaction fees and confirmation times},
author = {Enes Erdin and Mumin Cebe and Kemal Akkaya and Senay Solak and Eyuphan Bulut and Selcuk Uluagac},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
journal = {Computer Networks Journal},
publisher = {Elsevier},
abstract = {The high transaction fees and confirmation times made Bitcoin unfeasible for many applications when the payments are in small amounts and require instant approval. As a result, many other cryptocurrencies were introduced for addressing these issues, but the Bitcoin network is still the most widely used payment system. Without doubt, to benefit from its network of users, there is a need for novel solutions that can successfully address the problems about high transaction fees and transaction verification times. Recently, payment network ideas have been introduced including the Lightning Network (LN) which exploits off-chain bidirectional payment channels between parties. As off-chain links can be configured to perform aggregated transactions at certain intervals without writing to blockchain, this would not only reduce the transaction fees but also decrease the verification times significantly. },
keywords = {Blockchain Security},
pubstate = {published},
tppubtype = {article}
}
AKM Iqtidar Newaz, Nur Imtiazul Haque, Amit Kumar Sikder, Mohammad Ashiqur Rahman, A Selcuk Uluagac
Adversarial attacks to machine learning-based smart healthcare systems Conference Paper
In the proceedings of the IEEE Global Communications Conference (GLOBECOM), IEEE 2020.
Abstract | Links | BibTeX | Tags: Adverserial Machine Learning, Smart Home Security
@conference{newaz2020adversarial,
title = {Adversarial attacks to machine learning-based smart healthcare systems},
author = {AKM Iqtidar Newaz and Nur Imtiazul Haque and Amit Kumar Sikder and Mohammad Ashiqur Rahman and A Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/document/9322472},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
booktitle = {In the proceedings of the IEEE Global Communications Conference (GLOBECOM)},
organization = {IEEE},
abstract = {The increasing availability of healthcare data requires accurate analysis of disease diagnosis, progression, and real-time monitoring to provide improved treatments to the patients. In this context, Machine Learning (ML) models are used to extract valuable features and insights from high-dimensional and heterogeneous healthcare data to detect different diseases and patient activities in a Smart Healthcare System (SHS). However, recent researches show that ML models used in different application domains are vulnerable to adversarial attacks. In this paper, we introduce a new type of adversarial attacks to exploit the ML classifiers used in a SHS. We consider an adversary who has partial knowledge of data distribution, SHS model, and ML algorithm to perform both targeted and untargeted attacks. Employing these adversarial capabilities, we manipulate medical device readings to alter patient status,},
keywords = {Adverserial Machine Learning, Smart Home Security},
pubstate = {published},
tppubtype = {conference}
}
Luis Puche Rondon, Leonardo Babun, Ahmet Aris, Kemal Akkaya, A Selcuk Uluagac
PoisonIvy: (In) secure Practices of Enterprise IoT Systems in Smart Buildings Conference Paper
In the Proceedings of the 7th ACM International Conference on Systems for Energy-Efficient Buildings, Cities, and Transportation, 2020.
Abstract | Links | BibTeX | Tags: CPS Security, IoT Security, Smart Home Security
@conference{rondon2020poisonivy,
title = {PoisonIvy: (In) secure Practices of Enterprise IoT Systems in Smart Buildings},
author = {Luis Puche Rondon and Leonardo Babun and Ahmet Aris and Kemal Akkaya and A Selcuk Uluagac},
url = {https://dl.acm.org/doi/abs/10.1145/3408308.3427606},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
booktitle = {In the Proceedings of the 7th ACM International Conference on Systems for Energy-Efficient Buildings, Cities, and Transportation},
pages = {130–139},
abstract = {The rise of IoT devices has led to the proliferation of smart buildings, offices, and homes worldwide. Although commodity IoT devices are employed by ordinary end-users, complex environments such as smart buildings, government, or private smart offices, conference rooms, or hospitality require customized and highly reliable solutions. Those systems called Enterprise Internet of Things (EIoT) connect such environments to the Internet and are professionally managed solutions usually offered by dedicated vendors (e.g., Control4, Crestron, Lutron, etc.). As EIoT systems require specialized training, software, and equipment to deploy, many of these systems are closed-source and proprietary in nature. This has led to very little research investigating the security of EIoT systems and their components. },
keywords = {CPS Security, IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {conference}
}
Kyle Denney, Leonardo Babun, A Selcuk Uluagac
USB-watch: A generalized hardware-assisted insider threat detection framework Journal Article
Journal of Hardware and Systems Security, 2020.
Abstract | Links | BibTeX | Tags: CPS Security, IoT Security
@article{denney2020usb,
title = {USB-watch: A generalized hardware-assisted insider threat detection framework},
author = {Kyle Denney and Leonardo Babun and A Selcuk Uluagac},
url = {https://link.springer.com/article/10.1007/s41635-020-00092-z},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
journal = {Journal of Hardware and Systems Security},
publisher = {Springer},
abstract = {Today, the USB protocol is among the most widely used protocolsmostly due to its plug-and-play nature and number of supported devices. However, the mass-proliferation of USB has led to a threat vector wherein USB devices are assumed innocent, leaving computers open to an attack. Malicious USB devices are able to disguise themselves as benign devices to insert malicious commands to connected end devices. Currently, a rogue device appears as a normal USB device to the average OS, requiring advanced detection schemes (i.e., classification) to identify malicious behaviors from the devices. However, using system-level hooks, an advanced threat may subvert OS-reliant detection schemes. This paper showcases USB-Watch, a hardware-based USB threat detection framework. },
keywords = {CPS Security, IoT Security},
pubstate = {published},
tppubtype = {article}
}
Oscar Bautista, Kemal Akkaya, A Selcuk Uluagac
Customized novel routing metrics for wireless mesh-based swarm-of-drones applications Journal Article
Internet of Things Journal, 2020.
Abstract | Links | BibTeX | Tags: CPS Security, IoT Security
@article{bautista2020customized,
title = {Customized novel routing metrics for wireless mesh-based swarm-of-drones applications},
author = {Oscar Bautista and Kemal Akkaya and A Selcuk Uluagac},
url = {https://www.sciencedirect.com/science/article/pii/S2542660520300998},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
journal = {Internet of Things Journal},
publisher = {Elsevier},
abstract = {With the proliferation of drones, there is an increasing interest on utilizing swarm-of-drones in numerous applications from surveillance to search and rescue. While a swarm-of-drones (a.k.a flying ad hoc networks (FANETs)) is essentially a special form of mobile ad-hoc networks (MANETs) which has been studied for many years, there are unique requirements of drone applications that necessitate re-visiting MANET protocols. These challenges stem from 3-D environments the drones are deployed in, and their specific way of mobility which adds to the wireless link management challenges among the drones. To tackle these challenges, in this paper, we propose adopting the current mesh standard, namely IEEE 802.11s, in its routing capabilities to provide improved performance. Specifically, we propose two new link quality routing metrics called SrFTime and CRP as an alternative to the IEEE 802.11s default Airtime.},
keywords = {CPS Security, IoT Security},
pubstate = {published},
tppubtype = {article}
}
Amit Kumar Sikder, Hidayet Aksu, A. Selcuk Uluagac
A Context-Aware Framework for Detecting Sensor-Based Threats on Smart Devices Journal Article
IEEE Transactions on Mobile Computing Journal, 2020.
Abstract | Links | BibTeX | Tags: IoT Security
@article{Sikder2019Context-Aware,
title = {A Context-Aware Framework for Detecting Sensor-Based Threats on Smart Devices},
author = {Amit Kumar Sikder and Hidayet Aksu and A. Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/document/8613866},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
booktitle = {IEEE Transactions on Mobile Computing Journal
},
journal = {IEEE Transactions on Mobile Computing Journal},
abstract = {Sensors (e.g., light, gyroscope, and accelerometer) and sensing-enabled applications on a smart device make the applications more user-friendly and efficient. However, the current permission-based sensor management systems of smart devices only focus on certain sensors and any App can get access to other sensors by just accessing the generic sensor Application Programming Interface (API). In this way, attackers can exploit these sensors in numerous ways: they can extract or leak users' sensitive information, transfer malware, or record or steal sensitive information from other nearby devices. In this paper, we propose 6thSense, a context-aware intrusion detection system which enhances the security of smart devices by observing changes in sensor data for different tasks of users and creating a contextual model to distinguish benign and malicious behavior of sensors. 6thSense utilizes three different Machine Learning-based detection mechanisms (i.e., Markov Chain, Naive Bayes, and LMT). We implemented 6thSense on several sensor-rich Android-based smart devices (i.e., smart watch and smartphone) and collected data from typical daily activities of 100 real users. Furthermore, we evaluated the performance of 6thSense against three sensor-based threats: (1) a malicious App that can be triggered via a sensor, (2) a malicious App that can leak information via a sensor, and (3) a malicious App that can steal data using sensors. Our extensive evaluations show that the 6thSense framework is an effective and practical approach to defeat growing sensor-based threats with an accuracy above 96 percent without compromising the normal functionality of the device. Moreover, our framework reveals minimal overhead.},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {article}
}
Ahmet Kurt, Enes Erdin, Mumin Cebe, Kemal Akkaya, A. Selcuk Uluagac
LNBot: A Covert Hybrid Botnet on Bitcoin Lightning Network for Fun and Profit Conference Paper
In the Proceedings of the 25th European Symposium on Research in Computer Security (ESORICS) 2020.
Abstract | Links | BibTeX | Tags: Bitcoin, Blockchain Security
@conference{10.1007/978-3-030-59013-0_36,
title = {LNBot: A Covert Hybrid Botnet on Bitcoin Lightning Network for Fun and Profit},
author = {Ahmet Kurt and Enes Erdin and Mumin Cebe and Kemal Akkaya and A. Selcuk Uluagac},
editor = {Liqun Chen and Ninghui Li and Kaitai Liang and Steve Schneider},
url = {https://link.springer.com/chapter/10.1007/978-3-030-59013-0_36},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
series = {In the Proceedings of the 25th European Symposium on Research in Computer Security (ESORICS)},
abstract = {While various covert botnets were proposed in the past, they still lack complete anonymization for their servers/botmasters or suffer from slow communication between the botmaster and the bots. In this paper, we propose a new generation hybrid botnet that covertly and efficiently communicates over Bitcoin Lightning Network (LN), called LNBot. LN is a payment channel network operating on top of Bitcoin network for faster Bitcoin transactions with negligible fees. Exploiting various anonymity features of LN, we designed a scalable two-layer botnet which completely anonymize the identity of the botmaster. In the first layer, the botmaster sends commands anonymously to the C&C servers through LN transactions. Specifically, LNBot allows botmaster's commands to be sent in the form of surreptitious multihop LN payments, where the commands are encoded with ASCII or Huffman encoding to provide covert communications. In the second layer, C&C servers further relay those commands to the bots they control in their mini-botnets to launch any type of attacks to victim machines. We implemented a proof-of-concept on the actual LN and extensively analyzed the delay and cost performance of LNBot. Our analysis show that LNBot achieves better scalibility compared to the other similar blockchain botnets with negligible costs. Finally, we also provide and discuss a list of potential countermeasures to detect LNBot activities and minimize its impacts.},
keywords = {Bitcoin, Blockchain Security},
pubstate = {published},
tppubtype = {conference}
}
Oscar G. Bautista, Nico Saputro, Kemal Akkaya, Selcuk Uluagac
A novel routing metric for IEEE 802.11s-based swarm-of-drones applications Conference Paper
In the Proceedings of the 16th EAI International Conference on Mobile and Ubiquitous Systems, 2020.
Abstract | Links | BibTeX | Tags: Network Security, UAV Security
@conference{10.1145/3360774.3368197,
title = {A novel routing metric for IEEE 802.11s-based swarm-of-drones applications},
author = {Oscar G. Bautista and Nico Saputro and Kemal Akkaya and Selcuk Uluagac},
url = {https://doi.org/10.1145/3360774.3368197},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
booktitle = {In the Proceedings of the 16th EAI International Conference on Mobile and Ubiquitous Systems},
abstract = {With the proliferation of drones in our daily lives, there is an increasing need for handling their numerous challenges. One of such challenge arises when a swarm-of-drones are deployed to accomplish a specific task which requires coordination and communication among the drones. While this swarm-of-drones is essentially a special form of mobile ad hoc networks (MANETs) which has been studied for many years, there are still some unique requirements of drone applications that necessitates re-visiting MANET approaches. These challenges stem from 3–D environments the drones are deployed in, and their specific way of mobility which adds to the wireless link management challenges among the drones. In this paper, we consider an existing routing standard that is used to enable meshing capability among Wi-Fi enabled nodes, namely IEEE 802.11s and adopt its routing capabilities for swarm-of-drones. Specifically, we propose a link quality metric called SrFTime as an improvement to existing Airtime metric which is the 802.11s default routing metric to enable better network throughput for drone applications. This new metric is designed to fit the link characteristics of drones and enable more efficient routes from drones to their gateway. The evaluations in the actual 802.11s standard indicates that our proposed metric outperforms the existing one consistently under various conditions.},
keywords = {Network Security, UAV Security},
pubstate = {published},
tppubtype = {conference}
}
Amit Kumar Sikder, Hidayet Aksu, A Selcuk Uluagac
Context-aware intrusion detection method for smart devices with sensors Patent
US Patent, 2019, (US Patent 10,417,413).
Abstract | Links | BibTeX | Tags: CPS Security, IoT Security
@patent{sikder2019context,
title = {Context-aware intrusion detection method for smart devices with sensors},
author = {Amit Kumar Sikder and Hidayet Aksu and A Selcuk Uluagac},
url = {https://patents.google.com/patent/US10417413B2/en},
year = {2019},
date = {2019-09-01},
urldate = {2019-09-01},
publisher = {Google Patents},
abstract = {A smart device can include a data oriented sensor providing a numerical value, a logic oriented sensor providing a state, a sensor value collector connected to the data oriented sensor, a sensor logic state detector connected to the logic oriented sensor, a data processor connected to the sensor value collector and the sensor logic state detector, and a data analyzer connected to the data processor. The data processor can take the numerical value received from the sensor value collector, calculate an average value from the numerical value, sample the state receiving from the sensor logic state detector, and create an input matrix by using the average value and the sampled state. The data analyzer can receive the input matrix, train an analytical model, and check a data to indicate whether a state of the smart device is malicious or not.},
howpublished = {US Patent},
note = {US Patent 10,417,413},
keywords = {CPS Security, IoT Security},
pubstate = {published},
tppubtype = {patent}
}
Z Berkay Celik, Patrick McDaniel, Gang Tan, Leonardo Babun, A Selcuk Uluagac
Verifying internet of things safety and security in physical spaces Journal Article
IEEE Security & Privacy Journal, 2019.
Abstract | BibTeX | Tags: CPS Security, IoT Security
@article{celik2019verifying,
title = {Verifying internet of things safety and security in physical spaces},
author = {Z Berkay Celik and Patrick McDaniel and Gang Tan and Leonardo Babun and A Selcuk Uluagac},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
journal = {IEEE Security & Privacy Journal},
publisher = {IEEE},
abstract = {Concerns about safety and security have led to questions about the risk of embracing the Internet of Things (IoT). We consider the needs and techniques for verifying the correct operation of IoT devices and environments within the physical spaces they inhabit.},
keywords = {CPS Security, IoT Security},
pubstate = {published},
tppubtype = {article}
}
Leonardo Babun, Hidayet Aksu, A Selcuk Uluagac
A system-level behavioral detection framework for compromised CPS devices: Smart-grid case Journal Article
ACM Transactions on Cyber-Physical Systems Journal, 2019.
Abstract | Links | BibTeX | Tags: CPS Security, IoT Security
@article{babun2019system,
title = {A system-level behavioral detection framework for compromised CPS devices: Smart-grid case},
author = {Leonardo Babun and Hidayet Aksu and A Selcuk Uluagac},
url = {https://dl.acm.org/doi/fullHtml/10.1145/3355300},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
journal = {ACM Transactions on Cyber-Physical Systems Journal},
publisher = {ACM New York, NY, USA},
abstract = {Cyber-Physical Systems (CPS) play a significant role in our critical infrastructure networks from power-distribution to utility networks. The emerging smart-grid concept is a compelling critical CPS infrastructure that relies on two-way communications between smart devices to increase efficiency, enhance reliability, and reduce costs. However, compromised devices in the smart grid poses several security challenges. Consequences of propagating fake data or stealing sensitive smart grid information via compromised devices are costly. Hence, early behavioral detection of compromised devices is critical for protecting the smart grids components and data. To address these concerns, in this article, we introduce a novel and configurable system-level framework to identify compromised smart grid devices. },
keywords = {CPS Security, IoT Security},
pubstate = {published},
tppubtype = {article}
}
Z Berkay Celik, Abbas Acar, Hidayet Aksu, Ryan Sheatsley, Patrick McDaniel, A Selcuk Uluagac
Curie: Policy-based secure data exchange Conference Paper
In the Proceedings of the 9th ACM Conference on Data and Application Security and Privacy (CODASPY), 2019.
Abstract | Links | BibTeX | Tags: Authentication, IoT Security
@conference{celik2019curie,
title = {Curie: Policy-based secure data exchange},
author = {Z Berkay Celik and Abbas Acar and Hidayet Aksu and Ryan Sheatsley and Patrick McDaniel and A Selcuk Uluagac},
url = {https://dl.acm.org/doi/10.1145/3292006.3300042},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
booktitle = {In the Proceedings of the 9th ACM Conference on Data and Application Security and Privacy (CODASPY)},
abstract = {Data sharing among partners—users, companies, organizations—is crucial for the advancement of collaborative machine learning in many domains such as healthcare, finance, and security. Sharing through secure computation and other means allow these partners to perform privacy-preserving computations on their private data in controlled ways. However, in reality, there exist complex relationships among members (partners). Politics, regulations, interest, trust, data demands and needs prevent members from sharing their complete data. Thus, there is a need for a mechanism to meet these conflicting relationships on data sharing. This paper presents, an approach to exchange data among members who have complex relationships. },
keywords = {Authentication, IoT Security},
pubstate = {published},
tppubtype = {conference}
}
Abbas Acar, Wenyi Liu, Raheem Beyah, Kemal Akkaya, Arif Selcuk Uluagac
A privacy-preserving multifactor authentication system Journal Article
Security and Privacy, 2019.
Abstract | BibTeX | Tags: Authentication, Privacy Preserving
@article{acar2019privacy,
title = {A privacy-preserving multifactor authentication system},
author = {Abbas Acar and Wenyi Liu and Raheem Beyah and Kemal Akkaya and Arif Selcuk Uluagac},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
journal = {Security and Privacy},
publisher = {Wiley Online Library},
abstract = {In recent years, there has been a significant number of works on the development of multifactor authentication (MFA) systems. Traditionally, behavioral biometrics (eg, keystroke dynamics) have been known to have the best usability because they do not require one to know or possess anythingthey simply communicate how you type to an authenticator. However, though highly usable, MFA approaches that are based on biometrics are highly intrusive, and users' sensitive information is exposed to untrusted servers. To address this privacy concern, in this paper, we present a privacypreserving MFA system for computer users, called PINTA. In PINTA, the second factor is a hybrid behavioral profile user, while the first authentication factor is a password. The hybrid profile of the user includes hostbased and network flowbased features.},
keywords = {Authentication, Privacy Preserving},
pubstate = {published},
tppubtype = {article}
}
Abdullah Aydeger, Nico Saputro, Kemal Akkaya, Selcuk Uluagac
SDN-enabled recovery for Smart Grid teleprotection applications in post-disaster scenarios Journal Article
Journal of Network and Computer Applications, 2019.
Abstract | BibTeX | Tags: SDN Security
@article{aydeger2019sdn,
title = {SDN-enabled recovery for Smart Grid teleprotection applications in post-disaster scenarios},
author = {Abdullah Aydeger and Nico Saputro and Kemal Akkaya and Selcuk Uluagac},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
journal = {Journal of Network and Computer Applications},
publisher = {Elsevier},
abstract = {Maintaining Smart Grid communications is crucial for providing power services. This requires a resilient communication architecture that can instantly self-repair any failures in the communication links or routes. Emerging Software Defined Networking (SDN) technology provides excellent flexibilities that can be applied to critical power grid applications. In this paper, we consider the problem of link failures in inter-substation communications and provide self-recovery by relying on wireless links that can be the only viable means for communication after disasters. Specifically, we propose an autonomous framework, which can not only detect link failures, but also establish either a WiFi or LTE-based link among substations through SDN capabilities. To be able to effectively evaluate the performance of this proposed SDN-enabled framework, we developed it in Mininet emulator. },
keywords = {SDN Security},
pubstate = {published},
tppubtype = {article}
}
Kyle Denney, Enes Erdin, Leonardo Babun, A Selcuk Uluagac
Dynamically detecting usb attacks in hardware: Poster Demo/Poster
In the Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks, 2019.
