Academic Position

  • Present 2103

    Asistant Professor

    Hacettepe University, Informatics Institute

  • Oct.2006 Dec.2002

    Asistant Professor

    Pamukkale University, Computer Engineering Department

  • Jul.2001 Sep.2000

    Instructor

    Oregon University, Computer and Computer Engineering Deparment

  • 2002 1994

    Research Assistant

    Pamukkale Uiversity, Engineering Department

  • 1993 1991

    Reaserch Assistant

    Yıldız Technical University, Electrical and Computer Engineering Department

Education & Training

  • Ph.D. 2001

    Ph.D. in

    Oregon State University, USA

  • M.S.1996

    Master of Science in

    Oklahama State University, USA

  • B.Sc.1991

    Bachelor of Science in

    Yıldız Technical University, Turkey

Professional and Administrative Experiences

  • 2013
    Informatics Institute, Hacettepe University
    Head of Information Security Division at Informatics Institute, Hacettepe University
  • 2007 - 2014
    Eroupean Cooperation in Science and Technology
    Delegate for Turkey in European Cooperation in sciences and Technology(COST), ICT Domain, April 2007 - 2014
  • 2011
    TÜBİTAK, BİDEB
    As an Expert in the Department of Science Fellowships and Grant Programmes (BİDEB) at TÜBİTAK, Ankara, Turkey. April 2011 - October 2011
  • 2006 - 2011
    TÜBİTAK
    Director and Coordinator of Electrical, Electronics and Informatics Research Founding Group, TÜBİTAK, Ankara, Turkey
  • 2005 - 2008
    Information Technologies Congress
    Member and local secretary of Information Technologies Organization Committee, Akademik Bilişim 2006, Pamukkale University
  • 2004 - 2005
    Cisco Local Academy, Pamukkale University
    Director of Cisco Local Academy at Pamukkale University. Octoer 2004 - October 2005
  • 2004 - 2005
    Journal of Engineering Sciences
    Member at Journal of Engineering Sciences comittee. October 2004 - october 2005
  • 2001 - 2002
    rTrust Technologies Inc.
    Security Architect and Test Engineer at rTrust Technologies Inc. Corvallis, Oregon, USA. April 2001 - june 2002
  • 2000 - 2002
    Intel Corporation
    Security Architect, Intel Corporation, Portland, Oregon, USA. January 2000 - May 2002
  • 1998-2000
    Oregon Unversity
    President, Turkish Student Association at Oregon State University

Thesis Students

Esra Şahin

Master of Science

Spam-Ham E-mail Classification Using Machine Learning Methods Based on Bag of Word Techniqs

+ Follow

Ahmet Deniz Nalbant

PhD

Modelling and Comparing Ouality and Cost Criteria Optimization in laboratory Ouality Systems by Using Westgard Rules and Levy Jennings Carts

+ Follow

Yılmaz Vural

PhD

+ Follow

Ahmet Kutluana

PhD

Design and Implementation of IO T-based Secure Smart Home Systems

+ Follow

Maryam Moharramzadeh

Master of Science

Quantitive Analysis of Common Criteria Certification Practice and Automated Conversion Model for CC Process

+ Follow

Meriç Çetin

Master of Science

+ Follow

Great lab Personel!

Project Activities

  • image

    Map2Heal

    Global Health Guide

    Uygulamanın gerek web arayüzündeki modüllerde gerekse mobil araryüzündeki hasta ile ilgil verilerin güvenliğinin sağlanması ve bu verilerin analizi sonucu sağlık haritası çıktısının elde edilmesi.

  • image

    Korugan

    United Threat Managment

    İlgili iş paketleri kapsamında:

    - Firewall Modülü
    - IDS/IPS Modülü
    - Web Filterleme Modülü
    - E-posta Filterleme Modülü
    - Spam Modülü
    - VPN ve IPSEC Modülü
    - Loglama ve Raporlama Modülü

    tasarım ve gerçeklemelerinde bilşmsel danışmanlık verilmesi.

  • image

    Akıllı Süreç İzleme, Yönetim ve Analiz Platformu

    Very short description of the project.

    Güvenli dosya paylaşımı, erişim yetkilendirmesi, hiyerarşik gizlilik sağlanması, anahtar üretim ve dağıtım teknikleri konusunda bilimsel danışmanlık.

  • image

    Yeni Nesil Güvenli Reklam Dağıtım Platformu

    Very short description of the project.

