1.
Oscar G Bautista, Kemal Akkaya, Soamar Homsi
ReplayMPC: A Fast Failure Recovery Protocol for Secure Multiparty Computation Applications using Blockchain Proceedings Article
In: 2023 IEEE International Conference on Smart Computing (SMARTCOMP), pp. 124–132, IEEE, 2023.
Abstract | Links | BibTeX | Tags: Network Security
@inproceedings{nokey,
title = {ReplayMPC: A Fast Failure Recovery Protocol for Secure Multiparty Computation Applications using Blockchain},
author = {Oscar G Bautista and Kemal Akkaya and Soamar Homsi},
url = {https://ieeexplore.ieee.org/abstract/document/10207671/},
year = {2023},
date = {2023-06-26},
booktitle = {2023 IEEE International Conference on Smart Computing (SMARTCOMP)},
pages = {124–132},
publisher = {IEEE},
school = {Florida International University},
abstract = {Although recent performance improvements to Secure Multiparty Computation (SMPC) made it a practical solution for complex applications such as privacy-preserving machine learning (ML), other characteristics such as robustness are also critical for its practical viability. For instance, since ML training under SMPC may take longer times (e.g., hours or days in many cases), any interruption of the computation will require restarting the process, which results in more delays and waste of computing resources. While one can maintain exchanged SMPC messages in a separate database, their integrity and authenticity should be guaranteed to be able to re-use them later. Therefore, in this paper, we propose ReplayMPC, an efficient failure recovery mechanism for SMPC based on blockchain technology that enables resuming and re-synchronizing SMPC parties after any type of communication or system failures. Our},
keywords = {Network Security},
pubstate = {published},
tppubtype = {inproceedings}
}
Although recent performance improvements to Secure Multiparty Computation (SMPC) made it a practical solution for complex applications such as privacy-preserving machine learning (ML), other characteristics such as robustness are also critical for its practical viability. For instance, since ML training under SMPC may take longer times (e.g., hours or days in many cases), any interruption of the computation will require restarting the process, which results in more delays and waste of computing resources. While one can maintain exchanged SMPC messages in a separate database, their integrity and authenticity should be guaranteed to be able to re-use them later. Therefore, in this paper, we propose ReplayMPC, an efficient failure recovery mechanism for SMPC based on blockchain technology that enables resuming and re-synchronizing SMPC parties after any type of communication or system failures. Our
2.
Diana Pineda, Ricardo Harrilal-Parchment, Kemal Akkaya, Alexander Perez-Pons
SDN-based GTP-U Traffic Analysis for 5G Networks Proceedings Article
In: NOMS 2023-2023 IEEE/IFIP Network Operations and Management Symposium, pp. 1–4, IEEE, 2023.
Abstract | Links | BibTeX | Tags: Network Security
@inproceedings{nokey,
title = {SDN-based GTP-U Traffic Analysis for 5G Networks},
author = {Diana Pineda and Ricardo Harrilal-Parchment and Kemal Akkaya and Alexander Perez-Pons},
url = {https://ieeexplore.ieee.org/abstract/document/10154440/},
year = {2023},
date = {2023-05-08},
booktitle = {NOMS 2023-2023 IEEE/IFIP Network Operations and Management Symposium},
pages = {1–4},
publisher = {IEEE},
school = {Florida International University},
abstract = {5G networks denote a revolutionary improvement in wireless communication by introducing three service grades: Enhanced Mobile Broadband (eMBB), Ultra-Reliable Low Latency Communications (URLLC), and Massive Machine Type Communications (mMTC). These three service grades represent a cost-efficient solution and enhanced user experience with higher data rates and lower latency. However, at the same time, these aspects can benefit attackers (e.g., by leveraging the support for mMTC) to launch various attacks effectively. mMTC comes with a massive number of unattended Internet of Things (IoT) devices known for having low-security capabilities. One of the biggest security concerns related to IoT is that it increases the chances of internal DDoS attacks, which can disrupt 5G core network services. In this paper, we propose our ongoing work on monitoring the GPRS Tunneling Protocol User Plane},
keywords = {Network Security},
pubstate = {published},
tppubtype = {inproceedings}
}
5G networks denote a revolutionary improvement in wireless communication by introducing three service grades: Enhanced Mobile Broadband (eMBB), Ultra-Reliable Low Latency Communications (URLLC), and Massive Machine Type Communications (mMTC). These three service grades represent a cost-efficient solution and enhanced user experience with higher data rates and lower latency. However, at the same time, these aspects can benefit attackers (e.g., by leveraging the support for mMTC) to launch various attacks effectively. mMTC comes with a massive number of unattended Internet of Things (IoT) devices known for having low-security capabilities. One of the biggest security concerns related to IoT is that it increases the chances of internal DDoS attacks, which can disrupt 5G core network services. In this paper, we propose our ongoing work on monitoring the GPRS Tunneling Protocol User Plane
3.
Abhishek Bhattarai, Maryna Veksler, Hadi Sahin, Ahmet Kurt, Kemal Akkaya
Crypto Wallet Artifact Detection on Android Devices Using Advanced Machine Learning Techniques Journal Article
In: pp. 111–132, 2022.