Abstract | BibTeX | Tags: IoT Security
@Demo/Posters{denney2019dynamically,
title = {Dynamically detecting usb attacks in hardware: Poster},
author = {Kyle Denney and Enes Erdin and Leonardo Babun and A Selcuk Uluagac},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
booktitle = {In the Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks},
abstract = {Malicious USB devices can disguise themselves as benign devices (e.g., keyboard, mouse, etc.) to insert malicious commands on end devices. Advanced software-based detection schemes (deeper operating system level) are used to identify the malicious nature of such mimic devices. However, a powerful adversary (e.g., as rootkits or advanced persistent threats) can subvert those software-based detection schemes. To address these concerns, we present our ongoing work to dynamically detect these threats in hardware. Specifically, we utilize a novel hardware-assistance mechanism to collect unaltered USB data at the physical layer which is fed into a machine learning-based classifier to determine the true nature of the USB device.},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {Demo/Posters}
}
Faraz Naseem, Leonardo Babun, Cengiz Kaygusuz, S. J. Moquin, Chris Farnell, Alan Mantooth, A. Selcuk Uluagac
CSPoweR-Watch: A Cyber-Resilient Residential Power Management System Conference Paper
In the proceedings of the International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), 2019.
Abstract | Links | BibTeX | Tags: CPS Security
@conference{Naseem2019CSPoweR,
title = {CSPoweR-Watch: A Cyber-Resilient Residential Power Management System},
author = {Faraz Naseem and Leonardo Babun and Cengiz Kaygusuz and S. J. Moquin and Chris Farnell and Alan Mantooth and A. Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/8875295/},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
publisher = {In the proceedings of the International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData)},
abstract = {Modern Energy Management Systems (EMS) are becoming increasingly complex in order to address the urgent issue of global energy consumption. These systems retrieve vital information from various Internet-connected resources in a smart grid to function effectively. However, relying on such resources results in them being susceptible to cyber attacks. Malicious actors can exploit the interconnections between the resources to perform nefarious tasks such as modifying critical firmware, sending bogus sensor data, or stealing sensitive information. To address this issue, we propose a novel framework that integrates PowerWatch, a solution that detects compromised devices in the smart grid with Cyber-secure Power Router (CSPR), a smart energy management system. The goal is to ascertain whether or not such a device has operated maliciously. To achieve this, PowerWatch utilizes a machine learning model that analyzes information from system and library call lists extracted from CSPR in order to detect malicious activity in the EMS. To test the efficacy of our framework, a number of unique attack scenarios were performed on a realistic testbed that comprises functional versions of CSPR and PowerWatch to monitor the electrical environment for suspicious activity. Our performance evaluation investigates the effectiveness of this first-of-its-kind merger and provides insight into the feasibility of developing future cybersecure EMS. The results of our experimental procedures yielded 100% accuracy for each of the attack scenarios. Finally, our implementation demonstrates that the integration of PowerWatch and CSPR is effective and yields minimal overhead to the EMS.},
keywords = {CPS Security},
pubstate = {published},
tppubtype = {conference}
}
Amit Kumar Sikder, Leonardo Babun, Hidayet Aksu, A. Selcuk Uluagac
Aegis: A Context-Aware Security Framework for Smart Home Systems Conference Paper
In the Proceedings of the 35th Annual Computer Security Applications Conference (ACSA), 2019.
Abstract | Links | BibTeX | Tags: IoT Security, Smart Home Security
@conference{Sikder2019Aegis,
title = {Aegis: A Context-Aware Security Framework for Smart Home Systems},
author = {Amit Kumar Sikder and Leonardo Babun and Hidayet Aksu and A. Selcuk Uluagac},
url = {https://doi.org/10.1145/3359789.3359840},
doi = {10.1145/3359789.3359840},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
publisher = {In the Proceedings of the 35th Annual Computer Security Applications Conference (ACSA)},
abstract = {Our everyday lives are expanding fast with the introduction of new Smart Home Systems (SHSs). Today, a myriad of SHS devices and applications are widely available to users and have already started to re-define our modern lives. Smart home users utilize the apps to control and automate such devices. Users can develop their own apps or easily download and install them from vendor-specific app markets. App-based SHSs offer many tangible benefits to our lives, but also unfold diverse security risks. Several attacks have already been reported for SHSs. However, current security solutions consider smart home devices and apps individually to detect malicious actions rather than the context of the SHS as a whole. The existing mechanisms cannot capture user activities and sensor-device-user interactions in a holistic fashion. To address these issues, in this paper, we introduce Aegis, a novel context-aware security framework to detect malicious behavior in a SHS. Specifically, Aegis observes the states of the connected smart home entities (sensors and devices) for different user activities and usage patterns in a SHS and builds a contextual model to differentiate between malicious and benign behavior. We evaluated the efficacy and performance of Aegis in multiple smart home settings (i.e., single bedroom, double bedroom, duplex) with real-life users performing day-to-day activities and real SHS devices. We also measured the performance of Aegis against five different malicious behaviors. Our detailed evaluation shows that Aegis can detect malicious behavior in SHS with high accuracy (over 95%) and secure the SHS regardless of the smart home layout, device configuration, installed apps, and enforced user policies. Finally, Aegis achieves minimum overhead in detecting malicious behavior in SHS, ensuring easy deployability in real-life smart environments.},
keywords = {IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {conference}
}
Kemal Akkaya, Vashish Baboolal, Nico Saputro, Selcuk Uluagac, Hamid Menouar
Privacy-Preserving Control of Video Transmissions for Drone-based Intelligent Transportation Systems Conference Paper
In the proceedings of the IEEE Conference on Communications and Network Security (CNS), 2019.
Abstract | Links | BibTeX | Tags: UAV Security
@conference{Akkaya2019UAVSec,
title = {Privacy-Preserving Control of Video Transmissions for Drone-based Intelligent Transportation Systems},
author = {Kemal Akkaya and Vashish Baboolal and Nico Saputro and Selcuk Uluagac and Hamid Menouar},
url = {https://ieeexplore.ieee.org/abstract/document/8802665/},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
booktitle = {In the proceedings of the IEEE Conference on Communications and Network Security (CNS)},
abstract = {The drones are now frequently used for many smart city applications including intelligent transportation to provide situational awareness for drivers as well as other stakeholders that manage the traffic. In such situations one of the widely collected data is video that is recorded by a drone and streamed in real-time to a remote control center. The data can then be accessed through cloud services to do further analysis and take actions. However, this captured video may contain private information from the passing by citizens and allow recognition and tracking if it is intercepted by malicious users. While the video data can be stored as encrypted in the cloud, this still does not address the privacy problem as the third party providers still need to decrypt the data to perform any further processing. To address this issue, we propose using fully homomorphic encryption (FHE)which will not only provide confidentiality of the data but also enable processing on the encrypted video data by cloud providers and other third parties without exposing any privacy. However, since fully homomorphic systems have a lot of overhead, in this paper, we propose to conduct background extraction on video images and transmit only the changing foreground to minimize data transmission. As we use FHE, this allows reconstruction of the video at the server without decrypting the data. We tested the feasibility of the proposed approach extensively under various conditions including the type of FHE used, the underlying communication protocols and video size. The results indicate that our approach can even outperform AES-based method in terms of total time to complete the video transmission while additionally enabling privacy features},
keywords = {UAV Security},
pubstate = {published},
tppubtype = {conference}
}
Luis Puche Rondon, Leonardo Babun, Kemal Akkaya, A. Selcuk Uluagac
HDMI-Walk: Attacking HDMI Distribution Networks via Consumer Electronic Control Protocol Conference Paper
In the Proceedings of the 35th Annual Computer Security Applications Conference, 2019.
Abstract | Links | BibTeX | Tags: Enterprise Security, Network Security
@conference{Rondon2019HDMI-walk,
title = {HDMI-Walk: Attacking HDMI Distribution Networks via Consumer Electronic Control Protocol},
author = {Luis Puche Rondon and Leonardo Babun and Kemal Akkaya and A. Selcuk Uluagac},
url = {https://doi.org/10.1145/3359789.3359841},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
booktitle = {In the Proceedings of the 35th Annual Computer Security Applications Conference},
abstract = {The High Definition Multimedia Interface (HDMI) is the backbone and the de-facto standard for Audio/Video interfacing between video-enabled devices. Today, almost tens of billions of HDMI devices exist in the world and are widely used to distribute A/V signals in smart homes, offices, concert halls, and sporting events making HDMI one of the most highly deployed systems in the world. An important component in HDMI is the Consumer Electronics Control (CEC) protocol, which allows for the interaction between devices within an HDMI distribution network. Nonetheless, existing network security mechanisms only protect traditional networking components, leaving CEC outside of their scope. In this work, we identify and tap into CEC protocol vulnerabilities, using them to implement realistic proof-of-work attacks on HDMI distribution networks. We study, how current insecure CEC protocol practices and carelessly implemented HDMI distributions may grant an adversary a novel attack surface for HDMI devices otherwise thought to be unreachable through traditional means. To introduce this novel attack surface, in this paper, we present HDMI-Walk, which opens a realm of remote and local CEC attacks to HDMI devices. Specifically, with HDMI-Walk, an attacker can perform malicious analysis of devices, eavesdropping, Denial of Service attacks, targeted device attacks, and even facilitate other well-known existing attacks through HDMI. With HDMI-Walk, we prove that it is feasible for an attacker to gain arbitrary control of HDMI devices. We demonstrate the implementations of both local and remote attacks with commodity HDMI devices including Smart TVs and Media Players. Our work aims to uncover vulnerabilities in a very well deployed system like HDMI distributions. The consequences of which can largely impact HDMI users as well as other systems which depend on these distributions. Finally, we discuss security mechanisms to provide impactful and comprehensive security evaluation to these real-world systems while guaranteeing deployability and providing minimal overhead, while considering the current limitations of the CEC protocol. To the best of our knowledge, this is the first work solely investigating the security of HDMI device distribution networks.},
keywords = {Enterprise Security, Network Security},
pubstate = {published},
tppubtype = {conference}
}
Luis Puche Rondon, Leonardo Babun, Kemal Akkaya, A. Selcuk Uluagac
Attacking HDMI Distribution Networks: Poster Demo/Poster
Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks, 2019.
Abstract | Links | BibTeX | Tags: Network Security
@Demo/Posters{Rondon2019AttackHDMI,
title = {Attacking HDMI Distribution Networks: Poster},
author = {Luis Puche Rondon and Leonardo Babun and Kemal Akkaya and A. Selcuk Uluagac},
url = {https://doi.org/10.1145/3317549.3326314},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
publisher = {Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks},
abstract = {The High Definition Multimedia Interface or HDMI is the core and primary standard for Audio/Video communication in various media devices. HDMI allows flexible interaction between devices within HDMI distribution networks. Existing security standards and mechanism only protect traditional networking components. A user may mistakenly believe that a device is secure and an adversary may prove them otherwise. In this ongoing work, we show that by leveraging CEC to an attackers advantage. It is feasible for an attacker to reach devices which were formerly unreachable, and gain arbitrary control of HDMI devices. Specifically, we demonstrate it is possible to execute malicious device analysis, eavesdrop, and perform targeted Denial-of-Service attacks.},
keywords = {Network Security},
pubstate = {published},
tppubtype = {Demo/Posters}
}
AKM Iqtidar Newaz, Amit Kumar Sikder, Mohammad Ashiqur Rahman, A. Selcuk Uluagac
HealthGuard: A Machine Learning-Based Security Framework for Smart Healthcare Systems Conference Paper
In the Proceedings of the 6th International Conference on Social Networks Analysis, Management and Security (SNAMS), 2019.
Abstract | Links | BibTeX | Tags: Machine Learning Security
@conference{Newaz2019Hcguard,
title = {HealthGuard: A Machine Learning-Based Security Framework for Smart Healthcare Systems},
author = {AKM Iqtidar Newaz and Amit Kumar Sikder and Mohammad Ashiqur Rahman and A. Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/8931716},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
booktitle = {In the Proceedings of the 6th International Conference on Social Networks Analysis, Management and Security (SNAMS)},
abstract = {The integration of Internet-of-Things and pervasive computing in medical devices have made the modern healthcare system “smart.” Today, the function of the healthcare system is not limited to treat the patients only. With the help of implantable medical devices and wearables, Smart Healthcare System (SHS) can continuously monitor different vital signs of a patient and automatically detect and prevent critical medical conditions. However, these increasing functionalities of SHS raise several security concerns and attackers can exploit the SHS in numerous ways: they can impede normal function of the SHS, inject false data to change vital signs, and tamper a medical device to change the outcome of a medical emergency. In this paper, we propose HealthGuard, a novel machine learning-based security framework to detect malicious activities in a SHS. HealthGuard observes the vital signs of different connected devices of a SHS and correlates the vitals to understand the changes in body functions of the patient to distinguish benign and malicious activities. HealthGuard utilizes four different machine learning-based detection techniques (Artificial Neural Network, Decision Tree, Random Forest, k-Nearest Neighbor) to detect malicious activities in a SHS. We trained HealthGuard with data collected for eight different smart medical devices for twelve benign events including seven normal user activities and five disease-affected events. Furthermore, we evaluated the performance of HealthGuard against three different malicious threats. Our extensive evaluation shows that HealthGuard is an effective security framework for SHS with an accuracy of 91 % and an F1 score of 90 %.},
keywords = {Machine Learning Security},
pubstate = {published},
tppubtype = {conference}
}
Leonardo Babun, Z Berkay Celik, Patrick McDaniel, A Selcuk Uluagac
Real-time analysis of privacy-(un) aware IoT applications Conference Paper
In the Proceedings of the Privacy Enhancing Technologies Symposium (PoPETs), 2019.
Abstract | Links | BibTeX | Tags: IoT Security
@conference{babun2019real,
title = {Real-time analysis of privacy-(un) aware IoT applications},
author = {Leonardo Babun and Z Berkay Celik and Patrick McDaniel and A Selcuk Uluagac},
url = {https://petsymposium.org/popets/2021/popets-2021-0009.php},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
journal = {arXiv preprint arXiv:1911.10461},
publisher = {In the Proceedings of the Privacy Enhancing Technologies Symposium (PoPETs)},
abstract = {Users trust IoT apps to control and automate their smart devices. These apps necessarily have access to sensitive data to implement their functionality. However, users lack visibility into how their sensitive data is used (or leaked), and they often blindly trust the app developers. In this paper, we present IoTWatcH, a novel dynamic analysis tool that uncovers the privacy risks of IoT apps in real-time. We designed and built IoTWatcH based on an IoT privacy survey that considers the privacy needs of IoT users. IoTWatcH provides users with a simple interface to specify their privacy preferences with an IoT app. Then, in runtime, it analyzes both the data that is sent out of the IoT app and its recipients using Natural Language Processing (NLP) techniques. Moreover, IoTWatcH informs the users with its findings to make them aware of the privacy risks with the IoT app. We implemented IoTWatcH on real IoT applications. Specifically, we analyzed 540 IoT apps to train the NLP model and evaluate its effectiveness. IoTWatcH successfully classifies IoT app data sent to external parties to correct privacy labels with an average accuracy of 94.25%, and flags IoT apps that leak privacy data to unauthorized parties. Finally, IoTWatcH yields minimal overhead to an IoT app's execution, on average 105 ms additional latency.},
howpublished = {In the proceedings of the Privacy Enhancing Technologies (PETs)},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {conference}
}
Leonardo Babun, Amit K. Sikder, Abbas Acar, A. Selcuk Uluagac
A Digital Forensics Framework for Smart Settings: Poster Conference Paper
In the Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2019.
Abstract | Links | BibTeX | Tags: Forensics, IoT Security
@conference{1Babun2019DFFramework,
title = {A Digital Forensics Framework for Smart Settings: Poster},
author = {Leonardo Babun and Amit K. Sikder and Abbas Acar and A. Selcuk Uluagac},
url = {https://doi.org/10.1145/3317549.3326317},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
publisher = {In the Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)},
abstract = {Users utilize IoT devices and sensors in a co-operative manner to enable the concept of a smart environment. This integration generate data with high forensic value. Nonetheless, current smart app programming platforms do not provide any digital forensics capability to identify, trace, store, and analyze the data produced in these settings. To overcome these limitations, in this poster, we present our ongoing work to introduce a novel digital forensic framework for a smart environment.},
keywords = {Forensics, IoT Security},
pubstate = {published},
tppubtype = {conference}
}
Abbas Acar, Long Lu, A. Selcuk Uluagac, Engin Kirda
An Analysis of Malware Trends in Enterprise Networks Conference Paper
In the Proceedings of the Information Security Conference (ISC), 2019.
Abstract | Links | BibTeX | Tags: Enterprise Security, Malware
@conference{Acar2019MalwareTrendsb,
title = { An Analysis of Malware Trends in Enterprise Networks},
author = {Abbas Acar and Long Lu and A. Selcuk Uluagac and Engin Kirda},
url = {https://link.springer.com/chapter/10.1007/978-3-030-30215-3_18},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
booktitle = {In the Proceedings of the Information Security Conference (ISC)},
abstract = {We present an empirical and large-scale analysis of malware samples captured from two different enterprises from 2017 to early 2018. Particularly, we perform threat vector, social-engineering, vulnerability and time-series analysis on our dataset. Unlike existing malware studies, our analysis is specifically focused on the recent enterprise malware samples. First of all, based on our analysis on the combined datasets of two enterprises, our results confirm the general consensus that AV-only solutions are not enough for real-time defenses in enterprise settings because on average 40% of the malware samples, when first appeared, are not detected by most AVs on VirusTotal or not uploaded to VT at all (i.e., never seen in the wild yet). Moreover, our analysis also shows that enterprise users transfer documents more than executables and other types of files. Therefore, attackers embed malicious codes into documents to download and install the actual malicious payload instead of sending malicious payload directly or using vulnerability exploits. Moreover, we also found that financial matters (e.g., purchase orders and invoices) are still the most common subject seen in Business Email Compromise (BEC) scams that aim to trick employees. Finally, based on our analysis on the timestamps of captured malware samples, we found that 93% of the malware samples were delivered on weekdays. Our further analysis also showed that while the malware samples that require user interaction such as macro-based malware samples have been captured during the working hours of the employees, the massive malware attacks are triggered during the off-times of the employees to be able to silently spread over the networks.},
howpublished = {In the proceedings of the Information Security Conference (ISC)},
keywords = {Enterprise Security, Malware},
pubstate = {published},
tppubtype = {conference}
}
Enes Erdin, Mumin Cebe, Kemal Akkaya, Eyuphan Bulut, A. Selcuk Uluagac
A Heuristic-Based Private Bitcoin Payment Network Formation Using Off-Chain Links Conference Paper
In the Proceedings of the IEEE International Conference on Blockchain (Blockchain), 2019.
Abstract | Links | BibTeX | Tags: Bitcoin, Blockchain Security
@conference{Erdin2019Blockchainb,
title = {A Heuristic-Based Private Bitcoin Payment Network Formation Using Off-Chain Links},
author = {Enes Erdin and Mumin Cebe and Kemal Akkaya and Eyuphan Bulut and A. Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/8946276},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
booktitle = {In the Proceedings of the IEEE International Conference on Blockchain (Blockchain)},
abstract = {While Bitcoin dominates the market for cryptocurrencies, its use in micropayments is still a challenge due to its long transaction validation times and high fees. Recently, the concept of off-chain payments is introduced that led to the idea of establishing a payment network called Lightning Network (LN). Off-chain links provide the ability to do transactions without writing to Blockchain. However, LN's design still favors fees and is creating hub nodes that defeat the purpose of Blockchain. In addition, it is still not reliable as not all the transactions are guaranteed to be transmitted to their destinations. If current retailers would like to use it, these problems might hinder its adoption. To address this issue, in this paper, we advocate creating a private payment network among a given set of retailers that will serve their business needs, just like the idea of private Blockchains. The goal is to build a pure peer-to-peer topology that will eliminate the need for relays and increase the robustness of payments. Using off-chain links as edges and retailers as nodes, the problem is formulated as a multi-flow commodity problem where transactions represent the commodities from various sources to destinations. As the multi-flow commodity problem is NP-Complete, we propose a heuristic approach that utilizes Dijkstra's shortest path algorithm in a dynamic way by updating the edge weights when new payment paths are to be found. The order of transactions is randomized to provide fairness among the retailers. The evaluations indicate that the proposed heuristic comes close to an optimal solution while providing scalability and user privacy.},
howpublished = {In the proceedings of the International Conference on Blockchain},
keywords = {Bitcoin, Blockchain Security},
pubstate = {published},
tppubtype = {conference}
}
Abbas Acar, Hidayet Aksu, Kemal Akkaya, A Selcuk Uluagac
Method for continuous user authentication with wearables Patent
US Patent, 2018.
Abstract | Links | BibTeX | Tags: Authentication, patent
@patent{nokey,
title = {Method for continuous user authentication with wearables},
author = {Abbas Acar and Hidayet Aksu and Kemal Akkaya and A Selcuk Uluagac},
url = {https://patents.google.com/patent/US10075846B1/en},
year = {2018},
date = {2018-09-11},
urldate = {2018-09-11},
abstract = {Systems and methods for continuous and transparent verification, authentication, and identification of individuals are provided. A method can include detecting a signal from a sensor embedded in a wearable device, determining a set of features unique to the wearer of the wearable device, creating a user profile of that individual, detecting a signal from a sensor of an unknown individual, determining a set of features unique to the unknown individual, and comparing the features of the unknown individual to the previously created user profile.},
howpublished = {US Patent},
keywords = {Authentication, patent},
pubstate = {published},
tppubtype = {patent}
}
Z. Berkay Celik, Leonardo Babun, Amit Kumar Sikder, Hidayet Aksu, Gang Tan, Patrick McDaniel, A. Selcuk Uluagac
Sensitive Information Tracking in Commodity IoT Conference Paper
In the Proceedings of the 27th USENIX Security Symposium, 2018.