    İlgili iş paketleri kapsamında:

    - Düşük maliyetli ve tüm dünyada hizmet verebilecek ölçeklenebilir bir internet servisi kurulması, işletilmesi ve operasyonu.
    - Sahtekarlık (Fraud) tanımaya ve önlemeye yönelik mekanızmaların kurulması ve çalıştırılması.
    - Doğru reklam- kullanıcı eşleşmesini sağlayacak veri madenciliği çalışmaların yapılması ve geliştirilmesi.

    tasarım v gerçeklemelerinde bilimsel danışmanlık verlimesi.

  • image

    E-posta Siber İstihbarat Merkezi

    Very short description of the project.

    İlgili iş paketleri kapsamında:

    - Sahadaki cihazlardan gelen milyonlarca e-postalara ait verilerin ve istatiklerinin,
    - Web filterleme çözümlerinden gelen zararlı/temiz ve IP/domain/URL listelerinin,
    - Üçüncü-parti, açık kod sistemlerden gelen kötücül yazılım dosyalarının

    korelasyunu yapılarak e-posta içerisindeki IP/domain/URL bilgileri için itibar sistemi oluşturulması görevlerinde bilimsel danışmanlık.

Filter by type:

Sort by year:

p-GAIN: A Utility Based Data Publishing Model

Yılmaz Vural, Murat Aydos
Journal Paper Journal of the Faculty of Engineering and Architecture of Gazi University, May 2017

Abstract

Data privacy is a difficult problem that tries to find the best balance between the privacy risks of data owners and the utility of data sharing to the third parties. Anonimization is the most commonly applied technique to overcome data privacy problems. The equivalence classes, the natural outcome of anonymization process, are classified according to the data utility in two main categories: Utility and Outlier Equivalence Classes (UEC, OEC). The utility equivalence class contains records that have been suppressed by anonymization techniques for privacy concerns. Menawhile, the outlier equivalence class contains records that have been fully suppressed by anonymization techniques resulting in no data utility. In this study, ρ-Gain model, which focus on the effect of outlier equivalence class for increasing data utility, is proposed. In the proposed model, k-Anonymity and 1-Diversity privacy models are used together with ρ-iterations to reduce the privacy risks. The Equivalence class average metric was used to measure data utility. According to the findings obtained from the study, the ρ-Gain model improved the data utility, but did not cause a significant negative impact on privacy risk estimates. With the use of the proposed ρ-Gain model as an anonymization technique, we have shown that the data utility has improved while keeping the data privacy risk with no significant change.

A Detailed Study on Routing Security for Ad Hoc Networks

Yılmaz Vural, Murat Aydos, Mehmet Tekerek
Journal Paper Bilişim Teknolojileri Dergisi, Volume 9, Issue 2, 2016, Pages 171-180

Abstract

Ad-hoc networks are temporary networks, which use wireless media that consists of interconnected nodes without a common network infrastructure using wireless media for immediate and dedicated network solutions. Ad-hoc networks are much vulnerable against the threats compared to the traditional networks due to its nature of lacking of a central control mechanism and the individual attitude of each node. In this study, the security threats and the routing protocols defined for ad hoc networks are investigated and the findings are evaluated. The aim of the study is to reach a generalized conclusion on the existing routing protocols in ad-hoc networks by evaluating the advantages and disadvantages of these protocols. In this paper, it is shown that the routing and security protocols to be used in ad-hoc networks should be designed by providing a resistance, robustness and high energy efficiency in order to overcome security treats aiming for confidentiality, integrity and accessibility. The balance between resistance to threats, high energy efficiency and robustness should be carefully considered and implemented in an autonomous way by weighting each of them for a specific task.

Chaotic Image Encryption with Random Shuffling of Data

Murat Aydos, Alper Uğur
Journal Paper Pajes, Volume 20, Issue 2, February 2014, Pages 31-35

Abstract

Security of valuable multimedia contents such as images in personal photograph albums, electronic publishing, frames of multicast video conference can be achieved by image encryption. Secure transmission of these contents is required to be rapid, efficient and practical. Hence, image encryption process must be chosen not only to satisfy the security goals but also to fulfill these requirements. Due to the inadequacy and inefficiency of conventional text based information encryption methods, researchers have proposed several encryption schemes. Many of them are based on chaotic algorithms. Recently, the studies are concentrated on some weaknesses of chaotic algorithms and most of the presented solutions came up with complex structured chaotic maps. In this paper, we present a self-diagonal shuffler mechanism embedded to one dimensional chaotic encryption system to overcome its leak points while keeping simplicity and efficiency properties.

