LEE- Bilgi Güvenliği Mühendisliği ve Kriptografi-Yüksek Lisans

Bu koleksiyon için kalıcı URI

http://hdl.handle.net/11527/19196

Gözat

Son Başvurular

Şimdi gösteriliyor 1 - 5 / 15
  • Öge
    Benchmarking simultaneous authentication schemes
    (ITU Graduate School, 2025) Azmoudeh Afshar, Morteza ; Özdemir, Enver ; 707221020 ; Cybersecurity Engineering and Cryptography
    The Internet of Vehicles (IoV) enables real-time communication between vehicles and infrastructure, enhancing road safety and traffic efficiency. Authenticating numerous, mobile devices in this decentralized network requires protocols that balance speed, scalability, and security while minimizing reliance on central authorities. Traditional centralized authentication methods often introduce delays, making them unsuitable for IoV's dynamic environment. This thesis benchmarks four simultaneous authentication schemes to evaluate their performance, scalability, and central authority dependence, providing a standardized framework to guide protocol design for vehicular networks. The schemes are: Decentralized Group Authentication Scheme for V2X (Decentralized V2X): Uses Lagrange interpolation over the NIST P-521 elliptic curve for group-based authentication, relying minimally on a central authority after initial group setup. Privacy-Preserving Authentication Scheme for Connected Autonomous Vehicles (PPA): Employs a degree-1000 polynomial over a field with a prime of ~2^100, requiring limited central authority involvement post-key distribution. Identity-Based Conditional Privacy-Preserving Authentication Scheme (ID-CPPA): Relies on elliptic curve cryptography (ECC) with the NIST P-521 curve and a trusted authority for privacy-preserving verification. RSA Batch Authentication Scheme (RSA): Depends heavily on a central authority for key management, using RSA with a 3072-bit modulus and a screening technique, serving as the baseline for comparison. The methodology developed a practical C++ program, not just a collection of cryptographic primitives, but a robust implementation modeling real-world IoV entities. Object-oriented classes represent vehicles, certification authorities, roadside units, and group managers, enabling accurate simulation of authentication processes. The program leverages PARI/GP for precise number theory operations (e.g., finite fields, elliptic curves) and OpenSSL for cryptographic functions (e.g., SHA-512 hashing, AES encryption), ensuring reliable computational results. Performance was evaluated across groups of 10 to 500 vehicles, measuring average mutual authentication time per vehicle (signing and verification) and network overhead, with communication simulated via logging for consistent comparisons. Results highlight distinct performance profiles. The Decentralized V2X Scheme achieves the fastest average authentication time, leveraging its decentralized design for efficiency in high-density networks, though total computational costs increase at larger scales. The PPA Scheme follows closely, using lightweight polynomial operations for near-comparable speed with minimal central authority dependence. The ID-CPPA Scheme, while offering strong privacy and security via ECC, is slower due to complex verification and reliance on a trusted authority. The RSA Scheme, the baseline, is the slowest, hindered by resource-intensive key generation and heavy central authority dependence. Network overhead analysis developed a profile for each scheme, revealing that the PPA Scheme's use of high-degree polynomials over a smaller field (~2^100) results in lower overhead than the Decentralized V2X Scheme's ECC-based approach, though both follow similar trends with efficient data transmission. The Decentralized V2X and PPA schemes excel in IoV's dynamic, high-density environments due to their rapid authentication, reduced central authority reliance, and robust security through P-521 ECC and polynomial-based designs. The standardized benchmarking framework, implemented as a practical C++ program using PARI/GP and OpenSSL, provides a reusable tool for evaluating authentication protocols, enabling fair and repeatable comparisons. Future work includes testing these schemes in realistic network conditions, such as those with packet loss or high mobility, and analyzing their resilience against advanced cryptographic attacks to further optimize IoV authentication protocols.
  • Öge
    Nitelikli elektronik imzaların kullanılabilirliğinin değerlendirilmesi: Sistematize edilmiş kullanım durumları ve tasarım paradigmaları
    (Lisansüstü Eğitim Enstitüsü, 2024-12-10) Çağal, Mustafa ; Bıçakcı, Kemal ; 707201023 ; Bilgi Güvenligi Mühendisli ˘ gi ve Kriptografi