Abstract | Links | BibTeX | Tags: IoT Security, Mobile Security
@conference{Berkay2018InfoTrackingb,
title = {Sensitive Information Tracking in Commodity IoT},
author = {Z. Berkay Celik and Leonardo Babun and Amit Kumar Sikder and Hidayet Aksu and Gang Tan and Patrick McDaniel and A. Selcuk Uluagac},
url = {https://www.usenix.org/conference/usenixsecurity18/presentation/celik},
year = {2018},
date = {2018-08-01},
urldate = {2018-08-01},
booktitle = {In the Proceedings of the 27th USENIX Security Symposium},
abstract = {Broadly defined as the Internet of Things (IoT), the growth of commodity devices that integrate physical processes with digital connectivity has had profound effects on society--smart homes, personal monitoring devices, enhanced manufacturing and other IoT applications have changed the way we live, play, and work. Yet extant IoT platforms provide few means of evaluating the use (and potential avenues for misuse) of sensitive information. Thus, consumers and organizations have little information to assess the security and privacy risks these devices present. In this paper, we present SainT, a static taint analysis tool for IoT applications. SainT operates in three phases; (a) translation of platform-specific IoT source code into an intermediate representation (IR), (b) identifying sensitive sources and sinks, and (c) performing static analysis to identify sensitive data flows. We evaluate SainT on 230 SmartThings market apps and find 138 (60%) include sensitive data flows. In addition, we demonstrate SainT on IoTBench, a novel open-source test suite containing 19 apps with 27 unique data leaks. Through this effort, we introduce a rigorously grounded framework for evaluating the use of sensitive information in IoT apps---and therein provide developers, markets, and consumers a means of identifying potential threats to security and privacy.},
howpublished = {In the proceedings of the 27th USENIX Security Symposium},
keywords = {IoT Security, Mobile Security },
pubstate = {published},
tppubtype = {conference}
}
Abbas Acar, Hidayet Aksu, A. Selcuk Uluagac, Mauro Conti
A Survey on Homomorphic Encryption Schemes: Theory and Implementation Journal Article
ACM Computing Surveys, 2018.
Abstract | Links | BibTeX | Tags: Cryptography, Privacy-preserving
@article{Acar2018HomomEncb,
title = {A Survey on Homomorphic Encryption Schemes: Theory and Implementation},
author = {Abbas Acar and Hidayet Aksu and A. Selcuk Uluagac and Mauro Conti},
url = {https://doi.org/10.1145/3214303},
year = {2018},
date = {2018-07-01},
urldate = {2018-07-01},
journal = {ACM Computing Surveys},
publisher = {Association for Computing Machinery (ACM)},
address = {New York, NY, USA},
abstract = {Legacy encryption systems depend on sharing a key (public or private) among the peers involved in exchanging an encrypted message. However, this approach poses privacy concerns. The users or service providers with the key have exclusive rights on the data. Especially with popular cloud services, control over the privacy of the sensitive data is lost. Even when the keys are not shared, the encrypted material is shared with a third party that does not necessarily need to access the content. Moreover, untrusted servers, providers, and cloud operators can keep identifying elements of users long after users end the relationship with the services. Indeed, Homomorphic Encryption (HE), a special kind of encryption scheme, can address these concerns as it allows any third party to operate on the encrypted data without decrypting it in advance. Although this extremely useful feature of the HE scheme has been known for over 30 years, the first plausible and achievable Fully Homomorphic Encryption (FHE) scheme, which allows any computable function to perform on the encrypted data, was introduced by Craig Gentry in 2009. Even though this was a major achievement, different implementations so far demonstrated that FHE still needs to be improved significantly to be practical on every platform. Therefore, this survey focuses on HE and FHE schemes. First, we present the basics of HE and the details of the well-known Partially Homomorphic Encryption (PHE) and Somewhat Homomorphic Encryption (SWHE), which are important pillars for achieving FHE. Then, the main FHE families, which have become the base for the other follow-up FHE schemes, are presented. Furthermore, the implementations and recent improvements in Gentry-type FHE schemes are also surveyed. Finally, further research directions are discussed. This survey is intended to give a clear knowledge and foundation to researchers and practitioners interested in knowing, applying, and extending the state-of-the-art HE, PHE, SWHE, and FHE systems.},
howpublished = {ACM Computing Surveys},
keywords = {Cryptography, Privacy-preserving},
pubstate = {published},
tppubtype = {article}
}
Nico Saputro, Kemal Akkaya, Ramazan Algin, Selcuk Uluagac
Drone-Assisted Multi-Purpose Roadside Units for Intelligent Transportation Systems Conference Paper
In the proceedings of the 88th Vehicular Technology Conference (VTC-Fall), 2018.
Abstract | Links | BibTeX | Tags: Network Security, UAV Security
@conference{Saputro2018DroneTranspSystemb,
title = {Drone-Assisted Multi-Purpose Roadside Units for Intelligent Transportation Systems},
author = {Nico Saputro and Kemal Akkaya and Ramazan Algin and Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/8690977/},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
booktitle = {In the proceedings of the 88th Vehicular Technology Conference (VTC-Fall)},
abstract = {As drones are becoming prevalent to be deployed in various civic applications, there is a need to integrate them into efficient and secure communications with the existing infrastructure. In this paper, considering emergency scenarios for intelligent transportation applications, we design a secure hybrid communication infrastructure for mobile road-side units (RSUs) that are based on drones. The architecture tackles interoperability issues when Dedicated Short Range Communications (DSRC), wireless mesh, and LTE need to coexist for coordination. Specifically, we propose a novel tunneling protocol to integrate LTE with IEEE 802.11s mesh network. In addition, we ensure that only legitimate users can connect and control the mobile RSUs by integrating an authentication framework built on top of the recent OAuth 2.0 standard. A detailed communication protocol is proposed within the elements of the architecture from vehicles to control center for emergency operations. The proposed secure architecture is implemented in ns-3 and tested for its performance under heavy multimedia traffic. The results indicate that the proposed hybrid architecture can enable smooth multimedia traffic delivery via the mobile RSU.},
keywords = {Network Security, UAV Security},
pubstate = {published},
tppubtype = {conference}
}
Samet Tonyali, Kemal Akkaya, Nico Saputro, A. Selcuk Uluagac, Mehrdad Nojoumian
Privacy-preserving protocols for secure and reliable data aggregation in IoT-enabled Smart Metering systems Journal Article
Future Generation Computer Systems journal, 2018.
Abstract | Links | BibTeX | Tags: IoT Security, Smart-grid Security
@article{TONYALI2018IoTdataAgreb,
title = {Privacy-preserving protocols for secure and reliable data aggregation in IoT-enabled Smart Metering systems},
author = {Samet Tonyali and Kemal Akkaya and Nico Saputro and A. Selcuk Uluagac and Mehrdad Nojoumian},
url = {https://www.sciencedirect.com/science/article/pii/S0167739X17306945},
doi = {https://doi.org/10.1016/j.future.2017.04.031},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
journal = {Future Generation Computer Systems journal},
abstract = {As the Internet of Things (IoT) gets more pervasive, its areas of usage expands. Smart Metering systems is such an IoT-enabled technology that enables convenient and high frequency data collection compared to existing metering systems. However, such a frequent data collection puts the consumers’ privacy in risk as it helps expose the consumers’ daily habits. Secure in-network data aggregation can be used to both preserve consumers’ privacy and reduce the packet traffic due to high frequency metering data. The privacy can be provided by performing the aggregation on concealed metering data. Fully homomorphic encryption (FHE) and secure multiparty computation (secure MPC) are the systems that enable performing multiple operations on concealed data. However, both FHE and secure MPC systems have some overhead in terms of data size or message complexity. The overhead is compounded in the IoT-enabled networks such as Smart Grid (SG) Advanced Metering Infrastructure (AMI). In this paper, we propose new protocols to adapt FHE and secure MPC to be deployed in SG AMI networks that are formed using wireless mesh networks. The proposed protocols conceal the smart meters’ (SMs) reading data by encrypting it (FHE) or computing its shares on a randomly generated polynomial (secure MPC). The encrypted data/computed shares are aggregated at some certain aggregator SM(s) up to the gateway of the network in a hierarchical manner without revealing the readings’ actual value. To assess their performance, we conducted extensive experiments using the ns-3 network simulator. The simulation results indicate that the secure MPC-based protocol can be a viable privacy-preserving data aggregation mechanism since it not only reduces the overhead with respect to FHE but also almost matches the performance of the Paillier cryptosystem when it is used within a proper sized AMI network.},
keywords = {IoT Security, Smart-grid Security},
pubstate = {published},
tppubtype = {article}
}
Nico Saputro, Kemal Akkaya, Selcuk Uluagac
Supporting Seamless Connectivity in Drone-assisted Intelligent Transportation Systems Conference Paper
In the Proceedings of the 43rd IEEE Conference on Local Computer Networks Workshops (LCN Workshops), 2018.
Abstract | Links | BibTeX | Tags: Network Security, UAV Security
@conference{Saputro2018DronSeamlessConnb,
title = {Supporting Seamless Connectivity in Drone-assisted Intelligent Transportation Systems},
author = {Nico Saputro and Kemal Akkaya and Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/8628496},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
booktitle = {In the Proceedings of the 43rd IEEE Conference on Local Computer Networks Workshops (LCN Workshops)},
abstract = {Considering emergency scenarios for intelligent transportation applications, we propose a swarm of drones communication architecture that can sustain connectivity to assist the authorities for damage assessments. The connectivity sustenance needs stem from the fact that drones may move to various locations in response to service requests from the authorities but they still need to cooperate for data collection and transmissions. To address this need, we propose a centralized connectivity maintenance heuristic which will enable the swarm to dynamically adapt its formation in response to the service requests while ensuring uninterrupted live assessment reports. To select the moving drone(s), the minimum connected dominating set concept is utilized to come up with three strategies of mixed stretching or moving heuristic for the connectivity restoration. The proposed architecture and heuristics are implemented in ns-3 network simulator and the effectiveness is tested in terms of providing undisturbed services under heavy multimedia traffic. The results indicate that the proposed approaches enable uninterrupted multimedia traffic delivery.},
howpublished = {In the Proceedings of the 43rd IEEE Conference on Local Computer Networks Workshops (LCN Workshops)},
keywords = {Network Security, UAV Security},
pubstate = {published},
tppubtype = {conference}
}
Enes Erdin, Hidayet Aksu, Selcuk Uluagac, Micheal Vai, Kemal Akkaya
OS Independent and Hardware-Assisted Insider Threat Detection and Prevention Framework Conference Paper
In the Proceedings of the IEEE Military Communications Conference (MILCOM), 2018.
Abstract | Links | BibTeX | Tags: Hardware Security, Malware
@conference{8599719b,
title = {OS Independent and Hardware-Assisted Insider Threat Detection and Prevention Framework},
author = {Enes Erdin and Hidayet Aksu and Selcuk Uluagac and Micheal Vai and Kemal Akkaya},
url = {https://ieeexplore.ieee.org/abstract/document/8599719},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
publisher = {In the Proceedings of the IEEE Military Communications Conference (MILCOM)},
abstract = {Governmental and military institutions harbor critical infrastructure and highly confidential information. Although institutions are investing a lot for protecting their data and assets from possible outsider attacks, insiders are still a distrustful source for information leakage. As malicious software injection is one among many attacks, turning innocent employees into malicious attackers through social attacks is the most impactful one. Malicious insiders or uneducated employees are dangerous for organizations that they are already behind the perimeter protections that guard the digital assets; actually, they are trojans on their own. For an insider, the easiest possible way for creating a hole in security is using the popular and ubiquitous Universal Serial Bus (USB) devices due to its versatile and easy to use plug-and-play nature. USB type storage devices are the biggest threats for contaminating mission critical infrastructure with viruses, malware, and trojans. USB human interface devices are also dangerous as they may connect to a host with destructive hidden functionalities. In this paper, we propose a novel hardware-assisted insider threat detection and prevention framework for the USB case. Our novel framework is also OS independent. We implemented a proof-of-concept design on an FPGA board which is widely used in military settings supporting critical missions, and demonstrated the results considering different experiments. Based on the results of these experiments, we show that our framework can identify rapid-keyboard key-stroke attacks and can easily detect the functionality of the USB device plugged in. We present the resource consumption of our framework on the FPGA for its utilization on a host controller device. We show that the our hard-to-tamper framework introduces no overhead in USB communication in terms of user experience.},
keywords = {Hardware Security, Malware},
pubstate = {published},
tppubtype = {conference}
}
Enes Erdin, Mumin Cebe, Kemal Akkaya, Senay Solak, Eyuphan Bulut, Selcuk Uluagac
Building a Private Bitcoin-Based Payment Network Among Electric Vehicles and Charging Stations Conference Paper
In the Proceedings of the IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), 2018.
Abstract | Links | BibTeX | Tags: Blockchain Security, Vehicle security
@conference{Erdin2018PrivBCNetc,
title = {Building a Private Bitcoin-Based Payment Network Among Electric Vehicles and Charging Stations},
author = {Enes Erdin and Mumin Cebe and Kemal Akkaya and Senay Solak and Eyuphan Bulut and Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/8726825},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
publisher = {In the Proceedings of the IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData)},
abstract = {Mass penetration and market dominance of Electric Vehicles (EVs) are expected in the upcoming years. Due to their frequent charging needs, not only public and private charging stations are being built, but also V2V charging options are considered. This forms a charging network with various suppliers and EV customers which can communicate to schedule charging operations. While an app can be designed to develop matching algorithms for charging schedules, the system also needs a convenient payment method that will enable privacy-preserving transactions among the suppliers and EVs. In this paper, we adopt a Bitcoin-based payment system for the EV charging network payments. However, Bitcoin has a transaction fee which would be comparable to the price of the charging service most of the time and thus may not be attractive to users. High transaction fees can be eliminated by building a payment network in parallel to main ledger, with permission and signatures. In this paper, we design and implement such a network among charging stations and mobile EVs with flow, connectivity and fairness constraints, and demonstrate results for the feasibility of the scheme under different circumstances. More specifically, we propose a payment network optimization model for determining payment channels among charging stations. We present numerical results on the characteristics of the network model by using realistic use cases.},
keywords = {Blockchain Security, Vehicle security},
pubstate = {published},
tppubtype = {conference}
}
Abbas Acar, Hidayet Aksu, A. Selcuk Uluagac, Kemal Akkaya
WACA: Wearable-Assisted Continuous Authentication Conference Paper
In the Proceedings of the IEEE Security and Privacy Workshops (SPW) , 2018.
Abstract | Links | BibTeX | Tags: Authentication, Vehicle security
@conference{Acar2018WACAb,
title = {WACA: Wearable-Assisted Continuous Authentication},
author = {Abbas Acar and Hidayet Aksu and A. Selcuk Uluagac and Kemal Akkaya},
url = {https://ieeexplore.ieee.org/abstract/document/8424658},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
publisher = {In the Proceedings of the IEEE Security and Privacy Workshops (SPW) },
abstract = {One-time login process in conventional authentication systems does not guarantee that the identified user is the actual user throughout the session. However, it is necessary to re-verify the user identity periodically throughout a login session, which is lacking in existing one-time login systems. In this paper, we introduce a usable and reliable Wearable-Assisted Continuous Authentication (WACA), which relies on the sensor-based keystroke dynamics and the authentication data is acquired through the built-in sensors of a wearable (e.g., smartwatch) while the user is typing. The acquired data is periodically and transparently compared with the registered profile of the initially logged-in user with one-way classifiers. With this, WACA continuously ensures that the current user is the user who logged in initially. We implemented the WACA framework and evaluated its performance on real devices with real users. The empirical evaluation of WACA reveals that WACA is feasible and its error rate is as low as 1% with 30 seconds of processing time and 2 - 3% for 20 seconds. The computational overhead is minimal. Furthermore, WACA is capable of identifying insider threats with very high accuracy (99.2%).},
keywords = {Authentication, Vehicle security},
pubstate = {published},
tppubtype = {conference}
}
Amit Kumar Sikder, Abbas Acar, Hidayet Aksu, A. Selcuk Uluagac, Kemal Akkaya, Mauro Conti
IoT-enabled smart lighting systems for smart cities Conference Paper
In the Proceedings of the IEEE 8th Annual Computing and Communication Workshop and Conference (CCWC), 2018.
Abstract | Links | BibTeX | Tags: IoT Security, Network Security
@conference{Sikder2018Smartlightingb,
title = {IoT-enabled smart lighting systems for smart cities},
author = {Amit Kumar Sikder and Abbas Acar and Hidayet Aksu and A. Selcuk Uluagac and Kemal Akkaya and Mauro Conti},
url = {https://ieeexplore.ieee.org/abstract/document/8301744},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
booktitle = {In the Proceedings of the IEEE 8th Annual Computing and Communication Workshop and Conference (CCWC)},
abstract = {Over the past few decades, the rate of urbanization has increased enormously. More enhanced services and applications are needed in urban areas to provide a better lifestyle. Smart city, which is a concept of interconnecting modern digital technologies in the context of a city, is a potential solution to enhance the quality and performance of urban services. With the introduction of Internet-of-Things (IoT) in the smart city, new opportunities have emerged to develop new services and integrate different application domains with each other using Information and Communication Technologies. However, to ensure seamless services in an IoT-enabled smart city environment, all the applications have to be maintained with limited energy resources. One of the core sectors that can be improved significantly by implementing IoT is the lighting system of a city since it consumes more energy than other parts of a city. In a smart city, the lighting system is integrated with advanced sensors and communication channels to obtain a Smart Lighting System (SLS). The goal of an SLS is to obtain an autonomous and more efficient lighting management system. In this paper, we provide an overview of the SLS and review different IoT-enabled communication protocols, which can be used to realize the SLS in the context of a smart city. Moreover, we analyzed different usage scenarios for IoT-enabled indoor and outdoor SLS and provide an analysis of the power consumption. Our results reveal that IoT-enabled smart lighting systems can reduce power consumption up to 33.33% in both indoor and outdoor settings. Finally, we discussed the future research directions in SLS in the smart city.},
keywords = {IoT Security, Network Security},
pubstate = {published},
tppubtype = {conference}
}
Abdullah Aydeger, Nico Saputro, Kemal Akkaya, Selcuk Uluagac
Assessing the overhead of authentication during SDN-enabled restoration of smart grid inter-substation communications Conference Paper
In the Proceedings of the 15th IEEE Annual Consumer Communications & Networking Conference (CCNC), 2018.
Abstract | Links | BibTeX | Tags: Authentication, SDN Security
@conference{Aydeger2018AuthOverheadb,
title = {Assessing the overhead of authentication during SDN-enabled restoration of smart grid inter-substation communications},
author = {Abdullah Aydeger and Nico Saputro and Kemal Akkaya and Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/8319206},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
publisher = {In the Proceedings of the 15th IEEE Annual Consumer Communications & Networking Conference (CCNC)},
abstract = {Since real-time and resilient recovery of link failures is crucial for power grid infrastructure to continue its services, emerging technologies such as Software Defined Networking (SDN) has started to be employed for such purposes. SDN switches can be remotely controlled to change their configurations by exploiting the wireless communication options. However, when wireless is to be used in Smart Grid communications, security and reliability become important issues due to the specific characteristics of wireless communications. This paper investigates the overhead of providing such services on wireless links when SDN is utilized. Specifically, we consider the establishment of authentication services when wireless back-up links (i.e., WiFi or LTE) are employed as a result of a reactive link failure detection mechanism. To the best of our knowledge, this work is the first to consider authentication of such an SDN-enabled Smart Grid inter-substation communication with WiFi and LTE. To be able to effectively evaluate the performance of this proposed SDN-enabled framework, we developed it in Mininet emulator. Since Mininet does not support the authentication services for WiFi or LTE, we proposed several novel extensions to Mininet by integrating it with ns-3 simulator that supports the LTE/WiFi protocol stacks. We conducted extensive experiments by considering a general application using Smart Grid Manufacturing Message Specification (MMS) standard to assess the recovery performance of the proposed secure SDN-enabled recovery system. The results show that when authentication and reliable protocols such as TCP are to be employed, the proposed framework can still meet the deadlines of 100 ms with WiFi while LTE misses only a few packets.},
keywords = {Authentication, SDN Security},
pubstate = {published},
tppubtype = {conference}
}
Halim Burak Yesilyurt, Hidayet Aksu, Selcuk Uluagac, Raheem Beyah
SOTA: Secure Over-the-Air Programming of IoT Devices Conference Paper
In the Proceedings of the IEEE Military Communications Conference (MILCOM), 2018.