Abstract | Links | BibTeX | Tags: Network Security
@article{nokey,
title = {Crypto Wallet Artifact Detection on Android Devices Using Advanced Machine Learning Techniques},
author = {Abhishek Bhattarai and Maryna Veksler and Hadi Sahin and Ahmet Kurt and Kemal Akkaya},
url = {https://link.springer.com/chapter/10.1007/978-3-031-36574-4_7},
year = {2022},
date = {2022-11-16},
pages = {111–132},
publisher = {Springer Nature Switzerland},
school = {Florida International University},
abstract = {As cryptocurrencies started to be used frequently as an alternative to regular cash and credit card payments, the wallet solutions/apps that facilitate their use also became increasingly popular.This also intensified the involvement of these cryptowallet apps in criminal activities such as ransom requests, money laundering, and transactions on dark markets. From a digital forensics point of view, it is crucial to have tools and reliable approaches to detect these wallets on the machines/devices and extract their artifacts. However, in many cases forensic investigators need to reach these file artifacts quickly with minimal manual intervention due to time and resource constraints. Therefore, in this paper, we present a comprehensive framework that incorporates various machine learning approaches to enable fast and automated extraction/triage of crypto related artifacts on Android devices. Specifically, our method can detect},
keywords = {Network Security},
pubstate = {published},
tppubtype = {article}
}
As cryptocurrencies started to be used frequently as an alternative to regular cash and credit card payments, the wallet solutions/apps that facilitate their use also became increasingly popular.This also intensified the involvement of these cryptowallet apps in criminal activities such as ransom requests, money laundering, and transactions on dark markets. From a digital forensics point of view, it is crucial to have tools and reliable approaches to detect these wallets on the machines/devices and extract their artifacts. However, in many cases forensic investigators need to reach these file artifacts quickly with minimal manual intervention due to time and resource constraints. Therefore, in this paper, we present a comprehensive framework that incorporates various machine learning approaches to enable fast and automated extraction/triage of crypto related artifacts on Android devices. Specifically, our method can detect
4.
Oscar G Bautista, Kemal Akkaya
Network-efficient pipelining-based secure multiparty computation for machine learning applications Proceedings Article
In: 2022 IEEE 47th Conference on Local Computer Networks (LCN), pp. 205–213, IEEE, 2022.
Abstract | Links | BibTeX | Tags: Network Security
@inproceedings{nokey,
title = {Network-efficient pipelining-based secure multiparty computation for machine learning applications},
author = {Oscar G Bautista and Kemal Akkaya},
url = {https://ieeexplore.ieee.org/abstract/document/9843372/},
year = {2022},
date = {2022-09-26},
booktitle = {2022 IEEE 47th Conference on Local Computer Networks (LCN)},
pages = {205–213},
publisher = {IEEE},
school = {Florida International University},
abstract = {Secure multi-party computation (SMPC) allows mutually distrusted parties to evaluate a function jointly without revealing their private inputs. This technique helps organizations collaborate on a common goal without disclosing confidential or protected data. Despite its suitability for privacy-preserving computation, SMPC suffers from network-based performance limitations. Specifically, the SMPC parties perform the techniques in rounds, where they execute a local computation and then share their round output with the other parties. This network interchange creates a bottleneck as parties need to wait until the data propagates before resuming the execution. To reduce the SMPC execution time, we propose a pipelining-like approach for each rounds computation and communication by dividing the data and readjusting the execution order. Targeting deep learning applications, we propose strategies for the case of},
keywords = {Network Security},
pubstate = {published},
tppubtype = {inproceedings}
}
Secure multi-party computation (SMPC) allows mutually distrusted parties to evaluate a function jointly without revealing their private inputs. This technique helps organizations collaborate on a common goal without disclosing confidential or protected data. Despite its suitability for privacy-preserving computation, SMPC suffers from network-based performance limitations. Specifically, the SMPC parties perform the techniques in rounds, where they execute a local computation and then share their round output with the other parties. This network interchange creates a bottleneck as parties need to wait until the data propagates before resuming the execution. To reduce the SMPC execution time, we propose a pipelining-like approach for each rounds computation and communication by dividing the data and readjusting the execution order. Targeting deep learning applications, we propose strategies for the case of
5.
Mai A Abdel-Malek, Kemal Akkaya, Arupjyoti Bhuyan, Ahmed S Ibrahim
A proxy Signature-Based swarm drone authentication with leader selection in 5G networks Proceedings Article
In: pp. 57485–57498, IEEE, 2022.
Abstract | Links | BibTeX | Tags: Network Security
@inproceedings{nokey,
title = {A proxy Signature-Based swarm drone authentication with leader selection in 5G networks},
author = {Mai A Abdel-Malek and Kemal Akkaya and Arupjyoti Bhuyan and Ahmed S Ibrahim},
url = {https://ieeexplore.ieee.org/abstract/document/9782309/},
year = {2022},
date = {2022-05-26},
journal = {IEEE Access},
volume = {10},
pages = {57485–57498},
publisher = {IEEE},
school = {Florida International University},
abstract = {Drones are imperative for the 5G architecture as a mobile source to expand network coverage and support seamless services, particularly through enabling device-to-device (D2D) communication. Such deployment of drones in D2D settings raises various security threats in drone communication. While the existing D2D communication security standard within the 4G cellular architecture may address some of these issues, the standard includes heavy traffic toward the network core servers. If this security standard is to be adopted in the 5G D2D security services with the same traffic load, it may negatively impact the 5G network performance. Therefore, this paper proposes a lightweight proxy signature-based authentication mechanism for a swarm of drones compatible with the 5G D2D standard mechanisms. This paper proposes a distributed delegation-based authentication mechanism to reduce the traffic overhead},
keywords = {Network Security},
pubstate = {published},
tppubtype = {inproceedings}
}
Drones are imperative for the 5G architecture as a mobile source to expand network coverage and support seamless services, particularly through enabling device-to-device (D2D) communication. Such deployment of drones in D2D settings raises various security threats in drone communication. While the existing D2D communication security standard within the 4G cellular architecture may address some of these issues, the standard includes heavy traffic toward the network core servers. If this security standard is to be adopted in the 5G D2D security services with the same traffic load, it may negatively impact the 5G network performance. Therefore, this paper proposes a lightweight proxy signature-based authentication mechanism for a swarm of drones compatible with the 5G D2D standard mechanisms. This paper proposes a distributed delegation-based authentication mechanism to reduce the traffic overhead
6.
