Abstract

It is an undeniable fact that currently information is a pretty significant presence for all companies or organizations. Therefore protecting its security is crucial and the security models driven by real datasets has become quite important. The operations based on military, government, commercial andcivilians are linked to the security and availability of computer systems and network. From this point of security, the network security is a significant issue because the capacity of attacks is unceasingly rising over the years and they turn into be more sophisticated and distributed. The objective of this review is to explain and compare the most commonly used datasets. This paper focuses on the datasets used in artificial intelligent and machine learning techniques, which are the primary tools for analyzing network traffic and detecting abnormalities

Abstract

Software development process models focus on ordering and combination of phases to develope the intended software product within time and cost estimates. however commoness of software vulnerabilities in the fielded systems show that there is a need for more stringent software development process that focuses on improved security demands. Meanwhile, there are some reports that demostrate of efficiency of existing security enhanced conventional processes and success of agile projects over conventional waterfall progects. Based on this finding and the demand for secure software, we propose a security enhanced Scrum model (Trustworthy scrum) by taking advantages of both security activities and Scrum framework which has fast adaptation and iterative cycle. While enhancing Scrum with security activities, we try to retain agile and security disciplines by considering that conventional security approach conflicts with agile methodologies.

Abstract

With the advent of the Internet and reduction of the costs in digital communication, spam has become a key problem in several types of media (i.e. email, social media and micro blog). Further, in recent years, email spamming in particular has been subjected to an exponentially growing threat which affects both individuals and business world. Hence, a large number of studies have been proposed in order to combat with spam emails. In this study, instead of subject or body components of emails, pure use of hyperlink texts along with word level n-gram indexing schema is proposed for the first time in order to generate features to be employed in a spam/ham email classifier. Since the length of link texts in e-mails does not exceed sentence level, we have limited the n-gram indexing up to trigram schema. Throughout the study, provided by COMODO Inc, a novel large scale dataset covering 50.000 link texts belonging to spam and ham emails has been used for feature extraction and performance evaluation. In order to generate the required vocabularies; unigrams, bigrams and trigrams models have been generated. Next, including one active learner, three different machine learning methods (Support Vector Machines, SVM-Pegasos and Naive Bayes) have been employed to classify each link. According to the results of the experiments, classification using trigram based bag-of-words representation reaches up to 98,75% accuracy which outperforms unigram and bigram schemas. Apart from having high accuracy, the proposed approach also preserves privacy of the customers since it does not require any kind of analysis on body contents of e-mails.

Abstract

A fundamental problem in privacy-preserving data publishing is how to make the right trade-off between privacy risks and data utility. Anonymization techniques are the primary tools used to reduce privacy risks. Generalization with full suppression technique is commonly used for anonymization. Due to the fact that fully suppressed outlier records are not generalized, data utility is negatively affected in the process. In this study, a new approach is proposed by reducing the number of outlier records in order to increase the data utility. In the proposed model, k-anonymity and l-diversity privacy models are used together to reduce the privacy risks. The Avarege Equivalence Class Size is used in measuring the data utility. According to the experimental results, the data utility is increased while keeping the delicate balance between privacy risks and data usefulness.

Abstract

Smart power grids have an important role in protecting power transmission and distribution grids which are locomotive of critical infrastructures against to sabotage and neglect, efficient cost administration, leakage determination. It is necessary to describe, classify certain threats and to take precautions to these threats in spreading use of smart power grids process. In this context, first threats to security and privacy come to the forefront during distributing and sharing of data produced by smart power grids. It is expected to include sensitive and non-sensitive data when data produced by smart power grids are examined and classified. It is necessary to distribute and share these sensitive data in the protection of privacy and data benefit in order to use for different purposes. In this study, smart power grids are described, the threats to sensitive data privacy are explained and solution suggestions are presented by evaluations.

Abstract

It is identified that one of the greatest threats against security in the next coming ten years will be cold cyber wars against information systems between countries. National information systems utilize the information technology infrastructure of enterprises in order to satisfy personal or enterprise needs. In the past years, attacks were taking place with no discrimination of targets, however in the recent years; attacks are organized, deliberate and pointed towards national information systems. Personal and enterprise level information security must be established in order to avoid information security threats that try to hamper or even destroy national information security, cause tangible and intangible damages on individuals and enterprises. In order to reduce the impact of such cyber threats to minimum at the national level, there are necessary critical enterprise and personal security precautions to be taken. The establishment of the enterprise and personal information security which form the stages of establishing national information security at highest level and development of a national security policy are among the first things that need to be done. In this paper, the strategic national information systems are identified, then personal and enterprise information security that are important stages in providing security for national information systems are described. The necessary security tests and the importance of education and awareness are discussed in the following section. Finally, evaluations have been performed on national information security and proposals have been put forward.

Abstract

Abstract

Speed and accuracy are certainly the most important kontrol parameters of a robotic arm. In order to acchieve the optimum values both of speed and accuracy when trakcing a path in a robotic arm system, the controller type and parameters are quite important. The control parameters selected that are P-I-D Proportional, Integral and Deriative and tuned experimentaly using Matlab Ode45 tool. Results compared with Ziegler-Nichols and Tyreus-Luyben frequency domain calculation methods. To do this, the 3 degree of freedom robotic arm modelled and its dynamics calculated. Same robot arm and parameters used for each methods comparison.