Abstract | Links | BibTeX | Tags: IoT Security
@conference{Yesilyurt2018SOTAb,
title = {SOTA: Secure Over-the-Air Programming of IoT Devices},
author = {Halim Burak Yesilyurt and Hidayet Aksu and Selcuk Uluagac and Raheem Beyah},
url = {https://ieeexplore.ieee.org/abstract/document/8599705},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
booktitle = {In the Proceedings of the IEEE Military Communications Conference (MILCOM)},
abstract = {The emerging Internet of Things (IoT) devices introduced many useful applications that are utilized in our daily lives, scientific research, and military operations. In these applications, secure over the air programming of IoT devices is vital as the devices can be re-programmed by hackers and the firmware can be stolen by eavesdropping a live firmware distribution operation. Nonetheless, as most of the IoT devices have limited computational resources (e.g., memory, CPU, storage), over-the-air programming of IoT devices necessitates efficient utilization of the resources. In this work, to address these concerns and provide a more efficient and secure code-dissemination process, a novel secure over-the-air programming framework called SOTA is introduced, which is also designed as an open-source framework and available for the research and developer communities. SOTA provides confidentiality, integrity, and authentication to resource-limited IoT devices in order to protect the firmware from adversaries. Furthermore, we perform extensive performance evaluations on real resource-limited IoT devices with Atmel-based microcontrollers. Evaluations revealed that SOTA has minimal performance and memory overhead on the IoT devices. SOTA is a promising solution to provide an over-the-air code dissemination protocol with security to resource-limited IoT devices in both military and civilian settings.},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {conference}
}
Hidayet Aksu, Leonardo Babun, Mauro Conti, Gabriele Tolomei, A. Selcuk Uluagac
Advertising in the IoT Era: Vision and Challenges Journal Article
IEEE Communications Magazine, 2018.
Abstract | Links | BibTeX | Tags: IoT Security
@article{Akkaya2018IoTAdvb,
title = {Advertising in the IoT Era: Vision and Challenges},
author = {Hidayet Aksu and Leonardo Babun and Mauro Conti and Gabriele Tolomei and A. Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/8337812},
doi = {10.1109/MCOM.2017.1700871},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
journal = {IEEE Communications Magazine},
abstract = {The IoT extends the idea of interconnecting computers to a plethora of different devices, collectively referred to as smart devices. These are physical items, that is, "things", such as wearable devices, home appliances, and vehicles, enriched with computational and networking capabilities. Due to the huge set of devices involved, and therefore its pervasiveness, IoT is a great platform to leverage for building new applications and services or extending existing ones. In this regard, expanding online advertising into the IoT realm is an under-investigated yet promising research direction, especially considering that the traditional Internet advertising market is already worth hundreds of billions of dollars. In this article, we first propose the architecture of an IoT advertising platform inspired by the well known business ecosystem, which the traditional Internet advertising is based on. Additionally, we discuss the key challenges to implement such a platform, with a special focus on issues related to architecture, advertisement content delivery, security, and privacy of the users.},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {article}
}
Cengiz Kaygusuz, Leonardo Babun, Hidayet Aksu, A. Selcuk Uluagac
Detection of Compromised Smart Grid Devices with Machine Learning and Convolution Techniques Conference Paper
In the Proceedings of the IEEE International Conference on Communications (ICC), 2018.
Abstract | Links | BibTeX | Tags: Smart-grid Security
@conference{Kaygusuz2018SmartGridMLb,
title = {Detection of Compromised Smart Grid Devices with Machine Learning and Convolution Techniques},
author = {Cengiz Kaygusuz and Leonardo Babun and Hidayet Aksu and A. Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/8423022},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
booktitle = {In the Proceedings of the IEEE International Conference on Communications (ICC)},
abstract = {The smart grid concept has transformed the traditional power grid into a massive cyber- physical system that depends on advanced two-way communication infrastructure to integrate a myriad of different smart devices. While the introduction of the cyber component has made the grid much more flexible and efficient with so many smart devices, it also broadened the attack surface of the power grid. Particularly, compromised devices pose great danger to the healthy operations of the smart-grid. For instance, the attackers can control the devices to change the behaviour of the grid and can impact the measurements. In this paper, to detect such misbehaving malicious smart grid devices, we propose a machine learning and convolution-based classification framework. Our framework specifically utilizes system and library call lists at the kernel level of the operating system on both resource-limited and resource-rich smart grid devices such as RTUs, PLCs, PMUs, and IEDs. Focusing on the types and other valuable features extracted from the system calls, the framework can successfully identify malicious smart-grid devices. In order to test the efficacy of the proposed framework, we built a representative testbed conforming to the IEC-61850 protocol suite and evaluated its performance with different system calls. The proposed framework in different evaluation scenarios yields very high accuracy (avg. 91%) which reveals that the framework is effective to overcome compromised smart grid devices problem.},
keywords = {Smart-grid Security},
pubstate = {published},
tppubtype = {conference}
}
Kyle Denney, A. Selcuk Uluagac, Hidayet Aksu, Kemal Akkaya
An Android-Based Covert Channel Framework on Wearables Using Status Bar Notifications Journal Article
2018.
Abstract | Links | BibTeX | Tags: Covert channels, Network Security, Wearables
@article{Denney2018AndroidCoverCh,
title = {An Android-Based Covert Channel Framework on Wearables Using Status Bar Notifications},
author = {Kyle Denney and A. Selcuk Uluagac and Hidayet Aksu and Kemal Akkaya},
editor = {Springer International Journal},
url = {https://doi.org/10.1007/978-3-319-97643-3_1},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
booktitle = {Springer International Publishing journal},
abstract = {Covert channels circumvent security measures to steal sensitive data undetectable to an onlooker. Traditionally, covert channels utilize global system resources or settings to send hidden messages. This chapter introduces covert channels and focuses on a novel covert channel on Android-based Internet of Things (IoT) devices. Particularly, we were able to make a covert channel using notifications a user gets from everyday applications. The chapter will also present this covert channel by discussing the framework, evaluating the performance, and demonstrating the functionality and flexibility of the proposed model.},
keywords = {Covert channels, Network Security, Wearables},
pubstate = {published},
tppubtype = {article}
}
Muhammad A Hakim, Hidayet Aksu, A Selcuk Uluagac, Kemal Akkaya
U-pot: A honeypot framework for upnp-based iot devices Conference Paper
In the Proceedings of the IEEE 37th International Performance Computing and Communications Conference (IPCCC), 2018.
Abstract | Links | BibTeX | Tags: Honeypot/Honeynet, IoT Security
@conference{hakim2018u,
title = {U-pot: A honeypot framework for upnp-based iot devices},
author = {Muhammad A Hakim and Hidayet Aksu and A Selcuk Uluagac and Kemal Akkaya},
url = {https://ieeexplore.ieee.org/document/8711321},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
booktitle = {In the Proceedings of the IEEE 37th International Performance Computing and Communications Conference (IPCCC)},
abstract = {The ubiquitous nature of the IoT devices has brought serious security implications to its users. A lot of consumer IoT devices have little to no security implementation at all, thus risking user's privacy and making them target of mass cyber-attacks. Indeed, recent outbreak of Mirai botnet and its variants have already proved the lack of security on the IoT world. Hence, it is important to understand the security issues and attack vectors in the IoT domain. Though significant research has been done to secure traditional computing systems, little focus was given to the IoT realm. In this work, we reduce this gap by developing a honeypot framework for IoT devices. Specifically, we introduce U-PoT: a novel honeypot framework for capturing attacks on IoT devices that use Universal Plug and Play (UPnP) protocol. A myriad of smart home devices including smart switches, smart bulbs, surveillance cameras, smart hubs, etc. uses the UPnP protocol. Indeed, a simple search on Shodan IoT search engine lists 1,676,591 UPnP devices that are exposed to public network. The popularity and ubiquitous nature of UPnP-based IoT device necessitates a full-fledged IoT honeypot system for UPnP devices. Our novel framework automatically creates a honeypot from UPnP device description documents and is extendable to any device types or vendors that use UPnP for communication. To the best of our knowledge, this is the first work towards a flexible and configurable honeypot framework for UPnP-based IoT devices. We released U-PoT under an open source license for further research on IoT security and created a database of UPnP device descriptions. We also evaluated our framework on two emulated deices. Our experiments show that the emulated devices are able to mimic the behavior of a real IoT device and trick vendor-provided device management applications or popular IoT search engines while having minimal performance ovherhead.},
keywords = {Honeypot/Honeynet, IoT Security},
pubstate = {published},
tppubtype = {conference}
}
Mumin Cebe, Enes Erdin, Kemal Akkaya, Hidayet Aksu, Selcuk Uluagac
Block4forensic: An integrated lightweight blockchain framework for forensics applications of connected vehicles Journal Article
IEEE Communications Magazine, 2018.
Abstract | Links | BibTeX | Tags: Blockchain Security, Forensics, IoT Security
@article{cebe2018block4forensic,
title = {Block4forensic: An integrated lightweight blockchain framework for forensics applications of connected vehicles},
author = {Mumin Cebe and Enes Erdin and Kemal Akkaya and Hidayet Aksu and Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/document/8493118},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
journal = {IEEE Communications Magazine},
publisher = {IEEE},
abstract = {Today's vehicles are becoming cyber-physical systems that not only communicate with other vehicles but also gather various information from hundreds of sensors within them. These developments help create smart and connected (e.g., self-driving) vehicles that will introduce significant information to drivers, manufacturers, insurance companies, and maintenance service providers for various applications. One such application that is becoming crucial with the introduction of self-driving cars is forensic analysis of traffic accidents. The utilization of vehicle-related data can be instrumental in post-accident scenarios to discover the faulty party, particularly for self-driving vehicles. With the opportunity of being able to access various information in cars, we propose a permissioned blockchain framework among the various elements involved to manage the collected vehicle-related data. Specifically, we first integrate vehicular public key infrastructure (VPKI) to the proposed blockchain to provide membership establishment and privacy. Next, we design a fragmented ledger that will store detailed data related to vehicles such as maintenance information/ history, car diagnosis reports, and so on. The proposed forensic framework enables trustless, traceable, and privacy-aware post-accident analysis with minimal storage and processing overhead.},
keywords = {Blockchain Security, Forensics, IoT Security},
pubstate = {published},
tppubtype = {article}
}
Hidayet Aksu, A Selcuk Uluagac, Elizabeth S Bentley
Identification of wearable devices with bluetooth Journal Article
IEEE Transactions on Sustainable Computing Journal, 2018.
Abstract | Links | BibTeX | Tags: Fingerprinting, IoT Security
@article{AksuIdentificationIEEE,
title = {Identification of wearable devices with bluetooth},
author = {Hidayet Aksu and A Selcuk Uluagac and Elizabeth S Bentley},
url = {https://ieeexplore.ieee.org/document/8299447},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
journal = {IEEE Transactions on Sustainable Computing Journal},
publisher = {IEEE},
abstract = {With wearable devices such as smartwatches on the rise in the consumer electronics market, securing these wearables is vital. However, the current security mechanisms only focus on validating the user not the device itself. Indeed, wearables can be (1) unauthorized wearable devices with correct credentials accessing valuable systems and networks, (2) passive insiders or outsider wearable devices, or (3) information-leaking wearables devices. Fingerprinting via machine learning can provide necessary cyber threat intelligence to address all these cyber attacks. In this work, we introduce a wearable fingerprinting technique focusing on Bluetooth classic protocol, which is a common protocol used by the wearables and other IoT devices. Specifically, we propose a non-intrusive wearable device identification framework which utilizes 20 different Machine Learning (ML) algorithms in the training phase of the classification process and selects the best performing algorithm for the testing phase. Furthermore, we evaluate the performance of proposed wearable fingerprinting technique on real wearable devices, including various off-the-shelf smartwatches. Our evaluation demonstrates the feasibility of the proposed technique to provide reliable cyber threat intelligence. Specifically, our detailed accuracy results show on average 98.5 percent, 98.3 percent precision and recall for identifying wearables using the Bluetooth classic protocol.},
keywords = {Fingerprinting, IoT Security},
pubstate = {published},
tppubtype = {article}
}
Leonardo Babun, Hidayet Aksu, A. Selcuk Uluagac
Detection of counterfeit and compromised devices using system and function call tracing techniques Patent
US Patent, 2017.
Abstract | Links | BibTeX | Tags: Fingerprinting, Smart-grid Security
@patent{Babun2018SyscallTraceb,
title = {Detection of counterfeit and compromised devices using system and function call tracing techniques},
author = {Leonardo Babun and Hidayet Aksu and A. Selcuk Uluagac},
url = {https://www.osti.gov/biblio/1463864},
year = {2017},
date = {2017-07-17},
urldate = {2017-07-17},
abstract = {Frameworks, methods, and systems for securing a smart grid are provided. A framework can include data collection, call tracing techniques, and preparing call lists to detect counterfeit or compromised devices. The call tracing techniques can include call tracing and compiling all system and function calls over a time interval. The framework can further include data processing, in which a genuine device is identified and compared to unknown devices. A first statistical correlation can be used for resource-rich systems, and a second statistical correlation can be used for resource-limited systems. Threats of information leakage, measurement poisoning and store-and-send-later can be considered.},
howpublished = {US Patent},
keywords = {Fingerprinting, Smart-grid Security},
pubstate = {published},
tppubtype = {patent}
}
Juan Lopez, Leonardo Babun, Hidayet Aksu, A Selcuk Uluagac
A Survey on Function and System Call Hooking Approaches Journal Article
Journal of Hardware and Systems Security, 2017.
Abstract | Links | BibTeX | Tags: Fingerprinting
@article{LopezSurveySpringer,
title = {A Survey on Function and System Call Hooking Approaches},
author = {Juan Lopez and Leonardo Babun and Hidayet Aksu and A Selcuk Uluagac},
url = {https://link.springer.com/article/10.1007/s41635-017-0013-2},
year = {2017},
date = {2017-01-01},
urldate = {2017-01-01},
journal = {Journal of Hardware and Systems Security},
publisher = {Springer},
abstract = {Functions and system calls are effective indicators of the behavior of a process. These subroutines are useful for identifying unauthorized behavior caused by malware or for developing a better understanding of the lower-level operations of an application. Code obfuscation, however, often prevents user monitoring and modification of subroutine calls. Subroutine hooking offers a solution to this limitation. Function and system call hooking approaches allow for subroutine instrumentation, making hooking a valuable and versatile skill across industry and academia. In this survey, we present several criteria for the classification and selection of hooking tools and techniques as well as an examination of the major hooking approaches used on Windows, Linux, macOS, iOS, and Android operating systems. We also evaluate and compare the performance of different subroutine hooking tools and techniques based on computing resource utilization such as CPU time, memory, and wall-clock time. To the best of our knowledge, this is the first paper that encompasses both system call and function hooking techniques and tools across the major desktop and mobile operating systems.
},
keywords = {Fingerprinting},
pubstate = {published},
tppubtype = {article}
}
Anurag Akkiraju, David Gabay, Halim Burak Yesilyurt, Hidayet Aksu, Selcuk Uluagac
Cybergrenade: Automated Exploitation of Local Network Machines via Single Board Computers Conference Paper
In the Proceedings of the IEEE 14th International Conference on Mobile Ad Hoc and Sensor Systems (MASS), 2017.
Abstract | Links | BibTeX | Tags: Network Security
@conference{AnuragCybergrenadeIEEE,
title = {Cybergrenade: Automated Exploitation of Local Network Machines via Single Board Computers},
author = {Anurag Akkiraju and David Gabay and Halim Burak Yesilyurt and Hidayet Aksu and Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/document/8108803},
year = {2017},
date = {2017-01-01},
urldate = {2017-01-01},
booktitle = {In the Proceedings of the IEEE 14th International Conference on Mobile Ad Hoc and Sensor Systems (MASS)},
abstract = {In this paper, we introduce a defensive cybersecurity framework called Cybergrenade automating various penetration testing tools to sequentially exploit machines connected to a single local network, all underneath a single application running on a Single-Board Computer (SBC). This takes advantage of the SBC's unique capabilities in a way that manual exploitation simply cannot match. Currently, while many SBCs are being used in research as exploitation tool-kits, the current state of automation of the processes associated with exploitation leaves much to be desired. While this paper describes the Cybergrenade Framework, it can be used as a guideline for future research automating the exploitation process. Cybergrenade allows tools such as Nmap, OpenVAS, and Metasploit tools to be automatically utilized under one framework. Our experimental evolution revealed that Cybergrenade can perform the automation of various pentesting tools under a single application with ease.},
keywords = {Network Security},
pubstate = {published},
tppubtype = {conference}
}
Amit Kumar Sikder, Hidayet Aksu, A Selcuk Uluagac
{6thSense}: A context-aware sensor-based attack detector for smart devices Conference Paper
In the Proceedings of the 26th USENIX Security Symposium (USENIX Security 17), 2017.
Abstract | Links | BibTeX | Tags: IoT Security, Smart Home Security
@conference{Sikder6thSenseUSENIX,
title = {{6thSense}: A context-aware sensor-based attack detector for smart devices},
author = {Amit Kumar Sikder and Hidayet Aksu and A Selcuk Uluagac},
url = {https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/sikder},
year = {2017},
date = {2017-01-01},
urldate = {2017-01-01},
booktitle = {In the Proceedings of the 26th USENIX Security Symposium (USENIX Security 17)},
abstract = {Sensors (e.g., light, gyroscope, accelerometer) and sensing enabled applications on a smart device make the applications more user-friendly and efficient. However, the current permission-based sensor management systems of smart devices only focus on certain sensors and any App can get access to other sensors by just accessing the generic sensor API. In this way, attackers can exploit these sensors in numerous ways: they can extract or leak users’ sensitive information, transfer malware, or record or steal sensitive information from other nearby devices. In this paper, we propose 6thSense, a context-aware intrusion detection system which enhances the security of smart devices by observing changes in sensor data for different tasks of users and creating a contextual model to distinguish benign and malicious behavior of sensors. 6thSense utilizes three different Machine Learning-based detection mechanisms (i.e., Markov Chain, Naive Bayes, and LMT) to detect malicious behavior associated with sensors. We implemented 6thSense on a sensor-rich Android smart device (i.e., smartphone) and collected data from typical daily activities of 50 real users. Furthermore, we evaluated the performance of 6thSense against three sensor-based threats: (1) a malicious App that can be triggered via a sensor (e.g., light), (2) a malicious App that can leak information via a sensor, and (3) a malicious App that can steal data using sensors. Our extensive evaluations show that the 6thSense framework is an effective and practical approach to defeat growing sensor-based threats with an accuracy above 96% without compromising the normal functionality of the device. Moreover, our framework costs minimal overhead.},
keywords = {IoT Security, Smart Home Security},
pubstate = {published},
tppubtype = {conference}
}
Abbas Acar, Z. Berkay Celik, Hidayet Aksu, A. Selcuk Uluagac, Patrick McDaniel
Achieving Secure and Differentially Private Computations in Multiparty Settings Conference Paper
In the Proceedings of the IEEE Symposium on Privacy-Aware Computing (PAC), 2017.
Abstract | Links | BibTeX | Tags: Cryptojacking, Secure Multipart Computation
@conference{AcarSecureIEEEPAC,
title = {Achieving Secure and Differentially Private Computations in Multiparty Settings},
author = {Abbas Acar and Z. Berkay Celik and Hidayet Aksu and A. Selcuk Uluagac and Patrick McDaniel},
url = {https://patrickmcdaniel.org/pubs/aca17.pdf},
year = {2017},
date = {2017-01-01},
urldate = {2017-01-01},
booktitle = {In the Proceedings of the IEEE Symposium on Privacy-Aware Computing (PAC)},
abstract = {Sharing and working on sensitive data in distributed settings from healthcare to finance is a major challenge due to security and privacy concerns. Secure multiparty computation (SMC) is a viable panacea for this, allowing distributed parties to make computations while the parties learn nothing about their data, but the final result. Although SMC is instrumental in such distributed settings, it does not provide any guarantees not to leak any information about individuals to adversaries. Differential privacy (DP) can be utilized to address this; however, achieving SMC with DP is not a trivial task, either. In this paper, we propose a novel Secure Multiparty Distributed Differentially Private (SM-DDP) protocol to achieve secure and private computations in a multiparty environment. Specifically, with our protocol, we simultaneously achieve SMC and DP in distributed settings focusing on linear regression on horizontally distributed data. That is, parties do not see each others' data and further, can not infer information about individuals from the final constructed statistical model. Any statistical model function that allows independent calculation of local statistics can be computed through our protocol. The protocol implements homomorphic encryption for SMC and functional mechanism for DP to achieve the desired security and privacy guarantees. In this work, we first introduce the theoretical foundation for the SM-DDP protocol and then evaluate its efficacy and performance on two different datasets. Our results show that one can achieve individual-level privacy through the proposed protocol with distributed DP, which is independently applied by each party in a distributed fashion. Moreover, our results also show that the SM-DDP protocol incurs minimal computational overhead, is scalable, and provides security and privacy guarantees.},
keywords = {Cryptojacking, Secure Multipart Computation},
pubstate = {published},
tppubtype = {conference}
}
Kemal Akkaya, A Selcuk Uluagac, Abdullah Aydeger, Apurva Mohan
Secure Software Defined Networking Architectures for The Smart Grid Journal Article
Smart Grid-Networking, Data Management, and Business Models Book, 2017.
