LEE- Bilgi Güvenliği Mühendisliği ve Kriptografi-Yüksek Lisans

Bu koleksiyon için kalıcı URI

http://hdl.handle.net/11527/19196

Gözat

Konu "Cyber security" ile LEE- Bilgi Güvenliği Mühendisliği ve Kriptografi-Yüksek Lisans'a göz atma
  • Öge
    Analyzing individual data for insider threat detection
    (Graduate School, 2024-07-16) Yakar, Burak ; Özdemir, Enver ; 707211003 ; Cybersecurity Engineering and Cryptography
    Insider threats have been recognized as one of the most significant risks in cybersecurity. Research indicates that a majority of security breaches are caused by attacks or vulnerabilities originating from within the organization. Even with the most secure systems, as long as humans are part of the system, absolute security cannot be guaranteed. Technology is everywhere in our lives. People use smartphones, smartwatches, computers, and various other smart devices, all of which collect data to some extent. This data collection occurs not only on a personal level but also across businesses of all sizes. As businesses invest heavily in their operations, they need to secure their assets. To protect these assets, businesses invest in security measures. While some of these investments are physical precautions against physical risks, others are related to cybersecurity to mitigate cyber risks. Even if businesses build the best IDS (Intrusion Detection System) or IPS (Intrusion Protection System), there may still be ways for attackers to infiltrate and sneak in. This is because humans are the weakest component of any ICT (Information and Communications Technology) security system and present the greatest risks and threats to a company, organization, or system. Insider threats are cybersecurity threats that originate from authorized users, such as employees, business partners, contractors, vendors, and former employees. Misusing legitimate user credentials and account hijacking are some methods to carry out these intentions. These actions are not necessarily all intentional; some may be unintentional. However, as a result of these actions, the confidentiality, integrity, and availability of systems and data are compromised. The cost of these actions can cause significant expenses that most SMEs (small to medium-sized businesses) cannot afford. This study focuses on defining insider threats, mitigating security risks leading to insider vulnerabilities, and preventing insider threats by analyzing individual data using the random forest algorithm. The aim of this study is to find a method to detect malicious intentions and prevent potential attacks before they occur.
  • Öge
    Implementation and analysis of the secret key generation algorithm using software defined radios
    (Graduate School, 2024-06-27) Alper, Ertuğrul ; Özdemir, Enver ; 707211016 ; Cybersecurity Engineering and Cryptography
    As the use of wireless communication systems increases, their security has become a critical focus due to various technological advancements. Given the diversity of applications and technologies, it is not possible to address the security concerns of all wireless systems in a single study. Therefore, this thesis presents the design, analysis, and implementation of a cryptographic secret key generation algorithm within a two- and three-node distributed wireless system featuring full-duplex multiple access channels, aimed at improving security in wireless communications. In addition, the thesis includes a comprehensive review of the literature on multiple access channels and computational techniques, discussing the findings in detail. In the following chapters of the thesis, wireless communication systems are explained, and then multiple access channels are examined in detail. In this section, especially wireless full-duplex multiple access channels (W-FMAC) are emphasized, and this technology is used in simulations and implementations. In addition, examples of wireless half-duplex multiple access channels (W-HMAC) and non-orthogonal multiple access channels (NOMA) are discussed comprehensively with their usage areas. Afterwards, function computation (FC) techniques are defined which compute signals while transmitting them in the air and providing meaningful information to the receiver. In this section, it is mentioned how these calculations can be made in the air and what kind of designs should be made in the sender and receiver nodes. Afterwards, it is emphasized that the analog function computation (AFC) technique is used in this project and pre-processing and post-processing functions are used in the transmitting antenna and receiving antenna recursively. In addition, digital function computation (DFC) is also examined in this section and compared with the AFC technique. This valuable information provided by wireless communication is critical in simulating and implementing the cryptographic key generation algorithm described later in the thesis, and two- and three-node test systems are created on this basis. In the following part of the thesis, the cryptographic key generation algorithm, which is the main theme of the study, is discussed in detail. First, using the wireless full-duplex multiple access channels technique, a system consisting of N users is designed and presented with the system model. Then, the AFC technique is used, which is required for the implementation of the secret key generation algorithm, and the processing functions are explained. In this section, it is emphasized that the secret keys chosen by the nodes are Gaussian prime numbers, and it is proved that those prime numbers form the main basis of the system. Afterwards, the channel model is created in the simulation environment, and the channel parameters are shown. Subsequently, error models are created to measure the success of the secret key generation algorithm implemented in the test environment. The basis of these error models is determined as the distance between users and the channel estimation coefficients, and the success of the system is measured by performing Monte Carlo simulations in the test environment. The detailed explanations of the results are then given in the performance evaluation section. Afterwards, the results obtained are discussed and the ideal values of the system parameters are shared to improve the implementation of the algorithm. Furthermore, the term software defined radio (SDR) is explained, and its abilities and usage areas are shown. GNU Radio, the most common open source software toolkit used to program SDRs, is mentioned. Then, the platforms compatible with GNU Radio, the installation process, and the creation of software blocks are investigated. This discussion is enhanced with sample designs and flowgraphs. In the following section, Universal Software Radio Hardware (USRP), which is the hardware combination of software-defined radios, is discussed, and the hardware architecture is explained. Then, different Ettus USRP devices are compared according to various factors and their pros and cons are presented. In addition, it is emphasized that the USRP B210 model is used in this study. In addition, it is described how to use the USRP receiver and source blocks in GNU Radio and what parameters need to be set. In the next stage of the thesis, based on the basic information described in the previous sections, it is mentioned how the secret key generation algorithm is implemented using an SDR. In this section, first, the software and hardware required to perform this operation are shown. Then, it focuses on how the secret key is transferred for a two-user system and how it is reconstructed in the receiver node. This follows a detailed diagram of the transmitter and receiver systems created on GNU Radio, the flow chart, all the parameters used, and the software blocks created. Finally, the secret key value obtained in this study is compared with the theoretically calculated secret key, and error calculations are made. In the final section of the thesis, a summary of all these operations is provided and the practical implementation of the study is highlighted once more. Finally, the thesis outlines the scope of subsequent research, presented as an extension of this work, and identifies the areas that will receive further development.