Abstract

The data obtained by health organizations give numerous opportunities for generating solutions ahead. It is essential that the accurate data are shared in order to get useful results within healthcare systems. Accurate records of personal health data include sensitive information about individuals. Hence sharing the subject records bearing on original structure paves the way for disclosure of personal privacy. In recent years, Privacy-Preserving Data Mining (PPDM) and Privacy-Preserving Data Publishing (PPDP) approaches have been extensively studied in order to protect personal privacy and security. In this study, different approaches to PPDM and PPDP are summarized and evaluated within the framework of health records. In line with evaluation phase conducted, we propose three general role-based system architectures, collecting health data from health organizations, satisfying anonymization on the collected data and publishing health information securely among several parties. In the anonymization phase, common methods (k-anonymity and ℓ-diversity) are applied on the collected data in order to compare the architectures. In the publication phase, a role-based publishing approach is implemented, in which only the required partition of personal health records are released for a specific organization by using database partitioning methods. The purpose of the proposed architectures is to achieve the desired balance on the trade-off between the levels of privacy protection and data utility.

Abstract

In this study; the solution of some security problems encountered in the protection of the data security, the methods of automatic VLAN configuration and use of IEEE 802.1x Standard for the procedures of identity authentication of all users to access the network have been applied. With the use of IEEE 802.1x Standard in securing of Electronic Health Record (EHR), the protection of hospital data has been aimed. Those data should be protected against the attacks from both inside and outside of the Hospital, and were allowed for access only by the authorized users that only with the permissions granted to them. Together with the automatic VLAN organization; the accuracy and the confidentiality of the data, prevention of lose, protection in the units grouped according to authorizations, and prevention of unauthorized access have been implemented.

Abstract

Pamukkale University Hospital Department buildings are located in seperate geographic areas in the campus. Therefore the Hospital's network system contains not only LAN solutions but also MAN structures and applications. However, due to the some technical problems, it has been observed that the network system is not being used effectively and securely, and the data with high security risk is faced with security treats. In this work, in order to overcome this defined problems, some methods have been developed. The main approach in these solutions are using Auto VLAN structure and monitoring and controlling the access to the Hospital's networks system by the means of providing authentication for all users. As a result of this work, the data with high security risk is being protected by using a firewall against the treats that may come from internet and inside of the network. At the same time this data is being accessed by all real authenticated users authorized and nonauthorized with the same access rights.

Abstract

In this study, new strategeis and methods have been developed and designed to protect critical hospital data against the external and internal attacks. For this purpose, in order to overcome the security problems faced daily in Hospital Networks, auto VLAN topologeis were designed and user authentication and authorization methods (with IEEE 820.1x standard) were deployed for all users who have access to the haspital network system. The new technological progress in Information System Applications brings not only the data security problems but also the threats to personal and enterprise data confidentiality. Therefore; in this study, there are also some new solutions are proposed to protect the patient records, which are being kept in the main server of the haspital.

Abstract

With the increasing amount of work on renewable energy sources, there has been a signifi cant development on photovoltaic energy industry. Photovoltaic cells are often used in many application areas. One of these applications is illumination systems. The effi cient usage of photovoltaic systems in illumination circuits is only possible by the use of materials that consume less energy but produce considerable amount of illumination. Therefore, the main focus of this work concentrated on power led’s, which contain the above mentioned characteristics. In this work, an illumination system using a power led and fed by a photovoltaic panel is analyzed and improved, then the usability of this type of illumination system is investigated.

Abstract

In this work, using IEEE 802.1x standard both wire Ethernrt and wireless 802.11 networks have been accessed by means of authenticated methods and by giving permissions to a server automated VLANs have been created. The effects of creating automated VLANs by this method on the system have been analyzed. When a user wants to access, the server, the server grants access permission in the case of successful authentication. When the encrypted user information matches the user information kept in the database of RADIUS server, authorization and access tasks are accomplished. By this method, eeping the users with no access permission out of the network, the unnecessary traffic behind the server is avoided and general sytem performance is improved. In addition, data traffic can be controlled according to the rules defined in Access Lists, which determine the IP addresses that can be accessed to the network.