Abstract | Links | BibTeX | Tags: CPS Security, SDN Security, Smart Home Security
@article{AkkayaSecureSmart,
title = {Secure Software Defined Networking Architectures for The Smart Grid},
author = {Kemal Akkaya and A Selcuk Uluagac and Abdullah Aydeger and Apurva Mohan},
url = {https://www.taylorfrancis.com/chapters/edit/10.1201/b19664-3/secure-software-defined-networking-architectures-smart-grid-kemal-akkaya-selcuk-uluagac-abdullah-aydeger-apurva-mohan},
year = {2017},
date = {2017-01-01},
urldate = {2017-01-01},
journal = {Smart Grid-Networking, Data Management, and Business Models Book},
abstract = {This chapter summarizes the use of software-defined networking (SDN) for various applications in the smart grid. It explains how SDN can be utilized in the applications, describes potential security threats that can arise as a result of deploying SDN in these applications, and suggests solutions to alleviate the threats. The chapter explores the ample unique research challenges within an SDN-enabled smart grid infrastructure and provides some background on SDN. It examines how several smart grid applications can exploit SDN by summarizing the existing efforts and discusses the security issues with SDN and potential security threats related to smart grid-enabled SDN. The SDN-enabled networks become more flexible and accessible networks with software interfaces making it very convenient for network management. SDN can provide more fine-grained control on traffic compared to traditional networks. SDN enables innovation on the network and each transmission control protocol/Internet protocol layer might have an independent innovation.},
keywords = {CPS Security, SDN Security, Smart Home Security},
pubstate = {published},
tppubtype = {article}
}
Leonardo Babun, Hidayet Aksu, A. Selcuk Uluagac
Identifying counterfeit smart grid devices: A lightweight system level framework Conference Paper
In the Proceedings of the IEEE International Conference on Communications (ICC), 2017.
Abstract | Links | BibTeX | Tags: Fingerprinting, Smart Home Security
@conference{BabunIdentifyingIEEEICC,
title = {Identifying counterfeit smart grid devices: A lightweight system level framework},
author = {Leonardo Babun and Hidayet Aksu and A. Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/document/7996877},
year = {2017},
date = {2017-01-01},
urldate = {2017-01-01},
booktitle = {In the Proceedings of the IEEE International Conference on Communications (ICC)},
abstract = {The use of counterfeit smart grid devices throughout the smart grid communication infrastructure represents a real problem. Hence, monitoring and early detection of counterfeit smart grid devices is critical for protecting smart grid's components and data. To address these concerns, in this paper, we introduce a novel system level approach to identify counterfeit smart grid devices. Specifically, our approach is a configurable framework that combines system and function call tracing techniques and statistical analysis to detect counterfeit smart grid devices based on their behavioural characteristics. Moreover, we measure the efficacy of our framework with a realistic testbed that includes both resource-limited and resource-rich counterfeit devices. In total, we analyze six different counterfeit devices in our testbed. The devices communicate via an open source version of the IEC61850 protocol suite (i.e., libiec61850). Experimental results reveal an excellent rate on the detection of smart grid counterfeit devices. Finally, the performance analysis demonstrates that the use of the proposed framework has minimal overhead on the smart grid devices' computing resources.},
keywords = {Fingerprinting, Smart Home Security},
pubstate = {published},
tppubtype = {conference}
}
Hamid Menouar, Ismail Guvenc, Kemal Akkaya, A. Selcuk Uluagac, Abdullah Kadri, Adem Tuncer
UAV-Enabled Intelligent Transportation Systems for the Smart City: Applications and Challenges Journal Article
IEEE Communications Magazine, 2017.
Abstract | Links | BibTeX | Tags: UAV Security
@article{MenouarUAVIEEECom,
title = {UAV-Enabled Intelligent Transportation Systems for the Smart City: Applications and Challenges},
author = {Hamid Menouar and Ismail Guvenc and Kemal Akkaya and A. Selcuk Uluagac and Abdullah Kadri and Adem Tuncer},
url = {https://ieeexplore.ieee.org/document/7876852},
year = {2017},
date = {2017-01-01},
urldate = {2017-01-01},
journal = {IEEE Communications Magazine},
abstract = {There could be no smart city without a reliable and efficient transportation system. This necessity makes the ITS a key component of any smart city concept. While legacy ITS technologies are deployed worldwide in smart cities, enabling the next generation of ITS relies on effective integration of connected and autonomous vehicles, the two technologies that are under wide field testing in many cities around the world. Even though these two emerging technologies are crucial in enabling fully automated transportation systems, there is still a significant need to automate other road and transportation components. To this end, due to their mobility, autonomous operation, and communication/processing capabilities, UAVs are envisaged in many ITS application domains. This article describes the possible ITS applications that can use UAVs, and highlights the potential and challenges for UAV-enabled ITS for next-generation smart cities.},
keywords = {UAV Security},
pubstate = {published},
tppubtype = {article}
}
Mehmet Hazar Cintuglu, Osama A. Mohammed, Kemal Akkaya, A. Selcuk Uluagac
A Survey on Smart Grid Cyber-Physical System Testbeds Journal Article
IEEE Communications Surveys & Tutorials Journal, 2017.
Abstract | Links | BibTeX | Tags: CPS Security
@article{CintugluSurveyIEEE,
title = {A Survey on Smart Grid Cyber-Physical System Testbeds},
author = {Mehmet Hazar Cintuglu and Osama A. Mohammed and Kemal Akkaya and A. Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/document/7740849},
year = {2017},
date = {2017-01-01},
urldate = {2017-01-01},
journal = {IEEE Communications Surveys & Tutorials Journal},
abstract = {An increasing interest is emerging on the development of smart grid cyber-physical system testbeds. As new communication and information technologies emerge, innovative cyber-physical system testbeds need to leverage realistic and scalable platforms. Indeed, the interdisciplinary structure of the smart grid concept compels heterogeneous testbeds with different capabilities. There is a significant need to evaluate new concepts and vulnerabilities as opposed to counting on solely simulation studies especially using hardware-in-the-loop test platforms. In this paper, we present a comprehensive survey on cyber-physical smart grid testbeds aiming to provide a taxonomy and insightful guidelines for the development as well as to identify the key features and design decisions while developing future smart grid testbeds. First, this survey provides a four step taxonomy based on smart grid domains, research goals, test platforms, and communication infrastructure. Then, we introduce an overview with a detailed discussion and an evaluation on existing testbeds from the literature. Finally, we conclude this paper with a look on future trends and developments in cyber-physical smart grid testbed research.},
keywords = {CPS Security},
pubstate = {published},
tppubtype = {article}
}
Abdullah Aydeger, Kemal Akkaya, Mehmet H. Cintuglu, A. Selcuk Uluagac, Osama Mohammed
Software defined networking for resilient communications in Smart Grid active distribution networks Conference Paper
In the Proceedings of the IEEE International Conference on Communications (ICC), 2016.
Abstract | Links | BibTeX | Tags: Network Security, SDN Security
@conference{AydegerSoftwareIEEEICC,
title = {Software defined networking for resilient communications in Smart Grid active distribution networks},
author = {Abdullah Aydeger and Kemal Akkaya and Mehmet H. Cintuglu and A. Selcuk Uluagac and Osama Mohammed},
url = {https://ieeexplore.ieee.org/document/7511049},
year = {2016},
date = {2016-01-01},
urldate = {2016-01-01},
booktitle = {In the Proceedings of the IEEE International Conference on Communications (ICC)},
abstract = {Emerging Software Defined Networking (SDN) technology provides excellent flexibility to large-scale networks in terms of control, management, security, and maintenance. In this paper, we propose an SDN-based communication infrastructure for Smart Grid distribution networks among substations. A Smart Grid communication infrastructure consists of a large number of heterogenous devices that exchange real-time information for monitoring the status of the grid. We then investigate how SDN-enabled Smart Grid infrastructure can provide resilience to active distribution substations with self-recovery. Specifically, by introducing redundant and wireless communication links that can be used during the emergencies, we show that SDN controllers can be effective for restoring the communication while providing a lot of flexibility. Furthermore, to be able to effectively evaluate the performance of the proposed work in terms of various fine-grained network metrics, we developed a Mininet-based testing framework and integrated it with ns-3 network simulator. Finally, we conducted experiments by using actual Smart Grid communication data to assess the recovery performance of the proposed SDN-based system. The results show that SDN is a viable technology for the Smart Grid communications with almost negligible delays in switching to backup wireless links during the times of link failures in reliable fashion.},
keywords = {Network Security, SDN Security},
pubstate = {published},
tppubtype = {conference}
}
Edwin Vattapparamban, Ismail Güvenç, Ali I Yurekli, Kemal Akkaya, Selçuk Uluağaç
Drones for smart cities: Issues in cybersecurity, privacy, and public safety Conference Paper
In the Proceedings of the International Wireless Communications and Mobile Computing Conference (IWCMC), 2016.
Abstract | Links | BibTeX | Tags: CPS Security, UAV Security
@conference{VattapparambanDronesIWCMC,
title = {Drones for smart cities: Issues in cybersecurity, privacy, and public safety},
author = {Edwin Vattapparamban and Ismail Güvenç and Ali I Yurekli and Kemal Akkaya and Selçuk Uluağaç},
url = {https://ieeexplore.ieee.org/document/7577060},
year = {2016},
date = {2016-01-01},
urldate = {2016-01-01},
booktitle = {In the Proceedings of the International Wireless Communications and Mobile Computing Conference (IWCMC)},
abstract = {It is expected that drones will take a major role in the connected smart cities of the future. They will be delivering goods and merchandise, serving as mobile hot spots for broadband wireless access, and maintaining surveillance and security of smart cities. However, pervasive use of drones for future smart cities also brings together several technical and societal concerns and challenges that needs to be addressed, including in the areas of cybersecurity, privacy, and public safety. Drones, while can be used for the betterment of the society, can also be used by malicious entities to conduct physical and cyber attacks, and threaten the society. The goal of this survey paper is to review various aspects of drones in future smart cities, relating to cybersecurity, privacy, and public safety. We will also provide representative results on cyber attacks using drones.},
keywords = {CPS Security, UAV Security},
pubstate = {published},
tppubtype = {conference}
}
Samet Tonyali, Kemal Akkaya, Nico Saputro, A. Selcuk Uluagac
A reliable data aggregation mechanism with Homomorphic Encryption in Smart Grid AMI networks Conference Paper
In the Proceedings of the 13th IEEE Annual Consumer Communications & Networking Conference (CCNC), 2016.
Abstract | Links | BibTeX | Tags: CPS Security
@conference{TonyaliHomomorphiCCNC,
title = {A reliable data aggregation mechanism with Homomorphic Encryption in Smart Grid AMI networks},
author = {Samet Tonyali and Kemal Akkaya and Nico Saputro and A. Selcuk Uluagac},
url = {https://csl.fiu.edu/wp-content/uploads/2023/05/reliable_data_tonyali.pdf},
year = {2016},
date = {2016-01-01},
urldate = {2016-01-01},
booktitle = {In the Proceedings of the 13th IEEE Annual Consumer Communications & Networking Conference (CCNC)},
abstract = {One of the most common methods to preserve consumers' private data is using secure in-network data aggregation. The security can be provided through the emerging fully (FHE) or partial (PHE) homomorphic encryption techniques. However, an FHE aggregation scheme generates significantly big-size data when compared to traditional encryption methods. The overhead is compounded in hierarchical networks such as Smart Grid Advanced Metering Infrastructure (AMI) as data packets are routed towards the core of the AMI networking infrastructure from the smart meters. In this paper, we first investigate the feasibility and performance of FHE aggregation in AMI networks utilizing the reliable data transport protocol, TCP. Then, we introduce the packet reassembly problem. To address this challenge, we propose a novel packet reassembly mechanism for TCP. We evaluated the effectiveness of our proposed mechanism using both PHE and FHE-based aggregation approaches in AMI in terms throughput and end-to-end delay on an 802.11s-based wireless mesh network by using the ns-3 network simulator. The results indicate significant gains in terms of delay and bandwidth usage with the proposed mechanism.},
keywords = {CPS Security},
pubstate = {published},
tppubtype = {conference}
}
Gong Chen, Jacob H. Cox, A. Selcuk Uluagac, John A. Copeland
In-Depth Survey of Digital Advertising Technologies Journal Article
IEEE Communications Surveys & Tutorials, 2016.
Abstract | Links | BibTeX | Tags: Web Security
@article{ChenSurveyIEEE,
title = {In-Depth Survey of Digital Advertising Technologies},
author = {Gong Chen and Jacob H. Cox and A. Selcuk Uluagac and John A. Copeland},
url = {https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7390161},
year = {2016},
date = {2016-01-01},
urldate = {2016-01-01},
journal = {IEEE Communications Surveys & Tutorials},
abstract = {Some of the world’s most well-known IT companies are in fact advertising companies deriving their primary revenues through digital advertising. For this reason, these IT giants are able to continually drive the evolutions of information technology in ways that serve to enhance our everyday lives. The benefits of this relationship include free web browsers with powerful search engines and mobile applications. Still, it turns out that “free” comes at a cost that is paid through our interactions within a digital advertising ecosystem. Digital advertising is not without its challenges. Issues originate from the complex platforms utilized to support advertising over web and mobile application interfaces. This is especially true for advertising links. Additionally, as new methods for advertising develop so too does the potential for impacting its underlying ecosystem for good or ill. Accordingly, researchers are interested in understanding this ecosystem, the factors that impact it, and the strategies for improving it. The major contribution of this survey is that it is the first review of the digital advertising ecosystem as it applies to online websites and mobile applications. In doing so, we explain the digital advertising relationships within this ecosystem along with their technical, social, political, and physical implications. Furthermore, advertising principles along with a variation of other advertising
approaches, both legitimate and malicious, are explored in order to compare and contrast competing digital advertising methods.},
keywords = {Web Security},
pubstate = {published},
tppubtype = {article}
}
approaches, both legitimate and malicious, are explored in order to compare and contrast competing digital advertising methods.
Leonardo Babun, Hidayet Aksu, A. Selcuk Uluagac
A framework for counterfeit smart grid device detection Conference Paper
In the Proceedings of the IEEE Conference on Communications and Network Security (CNS), 2016.
Abstract | Links | BibTeX | Tags: CPS Security, Fingerprinting
@conference{BabunSmartGridIEEECNS,
title = {A framework for counterfeit smart grid device detection},
author = {Leonardo Babun and Hidayet Aksu and A. Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/document/7860522},
year = {2016},
date = {2016-01-01},
urldate = {2016-01-01},
booktitle = {In the Proceedings of the IEEE Conference on Communications and Network Security (CNS)},
abstract = {The core vision of the smart grid concept is the realization of reliable two-way communications between smart devices (e.g., IEDs, PLCs, PMUs). The benefits of the smart grid also come with tremendous security risks and new challenges in protecting the smart grid systems from cyber threats. Particularly, the use of untrusted counterfeit smart grid devices represents a real problem. Consequences of propagating false or malicious data, as well as stealing valuable user or smart grid state information from counterfeit devices are costly. Hence, early detection of counterfeit devices is critical for protecting smart grid's components and users. To address these concerns, in this poster, we introduce our initial design of a configurable framework that utilize system call tracing, library interposition, and statistical techniques for monitoring and detection of counterfeit smart grid devices. In our framework, we consider realistic counterfeit device scenarios with different smart grid devices and adversarial settings. Our initial results on a realistic testbed utilizing actual smart-grid GOOSE messages with IEC-61850 communication protocol are very promising. Our framework is showing excellent rates on detection of smart grid counterfeit devices from impostors.},
keywords = {CPS Security, Fingerprinting},
pubstate = {published},
tppubtype = {conference}
}
Selcuk Uluagac, Kemal Akkaya, Apurva Mohan, Mehmet H Cintuglu, Tarek Youssef, Osama Mohammed, Daniel Sullivan
Wireless Infrastructure in Industrial Control Systems Journal Article
Cyber-security of SCADA and Other Industrial Control Systems, 2016.
Links | BibTeX | Tags: CPS Security, Network Security
@article{UluagacWirelessSpringer,
title = {Wireless Infrastructure in Industrial Control Systems},
author = {Selcuk Uluagac and Kemal Akkaya and Apurva Mohan and Mehmet H Cintuglu and Tarek Youssef and Osama Mohammed and Daniel Sullivan},
url = {https://csl.fiu.edu/wp-content/uploads/2023/05/wireless_book.pdf},
year = {2016},
date = {2016-01-01},
urldate = {2016-01-01},
journal = {Cyber-security of SCADA and Other Industrial Control Systems},
publisher = {Springer},
keywords = {CPS Security, Network Security},
pubstate = {published},
tppubtype = {article}
}
Nico Saputro, Ali Ihsan Yurekli, Kemal Akkaya, Selcuk Uluagac
Privacy preservation for IoT used in smart buildings Journal Article
Security and Privacy in Internet of Things (IoTs): Models, Algorithms, and Implementations, 2016.
Abstract | Links | BibTeX | Tags: IoT Security, Privacy Preserving, Smart Home Security
@article{SaputroPrivacyIOT,
title = {Privacy preservation for IoT used in smart buildings},
author = {Nico Saputro and Ali Ihsan Yurekli and Kemal Akkaya and Selcuk Uluagac},
url = {https://www.sciencedirect.com/science/article/pii/S0167739X23001322},
year = {2016},
date = {2016-01-01},
urldate = {2016-01-01},
journal = {Security and Privacy in Internet of Things (IoTs): Models, Algorithms, and Implementations},
abstract = {Smart Buildings (SBs) employ the latest IoT technologies to automate building operations and services with the objective of increasing operational efficiency, maximising occupant comfort, and minimising environmental impact. However, these smart devices – mostly cloud-based – can capture and share a variety of sensitive and private data about the occupants, exposing them to various privacy threats. Given the non-intrusive nature of these devices, individuals typically have little or no awareness of the data being collected about them. Even if they do and claim to care about their privacy, they fail to take the necessary steps to safeguard it due to the convenience offered by the IoT devices. This discrepancy between user attitude and actual behaviour is known as the ‘privacy paradox’. To address this tension between data privacy, consent and convenience, this paper proposes a novel solution for informed consent management in shared smart spaces. Our proposed Informed Consent Management Engine (ICME) (a) increases user awareness about the data being collected by the IoT devices in the SB environment, (b) provides fine-grained visibility into privacy conformance and compliance by these devices, and (c) enables informed and confident privacy decision-making, through digital nudging. This study provides a reference architecture for ICME that can be used to implement diverse end-user consent management solutions for smart buildings. A proof-of-concept prototype is also implemented to demonstrate how ICME works in a shared smart workplace. Our proposed solution is validated by conducting expert interviews with 15 highly experienced industry professionals and academic researchers to understand the strengths, limitations, and potential improvements of the proposed system.},
keywords = {IoT Security, Privacy Preserving, Smart Home Security},
pubstate = {published},
tppubtype = {article}
}
Shruthi Ravichandran, Ramalingam K Chandrasekar, A Selcuk Uluagac, Raheem Beyah
A simple visualization and programming framework for wireless sensor networks: PROVIZ Journal Article
Ad Hoc Networks Journal, 2016.
Abstract | Links | BibTeX | Tags: IoT Security
@article{RavichandranPROVIZElsevier,
title = {A simple visualization and programming framework for wireless sensor networks: PROVIZ},
author = {Shruthi Ravichandran and Ramalingam K Chandrasekar and A Selcuk Uluagac and Raheem Beyah},
url = {https://www.sciencedirect.com/science/article/pii/S1570870516301639},
year = {2016},
date = {2016-01-01},
urldate = {2016-01-01},
journal = {Ad Hoc Networks Journal},
publisher = {Elsevier},
abstract = {Wireless Sensor Networks (WSNs) are rapidly gaining popularity in various critical domains like health care, critical infrastructure, and climate monitoring, where application builders have diversified development needs for programming, visualization, and simulation tools. However, these tools are designed as separate stand-alone applications. To avoid the complexity of using multiple tools, we have designed a new extensible, multi-platform, scalable, and open-source framework called PROVIZ. PROVIZ is an integrated visualization and programming framework with the following features: PROVIZ includes (1) a visualization tool that can visualize heterogeneous WSN traffic (with different packet payload formats) by parsing the data received either from a packet sniffer (e.g., a sensor-based sniffer or a commercial TI SmartRF 802.15.4 packet sniffer) or from a simulator (e.g., OMNeT); (2) a scripting language based on the TinyOS sensor network platform that aims at reducing code size and improving programming efficacy; (3) an over-the-air programming tool to securely program sensor nodes; (4) a visual programming tool with basic sensor drag-and-drop modules for generating simple WSN programs; and (5) a visual network comparison tool that analyzes packet traces of two networks to generate a juxtaposed visual comparison of contrasting network characteristics. PROVIZ also includes built-in extensible visual demo deployment capabilities that allow users to quickly craft network scenarios and share them with other users. In this work, we introduce the various features of PROVIZ’s visualization and programming framework, analyze test scenarios, and discuss how all the tools can be used in sync with each other to create an all-encompassing development and test environment.},
keywords = {IoT Security},
pubstate = {published},
tppubtype = {article}
}
Spencer Michaels, Kemal Akkaya, A. Selcuk Uluagac
Inducing data loss in Zigbee networks via join/association handshake spoofing Conference Paper
In the Proceedings of the IEEE Conference on Communications and Network Security (CNS), 2016.