    El yazısı imzalara yasal olarak eşdeğer olmalarına rağmen, Nitelikli Elektronik İmzalar (QES) henüz önemli bir pazar başarısı elde edememiştir. QES, kağıt tabanlı sözleşmelere olan bağımlılığı azaltmak, güvenli dijital uygulamaları etkinleştirmek ve kamu hizmetlerini standartlaştırmak konusunda önemli bir potansiyele sahiptir. Ancak, geniş kullanım alanlarına sahip olmasına rağmen kullanılabilirliği hakkında sınırlı çalışma bulunmaktadır. Tez çalışması bahse konu boşluğu gidermek için hazırlanmıştır. Tez kapsamında çalışma benzeri kullanılabilirlik çalışmaları aracılığıyla Nitelikli Elektronik İmzaların güçlü ve zayıf yönlerini değerlendirme gerekliliğini vurgulanmış, QES kullanım durumları sistematize edilmiş, kullanım durumlarını destekleyen tasarım paradigmaları kategorize edilmiştir. Ayrıca, dört farklı QES sistemindeki kullanım durumları üzerinde yürütülen bilişsel gözden gözden geçirme sonucu elde edilen bulgular sunulmuştur. Araştırma soruları şu şekildedir: 1.Türkiye ve Avrupa Birliği genelinde Nitelikli Elektronik İmzaların(QES) tüm kullanım durumları nelerdir? "Kullanım durumları" terimi kullanılırken, standart kullanıcıların yerine getirmesi gereken görev kümesinden bahsedilmektedir. 2.Bu kullanım durumlarıyla ilişkili tasarım paradigmaları, seçenekler ve alt kullanım durumları nelerdir? 3.Bu kullanım durumları ve tasarım paradigmalarını göz önünde bulundurularak, pratik QES sistemlerinin güçlü ve zayıf yönleri ile kullanılabilirlik zorlukları nelerdir? Farklı QES sistemlerinin güçlü ve zayıf yönlerini değerlendirme konusunda bir potansiyele sahip oldukları için, araştırmanın odak noktası olarak Avrupa Birliği ve Türkiye seçilmiştir. QES süreçlerinde yer alan temel aktörler ayrıntılı olarak ele alınmış ve QES süreçlerindeki çok sayıda aktörün kullanılabilirliği etkileyebileceği keşfedilmiştir. QES kullanım durumları, bu kullanım durumlarını destekleyen alt kullanım durumları ve tasarım paradigmaları belirlenmiş ve kategorilere ayrılmıştır. Müteakiben toplamda 36 bilişsel gözden geçirme gerçekleştirilmiştir. Çalışmanın en önemli bulgusu, uzaktan imzaların diğer alternatiflere kıyasla daha kullanılabilir olmasıdır. Nitelikli Elektronik İmzaları standart kullanıcılar için daha çekici bir seçenek haline getirmek maksadıyla, Türkiye'de ve Türkiye benzeri henüz regüle edilmemiş diğer ülkelerde uzaktan imzaların yasallaştırılması gerektiği sonucuna ulaşılmıştır. Bu tezin, Nitelikli Elektronik İmzaların kullanılabilirliği üzerine araştırmaların önemli ölçüde genişletilmesi için bir temel oluşturacağı değerlendirilmektedir.
  • Öge
    Design and analysis of privacy-preserving and regulations-compliant central bank digital currency
    (Graduate School, 2024-07-12) Doğan, Ali ; Bıçakcı, Kemal ; 707211012 ; Cybersecurity Engineering and Cryptography
    Significant advances has been made in the field of Central Bank Digital Currency (CBDC) in the last five years. These advances are available not only in the academic world but also in central banks. Currently, more than 130 countries continue their CBDC studies at research, pilot and proof of concept levels. The increased interest in CBDC can be attributed to various factors such as the increasing progress in digital payment technologies, the widespread use of cryptocurrencies in the digital money market and the advantages brought by this technology. In addition to these advantages, there are challenges and problems that have not yet been resolved in order for CBDCs to reach the maturity level. One of these problems is the conflict between efforts to protect the privacy of digital currency users and the compliance mechanisms introduced by states to ensure financial stability and social order. States try to prevent and monitor financial crimes through regulations such as combating dirty money and preventing financing of terrorism. However, such regulations could lead to citizens' lives being completely monitored in the transition to digital money. In addition to this conflict, a significant part of the existing CBDCs are operated on a blockchain-based system. Due to the transparent structure of the blockchain, parties included in the network can track and monitor users' transactions, but transaction privacy is ignored. In the present study, solutions to the mentioned privacy problems are introduced with cryptographic techniques such as zero knowledge proofs, threshold cryptography, and homomorphic encryption. In the proposed system, the user's balance is kept homomorphically encrypted in the blockchain. To perform a transfer transaction, the sender encrypts the amount he wants to transfer with his own public key, the receiver's public key, and the regulators' public key. The sender then creates a zero-knowledge proof that the amount is the same in all three ciphertexts. Since the transaction is processed through encrypted texts, the user must create a range proof that the balance he has is sufficient. After creating all the proofs and transmitting them to the blockchain, the nodes confirm the transaction and the user's balance is homomorphically reduced via the ciphertext and the recipient's balance is increased. In any suspicious case, the user's transaction history can be traced back by government institutions called regulators. However, threshold encryption was used to ensure that this control was not left to the initiative of a single institution. These institutions must reach a consensus and after reaching the threshold value, they can see the transaction details. Additionally, techniques have been suggested so that commercial banks can continue their services in this system.
  • Öge
    Analyzing individual data for insider threat detection
    (Graduate School, 2024-07-16) Yakar, Burak ; Özdemir, Enver ; 707211003 ; Cybersecurity Engineering and Cryptography