Abstract

Günümüzde ağların mevcut yapılarındaki büyümelerden dolayı ekipman yönetimi ve kontrolü güçleşmektedir. Bununla birlikte, genişleyen ağlardaki performance, bilgilere ulaşılabilik gibi kiriterlerin yanında mevcut ağ üzerinde çalıştırılan uygulamaların güvenlik politikaları da önem kazanmaktadır. Güvenlik politikaları sayesinde daha sağlıklı hale gelen bağlantılar; sunuculara erişimin yetkilendirilmesi ve yerel ağların internetten soyutlanması nedeniyle karşılaşılacak problemler ile virüs, solucan, truva atı gibi bir çok etkenin sebep olduğu istenmeyen trafiğe maruz kalıp kesintiye uğrayabilir. Bu yüzden, güvenlik politikaları oluşturulurken sadece dış ağlardan gelecek saldırılar değil, sunucuların dış ağlara karşı güvenliği ile yerel ağ kullanıcılarına karşı güvenliği de düşünülmeli ve ağ trafiğinin kontrollü olması amacı gözetilmelidir. Bu çalışmada, küçük ya da orta ölçekli olarak düşünüleblecek bir ağ üzerindeki güvenlik duvarı ardında kala kullanıcıların oluşturduğu bir yerel ağ ve kullanıcılardan farkı olarak silahsızlandırılmış bölge tarafına kurulmuş sunucuların bulunduğu varsayılan bir yapı üzerindeki istenmeyen trafiği engellemek adına oluşturulabilecek sistem konfigürasyonları ele alınmıştır. Uygulama açısından uzak noktalarda da birimlern olduğu daha geniş bir ağ yapısı düşünülmüş, geniş ağlarda, uzak erişimlerdeki ağ performansının istenilen düzeyde olabilmesi için güvenlik duvarı üzerindeki erişim listelerinde belirtilen kuralların kısmen uzak noktalara doğru kaydırılableceği görülmüştür. çalışma sonucunda; güvenlik duvarında belirtilen kurallarla belli noktalardaki trafikler gözlenerek ağ trafiğinin kontrolü, istenmeyen trafiğin önlenmesi, sunucu güvenliği ve ağ performansı açısından elde edilen verilerin analizi neticesinde oluşturulan yapılandırmalarla sistem performansı arttırılmıştır.

Abstract

Abstract

Bu bildiride, çok katılımcılı sözleşmelerin sayısal ortamda adil ve imtiyazsız olarak imzalanmasının taşınabilir etmenler teknolojisi kullanılarak gerçeklenmesi ile ilgili yapılan çalışma ortaya konulmuştur. Yapılan uygulamada etmen platformu protokolde tüm veri değişimini gözlemleyen ve yanlış bir durumda devreye girecek olan güvenilir üçüncü taraf görevini üstlenmiş olup hareketli etmenler katılımcıları temsil etmektedirler. Bu çalışma ile çok katılımcı sözleşmelerin sayısal ortamda imzalanması üzerine analiz yapılmış, uygulamanın daha verimli ve kriptografik olarak güvenli hale getirilmesi amaçlanmıştır.

Abstract

This paper presents heuristic application fields of image space in the cryptographic secure communications. As it is known, image processing are already being used in secure communication and data hiding (watermarking) technologies. But all these applications use images and pictures as envelopes of valuable data. We let them play in real game as pivot. The purposed opinion is based on procuring essential cryptographic data from images by optical diversity and pixel processing. The obtained data can be used in mutual authentication and key establishment protocols, which are the base of secure transactions. Achieved statistics and simulations indicates that image space forms a large and unpredictable data set and may re-donate diverse data to the cryptographic secure communication protocols.

Abstract

We describe relay attacks on Bluetooth authentication protocol. The aim of these attacks is impersonation. The attacker does not need to guess or obtain a common secret known to both victims in order to set up these attacks, merely to relay the information it receives from one victim to the other during the authentication protocol run. Bluetooth authentication protocol allows such a relay if the victims do not hear each other. Such a setting is highly probable. We analyze the attacks for several scenarios and propose practical solutions. Moreover, we simulate attacks to make sure about their feasibility. These simulations show that current Bluetooth specifications do not have defensive mechanisms for relay attacks. However, relay attacks create a significant partial delay during the connection that might be useful for detection.

Abstract

Abstract

Abstract

In this paper; we present the results of our implementation of elliptic curve cryptography (ECC) over the jield GF(p) on an ~O-MHZ, 32-bit ARM microprocessor: We have produced a practical software library which supports variable length implementation of the elliptic curve digital signature algorithm (ECDSA). We implemented the ECDSA and a recently proposed ECC-based wireless authentication protocol using the library. Our timing results show that the 160-bit ECDSA signature generation and verijication operations take around 46 ms and 94 ms, respectively. With these timings, the execution of the ECC-based wireless authentication protocol takes around 140 ms on the ARM7TDMI processor, which is a widely used, low-powercore processor for wireless applications.

Abstract

Elliptic curve cryptography provides a methodology for obtaining high-speed, efficient, and scalable implementations of network security protocols. In this paper, we describe in detail three protocols based on elliptic curve cryptographic techniques, and the results of our implementation of the elliptic curve cryptography over the Galois field GF(2k), where k is a composite number.

Abstract

We propose an authentication and key agreement protocol for wireless communication based on elliptic curve cryptographic techniques. The proposed protocol requires signifcantly less bandwidth than the Aziz-Diffe and Beller-Chang-Yacobi protocols, and furthermore, it has lower computational burden and storage requirements on the user side. The use of elliptic curve cryptographic techniques provide greater security using fewer bits, resulting in a protocol which requires low computational overhead, and thus, making it suitable for wireless and mobile communication systems, including smartcards and handheld devices.