Comparing Partial and Full Return Spectral Methods

İhsan Haluk Akın, Gökay Saldamlı, Murat Aydos
Journal Paper Pajes, Volume 18, Issue 2, February 2012, Pages 95-103

Abstract

An analysis on the arithmetic complexity of recently proposed spectral modular arithmetic – in particular spectral modular multiplication- is presented through a step-by-step evaluation. Standart use of spectral methods in computer arithmetic instructs to utilize separated multiplication and reduction steps taking place in spectrum and time domains respectively. Such a procedure clearly needs full return (forward and backward) DFT calculations. On the other hand, by calculating some partial values on-the-fly, new methods adopt an approach that keeps the data in the spectrum at all times, including the reduction process. After comparing the timing performances of these approaches, it is concluded that full return algorithms perform better than the recently proposed methods.

High-speed implementation of an ECC-based wireless authentication protocol on an ARM microprocessor

Murat Aydos, Tuğrul Yanık, Çetin Kaya Koç
Journal Paper IEE Proceedings - Communications 148(5), Volume 148, Issue 5, October 2001, Pages 273-279

Abstract

The results of the implementation of elliptic curve cryptography (ECC) over the field G@) on an 80MHz, 32-bit ARM microprocessor are presented. A practical software library has been produced which supports variable length implementation of the elliptic curve digital signature algorithm (ECDSA). The ECDSA and a recently proposed ECC-based wireless authentication protocol are implemented using the library. Timing results show that the 160-bit ECDSA signature generation and verification operations take around 46ms and 94ms, respectively. With these timings, the execution of the ECC-based wireless authentication protocol takes around 140ms on the ARM7TDMI processor, which is a widely used, low-power core processor for wireless applications

A Review on Cyber Security Datasets for Machine Learning Algorithms

Özlem Yavanoğlu, Murat Aydos
Conference Papers IEEE International Conference on Big Data, Symposium on Data Analytics for Advanced Manufacturing, December 2017, Boston, the USA

Abstract

It is an undeniable fact that currently information is a pretty significant presence for all companies or organizations. Therefore protecting its security is crucial and the security models driven by real datasets has become quite important. The operations based on military, government, commercial andcivilians are linked to the security and availability of computer systems and network. From this point of security, the network security is a significant issue because the capacity of attacks is unceasingly rising over the years and they turn into be more sophisticated and distributed. The objective of this review is to explain and compare the most commonly used datasets. This paper focuses on the datasets used in artificial intelligent and machine learning techniques, which are the primary tools for analyzing network traffic and detecting abnormalities

Trustworthy scrum: Development of secure software with scrum

Güler Koç, Murat Aydos
Conference Papers International Conference on Computer Science and Engineering (UBMK), October 2017, Antalya, Turkey

Abstract

Software development process models focus on ordering and combination of phases to develope the intended software product within time and cost estimates. however commoness of software vulnerabilities in the fielded systems show that there is a need for more stringent software development process that focuses on improved security demands. Meanwhile, there are some reports that demostrate of efficiency of existing security enhanced conventional processes and success of agile projects over conventional waterfall progects. Based on this finding and the demand for secure software, we propose a security enhanced Scrum model (Trustworthy scrum) by taking advantages of both security activities and Scrum framework which has fast adaptation and iterative cycle. While enhancing Scrum with security activities, we try to retain agile and security disciplines by considering that conventional security approach conflicts with agile methodologies.

Spam E-Mail Classification by Utilizing N-Gram Features of Hyperlink Texts

Ahmet Selman Bozkır, Esra Şahin, Murat Aydos, Ebru Akçapınar Sezer, Fatih Orhan
Conference Papers The 11th IEEE International Conference AICT2017, September 2017, Moscow, Russia

Abstract

With the advent of the Internet and reduction of the costs in digital communication, spam has become a key problem in several types of media (i.e. email, social media and micro blog). Further, in recent years, email spamming in particular has been subjected to an exponentially growing threat which affects both individuals and business world. Hence, a large number of studies have been proposed in order to combat with spam emails. In this study, instead of subject or body components of emails, pure use of hyperlink texts along with word level n-gram indexing schema is proposed for the first time in order to generate features to be employed in a spam/ham email classifier. Since the length of link texts in e-mails does not exceed sentence level, we have limited the n-gram indexing up to trigram schema. Throughout the study, provided by COMODO Inc, a novel large scale dataset covering 50.000 link texts belonging to spam and ham emails has been used for feature extraction and performance evaluation. In order to generate the required vocabularies; unigrams, bigrams and trigrams models have been generated. Next, including one active learner, three different machine learning methods (Support Vector Machines, SVM-Pegasos and Naive Bayes) have been employed to classify each link. According to the results of the experiments, classification using trigram based bag-of-words representation reaches up to 98,75% accuracy which outperforms unigram and bigram schemas. Apart from having high accuracy, the proposed approach also preserves privacy of the customers since it does not require any kind of analysis on body contents of e-mails.