Suat Mercan, Mumin Cebe, Kemal Akkaya, Julian Zuluaga
Blockchain-Based Two-Factor Authentication for Credit Card Validation Journal Article
In: pp. 319–327, 2021.
Abstract | Links | BibTeX | Tags: Network Security
@article{nokey,
title = {Blockchain-Based Two-Factor Authentication for Credit Card Validation},
author = {Suat Mercan and Mumin Cebe and Kemal Akkaya and Julian Zuluaga},
url = {https://link.springer.com/chapter/10.1007/978-3-030-93944-1_22},
year = {2021},
date = {2021-10-08},
pages = {319–327},
publisher = {Springer International Publishing},
school = {Florida International University},
abstract = {The widespread adoption of the e-commerce and web-based business has brought great increase in credit card utilization for online transactions which in turn resulted in sophisticated fraud attempts. Accurate fraud prevention and detection is a key concern in cashless economy. Multifactor authentication among others such as machine learning based behavioral analysis, data mining, black listing is one of the effective methods augmenting primary information checking. SMS messages are sent to registered phone in addition to credit card information as a second level protection. However, this information might be vulnerable to various attacks as some third party services are in the game. This paper proposes adoption of blockchain as a secure platform to store the second factor security information. Users mobile device signature attested by the bank is stored in a permissioned blockchain. This information is},
keywords = {Network Security},
pubstate = {published},
tppubtype = {article}
}
The widespread adoption of the e-commerce and web-based business has brought great increase in credit card utilization for online transactions which in turn resulted in sophisticated fraud attempts. Accurate fraud prevention and detection is a key concern in cashless economy. Multifactor authentication among others such as machine learning based behavioral analysis, data mining, black listing is one of the effective methods augmenting primary information checking. SMS messages are sent to registered phone in addition to credit card information as a second level protection. However, this information might be vulnerable to various attacks as some third party services are in the game. This paper proposes adoption of blockchain as a secure platform to store the second factor security information. Users mobile device signature attested by the bank is stored in a permissioned blockchain. This information is
7.
Mai A Abdel-Malek, Kemal Akkaya, Arupjyoti Bhuyan, Ahmed S Ibrahim
A proxy Signature-Based drone authentication in 5G D2D networks Proceedings Article
In: 2021 IEEE 93rd Vehicular Technology Conference (VTC2021-Spring), pp. 1–7, IEEE, 2021.
Abstract | Links | BibTeX | Tags: Network Security
@inproceedings{nokey,
title = {A proxy Signature-Based drone authentication in 5G D2D networks},
author = {Mai A Abdel-Malek and Kemal Akkaya and Arupjyoti Bhuyan and Ahmed S Ibrahim},
url = {https://ieeexplore.ieee.org/abstract/document/9448962/},
year = {2021},
date = {2021-04-25},
booktitle = {2021 IEEE 93rd Vehicular Technology Conference (VTC2021-Spring)},
pages = {1–7},
publisher = {IEEE},
school = {Florida International University},
abstract = {5G is the beginning of a new era in cellular communication, bringing up a highly connected network with the incorporation of the Internet of Things (IoT). To flexibly operate all the IoT devices over a cellular network, Device-to-Device (D2D) communication standard was developed. However, IoT devices such as drones utilizing 5G D2D services could be a perfect target for malicious attacks as they pose several safety threats if they are compromised. Furthermore, there will be heavy traffic with an increased number of IoT devices connected to the 5G core. Therefore, we propose a lightweight, fast, and reliable authentication mechanism compatible with the 5G D2D ProSe standard mechanisms. Specifically, we propose a distributed authentication with a delegation-based scheme instead of the repeated access to the 5G core network key management functions. Hence, a legitimate drone is authorized by the core},
keywords = {Network Security},
pubstate = {published},
tppubtype = {inproceedings}
}
5G is the beginning of a new era in cellular communication, bringing up a highly connected network with the incorporation of the Internet of Things (IoT). To flexibly operate all the IoT devices over a cellular network, Device-to-Device (D2D) communication standard was developed. However, IoT devices such as drones utilizing 5G D2D services could be a perfect target for malicious attacks as they pose several safety threats if they are compromised. Furthermore, there will be heavy traffic with an increased number of IoT devices connected to the 5G core. Therefore, we propose a lightweight, fast, and reliable authentication mechanism compatible with the 5G D2D ProSe standard mechanisms. Specifically, we propose a distributed authentication with a delegation-based scheme instead of the repeated access to the 5G core network key management functions. Hence, a legitimate drone is authorized by the core
8.