    Insider threats have been recognized as one of the most significant risks in cybersecurity. Research indicates that a majority of security breaches are caused by attacks or vulnerabilities originating from within the organization. Even with the most secure systems, as long as humans are part of the system, absolute security cannot be guaranteed. Technology is everywhere in our lives. People use smartphones, smartwatches, computers, and various other smart devices, all of which collect data to some extent. This data collection occurs not only on a personal level but also across businesses of all sizes. As businesses invest heavily in their operations, they need to secure their assets. To protect these assets, businesses invest in security measures. While some of these investments are physical precautions against physical risks, others are related to cybersecurity to mitigate cyber risks. Even if businesses build the best IDS (Intrusion Detection System) or IPS (Intrusion Protection System), there may still be ways for attackers to infiltrate and sneak in. This is because humans are the weakest component of any ICT (Information and Communications Technology) security system and present the greatest risks and threats to a company, organization, or system. Insider threats are cybersecurity threats that originate from authorized users, such as employees, business partners, contractors, vendors, and former employees. Misusing legitimate user credentials and account hijacking are some methods to carry out these intentions. These actions are not necessarily all intentional; some may be unintentional. However, as a result of these actions, the confidentiality, integrity, and availability of systems and data are compromised. The cost of these actions can cause significant expenses that most SMEs (small to medium-sized businesses) cannot afford. This study focuses on defining insider threats, mitigating security risks leading to insider vulnerabilities, and preventing insider threats by analyzing individual data using the random forest algorithm. The aim of this study is to find a method to detect malicious intentions and prevent potential attacks before they occur.
  • Öge
    Generating synthetic data for user behavior based intrusion detection systems
    (Graduate School, 2024-07-16) İbrahimov, Ughur ; Özdemir, Enver ; 707211009 ; Cybersecurity Engineering and Cryptography
    Intrusion detection systems are at a critical point in the effort to mitigate cyber vulnerabilities. While malicious actors are increasing day by day, the demand for multifunctional IDS models constantly increases. Since data plays the most crucial role in all cybersecurity measures, obtaining data is really important while developing these security precautions. At this point, synthetic data provides unique contributions to overcoming the problem of data scarcity. This thesis examines the intrusion detection concept, necessity of synthetic data in cybersecurity and synthetic data generation methods. The analyse provides information about relationship between synthetic data and intrusion detection systems, application process of synthetic data and privacy topics while generating and implementing artifical data for cybersecurity measures. After a detailed analyse, we decide generation method and tool for the purpose of this thesis. Since there are various methods and techniques to produce synthetic data for different purposes, we need to choose the right modeling and method for our work. Synthetic data producing methods include machine learning approaches like generative adversarial networks (GAN), variational autoenconders (VAE) furthermore, apporaches like simulation, interpolation and extrapolation, statistical modelling and more others. In this thesis, we generate synthetic data that shows daily behavior of the user who works as information technologies support technician and deals with tickets. We use Python language libraries are implemented for technical side to produce manufactured data. Moreover, scenario was developed to establish a synthetic dataset that is close to real life incidents as possible. Constants like ticket identifications, ticket types, action types are clearly defined in order to generate balanced synthetic data. One of the necessities of synthetic data usage in different industries is it being constructed in a balanced shape. Ticket types are defined as task, bug, support, question, feature, then we defined actions that contains work on ticket, reassign ticket, attach file to a ticket, and others. Although approximately 35,000 movements were created over a two-week period, the duration of the experiment could be extended over a longer period of time for a more realistic distribution in later developments. We also decided to make the synthetic data show actions between 9 A.M and 5 P.M which are work hours. The time spent is calculated from the difference between randomly assigned start and finish times between these hours. xxii Generated data is stored in Excel file, which contains approximately 35000 lines. It is possible to change the amount according to the purpose by making changes in the code. The statistical distribution of the result is shown in histograms at the end.