A New Approach to Utility-Based Privacy Preserving in Data Publishing

Yılmaz Vural, Murat Aydos
Conference Papers The IEEE International Conference on Computer and Information Technology (CIT), August 2017, Helsinki, Finland

Abstract

A fundamental problem in privacy-preserving data publishing is how to make the right trade-off between privacy risks and data utility. Anonymization techniques are the primary tools used to reduce privacy risks. Generalization with full suppression technique is commonly used for anonymization. Due to the fact that fully suppressed outlier records are not generalized, data utility is negatively affected in the process. In this study, a new approach is proposed by reducing the number of outlier records in order to increase the data utility. In the proposed model, k-anonymity and l-diversity privacy models are used together to reduce the privacy risks. The Avarege Equivalence Class Size is used in measuring the data utility. According to the experimental results, the data utility is increased while keeping the delicate balance between privacy risks and data usefulness.

Smart Power Grids: Threats to Data Privacy

Yılmaz Vural, Murat Aydos, Mehmet Tekerek, Ahmet Serdar Yılmaz
Conference Papers 9. International Conference on Security and Cryptology, October 2016, Ankara, Turkey

Abstract

Smart power grids have an important role in protecting power transmission and distribution grids which are locomotive of critical infrastructures against to sabotage and neglect, efficient cost administration, leakage determination. It is necessary to describe, classify certain threats and to take precautions to these threats in spreading use of smart power grids process. In this context, first threats to security and privacy come to the forefront during distributing and sharing of data produced by smart power grids. It is expected to include sensitive and non-sensitive data when data produced by smart power grids are examined and classified. It is necessary to distribute and share these sensitive data in the protection of privacy and data benefit in order to use for different purposes. In this study, smart power grids are described, the threats to sensitive data privacy are explained and solution suggestions are presented by evaluations.

Protection of National Cyber Security: Awareness & Education

Yılmaz Vural, Murat Aydos, Mehmet Tekerek
Conference Papers The International Conference on Computing Technology, Information Security and Risk Management (CTISRM2016), March 2016, Dubai, UAE

Abstract

It is identified that one of the greatest threats against security in the next coming ten years will be cold cyber wars against information systems between countries. National information systems utilize the information technology infrastructure of enterprises in order to satisfy personal or enterprise needs. In the past years, attacks were taking place with no discrimination of targets, however in the recent years; attacks are organized, deliberate and pointed towards national information systems. Personal and enterprise level information security must be established in order to avoid information security threats that try to hamper or even destroy national information security, cause tangible and intangible damages on individuals and enterprises. In order to reduce the impact of such cyber threats to minimum at the national level, there are necessary critical enterprise and personal security precautions to be taken. The establishment of the enterprise and personal information security which form the stages of establishing national information security at highest level and development of a national security policy are among the first things that need to be done. In this paper, the strategic national information systems are identified, then personal and enterprise information security that are important stages in providing security for national information systems are described. The necessary security tests and the importance of education and awareness are discussed in the following section. Finally, evaluations have been performed on national information security and proposals have been put forward.

Intelligent and Learnable Approaches for Intrusion Detection

Okan Can, Murat Aydos
Conference Papers International Symposium on Cyber Defence and Security, May 2016, Ankara, Turkey

Abstract

PID Tabanlı Robot Kolu Kontrolü: Ziegler-Nichols ve Tyreus-Luyben Metotlarının ODE45 Deneysel Çözümleme ile Karşılaştırılması

Ahmet Nalbant, Murat Aydos
Conference Papers Otomatik Kontrol Ulusal Toplantısı, September 2015, Denizli, Turkey

Abstract

Speed and accuracy are certainly the most important kontrol parameters of a robotic arm. In order to acchieve the optimum values both of speed and accuracy when trakcing a path in a robotic arm system, the controller type and parameters are quite important. The control parameters selected that are P-I-D Proportional, Integral and Deriative and tuned experimentaly using Matlab Ode45 tool. Results compared with Ziegler-Nichols and Tyreus-Luyben frequency domain calculation methods. To do this, the 3 degree of freedom robotic arm modelled and its dynamics calculated. Same robot arm and parameters used for each methods comparison.