Mumin Cebe, Kemal Akkaya
Communication-efficient certificate revocation management for Advanced Metering Infrastructure and IoT Integration Journal Article
In: Future Generation Computer Systems, vol. 115, pp. 267–278, 2021.
Abstract | Links | BibTeX | Tags: Network Security
@article{nokey,
title = {Communication-efficient certificate revocation management for Advanced Metering Infrastructure and IoT Integration},
author = {Mumin Cebe and Kemal Akkaya},
url = {https://www.sciencedirect.com/science/article/pii/S0167739X20304891},
year = {2021},
date = {2021-02-01},
journal = {Future Generation Computer Systems},
volume = {115},
pages = {267–278},
publisher = {North-Holland},
school = {Florida International University},
abstract = {Advanced Metering Infrastructure forms a communication network for the collection of power data from smart meters in Smart Grid. As the communication between smart meters could be secured utilizing public-key cryptography, however, public-key cryptography still has certain challenges in terms of certificate revocation and management particularly related distribution and storage overhead of revoked certificates. To address this challenge, in this paper, we propose a novel revocation management approach by utilizing cryptographic accumulators which reduces the space requirements for revocation information significantly and thus enables efficient distribution of such information to all smart meters. We implemented the proposed approach on both ns-3 network simulator and a testbed. We demonstrated its superior performance with respect to traditional methods for revocation management.},
keywords = {Network Security},
pubstate = {published},
tppubtype = {article}
}
Advanced Metering Infrastructure forms a communication network for the collection of power data from smart meters in Smart Grid. As the communication between smart meters could be secured utilizing public-key cryptography, however, public-key cryptography still has certain challenges in terms of certificate revocation and management particularly related distribution and storage overhead of revoked certificates. To address this challenge, in this paper, we propose a novel revocation management approach by utilizing cryptographic accumulators which reduces the space requirements for revocation information significantly and thus enables efficient distribution of such information to all smart meters. We implemented the proposed approach on both ns-3 network simulator and a testbed. We demonstrated its superior performance with respect to traditional methods for revocation management.
9.
Abdullah Aydeger, Mohammad Hossein Manshaei, Mohammad Ashiqur Rahman, Kemal Akkaya
Strategic defense against stealthy link flooding attacks: A signaling game approach Proceedings Article
In: pp. 751–764, IEEE, 2021.
Abstract | Links | BibTeX | Tags: Network Security
@inproceedings{nokey,
title = {Strategic defense against stealthy link flooding attacks: A signaling game approach},
author = {Abdullah Aydeger and Mohammad Hossein Manshaei and Mohammad Ashiqur Rahman and Kemal Akkaya},
url = {https://ieeexplore.ieee.org/abstract/document/9328143/},
year = {2021},
date = {2021-01-18},
journal = {IEEE Transactions on Network Science and Engineering},
volume = {8},
number = {1},
issue = {1},
pages = {751–764},
publisher = {IEEE},
school = {Florida International University},
abstract = {With the increasing diversity of Distributed Denial-of-Service (DDoS) attacks, it is becoming extremely challenging to design a fully protected network. For instance, Stealthy Link Flooding Attack (SLFA) is a variant of DDoS attacks that strives to block access to a target area by flooding a small set of links, and it is shown that it can bypass traditional DDoS defense mechanisms. One potential solution to tackle such SLFAs is to apply Moving Target Defense (MTD) techniques in which network settings are dynamically changed to confuse/deceive attackers, thus making it highly expensive to launch a successful attack. However, since MTD comes with some overhead to the network, to find the best strategy (i.e., when and/or to what extent) of applying it has been a major challenge. The strategy is significantly influenced by the attacker's behavior that is often difficult to guess. In this work, we address the challenge of},
keywords = {Network Security},
pubstate = {published},
tppubtype = {inproceedings}
}
With the increasing diversity of Distributed Denial-of-Service (DDoS) attacks, it is becoming extremely challenging to design a fully protected network. For instance, Stealthy Link Flooding Attack (SLFA) is a variant of DDoS attacks that strives to block access to a target area by flooding a small set of links, and it is shown that it can bypass traditional DDoS defense mechanisms. One potential solution to tackle such SLFAs is to apply Moving Target Defense (MTD) techniques in which network settings are dynamically changed to confuse/deceive attackers, thus making it highly expensive to launch a successful attack. However, since MTD comes with some overhead to the network, to find the best strategy (i.e., when and/or to what extent) of applying it has been a major challenge. The strategy is significantly influenced by the attacker's behavior that is often difficult to guess. In this work, we address the challenge of
10.
Suat Mercan, Kemal Akkaya
Building next generation iot infrastructure for enabling m2m crypto economy Journal Article
In: Open Journal of Internet Of Things (OJIOT), vol. 7, iss. 1, no. 1, pp. 116–124, 2021.