Abstract | Links | BibTeX | Tags: IoT Security, Network Security
@conference{MichaelsZigbeeIEEECNS,
title = {Inducing data loss in Zigbee networks via join/association handshake spoofing},
author = {Spencer Michaels and Kemal Akkaya and A. Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/document/7860527},
year = {2016},
date = {2016-01-01},
urldate = {2016-01-01},
booktitle = {In the Proceedings of the IEEE Conference on Communications and Network Security (CNS)},
abstract = {Zigbee is an IEEE 802.15.4-based specification for low-power wireless mesh networks. Being a protocol with several known vulnerabilities, it continues to attract extensive research interest due to its potential applications in the Internet-of-Things (IoT). One of Zigbee's weak points lies in the network coordinator's initial handshake with a joining device, which is unencrypted. Our paper proposes a denial-of-service attack which exploits this fact to convince an end device to send its data to a rogue device on a different channel rather than the actual coordinator. Because the resource limitations of Zigbee devices generally preclude permanent storage, this is likely to result in loss of the transmitted data. We successfully demonstrate our attack and propose a solution that uses challenge-response based authentication to mitigate the attack.},
keywords = {IoT Security, Network Security},
pubstate = {published},
tppubtype = {conference}
}
Kemal Akkaya, A. Selcuk Uluagac, Abdullah Aydeger
Software defined networking for wireless local networks in Smart Grid Conference Paper
In the Proceedings of the 40th IEEE Local Computer Networks Conference Workshops (LCN Workshops), 2015.
Abstract | Links | BibTeX | Tags: Network Security, SDN Security
@conference{AkkayaSofrwareIEEELCN,
title = {Software defined networking for wireless local networks in Smart Grid},
author = {Kemal Akkaya and A. Selcuk Uluagac and Abdullah Aydeger},
url = {https://ieeexplore.ieee.org/document/7365934},
year = {2015},
date = {2015-01-01},
urldate = {2015-01-01},
booktitle = {In the Proceedings of the 40th IEEE Local Computer Networks Conference Workshops (LCN Workshops)},
abstract = {Emerging Software Defined Networking (SDN) technology has provided excellent flexibility to large-scale networks in terms of control, management, security, and maintenance. With SDN, network architectures can be deployed and maintained with ease. New trends in computing (e.g., cloud computing, data centers, and virtualization) can seamlessly be integrated with the SDN architecture. On the other hand, recent years witnessed a tremendous growth in the upgrade and modernization of the critical infrastructure networks, namely the Smart-Grid, in terms of its underlying communication infrastructure. From Supervisory Control and Data Acquisition (SCADA) systems to Advanced Metering Infrastructure (AMI), an increasing number of networking devices are being deployed to connect all the local network components of the Smart Grid together. Such large local networks requires significant effort in terms of network management and security, which is costly in terms of labor and hardware upgrades. SDN would be a perfect candidate technology to alleviate the costs while providing fine-grained control of this critical network infrastructure. Hence, in this paper, we explore the potential utilization of the SDN technology over the Smart Grid communication architecture. Specifically, we introduce three novel SDN deployment scenarios in local networks of Smart Grid. Moreover, we also investigate the pertinent security aspects with each deployment scenario along with possible solutions.},
keywords = {Network Security, SDN Security},
pubstate = {published},
tppubtype = {conference}
}
Troy Nunnally, A Selcuk Uluagac, Raheem Beyah
InterSec: An interaction system for network security applications Conference Paper
In the Proceedings of the IEEE International Conference on Communications (ICC), 2015.
Abstract | Links | BibTeX | Tags: Network Security
@conference{NunnallyInterSecIEEICC,
title = {InterSec: An interaction system for network security applications},
author = {Troy Nunnally and A Selcuk Uluagac and Raheem Beyah},
url = {https://ieeexplore.ieee.org/document/7249464},
year = {2015},
date = {2015-01-01},
urldate = {2015-01-01},
booktitle = {In the Proceedings of the IEEE International Conference on Communications (ICC)},
abstract = {Traditional two-dimensional (2D) and three-dimensional (3D) visualization tools for network security applications often employ a desktop, mouse, and keyboard setup of WIMP (Windows, Icons, Menus, and a Pointer) interfaces, which use a serial set of command inputs (e.g., click, rotate, zoom). However, research has shown that multiple inputs (e.g., Microsoft Kinect [8] and multi-touch monitors) could reduce the selection time of objects, resulting in a quicker response time than its traditional counterparts. In this work, we investigate these alternative user interfaces that are “natural” to the user for multiple inputs that reduce response time as a user navigates within a complex three-dimensional (3D) visualization for network security applications. Specifically, we introduce a visualization tool called InterSec, an interaction system prototype for interacting with 3D network security visualizations. InterSec helps developers build and manage gestures that require the coordination of multiple inputs across multiple interaction technologies. To our knowledge, InterSec is the first tool that proposes a system to reduce number of interactions within 3D visualizations for network security tools. Through our evaluation of live Honeynet data and a user study, the results reveal InterSec's ability to reduce the number of interactions to aid in 3D navigation in comparison to the mouse user interface.},
keywords = {Network Security},
pubstate = {published},
tppubtype = {conference}
}
Christopher Wampler, Selcuk Uluagac, Raheem Beyah
Information leakage in encrypted ip video traffic Conference Paper
In the Proceedings of the IEEE Global Communications Conference (GLOBECOM), 2015.
Abstract | Links | BibTeX | Tags: Network Security
@conference{WamplerInformationGLOBECOM,
title = {Information leakage in encrypted ip video traffic},
author = {Christopher Wampler and Selcuk Uluagac and Raheem Beyah},
url = {https://ieeexplore.ieee.org/document/7417767},
year = {2015},
date = {2015-01-01},
urldate = {2015-01-01},
booktitle = {In the Proceedings of the IEEE Global Communications Conference (GLOBECOM)},
abstract = {Voice chat and conferencing services may be assumed to be private and secure because of strong encryption algorithms applied to the video stream. We show that information leakage is occurring in video over IP traffic, including for encrypted payloads. It is possible to detect motion and scene changes, such as a person standing up or walking past a camera streaming live video. We accomplish this through analysis of network traffic metadata including arrival time between packets, packet sizes, and video stream bandwidth. Event detection through metadata analysis is possible even when common encryption techniques are applied to the video stream such as SSL or AES. We have observed information leakage across multiple codes and cameras. Through measurements of the x264 codec, we establish a basis for detectability of events via packet timing. Our laboratory experiments confirm that this event detection is possible and repeatable with commercial video streaming software.},
keywords = {Network Security},
pubstate = {published},
tppubtype = {conference}
}
Abdullah Aydeger, Kemal Akkaya, A. Selcuk Uluagac
SDN-based resilience for smart grid communications Conference Paper
In the Proceedings of the IEEE Conference on Network Function Virtualization and Software Defined Network (NFV-SDN), 2015.
Abstract | Links | BibTeX | Tags: SDN Security
@conference{AydegerSDNIEEE,
title = {SDN-based resilience for smart grid communications},
author = {Abdullah Aydeger and Kemal Akkaya and A. Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/7387401},
year = {2015},
date = {2015-01-01},
urldate = {2015-01-01},
booktitle = {In the Proceedings of the IEEE Conference on Network Function Virtualization and Software Defined Network (NFV-SDN)},
abstract = {With the recent advances in SDN-based technologies, there is a great interest from different communities to exploit SDN for their domain needs. One of such domains is Smart Grid where the underlying network is going through a massive upgrade to enable not only faster and reliable communications but also convenient control. To this end, SDN can be a viable option to provide resilience in Smart Grid SCADA and distribution networks. In this demo, we present such an opportunity by utilizing SDN for redundant communications. Specifically, we introduce multiple connection interfaces among distribution substations. In case of any failures of the wired connection, the backup connection that uses a wireless interface will be enabled by using an Open Daylight SDN controller. To be able to show this, we integrate a network simulator, namely, ns-3 with Mininet.},
keywords = {SDN Security},
pubstate = {published},
tppubtype = {conference}
}
Sakthi Vignesh Radhakrishnan, A. Selcuk Uluagac, Raheem Beyah
GTID: A Technique for Physical Device and Device Type Fingerprinting Journal Article
IEEE Transactions on Dependable and Secure Computing Journal, 2015.
Abstract | Links | BibTeX | Tags: Fingerprinting, Network Security
@article{RadhakrishnanGTIDIEEE,
title = {GTID: A Technique for Physical Device and Device Type Fingerprinting},
author = {Sakthi Vignesh Radhakrishnan and A. Selcuk Uluagac and Raheem Beyah},
url = {https://ieeexplore.ieee.org/document/6951398},
year = {2015},
date = {2015-01-01},
urldate = {2015-01-01},
journal = {IEEE Transactions on Dependable and Secure Computing Journal},
abstract = {In this paper, we introduce GTID, a technique that can actively and passively fingerprint wireless devices and their types using wire-side observations in a local network. GTID exploits information that is leaked as a result of heterogeneity in devices, which is a function of different device hardware compositions and variations in devices' clock skew. We apply statistical techniques on network traffic to create unique, reproducible device and device type signatures, and use artificial neural networks (ANNs) for classification. We demonstrate the efficacy of our technique on both an isolated testbed and a live campus network (during peak hours) using a corpus of 37 devices representing a wide range of device classes (e.g., iPads, iPhones, Google Phones, etc.) and traffic types (e.g., Skype, SCP, ICMP, etc.). Our experiments provided more than 300 GB of traffic captures which we used for ANN training and performance.},
keywords = {Fingerprinting, Network Security},
pubstate = {published},
tppubtype = {article}
}
A. Selcuk Uluagac, Wenyi Liu, Raheem Beyah
A multi-factor re-authentication framework with user privacy Conference Paper
In the Proceedings of the IEEE Conference on Communications and Network Security, 2014.
Abstract | Links | BibTeX | Tags: Authentication
@conference{UluagacAuthenticationIEEE,
title = {A multi-factor re-authentication framework with user privacy},
author = {A. Selcuk Uluagac and Wenyi Liu and Raheem Beyah},
url = {https://ieeexplore.ieee.org/document/6997526},
year = {2014},
date = {2014-01-01},
urldate = {2014-01-01},
booktitle = {In the Proceedings of the IEEE Conference on Communications and Network Security},
abstract = {Continuous re-authentication of users is a must to protect connections with long duration against any malicious activity. Users can be re-authenticated in numerous ways. One popular way is an approach that requires the presentation of two or more authentication factors (i.e., knowledge, possession, identity) called Multi-factor authentication (MFA). Given the market dominance of ubiquitous computing systems (e.g., cloud), MFA systems have become vital in re-authenticating users. Knowledge factor (i.e., passwords) is the most ubiquitous authentication factor; however, forcing a user to re-enter the primary factor, a password, at frequent intervals could significantly lower the usability of the system. Unfortunately, an MFA system with a possession factor (e.g., Security tokens) usually depends on the distribution of some specific device, which is cumbersome and not user-friendly. Similarly, MFA systems with an identity factor (e.g., physiological biometrics, keystroke pattern) suffer from a relatively low deployability and are highly intrusive and expose users sensitive information to untrusted servers. These servers can keep physically identifying elements of users, long after the user ends the relationship with the server. To address these concerns, in this poster, we introduce our initial design of a privacy-preserving multi-factor re-authentication framework. The first factor is a password while the second factor is a hybrid profile of user behavior with a large combination of host- and network-based features. Our initial results are very promising as our framework can successfully validate legitimate users while detecting impostors.},
keywords = {Authentication},
pubstate = {published},
tppubtype = {conference}
}
Aaron D Goldman, A Selcuk Uluagac, John A Copeland
Cryptographically-curated file system (CCFS): Secure, inter-operable, and easily implementable information-centric networking Conference Paper
In the Proceedings of the 39th Annual IEEE Conference on Local Computer Networks, 2014.
Abstract | Links | BibTeX | Tags: Cryptojacking
@conference{GoldmanCryptographicallyIEEE,
title = {Cryptographically-curated file system (CCFS): Secure, inter-operable, and easily implementable information-centric networking},
author = {Aaron D Goldman and A Selcuk Uluagac and John A Copeland},
url = {https://ieeexplore.ieee.org/document/6925766},
year = {2014},
date = {2014-01-01},
urldate = {2014-01-01},
booktitle = {In the Proceedings of the 39th Annual IEEE Conference on Local Computer Networks},
abstract = {Cryptographically-Curated File System (CCFS) proposed in this work supports the adoption of Information-Centric Networking. CCFS utilizes content names that span trust boundaries, verify integrity, tolerate disruption, authenticate content, and provide non-repudiation. Irrespective of the ability to reach an authoritative host, CCFS provides secure access by binding a chain of trust into the content name itself. Curators cryptographically bind content to a name, which is a path through a series of objects that map human meaningful names to cryptographically strong content identifiers. CCFS serves as a network layer for storage systems unifying currently disparate storage technologies. The power of CCFS derives from file hashes and public keys used as a name with which to retrieve content and as a method of verifying that content. We present results from our prototype implementation. Our results show that the overhead associated with CCFS is not negligible, but also is not prohibitive.},
keywords = {Cryptojacking},
pubstate = {published},
tppubtype = {conference}
}
A. Selcuk Uluagac, Venkatachalam Subramanian, Raheem Beyah
Sensory channel threats to Cyber Physical Systems: A wake-up call Conference Paper
In the Proceedings of the IEEE Conference on Communications and Network Security, 2014.
Abstract | Links | BibTeX | Tags: CPS Security
@conference{UluagacSensoryIEEE,
title = {Sensory channel threats to Cyber Physical Systems: A wake-up call},
author = {A. Selcuk Uluagac and Venkatachalam Subramanian and Raheem Beyah},
url = {https://ieeexplore.ieee.org/document/6997498},
year = {2014},
date = {2014-01-01},
urldate = {2014-01-01},
booktitle = {In the Proceedings of the IEEE Conference on Communications and Network Security},
abstract = {Cyber-Physical Systems (CPS) is a relatively novel computing paradigm where there is a tight integration of communications, computation, and the physical environment. An important component of the CPS devices is the sensors they use to interact with each other and the physical world around them. With CPS applications, engineers monitor the structural health of highways and bridges, farmers check the health of their crops, and ecologists observe wildlife in their natural habitat. Nonetheless, current security models consider protecting only networking components of the CPS devices utilizing traditional security mechanisms (e.g., an intrusion detection system for the data that traverse the network protocol stacks). The protection mechanisms are not sufficient to protect CPS devices from threats emanating from sensory channels. Using sensory channels (e.g., light, temperature, infrared), an adversary can successfully attack systems. Specifically, the adversary can (1) trigger existing malware, (2) transfer malware, or (3) combine malicious use of different sensory channels to increase the impact of the attack on CPS devices. In this work, we focus on these novel sensory channel threats to CPS devices and applications. We first note how sensory channel threats are an emerging area for the CPS world. Then, we analyze the performance various sensory channel threats. Moreover, using an iRobot Create as our CPS platform, we exploit simple vulnerable programs on iRobot through its infrared channel. Finally, we introduce the design of a novel sensory channel aware intrusion detection system as a protection mechanism against the sensory channel threats for CPS devices.},
keywords = {CPS Security},
pubstate = {published},
tppubtype = {conference}
}
Xiaojing Liao, A. Selcuk Uluagac, Raheem A. Beyah
S-MATCH: Verifiable Privacy-Preserving Profile Matching for Mobile Social Services Conference Paper
In the proceedings of the 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2014.
Abstract | Links | BibTeX | Tags: Mobile Security , Privacy-preserving, Social Networks Security
@conference{LiaoS-matchIEEE2014,
title = {S-MATCH: Verifiable Privacy-Preserving Profile Matching for Mobile Social Services},
author = {Xiaojing Liao and A. Selcuk Uluagac and Raheem A. Beyah},
url = {https://ieeexplore.ieee.org/abstract/document/6903587/},
year = {2014},
date = {2014-01-01},
urldate = {2014-01-01},
booktitle = {In the proceedings of the 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)},
abstract = {Mobile social services utilize profile matching to help users find friends with similar social attributes (e.g., interests, location, background). However, privacy concerns often hinder users from enabling this functionality. In this paper, we introduce S-MATCH, a novel framework for privacy-preserving profile matching based on property-preserving encryption (PPE). First, we illustrate that PPE should not be considered secure when directly used on social attribute data due to its key-sharing problem and information leakage problem. Then, we address the aforementioned problems of applying PPE to social network data and develop an efficient and verifiable privacy-preserving profile matching scheme. We implement both the client and server portions of S-MATCH and evaluate its performance under three real-world social network datasets. The results show that S-MATCH can achieve at least one order of magnitude better computational performance than the techniques that use homomorphic encryption.},
keywords = {Mobile Security , Privacy-preserving, Social Networks Security},
pubstate = {published},
tppubtype = {conference}
}
Wenyi Liu, A. Selcuk Uluagac, Raheem Beyah
MACA: A privacy-preserving multi-factor cloud authentication system utilizing big data Conference Paper
In the proceedings of IEEE Conference on Computer Communications Workshops (INFOCOM Wksps) , 2014.
Abstract | Links | BibTeX | Tags: Authentication, Big Data Security
@conference{LiuMACAIEEE2014,
title = {MACA: A privacy-preserving multi-factor cloud authentication system utilizing big data},
author = {Wenyi Liu and A. Selcuk Uluagac and Raheem Beyah},
url = {https://ieeexplore.ieee.org/abstract/document/6849285/},
year = {2014},
date = {2014-01-01},
urldate = {2014-01-01},
booktitle = {In the proceedings of IEEE Conference on Computer Communications Workshops (INFOCOM Wksps)
},
abstract = {Multi-factor authentication (MFA) is an approach to user validation that requires the presentation of two or more authentication factors. Given the popularity of cloud systems, MFA systems become vital in authenticating users. However, MFA approaches are highly intrusive and expose users' sensitive information to untrusted cloud servers that can keep physically identifying elements of users, long after the user ends the relationship with the cloud. To address these concerns in this work, we present a privacy-preserving multi-factor authentication system utilizing the features of big data called MACA. In MACA, the first factor is a password while the second factor is a hybrid profile of user behavior. The hybrid profile is based on users' integrated behavior, which includes both host-based characteristics and network flow-based features. MACA is the first MFA that considers both user privacy and usability combining big data features (26 total configurable features). Furthermore, we adopt fuzzy hashing and fully homomorphic encryption (FHE) to protect users' sensitive profiles and to handle the varying nature of the user profiles. We evaluate the performance of our proposed approach through experiments with several public datasets. Our results show that our proposed system can successfully validate legitimate users while detecting impostors.},
keywords = {Authentication, Big Data Security},
pubstate = {published},
tppubtype = {conference}
}
Albert Brzeczko, A. Selcuk Uluagac, Raheem Beyah, John Copeland
Active deception model for securing cloud infrastructure Conference Paper
In the proceedings of IEEE Conference on Computer Communications Workshops (INFOCOM), 2014.
Abstract | Links | BibTeX | Tags: Cloud Security, Honeypot/Honeynet
@conference{BrzeczkoActiveIEEE2014,
title = {Active deception model for securing cloud infrastructure},
author = {Albert Brzeczko and A. Selcuk Uluagac and Raheem Beyah and John Copeland},
url = {https://ieeexplore.ieee.org/abstract/document/6849288/},
year = {2014},
date = {2014-01-01},
urldate = {2014-01-01},
booktitle = {In the proceedings of IEEE Conference on Computer Communications Workshops (INFOCOM)},
abstract = {The proliferation of cloud computing over the past several years has led to a variety of new use cases and enabling technologies for enterprise and consumer applications. Increased reliance on cloud-based platforms has also necessitated an increased emphasis on securing the services and data hosted within those platforms. From a security standpoint, an advantage of cloud platforms over traditional production networks is that they have a dynamic, mutable structure that can change as a result of a variety of factors, so reconnaissance on the part of an attacker is far less predictable. In this work, we propose a novel technique that leverages the amorphous nature of cloud architectures to deceive and redirect potential intruders with decoy assets implanted among production hosts. In this way, attackers encounter and probe decoys that lead them to reveal their motives and cause them to be less likely to compromise their intended target, particularly once they have revealed their tactics against decoy assets. We show that our technique, after having been exposed to live traffic for approximately one month, detected 1,255 highly malicious hosts and was able to divert 97.5% of malicious traffic from these hosts. This traffic would have otherwise reached production hosts and potentially led to compromise.},
keywords = {Cloud Security, Honeypot/Honeynet},
pubstate = {published},
tppubtype = {conference}
}
Jinyoun Cho, A. Selcuk Uluagac, John Copeland, Yusun Chang
Efficient safety message forwarding using multi-channels in low density VANETs Conference Paper
In the proceedings of the IEEE Global Communications Conference (GLOBECOM), 2014.