Role-Based Privacy-Preserving Health Records Distribution

Pelin Altaş, Hayri Sever, Murat Aydos
Conference Papers 2nd International Conference on E-Health and TeleMedicine (ICEHTM), November 2014, Istanbul, Turkey

Abstract

The data obtained by health organizations give numerous opportunities for generating solutions ahead. It is essential that the accurate data are shared in order to get useful results within healthcare systems. Accurate records of personal health data include sensitive information about individuals. Hence sharing the subject records bearing on original structure paves the way for disclosure of personal privacy. In recent years, Privacy-Preserving Data Mining (PPDM) and Privacy-Preserving Data Publishing (PPDP) approaches have been extensively studied in order to protect personal privacy and security. In this study, different approaches to PPDM and PPDP are summarized and evaluated within the framework of health records. In line with evaluation phase conducted, we propose three general role-based system architectures, collecting health data from health organizations, satisfying anonymization on the collected data and publishing health information securely among several parties. In the anonymization phase, common methods (k-anonymity and ℓ-diversity) are applied on the collected data in order to compare the architectures. In the publication phase, a role-based publishing approach is implemented, in which only the required partition of personal health records are released for a specific organization by using database partitioning methods. The purpose of the proposed architectures is to achieve the desired balance on the trade-off between the levels of privacy protection and data utility.

Using IEEE 802.1x Standard In Security Of Electronic Health Records

Meriç Çetin, Murat Aydos
Conference Papers 5th International Electrical and Computer Systems, EECS’xx08, November 2008, Lefke, Cyprus

Abstract

In this study; the solution of some security problems encountered in the protection of the data security, the methods of automatic VLAN configuration and use of IEEE 802.1x Standard for the procedures of identity authentication of all users to access the network have been applied. With the use of IEEE 802.1x Standard in securing of Electronic Health Record (EHR), the protection of hospital data has been aimed. Those data should be protected against the attacks from both inside and outside of the Hospital, and were allowed for access only by the authorized users that only with the permissions granted to them. Together with the automatic VLAN organization; the accuracy and the confidentiality of the data, prevention of lose, protection in the units grouped according to authorizations, and prevention of unauthorized access have been implemented.

Risk Oranı Yüksek Veri Yoğunluğuna Sahip Geniş Hastane Ağlarında IEEE 802.1x Standardı ile Ağ Güvenliği Ve Otomatik VLAN Yapılandırmaları

Meriç Çetin, Muhittin Karaman, Murat Aydos
Conference Papers Bilgi Teknolojileri Kongresi IV Akademik Bilişim, February 2006, Denizli, Turkey

Abstract

Pamukkale University Hospital Department buildings are located in seperate geographic areas in the campus. Therefore the Hospital's network system contains not only LAN solutions but also MAN structures and applications. However, due to the some technical problems, it has been observed that the network system is not being used effectively and securely, and the data with high security risk is faced with security treats. In this work, in order to overcome this defined problems, some methods have been developed. The main approach in these solutions are using Auto VLAN structure and monitoring and controlling the access to the Hospital's networks system by the means of providing authentication for all users. As a result of this work, the data with high security risk is being protected by using a firewall against the treats that may come from internet and inside of the network. At the same time this data is being accessed by all real authenticated users authorized and nonauthorized with the same access rights.

Using IEEE 802.1x Standard in Security of Electronic Health Records

Meriç Çetin, Murat Aydos
Conference Papers Ulusal Elektronik İmza Sempozyumu, December 2006, Ankara, Turkey

Abstract

In this study, new strategeis and methods have been developed and designed to protect critical hospital data against the external and internal attacks. For this purpose, in order to overcome the security problems faced daily in Hospital Networks, auto VLAN topologeis were designed and user authentication and authorization methods (with IEEE 820.1x standard) were deployed for all users who have access to the haspital network system. The new technological progress in Information System Applications brings not only the data security problems but also the threats to personal and enterprise data confidentiality. Therefore; in this study, there are also some new solutions are proposed to protect the patient records, which are being kept in the main server of the haspital.

Fotovoltaik Panel Beslemeli LED’xxli Aydınlatma Sistemlerinin Kullanılabilirliğinin İncelenmes

Engin Çetin, Pehlül Keleş, Murat Aydos
Conference Papers 3. Ulusal Aydınlatma Sempozyumu, November 2005, Ankara, Turkey

Abstract

With the increasing amount of work on renewable energy sources, there has been a signifi cant development on photovoltaic energy industry. Photovoltaic cells are often used in many application areas. One of these applications is illumination systems. The effi cient usage of photovoltaic systems in illumination circuits is only possible by the use of materials that consume less energy but produce considerable amount of illumination. Therefore, the main focus of this work concentrated on power led’s, which contain the above mentioned characteristics. In this work, an illumination system using a power led and fed by a photovoltaic panel is analyzed and improved, then the usability of this type of illumination system is investigated.