Abstract | Links | BibTeX | Tags: Network Security
@article{nokey,
title = {Building next generation iot infrastructure for enabling m2m crypto economy},
author = {Suat Mercan and Kemal Akkaya},
url = {http://www.ronpub.com/ojiot/OJIOT_2021v7i1n11_Mercan.html},
year = {2021},
date = {2021-00-00},
journal = {Open Journal of Internet Of Things (OJIOT)},
volume = {7},
number = {1},
issue = {1},
pages = {116–124},
publisher = {RonPub},
school = {Florida International University},
abstract = {As Bitcoin and other cryptocurrencies are becoming part of our lives, there is a growing interest to enable using them in our daily lives even for micropayments. This interest stems from many factors including privacy, convenience and overhead/fraud that comes with credit cards. In this regard, Internet of Things (IoT) devices can also benefit from this feature for enabling touchless payments for users. However, there is even a bigger opportunity there considering the nature and diversity of very large-scale unattended IoT devices. The integration of any IoT device with blockchain including cryptocurrencies and smart contracts can trigger a machine-to-machine (M2M) economy revolution by streamlining business among IoT devices. Under such a future business model, IoT devices can autonomously request a service and make a payment in return. Such a large-scale ecosystem should rely on various components thus requiring a paradigm shift on the current design and understanding of the IoT systems. In particular, decentralized architecture of blockchain with cryptocurrency and smart contract capability can be a key enabler. In this vision paper, we advocate the need and necessary elements of a M2M crypto economy infrastructure and investigate the role of blockchain in realizing this vision. We specifically focus on the advantages and challenges of blockchain-based systems along with the existing proposed solutions. We then offer several future directions in creating such a M2M economy.},
keywords = {Network Security},
pubstate = {published},
tppubtype = {article}
}
As Bitcoin and other cryptocurrencies are becoming part of our lives, there is a growing interest to enable using them in our daily lives even for micropayments. This interest stems from many factors including privacy, convenience and overhead/fraud that comes with credit cards. In this regard, Internet of Things (IoT) devices can also benefit from this feature for enabling touchless payments for users. However, there is even a bigger opportunity there considering the nature and diversity of very large-scale unattended IoT devices. The integration of any IoT device with blockchain including cryptocurrencies and smart contracts can trigger a machine-to-machine (M2M) economy revolution by streamlining business among IoT devices. Under such a future business model, IoT devices can autonomously request a service and make a payment in return. Such a large-scale ecosystem should rely on various components thus requiring a paradigm shift on the current design and understanding of the IoT systems. In particular, decentralized architecture of blockchain with cryptocurrency and smart contract capability can be a key enabler. In this vision paper, we advocate the need and necessary elements of a M2M crypto economy infrastructure and investigate the role of blockchain in realizing this vision. We specifically focus on the advantages and challenges of blockchain-based systems along with the existing proposed solutions. We then offer several future directions in creating such a M2M economy.
11.
Luis Puche Rondon, Leonardo Babun, Kemal Akkaya, A Selcuk Uluagac
HDMI-walk: Attacking HDMI distribution networks via consumer electronic control protocol Journal Article
In: pp. 650–659, 2019.
Abstract | Links | BibTeX | Tags: Network Security
@article{nokey,
title = {HDMI-walk: Attacking HDMI distribution networks via consumer electronic control protocol},
author = {Luis Puche Rondon and Leonardo Babun and Kemal Akkaya and A Selcuk Uluagac},
url = {https://dl.acm.org/doi/abs/10.1145/3359789.3359841},
year = {2019},
date = {2019-12-09},
pages = {650–659},
school = {Florida International University},
abstract = {The High Definition Multimedia Interface (HDMI) is the backbone and the de-facto standard for Audio/Video interfacing between video-enabled devices. Today, almost tens of billions of HDMI devices exist in the world and are widely used to distribute A/V signals in smart homes, offices, concert halls, and sporting events making HDMI one of the most highly deployed systems in the world. An important component in HDMI is the Consumer Electronics Control (CEC) protocol, which allows for the interaction between devices within an HDMI distribution network. Nonetheless, existing network security mechanisms only protect traditional networking components, leaving CEC outside of their scope. In this work, we identify and tap into CEC protocol vulnerabilities, using them to implement realistic proof-of-work attacks on HDMI distribution networks. We study, how current insecure CEC protocol practices and carelessly},
keywords = {Network Security},
pubstate = {published},
tppubtype = {article}
}
The High Definition Multimedia Interface (HDMI) is the backbone and the de-facto standard for Audio/Video interfacing between video-enabled devices. Today, almost tens of billions of HDMI devices exist in the world and are widely used to distribute A/V signals in smart homes, offices, concert halls, and sporting events making HDMI one of the most highly deployed systems in the world. An important component in HDMI is the Consumer Electronics Control (CEC) protocol, which allows for the interaction between devices within an HDMI distribution network. Nonetheless, existing network security mechanisms only protect traditional networking components, leaving CEC outside of their scope. In this work, we identify and tap into CEC protocol vulnerabilities, using them to implement realistic proof-of-work attacks on HDMI distribution networks. We study, how current insecure CEC protocol practices and carelessly
12.
Luis Puche Rondon, Leonardo Babun, Kemal Akkaya, A Selcuk Uluagac
HDMI-Walk: Attacking HDMI Distribution Networks via Consumer Electronic Control Protocol Journal Article
In: arXiv e-prints, pp. arXiv: 1910.02139, 2019.