Abstract | Links | BibTeX | Tags: Vehicle security, Wireless Security
@conference{ChoEfficientIEEE2014,
title = {Efficient safety message forwarding using multi-channels in low density VANETs},
author = {Jinyoun Cho and A. Selcuk Uluagac and John Copeland and Yusun Chang},
url = {https://ieeexplore.ieee.org/abstract/document/7036786/},
year = {2014},
date = {2014-01-01},
urldate = {2014-01-01},
booktitle = {In the proceedings of the IEEE Global Communications Conference (GLOBECOM)},
abstract = {Vehicular Ad-hoc networks (VANETs) provide a way for a vehicle to deliver various types of information to users or drivers in other vehicles. Distributing a large amount of information such as multimedia messages in a single control channel makes the control channel easily congested. Transmitting multimedia messages through multi-channel to avoid this congestion becomes a feasible solution. However, low-connectivity in a low vehicle density in multi-channel poses unique challenges and can produce connection failure if this issue is not carefully addressed. In this paper, a network coding technique with divide-and-deliver is introduced to solve this unique challenge for delivering multimedia contents through multiple service channels in a low vehicle density. Through the rigorous analytical derivation and extensive simulation, we show the proposed scheme significantly improves reliability with minimum usage of the control channels in a typical VANETs environment.},
keywords = {Vehicle security, Wireless Security},
pubstate = {published},
tppubtype = {conference}
}
Shouling Ji, A. Selcuk Uluagac, Raheem Beyah, Zhipeng Cai
Practical unicast and convergecast scheduling schemes for Cognitive Radio Networks Journal Article
Journal of Combinatorial Optimization, 2013.
Abstract | Links | BibTeX | Tags: Network Security, Wireless Security
@article{JiRadioNetworksSpringer2013,
title = {Practical unicast and convergecast scheduling schemes for Cognitive Radio Networks},
author = {Shouling Ji and A. Selcuk Uluagac and Raheem Beyah and Zhipeng Cai},
url = {https://link.springer.com/article/10.1007/s10878-011-9446-7},
doi = {10.1007/s10878-011-9446-7},
year = {2013},
date = {2013-07-01},
urldate = {2013-07-01},
journal = {Journal of Combinatorial Optimization},
abstract = {Cognitive Radio Networks (CRNs) have paved a road for Secondary Users (SUs) to opportunistically exploit unused spectrum without harming the communications among Primary Users (PUs). In this paper, practical unicast and convergecast schemes, which are overlooked by most of the existing works for CRNs, are proposed. We first construct a cell-based virtual backbone for CRNs. Then prove that SUs have positive probabilities to access the spectrum and the expected one hop delay is bounded by a constant, if the density of PUs is finite. According to this fact, we proposed a three-step unicast scheme and a two-phase convergecast scheme. We demonstrate that the induced delay from our proposed Unicast Scheduling (US) algorithm scales linearly with the transmission distance between the source and the destination. Furthermore, the expected delay of the proposed Convergecast Scheduling (CS) algorithm is proven to be upper bounded by O(logn + sqrt(n/logn)). To the best of our knowledge, this is the first study of convergecast in CRNs. Finally, the performance of the proposed algorithms is validated through simulations.},
keywords = {Network Security, Wireless Security},
pubstate = {published},
tppubtype = {article}
}
Shouling Ji, Jing (Selena) He, A. Selcuk Uluagac, Raheem Beyah, Yingshu Li
Cell-Based Snapshot and Continuous Data Collection in Wireless Sensor Networks Journal Article
ACM Transactions on Sensor Networks (TOSN), 2013.
Abstract | Links | BibTeX | Tags: Network Security
@article{JiCell-BasedACM2013,
title = {Cell-Based Snapshot and Continuous Data Collection in Wireless Sensor Networks},
author = {Shouling Ji and Jing (Selena) He and A. Selcuk Uluagac and Raheem Beyah and Yingshu Li},
url = {https://dl.acm.org/doi/abs/10.1145/2489253.2489264},
doi = {10.1145/2489253.2489264},
year = {2013},
date = {2013-07-01},
urldate = {2013-07-01},
journal = {ACM Transactions on Sensor Networks (TOSN)},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
abstract = {Data collection is a common operation of wireless sensor networks (WSNs). The performance of data collection can be measured by its achievable network capacity. However, most existing works focus on the network capacity of unicast, multicast or/and broadcast. In this article, we study the snapshot/continuous data collection (SDC/CDC) problem under the physical interference model for randomly deployed dense WSNs. For SDC, we propose a Cell-Based Path Scheduling (CBPS) algorithm based on network partitioning. Theoretical analysis shows that its achievable network capacity is order-optimal. For CDC, a novel Segment-Based Pipeline Scheduling (SBPS) algorithm is proposed which combines the pipeline technique and the compressive data gathering technique. Theoretical analysis shows that SBPS significantly speeds up the CDC process and achieves a high network capacity.},
keywords = {Network Security},
pubstate = {published},
tppubtype = {article}
}
Troy Nunnally, Penyen Chi, Kulsoom Abdullah, A. Selcuk Uluagac, John A. Copeland, Raheem Beyah
P3D: A parallel 3D coordinate visualization for advanced network scans Conference Paper
In the proceedings of the IEEE International Conference on Communications (ICC), 2013.
Abstract | Links | BibTeX | Tags: Network Security, Security Visualization
@conference{NunnallyP3DIEEE2013,
title = {P3D: A parallel 3D coordinate visualization for advanced network scans},
author = {Troy Nunnally and Penyen Chi and Kulsoom Abdullah and A. Selcuk Uluagac and John A. Copeland and Raheem Beyah},
url = {https://ieeexplore.ieee.org/abstract/document/6654828/},
year = {2013},
date = {2013-01-01},
urldate = {2013-01-01},
booktitle = {In the proceedings of the IEEE International Conference on Communications (ICC)},
abstract = {As network attacks increase in complexity, network administrators will continue to struggle with analyzing security data immediately and efficiently. To alleviate these challenges, researchers are looking into various visualization techniques (e.g., two-dimensional (2D) and three-dimensional (3D)) to detect, identify, and analyze malicious attacks. This paper discusses the benefits of using a stereoscopic 3D parallel visualization techniques for network scanning, in particular, when addressing occlusion-based visualization attacks intended to confuse network administrators. To our knowledge, no 2D or 3D tool exists that analyzes these attacks. Hence, we propose a novel 3D Parallel coordinate visualization tool for advanced network scans and attacks called P3D. P3D uses flow data, filtering techniques, and state-of-the art 3D technologies to help network administrators detect distributed and coordinated network scans. Compared to other 2D and 3D network security visualization tools, P3D prevents occlusion-based visualization attacks (e.g., Windshield Wiper and Port Source Confusion attacks). We validate our tool with use-cases from emulated distributed scanning attacks. Our evaluation shows P3D allows users to extract new information about scans and minimize information overload by adding an extra dimension and awareness region in the visualization.},
keywords = {Network Security, Security Visualization},
pubstate = {published},
tppubtype = {conference}
}
Troy Nunnally, Kulsoom Abdullah, A. Selcuk Uluagac, John A. Copeland, Raheem Beyah
NAVSEC: A Recommender System for 3D Network Security Visualizations Conference Paper
In the proceedings of the 10th Workshop on Visualization for Cyber Security, 2013.
Abstract | Links | BibTeX | Tags: Network Security, Security Visualization
@conference{NunnallyNAVSECVizSec2013,
title = {NAVSEC: A Recommender System for 3D Network Security Visualizations},
author = {Troy Nunnally and Kulsoom Abdullah and A. Selcuk Uluagac and John A. Copeland and Raheem Beyah},
url = {https://dl.acm.org/doi/abs/10.1145/2517957.2517963},
year = {2013},
date = {2013-01-01},
urldate = {2013-01-01},
booktitle = {In the proceedings of the 10th Workshop on Visualization for Cyber Security},
abstract = {As network attacks increase in complexity, the ability to quickly analyze security data and mitigate the effect of these attacks becomes a difficult problem. To alleviate these challenges, researchers are looking into various two-dimensional (2D) and three-dimensional (3D) visualization tools to detect, identify, and analyze malicious attacks. These visualization tools often require advanced knowledge in networking, visualization, and information security to operate, navigate, and successfully examine malicious attacks. Novice users, deficient in the required advanced knowledge, may find navigation within these visualization tools difficult. Furthermore, expert users may be limited and costly. We discuss the use of a modern recommender system to aid in navigating within a complex 3D visualization for network security applications. We developed a visualization module called NAVSEC, a recommender system prototype for navigating in 3D network security visualization tools. NAVSEC recommends visualizations and interactions to novice users. Given visualization interaction input from a novice user and expert communities, NAVSEC is instrumental in reducing confusion for a novice user while navigating in a 3D visualization. We illustrate NAVSEC with a use-case from an emulated stealthy scanning attack disguised as a file transfer with multiple concurrent connections. We show that using NAVSEC, a novice user's visualization converges towards a visualization used to identify or detect a suspected attack by an expert user. As a result, NAVSEC can successfully guide the novice user in differentiating between complex network attacks and benign legitimate traffic with step-by-step created visualizations and suggested user interactions.},
keywords = {Network Security, Security Visualization},
pubstate = {published},
tppubtype = {conference}
}
Sakthi V. Radhakrishnan, A. Selcuk Uluagac, Raheem Beyah
Realizing an 802.11-based covert timing channel using off-the-shelf wireless cards Conference Paper
In the proceedings of the IEEE Global Communications Conference (GLOBECOM), 2013.
Abstract | Links | BibTeX | Tags: Covert channels, Network Security
@conference{RadhakrishnanRealizingIEEE2013,
title = {Realizing an 802.11-based covert timing channel using off-the-shelf wireless cards},
author = {Sakthi V. Radhakrishnan and A. Selcuk Uluagac and Raheem Beyah},
url = {https://ieeexplore.ieee.org/abstract/document/6831158/},
year = {2013},
date = {2013-01-01},
urldate = {2013-01-01},
booktitle = {In the proceedings of the IEEE Global Communications Conference (GLOBECOM)},
abstract = {By using covert channels, a malicious entity can hide messages within regular traffic and can thereby circumvent security mechanisms. This same method of obfuscation can be used by legitimate users to transmit messages over hostile networks. A promising area for covert channels is wireless networks employing carrier sense multiple access with collision avoidance (CSMA/CA) (e.g., 802.11 networks). These schemes introduce randomness in the network that provides good cover for a covert timing channel. Hence, by exploiting the random back-off in distributed coordination function (DCF) of 802.11, we realize a relatively high bandwidth covert timing channel for 802.11 networks, called Covert-DCF. As opposed to many works in the literature focusing on theory and simulations, Covert-DCF is the first fully implemented covert timing channel for 802.11 MAC using off-the-self wireless cards. In this paper, we introduce the design and implementation of Covert-DCF that is transparent to the users of the shared medium. We also evaluate the performance of Covert-DCF and provide discussions on the feasibility of this technique in a real world scenario.},
keywords = {Covert channels, Network Security},
pubstate = {published},
tppubtype = {conference}
}
A. Selcuk Uluagac, Sakthi V. Radhakrishnan, Cherita Corbett, Antony Baca, Raheem Beyah
A passive technique for fingerprinting wireless devices with Wired-side Observations Conference Paper
In the proceedings of the IEEE Conference on Communications and Network Security (CNS) , 2013.
Abstract | Links | BibTeX | Tags: Fingerprinting, Wireless Security
@conference{UluagacFingerprintingIEEE2013,
title = {A passive technique for fingerprinting wireless devices with Wired-side Observations},
author = {A. Selcuk Uluagac and Sakthi V. Radhakrishnan and Cherita Corbett and Antony Baca and Raheem Beyah},
url = {https://ieeexplore.ieee.org/abstract/document/6682720/},
year = {2013},
date = {2013-01-01},
urldate = {2013-01-01},
booktitle = {In the proceedings of the IEEE Conference on Communications and Network Security (CNS)
},
abstract = {In this paper, we introduce GTID, a technique that passively fingerprints wireless devices and their types from the wired backbone. GTID exploits the heterogeneity of devices, which is a function of different device hardware compositions and variations in devices' clock skew. We use statistical techniques to create unique, reproducible device and device type signatures that represent time variant behavior in network traffic and use artificial neural networks (ANNs) to classify devices and device types. We demonstrate the efficacy of our technique on both an isolated testbed and a live campus network (during peak hours) using a corpus of 27 devices representing a wide range of device classes. We collected more than 100 GB of traffic captures for ANN training and classification. We assert that for any fingerprinting technique to be practical, it must be able to detect previously unseen devices (i.e., devices for which no stored signature is available) and must be able to withstand various attacks. GTID is the first fingerprinting technique to detect previously unseen devices and to illustrate its resilience under various attacker models. We measure the performance of GTID by considering accuracy, recall, and processing time and illustrate how it can be used to complement existing authentication systems and to detect counterfeit devices.},
keywords = {Fingerprinting, Wireless Security},
pubstate = {published},
tppubtype = {conference}
}
Xiaojing Liao, A. Selcuk Uluagac, Raheem A. Beyah
S-Match: An efficient privacy-preserving profile matching scheme Conference Paper
In the proceedings of IEEE Conference on Communications and Network Security (CNS), 2013.
Abstract | Links | BibTeX | Tags: Authentication, Privacy-preserving
@conference{LiaoS-MatchIEEE2013,
title = {S-Match: An efficient privacy-preserving profile matching scheme},
author = {Xiaojing Liao, A. Selcuk Uluagac and Raheem A. Beyah},
url = {https://ieeexplore.ieee.org/abstract/document/6682736},
year = {2013},
date = {2013-01-01},
urldate = {2013-01-01},
booktitle = {In the proceedings of IEEE Conference on Communications and Network Security (CNS)},
abstract = {Profile matching is a fundamental and significant step for mobile social services to build social relationships and share interests. Given the privacy and efficiency concerns of mobile platforms, we propose a cost-effective profile matching technique called S-Match for mobile social services in which matching operations are achieved in a privacy-preserving manner utilizing property-preserving encryption (PPE). Specifically, in this poster, we first analyze the challenges of directly using PPE for profile matching. Second, we introduce a solution based on entropy increase. Our initial results, with three real-world datasets, show that S-Match achieves at least an order of magnitude improvement over other relevant schemes.},
keywords = {Authentication, Privacy-preserving},
pubstate = {published},
tppubtype = {conference}
}
Venkatachalam Subramanian, A. Selcuk Uluagac, Hasan Cam, Raheem Beyah
Examining the characteristics and implications of sensor side channels Conference Paper
In the proceedings of IEEE International Conference on Communications (ICC), 2013.
Abstract | Links | BibTeX | Tags: CPS Security, Network Security, Side Channel
@conference{SubramanianIEEE2013,
title = {Examining the characteristics and implications of sensor side channels},
author = {Venkatachalam Subramanian, A. Selcuk Uluagac and Hasan Cam and Raheem Beyah},
url = {https://ieeexplore.ieee.org/abstract/document/6654855/},
year = {2013},
date = {2013-01-01},
urldate = {2013-01-01},
booktitle = {In the proceedings of IEEE International Conference on Communications (ICC)},
abstract = {The nodes in wireless sensor networks (WSNs) utilize the radio frequency (RF) channel to communicate. Given that the RF channel is the primary communication channel, many researchers have developed techniques for securing that channel. However, the RF channel is not the only interface into a sensor. The sensing components, which are primarily designed to sense characteristics about the outside world, can also be used (or misused) as a communication (side) channel. In this paper, we characterize the side channels for various sensory components (i.e., light sensor, acoustic sensor, and accelerometer). While previous work has focused on the use of these side channels to improve the security and performance of a WSN, we seek to determine if the side channels have enough capacity to potentially be used for malicious activity. Specifically, we evaluate the feasibility and practicality of the side channels using today's sensor technology and illustrate that these channels have enough capacity to enable the transfer of common, well-known malware. The ultimate goal of this work is to illustrate the need for intrusion detection systems (IDSs) that not only monitor the RF channel, but also monitor the values returned by the sensory components.},
keywords = {CPS Security, Network Security, Side Channel},
pubstate = {published},
tppubtype = {conference}
}
Ramalingam K. Chandrasekar, A. Selcuk Uluagac, Raheem Beyah
PROVIZ: An integrated visualization and programming framework for WSNs Conference Paper
In the proceedings of the 38th Annual IEEE Conference on ALocal Computer Networks Workshops (LCN Workshops), 2013.
Abstract | Links | BibTeX | Tags: IoT Security, Security Visualization
@conference{ChandrasekarPROVIZIEEE2013,
title = {PROVIZ: An integrated visualization and programming framework for WSNs},
author = {Ramalingam K. Chandrasekar and A. Selcuk Uluagac and Raheem Beyah},
url = {https://ieeexplore.ieee.org/abstract/document/6758511/},
year = {2013},
date = {2013-01-01},
urldate = {2013-01-01},
booktitle = {In the proceedings of the 38th Annual IEEE Conference on ALocal Computer Networks Workshops (LCN Workshops)},
abstract = {Wireless Sensor Networks (WSNs) are rapidly gaining popularity in various critical domains like health care, critical infrastructure, and climate monitoring, where application builders have diversified development needs. Independent of the functionalities provided by the WSN applications, many of the developers use visualization, simulation, and programming tools. However, these tools are designed as separate stand-alone applications, which force developers to use multiple tools. This situation often poses confusion and hampers an efficient development experience. To avoid the complexity of using multiple tools, we have designed a new extensible, multi-platform, scalable, and open-source framework called PROVIZ, which is an integrated visualization and programming framework. In this paper, we explain the various features of PROVIZ's visualization and programming framework and discuss how PROVIZ can be used as a visual debugging tool to aid in providing a software fix.},
keywords = {IoT Security, Security Visualization},
pubstate = {published},
tppubtype = {conference}
}
A. Selcuk Uluagac, Raheem A. Beyah, John A. Copeland
Secure SOurce-BAsed Loose Synchronization (SOBAS) for Wireless Sensor Networks Journal Article
In proceedings of IEEE Transactions on Parallel and Distributed Systems, 2013.
Abstract | Links | BibTeX | Tags: IoT Security, Network Security, Wireless Security
@article{UluagacSOBASIEEE2013,
title = {Secure SOurce-BAsed Loose Synchronization (SOBAS) for Wireless Sensor Networks},
author = {A. Selcuk Uluagac and Raheem A. Beyah and John A. Copeland},
url = {https://ieeexplore.ieee.org/abstract/document/6216359},
doi = {10.1109/TPDS.2012.170},
year = {2013},
date = {2013-01-01},
urldate = {2013-01-01},
journal = {In proceedings of IEEE Transactions on Parallel and Distributed Systems},
abstract = {We present the Secure SOurce-BAsed Loose Synchronization (SOBAS) protocol to securely synchronize the events in the network, without the transmission of explicit synchronization control messages. In SOBAS, nodes use their local time values as a one-time dynamic key to encrypt each message. In this way, SOBAS provides an effective dynamic en-route filtering mechanism, where the malicious data is filtered from the network. With SOBAS, we are able to achieve our main goal of synchronizing events at the sink as quickly, as accurately, and as surreptitiously as possible. With loose synchronization, SOBAS reduces the number of control messages needed for a WSN to operate providing the key benefits of reduced energy consumption as well as reducing the opportunity for malicious nodes to eavesdrop, intercept, or be made aware of the presence of the network. Albeit a loose synchronization per se, SOBAS is also able to provide (7.24μ)s clock precision given today's sensor technology, which is much better than other comparable schemes (schemes that do not employ GPS devices). Also, we show that by recognizing the need for and employing loose time synchronization, necessary synchronization can be provided to the WSN application using half of the energy needed for traditional schemes. Both analytical and simulation results are presented to verify the feasibility of SOBAS as well as the energy consumption of the scheme under normal operation and attack from malicious nodes.},
keywords = {IoT Security, Network Security, Wireless Security},
pubstate = {published},
tppubtype = {article}
}
Troy Nunnally, A. Selcuk Uluagac, John A. Copeland, Raheem Beyah
3DSVAT: A 3D Stereoscopic Vulnerability Assessment Tool for network security Conference Paper
In the proceedings of 37th Annual IEEE Conference on Local Computer Networks (LCN), 2012.
Abstract | Links | BibTeX | Tags: Network Security, Security Visualization
@conference{Nunnally3DSVATIEEE2012,
title = {3DSVAT: A 3D Stereoscopic Vulnerability Assessment Tool for network security},
author = {Troy Nunnally and A. Selcuk Uluagac and John A. Copeland and Raheem Beyah},
url = {https://ieeexplore.ieee.org/abstract/document/6423586/},
year = {2012},
date = {2012-01-01},
urldate = {2012-01-01},
booktitle = {In the proceedings of 37th Annual IEEE Conference on Local Computer Networks (LCN)},
abstract = {As the volume of network data continues to increase and networks become more complex, the ability to accurately manage and analyze data quickly becomes a difficult problem. Many network management tools already use two-dimensional (2D) and three-dimensional (3D) visualization techniques to help support decision-making and reasoning of network anomalies and activity. However, a poor user interface combined with the massive amount of data could obfuscate important network details. As a result, administrators may fail to detect and identify malicious network behavior in a timely manner. 3D visualizations address this challenge by introducing monocular and binocular visual cues to portray depth and to increase the perceived viewing area. In this work, we explore these cues for 3D network security applications, with a particular emphasis on binocular disparity or stereoscopic 3D. Currently, no network security tool takes advantage of the enhanced depth perception provided by stereoscopic 3D technologies for vulnerability assessment. Compared to traditional 3D systems, stereoscopic 3D helps improve the perception of depth, which can, in turn reduce the number of errors and increase response times of network administrators. Thus, we introduce a stereoscopic 3D visual Framework for Rendering Enhanced 3D Stereoscopic Visualizations for Network Security (FRE3DS). Our novel framework uses state-of-the art 3D graphics rendering to assist in 3D visualizations for network security applications. Moreover, utilizing our framework, we propose a new 3D Stereoscopic Vulnerability Assessment Tool (3DSVAT). We illustrate the use of 3DSVAT to assist in rapid detection and correlation of attack vulnerabilities in a subset of a modified local area network data set using the enhanced perception of depth in a stereoscopic 3D environment.},
keywords = {Network Security, Security Visualization},
pubstate = {published},
tppubtype = {conference}
}
Aaron D Goldman, A. Selcuk Uluagac, Raheem Beyah, John A Copeland
Plugging the leaks without unplugging your network in the midst of Disaster Conference Paper
In the proceedings of 37th Annual IEEE Conference on Local Computer Networks (LCN), 2012.