Otomatik VLAN Yapılandırmalarında IEEE 802.1x Standardı Kullanımının Sistem Performansına Etkisi

Meriç Çetin, Murat Aydos
Conference Papers İletişim Teknolojileri Ulusal Sempozyumu, November 2005, Adana, Turkey

Abstract

In this work, using IEEE 802.1x standard both wire Ethernrt and wireless 802.11 networks have been accessed by means of authenticated methods and by giving permissions to a server automated VLANs have been created. The effects of creating automated VLANs by this method on the system have been analyzed. When a user wants to access, the server, the server grants access permission in the case of successful authentication. When the encrypted user information matches the user information kept in the database of RADIUS server, authorization and access tasks are accomplished. By this method, eeping the users with no access permission out of the network, the unnecessary traffic behind the server is avoided and general sytem performance is improved. In addition, data traffic can be controlled according to the rules defined in Access Lists, which determine the IP addresses that can be accessed to the network.

Kampus Ağlarında İstenmeyen Trafiğin Önlenmesi ve Sistem Performansının Arttırılması

Meriç Çetin, Süleyman Altan, Murat Aydos
Conference Papers 4th International Advanced Technologies Symposium, September 2005, Konya, Turkey

Abstract

Günümüzde ağların mevcut yapılarındaki büyümelerden dolayı ekipman yönetimi ve kontrolü güçleşmektedir. Bununla birlikte, genişleyen ağlardaki performance, bilgilere ulaşılabilik gibi kiriterlerin yanında mevcut ağ üzerinde çalıştırılan uygulamaların güvenlik politikaları da önem kazanmaktadır. Güvenlik politikaları sayesinde daha sağlıklı hale gelen bağlantılar; sunuculara erişimin yetkilendirilmesi ve yerel ağların internetten soyutlanması nedeniyle karşılaşılacak problemler ile virüs, solucan, truva atı gibi bir çok etkenin sebep olduğu istenmeyen trafiğe maruz kalıp kesintiye uğrayabilir. Bu yüzden, güvenlik politikaları oluşturulurken sadece dış ağlardan gelecek saldırılar değil, sunucuların dış ağlara karşı güvenliği ile yerel ağ kullanıcılarına karşı güvenliği de düşünülmeli ve ağ trafiğinin kontrollü olması amacı gözetilmelidir. Bu çalışmada, küçük ya da orta ölçekli olarak düşünüleblecek bir ağ üzerindeki güvenlik duvarı ardında kala kullanıcıların oluşturduğu bir yerel ağ ve kullanıcılardan farkı olarak silahsızlandırılmış bölge tarafına kurulmuş sunucuların bulunduğu varsayılan bir yapı üzerindeki istenmeyen trafiği engellemek adına oluşturulabilecek sistem konfigürasyonları ele alınmıştır. Uygulama açısından uzak noktalarda da birimlern olduğu daha geniş bir ağ yapısı düşünülmüş, geniş ağlarda, uzak erişimlerdeki ağ performansının istenilen düzeyde olabilmesi için güvenlik duvarı üzerindeki erişim listelerinde belirtilen kuralların kısmen uzak noktalara doğru kaydırılableceği görülmüştür. çalışma sonucunda; güvenlik duvarında belirtilen kurallarla belli noktalardaki trafikler gözlenerek ağ trafiğinin kontrolü, istenmeyen trafiğin önlenmesi, sunucu güvenliği ve ağ performansı açısından elde edilen verilerin analizi neticesinde oluşturulan yapılandırmalarla sistem performansı arttırılmıştır.

Digital Content Protection Via Intelligent Agents In Campus Networks

Murat Aydos, Alper Uğur
Conference Papers 4th International Advanced Technologies Symposium, September 2005, Konya, Turkey

Abstract

Taşınabilir Etmenlerle Çok Katılımcılı Sözleşmelerin Sayısal İmzalanması

Alper Uğur, Murat Aydos
Conference Papers Elektrik-Elektronik-Bilgisayar Mühendisliği 11. Ulusal Kongresi, September 2005, Istanbul, Turkey

Abstract

Bu bildiride, çok katılımcılı sözleşmelerin sayısal ortamda adil ve imtiyazsız olarak imzalanmasının taşınabilir etmenler teknolojisi kullanılarak gerçeklenmesi ile ilgili yapılan çalışma ortaya konulmuştur. Yapılan uygulamada etmen platformu protokolde tüm veri değişimini gözlemleyen ve yanlış bir durumda devreye girecek olan güvenilir üçüncü taraf görevini üstlenmiş olup hareketli etmenler katılımcıları temsil etmektedirler. Bu çalışma ile çok katılımcı sözleşmelerin sayısal ortamda imzalanması üzerine analiz yapılmış, uygulamanın daha verimli ve kriptografik olarak güvenli hale getirilmesi amaçlanmıştır.