Abstract | Links | BibTeX | Tags: Network Security
@article{nokey,
title = {HDMI-Walk: Attacking HDMI Distribution Networks via Consumer Electronic Control Protocol},
author = {Luis Puche Rondon and Leonardo Babun and Kemal Akkaya and A Selcuk Uluagac},
url = {https://ui.adsabs.harvard.edu/abs/2019arXiv191002139P/abstract},
year = {2019},
date = {2019-10-00},
journal = {arXiv e-prints},
pages = {arXiv: 1910.02139},
school = {Florida International University},
abstract = {The High Definition Multimedia Interface (HDMI) is the de-facto standard for Audio/Video interfacing between video-enabled devices. Today, almost tens of billions of HDMI devices exist worldwide and are widely used to distribute A/V signals in smart homes, offices, concert halls, and sporting events making HDMI one of the most highly deployed systems in the world. An important component in HDMI is the Consumer Electronics Control (CEC) protocol, which allows for the interaction between devices within an HDMI distribution network. Nonetheless, existing network security mechanisms only protect traditional networking components, leaving CEC outside of their scope. In this work, we identify and tap into CEC protocol vulnerabilities, using them to implement realistic proof-of-work attacks on HDMI distribution networks. We study, how current insecure CEC protocol practices and HDMI distributions may grant an},
keywords = {Network Security},
pubstate = {published},
tppubtype = {article}
}
The High Definition Multimedia Interface (HDMI) is the de-facto standard for Audio/Video interfacing between video-enabled devices. Today, almost tens of billions of HDMI devices exist worldwide and are widely used to distribute A/V signals in smart homes, offices, concert halls, and sporting events making HDMI one of the most highly deployed systems in the world. An important component in HDMI is the Consumer Electronics Control (CEC) protocol, which allows for the interaction between devices within an HDMI distribution network. Nonetheless, existing network security mechanisms only protect traditional networking components, leaving CEC outside of their scope. In this work, we identify and tap into CEC protocol vulnerabilities, using them to implement realistic proof-of-work attacks on HDMI distribution networks. We study, how current insecure CEC protocol practices and HDMI distributions may grant an
13.
Mumin Cebe, Kemal Akkaya
Efficient certificate revocation management schemes for IoT-based advanced metering infrastructures in smart cities Journal Article
In: Ad hoc networks, vol. 92, pp. 101801, 2019.
Abstract | Links | BibTeX | Tags: Network Security
@article{nokey,
title = {Efficient certificate revocation management schemes for IoT-based advanced metering infrastructures in smart cities},
author = {Mumin Cebe and Kemal Akkaya},
url = {https://www.sciencedirect.com/science/article/pii/S1570870518307844},
year = {2019},
date = {2019-09-01},
journal = {Ad hoc networks},
volume = {92},
pages = {101801},
publisher = {Elsevier},
school = {Florida International University},
abstract = {Advanced Metering Infrastructure (AMI), which refers to the communication network for the collection of power data from smart meters in a Smart Grid, is expected to be used in the service of many Smart City applications such as gas and water data collection or electric vehicle charging. As the communication within the AMI needs to be secure to protect users power data, key management becomes a challenge due to its overhead and limited resources on smart meters. While using public-keys eliminate some of the overhead of key management as opposed to symmetric-key management, there are still challenges regarding the management of certificates that store and certify the public-keys. In particular, distribution and storage of certificate revocation list (CRL) is major a challenge due to cost of distribution and storage in AMI networks which is envisioned to utilize wireless mesh networks. Motivated by the need of},
keywords = {Network Security},
pubstate = {published},
tppubtype = {article}
}
Advanced Metering Infrastructure (AMI), which refers to the communication network for the collection of power data from smart meters in a Smart Grid, is expected to be used in the service of many Smart City applications such as gas and water data collection or electric vehicle charging. As the communication within the AMI needs to be secure to protect users power data, key management becomes a challenge due to its overhead and limited resources on smart meters. While using public-keys eliminate some of the overhead of key management as opposed to symmetric-key management, there are still challenges regarding the management of certificates that store and certify the public-keys. In particular, distribution and storage of certificate revocation list (CRL) is major a challenge due to cost of distribution and storage in AMI networks which is envisioned to utilize wireless mesh networks. Motivated by the need of
14.
Samet Tonyali, Kemal Akkaya
A scalable protocol stack for IEEE 802.11 s-based advanced metering infrastructure networks Proceedings Article
In: 2018 15th IEEE Annual Consumer Communications & Networking Conference (CCNC), pp. 1–6, IEEE, 2018.
Abstract | Links | BibTeX | Tags: Network Security
@inproceedings{nokey,
title = {A scalable protocol stack for IEEE 802.11 s-based advanced metering infrastructure networks},
author = {Samet Tonyali and Kemal Akkaya},
url = {https://ieeexplore.ieee.org/abstract/document/8319198/},
year = {2018},
date = {2018-01-12},
booktitle = {2018 15th IEEE Annual Consumer Communications & Networking Conference (CCNC)},
pages = {1–6},
publisher = {IEEE},
school = {Florida International University},
abstract = {The utility companies and the researchers have been developing new applications and communication protocols for the Smart Grid Advanced Metering Infrastructure (AMI) network. Since the AMI network consists of thousands of smart meters, it is built as a wireless mesh network (WMN) because it requires far less cabling work, thereby lowering the infrastructure, deployment and maintenance costs. However, WMNs suffer from scalability issues as the network grows. Therefore, in this paper, we present a scalable protocol stack for the IEEE 802.11s-based AMI applications. We propose several modifications and parameter adjustments at different layers of the protocol stack. Specifically, several parameters at the MAC layer are adjusted. Furthermore, we integrate a modified Address Resolution Protocol to take advantage of Hybrid Wireless Mesh Protocol's proactive route requests/replies, which is IEEE 802.11s},
keywords = {Network Security},
pubstate = {published},
tppubtype = {inproceedings}
}
The utility companies and the researchers have been developing new applications and communication protocols for the Smart Grid Advanced Metering Infrastructure (AMI) network. Since the AMI network consists of thousands of smart meters, it is built as a wireless mesh network (WMN) because it requires far less cabling work, thereby lowering the infrastructure, deployment and maintenance costs. However, WMNs suffer from scalability issues as the network grows. Therefore, in this paper, we present a scalable protocol stack for the IEEE 802.11s-based AMI applications. We propose several modifications and parameter adjustments at different layers of the protocol stack. Specifically, several parameters at the MAC layer are adjusted. Furthermore, we integrate a modified Address Resolution Protocol to take advantage of Hybrid Wireless Mesh Protocol's proactive route requests/replies, which is IEEE 802.11s
15.