Abstract | Links | BibTeX | Tags: Network Security
@conference{GoldmanIEEE2012,
title = {Plugging the leaks without unplugging your network in the midst of Disaster},
author = {Aaron D Goldman and A. Selcuk Uluagac and Raheem Beyah and John A Copeland},
url = {https://ieeexplore.ieee.org/abstract/document/6423620/},
year = {2012},
date = {2012-01-01},
urldate = {2012-01-01},
booktitle = {In the proceedings of 37th Annual IEEE Conference on Local Computer Networks (LCN)},
abstract = {Network Disaster Recovery research has examined behavior of networks after disasters with an aim to restoring normal conditions. In addition to probable loss of connectivity, a disaster scenario can also lead to security risks. However, network security has been examined extensively under normal conditions, and not under conditions that ensue after disasters. Therefore, security issues should be addressed during the period of chaos after a disaster, but before operating conditions return to normal. Furthermore, security should be assured, while still allowing access to the network to enable public communication in order to assist in disaster relief efforts. In general, the desire to help with public assistance requires opening up access to the network, while security concerns add pressure to close down or limit access to the network. In this study, we show that the objectives of availability and confidentiality, two objectives that have not previously been considered together in disaster scenarios, can be simultaneously achieved. For our study, we evaluated six wireless devices with various network configurations, including a laptop, a Kindle Fire e-reader, an Android tablet, a Google Nexus phone, an IP camera, and an Apple TV, to approximate behaviors of a communication network under a disaster scenario. Actual data leakage was tracked and observed for these devices. To the best of our knowledge this has not previously been examined in a systematic manner for post-disaster scenarios. After illustrating the data leakage of various devices, we analyze the risk associated with the various types of leakage. Moving private traffic to a VPN would free the physical network for use as a public resource.},
keywords = {Network Security},
pubstate = {published},
tppubtype = {conference}
}
Marco Valero, Sang Shin Jung, A. Selcuk Uluagac, Yingshu Li, Raheem Beyah
Di-Sec: A distributed security framework for heterogeneous Wireless Sensor Networks Conference Paper
In the proceedings IEEE International Conference on Computer Communications (INFOCOM), 2012.
Abstract | Links | BibTeX | Tags: IoT Security, Network Security, Wireless Security
@conference{ValeroDi-SecIEEE2012,
title = {Di-Sec: A distributed security framework for heterogeneous Wireless Sensor Networks},
author = {Marco Valero and Sang Shin Jung and A. Selcuk Uluagac and Yingshu Li and Raheem Beyah},
url = {https://ieeexplore.ieee.org/abstract/document/6195801/},
year = {2012},
date = {2012-01-01},
urldate = {2012-01-01},
booktitle = {In the proceedings IEEE International Conference on Computer Communications (INFOCOM)},
abstract = {Wireless Sensor Networks (WSNs) are deployed for monitoring in a range of critical domains (e.g., health care, military, critical infrastructure). Accordingly, these WSNs should be resilient to attacks. The current approach to defending against malicious threats is to develop and deploy a specific defense mechanism for a specific attack. However, the problem with this traditional approach to defending sensor networks is that the solution for the Jamming attack does not defend against other attacks (e.g., Sybil and Selective Forwarding). In reality, one cannot know a priori what type of attack an adversary will launch. This work addresses the challenges with the traditional approach to securing sensor networks and presents a comprehensive framework, Di-Sec, that can defend against all known and forthcoming attacks. At the heart of Di-Sec lies the monitoring core (M-Core), which is an extensible and lightweight layer that gathers statistics relevant for the defense mechanisms. The M-Core allows for the monitoring of both internal and external threats and supports the execution of multiple detection and defense mechanisms (DDMs) against different threats in parallel. Along with Di-Sec, a new user-friendly domain-specific language was developed, the M-Core Control Language (MCL). Using the MCL, a user can implement new defense mechanisms without the overhead of learning the details of the underlying software architecture (i.e., TinyOS, Di-Sec). Hence, the MCL expedites the development of sensor defense mechanisms by significantly simplifying the coding process for developers. The Di-Sec framework has been implemented and tested on real sensors to evaluate its feasibility and performance. Our evaluation of memory, communication, and sensing components shows that Di-Sec is feasible on today's resource-limited sensors and has a nominal overhead. Furthermore, we illustrate the basic functionality of Di-Sec by implementing and simultaneously executing DDMs for attacks at various layers of the communication stack (i.e., Jamming, Selective Forwarding, Sybil, and Internal attacks).},
keywords = {IoT Security, Network Security, Wireless Security},
pubstate = {published},
tppubtype = {conference}
}
Marco Valero, A. Selcuk Uluagac, S. Venkatachalam, K. C. Ramalingam, Raheem Beyah
The Monitoring Core: A framework for sensor security application development Conference Paper
In the proceedings of the IEEE 9th International Conference on Mobile Adhoc and Sensor Systems (MASS) , 2012.
Abstract | Links | BibTeX | Tags: IoT Security, Network Security, Wireless Security
@conference{ValeroMonitoringCoreIEEE2012,
title = {The Monitoring Core: A framework for sensor security application development},
author = {Marco Valero, A. Selcuk Uluagac, S. Venkatachalam, K. C. Ramalingam and Raheem Beyah},
url = {https://ieeexplore.ieee.org/abstract/document/6502525/},
year = {2012},
date = {2012-01-01},
urldate = {2012-01-01},
booktitle = {In the proceedings of the IEEE 9th International Conference on Mobile Adhoc and Sensor Systems (MASS)
},
abstract = {Wireless sensor networks (WSNs) are used for the monitoring of physical and environmental phenomena, and applicable in a range of different domains (e.g., health care, military, critical infrastructure). When using WSNs in a variety of real-world applications, security is a vital problem that should be considered by developers. As the development of security applications (SAs) for WSNs require meticulous procedures and operations, the software implementation process can be more challenging than regular applications. Hence, in an effort to facilitate the design, development and implementation of WSN security applications, we introduce the Monitoring Core (M-Core). The M-Core is a modular, lightweight, and extensible software layer that gathers necessary data including the internal and the external status of the sensor (e.g., information about ongoing communications, neighbors, and sensing), and provides relevant information for the development of new SAs. Similar to other software development tools, the M-Core was developed to facilitate the design and development of new WSN SAs on different platforms. Moreover, a new user-friendly domain-specific language, the M-Core Control Language (MCL), was developed to further facilitate the use of the M-Core and reduce the developer's coding time. With the MCL, a user can implement new SAs without the overhead of learning the details of the underlying sensor software architecture (e.g., TinyOS). The M-Core has been implemented in TinyOS-2.x and tested on real sensors (Tmote Sky and MicaZ). Using the M-Core architecture, we implemented several SAs to show that the M-Core allows easy and rapid development of security programs efficiently and effectively.},
keywords = {IoT Security, Network Security, Wireless Security},
pubstate = {published},
tppubtype = {conference}
}
KC Ramalingam, Venkatachalam Subramanian, Selcuk Uluagac, Raheem Beyah
SIMAGE: Secure and Link-Quality Cognizant Image Distribution for wireless sensor networks Conference Paper
In the proceedings of IEEE Global Communications Conference (GLOBECOM), 2012.
Abstract | Links | BibTeX | Tags: IoT Security, Network Security, Wireless Security
@conference{RamalingamSimageIEEE2012,
title = {SIMAGE: Secure and Link-Quality Cognizant Image Distribution for wireless sensor networks},
author = {KC Ramalingam, Venkatachalam Subramanian, Selcuk Uluagac and Raheem Beyah},
url = {https://ieeexplore.ieee.org/abstract/document/6503181/},
year = {2012},
date = {2012-01-01},
urldate = {2012-01-01},
booktitle = {In the proceedings of IEEE Global Communications Conference (GLOBECOM)},
abstract = {Wireless sensor networks (WSNs) are used in a range of critical domains (e.g., health care, military, critical infrastructure) where it is necessary that the nodes be reprogrammed with a new or modified code image without removing them from the deployment area. Various protocols have been developed for the dissemination of code images between sensors in multi-hop WSNs, where these sensor nodes may have varying levels of link quality. However, the code dissemination process in these protocols is hindered by the nodes with poor link quality. This results in an increased number of retransmissions and code dissemination time. Also, in several of the techniques, the code dissemination process is not secure and can be eavesdropped or disrupted by a malicious wireless sensor node in the transmission range. In this paper, we propose a simple approach, Secure and Link-Quality Cognizant Image Distribution (SIMAGE), to enhance the existing code dissemination protocol using the available resources in the sensors. Specifically, our approach adapts to the varying link conditions via dynamic packet sizing to reduce the number of retransmissions and overall code dissemination time. Our approach also provides confidentiality and integrity to the code dissemination process by utilizing energy-efficient encryption and authentication mechanisms with RC4 and the CBC-MAC. We have evaluated SIMAGE in a network of real sensors and the results show that adjusting the packet size as a function of link quality reduces the retransmitted data by 93% and the image transmission time by 35% when compared to the existing code dissemination protocols. The trade-offs between reliability, security overhead, and overall transmission time for SIMAGE are also discussed.},
keywords = {IoT Security, Network Security, Wireless Security},
pubstate = {published},
tppubtype = {conference}
}
Christopher P. Lee, Arif Selcuk Uluagac, Kevin D. Fairbanks, John A. Copeland
The Design of NetSecLab: A Small Competition-Based Network Security Lab Journal Article
IEEE Transactions on Education Journal, 2011.
Abstract | Links | BibTeX | Tags: Network Security, Security Education
@article{LeeIEEE2011,
title = {The Design of NetSecLab: A Small Competition-Based Network Security Lab},
author = {Christopher P. Lee and Arif Selcuk Uluagac and Kevin D. Fairbanks and John A. Copeland},
url = {https://ieeexplore.ieee.org/abstract/document/5454381/},
year = {2011},
date = {2011-01-01},
urldate = {2011-01-01},
journal = { IEEE Transactions on Education Journal},
abstract = {This paper describes a competition-style of exercise to teach system and network security and to reinforce themes taught in class. The exercise, called NetSecLab, is conducted on a closed network with student-formed teams, each with their own Linux system to defend and from which to launch attacks. Students are expected to learn how to: 1) install the specified Linux distribution; 2) set up the required services; 3) find ways to harden the box; 4) explore attack methods; and 5) compete. The informal write-up at the end of the lab focuses on their research into defense and attack methods, which contributes to their grade, while their competition score is dependent on their abilities to attack during the competition. Surveys were performed to evaluate the efficacy of the exercise in teaching system security.},
keywords = {Network Security, Security Education},
pubstate = {published},
tppubtype = {article}
}
A. Selcuk Uluagac, Raheem A. Beyah, Yingshu Li, John A. Copeland
VEBEK: Virtual Energy-Based Encryption and Keying for Wireless Sensor Networks Journal Article
IEEE Transactions on Mobile Computing Journal, 2010.
Abstract | Links | BibTeX | Tags: IoT Security, Network Security, Wireless Security
@article{UluagacVEBEKIEEE2010,
title = {VEBEK: Virtual Energy-Based Encryption and Keying for Wireless Sensor Networks},
author = {A. Selcuk Uluagac, Raheem A. Beyah, Yingshu Li and John A. Copeland},
url = {https://ieeexplore.ieee.org/abstract/document/5438995/},
doi = {10.1109/TMC.2010.51},
year = {2010},
date = {2010-01-01},
urldate = {2010-01-01},
journal = {IEEE Transactions on Mobile Computing Journal},
abstract = {Designing cost-efficient, secure network protocols for Wireless Sensor Networks (WSNs) is a challenging problem because sensors are resource-limited wireless devices. Since the communication cost is the most dominant factor in a sensor's energy consumption, we introduce an energy-efficient Virtual Energy-Based Encryption and Keying (VEBEK) scheme for WSNs that significantly reduces the number of transmissions needed for rekeying to avoid stale keys. In addition to the goal of saving energy, minimal transmission is imperative for some military applications of WSNs where an adversary could be monitoring the wireless spectrum. VEBEK is a secure communication framework where sensed data is encoded using a scheme based on a permutation code generated via the RC4 encryption mechanism. The key to the RC4 encryption mechanism dynamically changes as a function of the residual virtual energy of the sensor. Thus, a one-time dynamic key is employed for one packet only and different keys are used for the successive packets of the stream. The intermediate nodes along the path to the sink are able to verify the authenticity and integrity of the incoming packets using a predicted value of the key generated by the sender's virtual energy, thus requiring no need for specific rekeying messages. VEBEK is able to efficiently detect and filter false data injected into the network by malicious outsiders. The VEBEK framework consists of two operational modes (VEBEK-I and VEBEK-II), each of which is optimal for different scenarios. In VEBEK-I, each node monitors its one-hop neighbors where VEBEK-II statistically monitors downstream nodes. We have evaluated VEBEK's feasibility and performance analytically and through simulations. Our results show that VEBEK, without incurring transmission overhead (increasing packet size or sending control messages for rekeying), is able to eliminate malicious data from the network in an energy-efficient manner. We also show that our framework performs better than other comparable schemes in the literature with an overall 60-100 percent improvement in energy savings without the assumption of a reliable medium access control layer.},
keywords = {IoT Security, Network Security, Wireless Security},
pubstate = {published},
tppubtype = {article}
}
Selcuk Uluagac, Raheem A. Beyah, John A. Copeland
Time-Based Dynamic Keying and En-Route Filtering (TICK) for Wireless Sensor Networks Conference Paper
In the proceedings of IEEE Global Telecommunications Conference (GLOBECOM), 2010.
Abstract | Links | BibTeX | Tags: IoT Security, Network Security, Wireless Security
@conference{UluagacTICKIEEE2010,
title = {Time-Based Dynamic Keying and En-Route Filtering (TICK) for Wireless Sensor Networks},
author = {Selcuk Uluagac, Raheem A. Beyah and John A. Copeland},
url = {https://ieeexplore.ieee.org/abstract/document/5683787/},
year = {2010},
date = {2010-01-01},
urldate = {2010-01-01},
booktitle = {In the proceedings of IEEE Global Telecommunications Conference (GLOBECOM)},
abstract = {Given that transmission cost is significant in a Wireless Sensor Network (WSN), sending explicit keying control messages significantly increases the amount of energy consumed by each sensing device. Thus, in this paper, we address the issue of security for WSNs from a completely novel perspective. We present a technique to secure the network, without the transmission of explicit keying messages needed to avoid stale keys. Our protocol, the TIme-Based DynamiC Keying and En-Route Filtering (TICK) protocol for WSNs secures events as they occur. As opposed to current chatty schemes that incur regular keying message overhead, nodes use their local time values as a one-time dynamic key to encrypt each message. Further, this mechanism prevents malicious nodes from injecting false packets into the network. TICK is as a worst case twice more energy efficient than existing related work. Both an analytical framework and simulation results are presented to verify the feasibility of TICK as well as the energy consumption of the scheme under normal operation and attack from malicious nodes.},
keywords = {IoT Security, Network Security, Wireless Security},
pubstate = {published},
tppubtype = {conference}
}
Selcuk Uluagac, Raheem A Beyah,, John A. Copeland
Analysis of Varying AS Path Lengths from the Edge of the Network Conference Paper
In the proceedings of IEEE Global Telecommunications Conference (GLOBECOM), 2010.
Abstract | Links | BibTeX | Tags: IoT Security, Network Security, Wireless Security
@conference{UluagacIEEE2010,
title = {Analysis of Varying AS Path Lengths from the Edge of the Network},
author = {Selcuk Uluagac, Raheem A Beyah, and John A. Copeland},
url = {https://ieeexplore.ieee.org/abstract/document/5683787/},
year = {2010},
date = {2010-01-01},
urldate = {2010-01-01},
booktitle = {In the proceedings of IEEE Global Telecommunications Conference (GLOBECOM)},
abstract = {Understanding and analyzing the past and current behavior of the Internet will be instrumental in building tomorrow's more efficient and scalable networks (e.g., the future Internet). In this paper, we study the impact of Autonomous Systems (ASs) paths' end-to-end latency. Unfortunately, due to the diverse set of non-disclosed routing policies among ASs, packets belonging to a certain end-to- end connection may traverse different ASs, causing fluctuating AS paths. Fluctuation of AS paths has been studied in the literature directly from the core of the network. In this paper, we take a different approach to the analysis of the fluctuation, solely from the edge of the network. Specifically, from the end user's perspective, some AS paths may be optimal (or better) and some sub-optimal. Furthermore, there is not a unique definition for sub- optimality as it may be reflected with various measures (e.g., latency) depending on the application requirements and expectations. In this paper we analyze fluctuating AS path lengths (ASPLs) and investigate their impact on the end-to-end latency over the Internet at a greater scale than previous studies. This study was conducted using Scriptroute to probe various PlanetLab nodes. Our results show that all of the source nodes experienced some AS path differences and the ASPL values that the sources use greatly vary. At worst, some nodes experienced different paths over 70% of the time during our measurements. We observed that the largest difference in ASPLs on a particular connection was as high as 6 with an average of 2.5. Moreover, we present real cases where ASPL and latency values are related, inversely related, and not related at all. Finally, we provide a simple definition for suboptimality and analyze the collected data against this definition. We show that overall 82% of the fluctuating paths and 9% of all the traces between source-destination pairs faced sub-optimal AS paths.},
keywords = {IoT Security, Network Security, Wireless Security},
pubstate = {published},
tppubtype = {conference}
}
A. Selcuk Uluagac, Christopher P. Lee, Raheem A. Beyah, John A. Copeland
Designing Secure Protocols for Wireless Sensor Networks Book
Springer Berlin Heidelberg, Berlin, Heidelberg, 2008.
Abstract | Links | BibTeX | Tags: IoT Security, Network Security
@book{UluagacSpringer2008,
title = {Designing Secure Protocols for Wireless Sensor Networks},
author = {A. Selcuk Uluagac and Christopher P. Lee and Raheem A. Beyah and John A. Copeland},
editor = {Yingshu Li and Dung T. Huynh and Sajal K. Das and Ding-Zhu Du},
url = {https://link.springer.com/chapter/10.1007/978-3-540-88582-5_47},
year = {2008},
date = {2008-01-01},
urldate = {2008-01-01},
booktitle = {Wireless Algorithms, Systems, and Applications},
publisher = {Springer Berlin Heidelberg},
address = {Berlin, Heidelberg},
abstract = {Over the years, a myriad of protocols have been proposed for resource-limited Wireless Sensor Networks (WSNs). Similarly, security research for WSNs has also evolved over the years. Although fundamental notions of WSN research are well established, optimization of the limited resources has motivated new research directions in the field. In this paper, we seek to present general principles to aid in the design of secure WSN protocols. Therefore, building upon both the established and the new concepts, envisioned applications, and the experience garnered from the WSNs research, we first review the desired security services (i.e., confidentiality, authentication, integrity, access control, availability, and nonrepudiation) from WSNs perspective. Then, we question which services would be necessary for resource-constrained WSNs and when it would be most reasonable to implement them for a WSN application.},
keywords = {IoT Security, Network Security},
pubstate = {published},
tppubtype = {book}
}
A. Selcuk Uluagac, Jon M. Peha
IP Multicast over Cable TV Networks Book
Springer Berlin Heidelberg, Berlin, Heidelberg, 2003.
Abstract | Links | BibTeX | Tags: Network Security
@book{UluagacCableTVSpringer2003,
title = {IP Multicast over Cable TV Networks},
author = {A. Selcuk Uluagac and Jon M. Peha},
editor = {Burkhard Stiller and Georg Carle and Martin Karsten and Peter Reichl},
url = {https://link.springer.com/chapter/10.1007/978-3-540-39405-1_15},
year = {2003},
date = {2003-01-01},
urldate = {2003-01-01},
booktitle = {Group Communications and Charges. Technology and Business Models},
publisher = {Springer Berlin Heidelberg},
address = {Berlin, Heidelberg},
abstract = {When a cable TV network that provides Internet access is connected to multiple ISPs, there are instances where multicast does not work or works inefficiently. This paper identifies causes of these problems, and proposes solutions, demonstrating that it is possible to provide efficient multicast with any of the architectures under consideration. In addition, the de facto industry standard for data transmission over cable networks, DOCSIS TM , guarantees that a cable company will have the ability to block certain multicast traffic (such as traffic generated by Internet television broadcasters which compete with the cable companys core business.) This paper describes how an ISP can circumvent this. Under the assumption that there is a significant amount of multicast traffic, we show thatcable companies and ISPs would be motivated to provide multicast services in all cases, but there are cases},
keywords = {Network Security},
pubstate = {published},
tppubtype = {book}
}
Citations: 8413
h-index: 44
i10-index: 107