The use of Image Space in Secure Communications Protocols

Alper Uğur, Murat Aydos
Conference Papers Ağ ve Bilgi Güvenliği Ulusal Sempozyumu, June 2005, Istanbul, Turkey

Abstract

This paper presents heuristic application fields of image space in the cryptographic secure communications. As it is known, image processing are already being used in secure communication and data hiding (watermarking) technologies. But all these applications use images and pictures as envelopes of valuable data. We let them play in real game as pivot. The purposed opinion is based on procuring essential cryptographic data from images by optical diversity and pixel processing. The obtained data can be used in mutual authentication and key establishment protocols, which are the base of secure transactions. Achieved statistics and simulations indicates that image space forms a large and unpredictable data set and may re-donate diverse data to the cryptographic secure communication protocols.

Relay Attacks on Bluetooth Authentication and Solutions

Albert Levi, Erhan Çetintaş, Murat Aydos, Çetin Kaya Koç, Mehmet Ufuk Çağlayan
Conference Papers Computer and Information Sciences - ISCIS 19th International Symposium, October 2004, Antalya, Turkey

Abstract

We describe relay attacks on Bluetooth authentication protocol. The aim of these attacks is impersonation. The attacker does not need to guess or obtain a common secret known to both victims in order to set up these attacks, merely to relay the information it receives from one victim to the other during the authentication protocol run. Bluetooth authentication protocol allows such a relay if the victims do not hear each other. Such a setting is highly probable. We analyze the attacks for several scenarios and propose practical solutions. Moreover, we simulate attacks to make sure about their feasibility. These simulations show that current Bluetooth specifications do not have defensive mechanisms for relay attacks. However, relay attacks create a significant partial delay during the connection that might be useful for detection.

Digital Content Protection: Application Methods

Alper Uğur, Murat Aydos
Conference Papers Bilgi Teknolojileri Kongresi, October 2004, Denizli, Turkey

Abstract

The Implementation of Symmetric Crypto Algorithms in . NET Platform and Performance Analysis

Ali Sağat, Murat Aydos
Conference Papers Bilgi Teknolojileri Kongresi, October 2004, Denizli, Turkey

Abstract

An High-speed ECC-based Wireless Authentication Protocol on an ARM Microprocessor

Murat Aydos, Tuğrul Yanık, Çetin Kaya Koç
Conference Papers Computer Security Applications, 2000. ACSAC ’xx00. 16th Annual Conference, January 2001, Louisiana, USA

Abstract

In this paper; we present the results of our implementation of elliptic curve cryptography (ECC) over the jield GF(p) on an ~O-MHZ, 32-bit ARM microprocessor: We have produced a practical software library which supports variable length implementation of the elliptic curve digital signature algorithm (ECDSA). We implemented the ECDSA and a recently proposed ECC-based wireless authentication protocol using the library. Our timing results show that the 160-bit ECDSA signature generation and verijication operations take around 46 ms and 94 ms, respectively. With these timings, the execution of the ECC-based wireless authentication protocol takes around 140 ms on the ARM7TDMI processor, which is a widely used, low-powercore processor for wireless applications.

Implementing Network Security Protocols based on Elliptic Curve Cryptography

Murat Aydos, Erkay Savaş, Çetin Kaya Koç
Conference Papers Proceedings of the Fourth Symposium on Computer Networks, May 1999, Istanbul, Turkey

Abstract

Elliptic curve cryptography provides a methodology for obtaining high-speed, efficient, and scalable implementations of network security protocols. In this paper, we describe in detail three protocols based on elliptic curve cryptographic techniques, and the results of our implementation of the elliptic curve cryptography over the Galois field GF(2k), where k is a composite number.

An Elliptic Curve Cryptography based Authentication and Key Agreement Protocol for Wireless Communication

Murat Aydos, Berk Sunar, Çetin Kaya Koç
Conference Papers 2nd International Workshop on Discrete Algorithms and Methods for Mobile Computing and Communications Symposium on Information Theory, October 1998, Dallas, USA

Abstract

We propose an authentication and key agreement protocol for wireless communication based on elliptic curve cryptographic techniques. The proposed protocol requires signifcantly less bandwidth than the Aziz-Diffe and Beller-Chang-Yacobi protocols, and furthermore, it has lower computational burden and storage requirements on the user side. The use of elliptic curve cryptographic techniques provide greater security using fewer bits, resulting in a protocol which requires low computational overhead, and thus, making it suitable for wireless and mobile communication systems, including smartcards and handheld devices.