Ahmad Alsharif, Samet Tonyali, Mohamed Mahmoud, Kemal Akkaya, Muhammad Ismail, Erchin Serpedin
Performance analysis of certificate renewal scheme for ami networks Journal Article
In: Proc. of the 7th International Workshop on Computer Science and Engineering, Beijing, China, pp. 25–27, 2017.
Abstract | Links | BibTeX | Tags: Network Security
@article{nokey,
title = {Performance analysis of certificate renewal scheme for ami networks},
author = {Ahmad Alsharif and Samet Tonyali and Mohamed Mahmoud and Kemal Akkaya and Muhammad Ismail and Erchin Serpedin},
url = {https://faculty.uca.edu/aalsharif/publications/WCSE_Certificate_Renewal.pdf},
year = {2017},
date = {2017-06-00},
journal = {Proc. of the 7th International Workshop on Computer Science and Engineering, Beijing, China},
pages = {25–27},
school = {Florida International University},
abstract = {Public-key cryptography is indispensable for securing the communications in Advanced Metering Infrastructure (AMI) networks. However, few works have studied the efficient use of public key cryptography certificates in such a network and most of them focus on certificates' revocation. In this paper, we extensively investigate the performance our previous proposal on an efficient certificate renewal scheme that we proposed for AMI networks. First, quantitative analysis is carried out to compare our scheme against signature-based certificate renewal schemes. Then, all schemes are implemented in a realistic network model using NS-3 to evaluate their performance. Simulation results demonstrate the improved performance of our scheme in computational cost, communication overhead, end-to-end delay, packet delivery ratio, and required bandwidth compared with the signature-based certificate renewal scheme.},
keywords = {Network Security},
pubstate = {published},
tppubtype = {article}
}
Public-key cryptography is indispensable for securing the communications in Advanced Metering Infrastructure (AMI) networks. However, few works have studied the efficient use of public key cryptography certificates in such a network and most of them focus on certificates' revocation. In this paper, we extensively investigate the performance our previous proposal on an efficient certificate renewal scheme that we proposed for AMI networks. First, quantitative analysis is carried out to compare our scheme against signature-based certificate renewal schemes. Then, all schemes are implemented in a realistic network model using NS-3 to evaluate their performance. Simulation results demonstrate the improved performance of our scheme in computational cost, communication overhead, end-to-end delay, packet delivery ratio, and required bandwidth compared with the signature-based certificate renewal scheme.
16.
Nico Saputro, Ali Ihsan Yurekli, Kemal Akkaya, Selcuk Uluagac
Privacy preservation for IoT used in smart buildings Journal Article
In: Security and Privacy in Internet of Things (IoTs): Models, Algorithms, and Implementations, pp. 129–160, 2016.
Abstract | Links | BibTeX | Tags: Network Security
@article{nokey,
title = {Privacy preservation for IoT used in smart buildings},
author = {Nico Saputro and Ali Ihsan Yurekli and Kemal Akkaya and Selcuk Uluagac},
url = {https://api.taylorfrancis.com/content/chapters/edit/download?identifierName=doi&identifierValue=10.1201/b19516-14&type=chapterpdf},
year = {2016},
date = {2016-04-05},
journal = {Security and Privacy in Internet of Things (IoTs): Models, Algorithms, and Implementations},
pages = {129–160},
school = {Florida International University},
abstract = {The proliferation of various Internet of Things (IoT) devices has led to several innovative applications including the development of smart home and buildings. While the use of IoT devices can bring a lot of advantages in terms of efficiency, convenience, and cost, their extensive use raises several privacy concerns regarding the users and their activities inside these smart buildings. For instance, through analyzing the smart meter data, one can infer avocations, finances, occupation, credit, health, or other similar personal information about the customer or the household. In commercial buildings, the privacy concerns are mostly on user tracking and pattern detection of behavior when employees utilize their smart devices connected to Wi-Fi access points. In the same manner, the use of IoT devices in the workplace may leak information about the social fabric of that organization, which is largely hidden from direct},
keywords = {Network Security},
pubstate = {published},
tppubtype = {article}
}
The proliferation of various Internet of Things (IoT) devices has led to several innovative applications including the development of smart home and buildings. While the use of IoT devices can bring a lot of advantages in terms of efficiency, convenience, and cost, their extensive use raises several privacy concerns regarding the users and their activities inside these smart buildings. For instance, through analyzing the smart meter data, one can infer avocations, finances, occupation, credit, health, or other similar personal information about the customer or the household. In commercial buildings, the privacy concerns are mostly on user tracking and pattern detection of behavior when employees utilize their smart devices connected to Wi-Fi access points. In the same manner, the use of IoT devices in the workplace may leak information about the social fabric of that organization, which is largely hidden from direct
17.