Currrent Teaching

Courses Offered at Pamukkale University

  • Spring 2011

    SPRING 2011

    CENG 509 Computer Network Security

  • Fall 2010

    Fall 2010

    Bill  509 Advanced Computer Networks
    CENG 507 Cryptographic Algorithms and Systems
    CENG 434 Cryptology

  • Fall 2005

    FALL 2005

    Bill  205 Digital Systems

  • Summer 2005

    SUMMER 2005

    Bill  774 Computer Programming Projects

  • Spring 2004

    SPRING 2004

    Bill  508 Cryptographic Systems and Security Protocols
    Bill  206 Electronics
    EEM 110 Computers II (C Programming)
    EEM 318 Communication Theory
    EEM 272 C Programming
    EEM 733 Communication Systems

  • Fall 2004

    FALL 2004

    Bill  517 Cryptographic Algorithms
    Bill  205 Digital Systems
    Bill  207 Digital Systems Lab
    EEM 109 Computers I

  • Summer 2004

    SUMMER 2004

    EEM 773 Solusions for Engineering Problems Using Maple

  • Spring 2003

    SPRING 2003

    Bill  508 Cryptographic Systems and Security Protocols
    EEM 272 C Programming
    EEM 733 Communication Systems

  • Fall 2003

    FALL 2003

    Bill  517 Cryptographic Algorithms
    EEM 109 Computers I
    EEM 737 Digital Communications

  • Fall 2002

    FALL 2002

    EEM 107 Introduction to Eelectronical Engineering
    EEM 317 Computer Applications

Courses Offered at Oregan State University

  • winter 2001

    Winter 2001

    Singals and Systems II
    Signal Processing
    Computer and Network Security

  • Fall 2000

    Fall 2000

    Signals and Systems I

Academic Positions

  • Present 2013

    Asistant Professor

    Hacettepe University, Informatics Institute

  • Oct.2006 Dec.2002

    Asistant Professor

    Pamukkale University, Computer Engineering Department

  • Jul.2001 Sep.2000

    Instructor

    Oregon State University, Electrical and Computer Engineering Department

  • 2002 1994

    Research Assistant

    Pamukkale Uiversity, Computer Engineering Department

  • 1993 1991

    Reaserch Assistant

    Yıldız Technical University, Electrical and Communication Engineering Department

Education & Training

  • Ph.D. 2001

    Ph.D. in

    Oregon State University, USA

  • M.S.1996

    Master of Science in

    Oklahama State University, USA

  • B.Sc.1991

    Bachelor of Science in

    Yıldız Technical University, Turkey

Professional and Administrative Experiences

  • 2013
    Informatics Institute, Hacettepe University
    Head of Information Security Division at Informatics Institute, Hacettepe University
  • 2007 - 2014
    European Cooperation in Science and Technology
    Delegate for Turkey in European Cooperation in sciences and Technology(COST), ICT Domain, April 2007 - 2014
  • 2011
    TÜBİTAK, BİDEB
    As an Expert in the Department of Science Fellowships and Grant Programmes (BİDEB) at TÜBİTAK, Ankara, Turkey. April 2011 - October 2011
  • 2006 - 2011
    TÜBİTAK
    Director and Coordinator of Electrical, Electronics and Informatics Research Founding Group, TÜBİTAK, Ankara, Turkey
  • 2005 - 2008
    Information Technologies Congress
    Member and local secretary of Information Technologies Organization Committee, Akademik Bilişim 2006, Pamukkale University
  • 2004 - 2005
    Cisco Local Academy, Pamukkale University
    Director of Cisco Local Academy at Pamukkale University. Octoer 2004 - October 2005
  • 2004 - 2005
    Journal of Engineering Sciences
    Member at Journal of Engineering Sciences comittee. October 2004 - october 2005
  • 2001 - 2002
    rTrust Technologies Inc.
    Security Architect and Test Engineer at rTrust Technologies Inc. Corvallis, Oregon, USA. April 2001 - june 2002
  • 2000 - 2000
    Intel Corporation
    Security Architect, Intel Corporation, Portland, Oregon, USA. January 2000 - May 2002
  • 1998-2000
    Oregon Unversity
    President, Turkish Student Association at Oregon State University

At My Office

You can find me at my office located at Hacettepe University

I am at my office every day from 9:00 until 17:00, but you may consider a call to fix an appointment.

At My Work

At My Lab