Mohamed Mahmoud, Kemal Akkaya, Khaled Rabieh, Samet Tonyali
An efficient certificate revocation scheme for large-scale AMI networks Proceedings Article
In: 2014 IEEE 33rd International Performance Computing and Communications Conference (IPCCC), pp. 1–8, IEEE, 2014.
Abstract | Links | BibTeX | Tags: Network Security
@inproceedings{nokey,
title = {An efficient certificate revocation scheme for large-scale AMI networks},
author = {Mohamed Mahmoud and Kemal Akkaya and Khaled Rabieh and Samet Tonyali},
url = {https://ieeexplore.ieee.org/abstract/document/7017076/},
year = {2014},
date = {2014-12-05},
booktitle = {2014 IEEE 33rd International Performance Computing and Communications Conference (IPCCC)},
pages = {1–8},
publisher = {IEEE},
school = {Florida International University},
abstract = {Given the large geographic deployment and scalability of the Advanced Metering Infrastructure (AMI) networks, it is inefficient to create one large certificate revocation list (CRL) for all the networks. It is also inefficient to create a CRL for each meter having the certificates it needs because too many CRLs will be required. It is beneficial to balance the size of the CRLs and the overhead of forming and distributing them. In this paper, the certificate authority (CA) groups the AMI networks and composes one CRL for each group. We use Bloom filter to reduce the number of CRLs by increasing the groups size with acceptable overhead on the meters. However, Bloom filters suffer from false positives which is not acceptable in AMI networks because meters may miss important messages. We propose a novel scheme to identify and mitigate the false positives by making use of the fact that Bloom filters are free of false},
keywords = {Network Security},
pubstate = {published},
tppubtype = {inproceedings}
}
Given the large geographic deployment and scalability of the Advanced Metering Infrastructure (AMI) networks, it is inefficient to create one large certificate revocation list (CRL) for all the networks. It is also inefficient to create a CRL for each meter having the certificates it needs because too many CRLs will be required. It is beneficial to balance the size of the CRLs and the overhead of forming and distributing them. In this paper, the certificate authority (CA) groups the AMI networks and composes one CRL for each group. We use Bloom filter to reduce the number of CRLs by increasing the groups size with acceptable overhead on the meters. However, Bloom filters suffer from false positives which is not acceptable in AMI networks because meters may miss important messages. We propose a novel scheme to identify and mitigate the false positives by making use of the fact that Bloom filters are free of false
18.
Suleyman Uludag, Kemal Akkaya, Klara Nahrstedt
Welcome message from the SGNI 2010 co-chairs Journal Article
In: Proceedings-Conference on Local Computer Networks, LCN, pp. 5735651, 2010.
Abstract | Links | BibTeX | Tags: Network Security
@article{nokey,
title = {Welcome message from the SGNI 2010 co-chairs},
author = {Suleyman Uludag and Kemal Akkaya and Klara Nahrstedt},
url = {https://experts.illinois.edu/en/publications/welcome-message-from-the-sgni-2010-co-chairs},
year = {2010},
date = {2010-00-00},
journal = {Proceedings-Conference on Local Computer Networks, LCN},
pages = {5735651},
school = {Florida International University},
abstract = {Welcome message from the SGNI 2010 co-chairs University of Illinois Urbana-Champaign Skip to main navigation Skip to search Skip to main content University of Illinois Urbana-Champaign Home University of Illinois Urbana-Champaign Logo LOGIN & Help Home Profiles Research units Research & Scholarship Datasets Honors Press/Media Activities Search by expertise, name or affiliation Welcome message from the SGNI 2010 co-chairs Suleyman Uludag, Kemal Akkaya, Klara Nahrstedt Computer Science National Center for Supercomputing Applications (NCSA) Coordinated Science Lab Information Trust Institute Beckman Institute for Advanced Science and Technology Carle Illinois College of Medicine Research output: Contribution to journal Editorial peer-review Overview Fingerprint Original language English (US) Article number 5735651 Journal Proceedings - Conference on Local Computer},
keywords = {Network Security},
pubstate = {published},
tppubtype = {article}
}
Welcome message from the SGNI 2010 co-chairs University of Illinois Urbana-Champaign Skip to main navigation Skip to search Skip to main content University of Illinois Urbana-Champaign Home University of Illinois Urbana-Champaign Logo LOGIN & Help Home Profiles Research units Research & Scholarship Datasets Honors Press/Media Activities Search by expertise, name or affiliation Welcome message from the SGNI 2010 co-chairs Suleyman Uludag, Kemal Akkaya, Klara Nahrstedt Computer Science National Center for Supercomputing Applications (NCSA) Coordinated Science Lab Information Trust Institute Beckman Institute for Advanced Science and Technology Carle Illinois College of Medicine Research output: Contribution to journal Editorial peer-review Overview Fingerprint Original language English (US) Article number 5735651 Journal Proceedings - Conference on Local Computer
Citations: 18671
h-index: 54
i10-index: 162