Filtreler

2024 - 202612
Filtreleri Sıfırla

Ayarlar

Yazar: Çeliktaş, Barış × İndeks: Scopus ×

Arama Sonuçları

Listeleniyor 1 - 10 / 12
  • Küçük Resim
    Yayın
    Implementing lightweight, dynamic hierarchical key assignment scheme for cloud computing
    (IEEE, 2024-03-25) Çelikbilek, İbrahim; Çeliktaş, Barış; Özdemir, Enver
    In this paper, we propose the implementation and adaptation of a hierarchical key assignment scheme (HKAS) previously developed in our research to improve access control in cloud computing environments. The secret keys generated and managed by this scheme can be utilized for various purposes within the cloud computing, including data encryption, integrity checks, secure communications, and accessing critical infrastructures or services. Our implementation performs dynamic update operations with minimal computational cost and storage demands, as users within the hierarchical structure do not store any key components. Through security analysis, the scheme demonstrates strong key indistinguishability security (S-KI-security), effectively safeguarding keys against various cryptographic attacks. The scheme's flexibility allows it to be tailored to specific organizational needs, whether for securing sensitive data, ensuring compliance with regulatory standards, or facilitating secure data sharing and collaboration in cloud environments. Thus, we advocate for the practical implementation of the HKAS in transitioning to cloud environments.
  • Küçük Resim
    Yayın
    Efficient estimation of Sigmoid and Tanh activation functions for homomorphically encrypted data using Artificial Neural Networks
    (Institute of Electrical and Electronics Engineers Inc., 2024) Harb, Mhd Raja Abou; Çeliktaş, Barış
    This paper presents a novel approach to estimating Sigmoid and Tanh activation functions using Artificial Neural Networks (ANN) optimized for homomorphic encryption. The proposed method is compared against second-degree polynomial and Piecewise Linear approximations, demonstrating a minor loss in accuracy while maintaining computational efficiency. Our results suggest that the ANN-based estimator is a viable alternative for secure machine learning models requiring privacypreserving computation.
  • Küçük Resim
    Yayın
    A context-aware, AI-driven load balancing framework for incident escalation in SOCs
    (Institute of Electrical and Electronics Engineers Inc., 2025-08-12) Abuaziz, Ahmed; Çeliktaş, Barış
    SOCs face growing challenges in incident management due to increasing alert volumes and the complexity of cyberattacks. Traditional rule-based escalation models often fail to account for the workload of the analyst, the severity of the incident, and the organizational context. This paper proposes a context-aware, AI-driven load balancing framework for intelligent analyst assignment and incident escalation. Our framework leverages large language models (LLMs) with retrievalaugmented generation (RAG) to evaluate incident relevance and historical assignments. A reinforcement learning (RL)-based scheduler continuously optimizes incident-to-analyst assignments based on operational outcomes, enabling the system to adapt to evolving threat landscapes and organizational structures. Planned simulations in realistic SOC environments will compare the model with traditional rule-based models using metrics such as Mean Time to Resolution (MTTR), workload distribution, and escalation accuracy. This work highlights the potential of AIdriven approaches to improve SOC performance and enhance incident response effectiveness.
  • Küçük Resim
    Yayın
    ANN activation function estimators for homomorphic encrypted inference
    (Institute of Electrical and Electronics Engineers Inc., 2025-06-13) Harb, Mhd Raja Abou; Çeliktaş, Barış
    Homomorphic Encryption (HE) enables secure computations on encrypted data, facilitating machine learning inference in sensitive environments such as healthcare and finance. However, efficiently handling non-linear activation functions, specifically Sigmoid and Tanh, remains a significant computational challenge for encrypted inference using Artificial Neural Networks (ANNs). This study introduces a lightweight, ANN-based estimator designed to accurately approximate activation functions under homomorphic encryption. Unlike traditional polynomial and piecewise linear approximations, the proposed ANN estimators achieve superior accuracy with lower computational overhead associated with bootstrapping or high-degree polynomial techniques. These estimators are trained on plaintext data and seamlessly integrated into encrypted inference pipelines, significantly outperforming conventional methods. Experimental evaluations demonstrate notable improvements, with ANN estimators enhancing accuracy by approximately 2% for Sigmoid and up to 73% for Tanh functions, improving F1-scores by approximately 2% for Sigmoid and up to 88% for Tanh, and markedly reducing Mean Square Error (MSE) by up to 96% compared to polynomial approximations. The ANN estimator achieves an accuracy of 97.70% and an AUC of 0.9997 when integrated into a CNN architecture on the MNIST dataset, and an accuracy of 85.25% with an AUC of 0.9459 on the UCI Heart Disease dataset during ciphertext inference. These results underscore the estimator’s practical effectiveness and computational feasibility, making it suitable for secure and efficient ANN inference in encrypted environments.
  • Küçük Resim
    Yayın
    A hierarchical key assignment scheme: a unified approach for ccalability and efficiency
    (IEEE, 2024-05-24) Çelikbilek, İbrahim; Çeliktaş, Barış; Özdemir, Enver
    This study introduces a hierarchical key assignment scheme (HKAS) based on the closest vector problem in an inner product space (CVP-IPS). The proposed scheme offers a comprehensive solution with scalability, flexibility, cost-effectiveness, and high performance. The key features of the scheme include CVP-IPS based construction, the utilization of two public keys by the scheme, a distinct basis set designated for each class, a direct access scheme to enhance user convenience, and a rigorous mathematical and algorithmic presentation of all processes. This scheme eliminates the need for top-down structures and offers a significant benefit in that the lengths of the basis sets defined for classes are the same and the costs associated with key derivation are the same for all classes, unlike top-down approaches, where the higher class in the hierarchy generally incurs much higher costs. The scheme excels in both vertical and horizontal scalability due to its utilization of the access graph and is formally proven to achieve strong key indistinguishability security (S-KI-security). This research represents a significant advancement in HKAS systems, providing tangible benefits and improved security for a wide range of use cases.
  • Küçük Resim
    Yayın
    Relationships among organizational-level maturities in artificial intelligence, cybersecurity, and digital transformation: a survey-based analysis
    (Institute of Electrical and Electronics Engineers Inc., 2025-05-19) Kubilay, Burak; Çeliktaş, Barış
    The rapid development of digital technology across industries has highlighted the growing need for enhanced competencies in Artificial Intelligence (AI), Cyber security (CS), and Digital Transformation (DT). While there is extensive research on each of these domains in isolation, few studies have investigated their relationship and joint impact on organizational maturity. This study aims to address this gap by analyzing the relationships among the maturity levels of AI, CS, and DT at the organizational level using Structural Equation Modeling (SEM) and descriptive statistical methods. A mixed-methods design combines quantitative survey data with synthetic modeling techniques to assess organizational preparedness. The findings demonstrate significant bidirectional correlations among AI, CS, and DT, with technology and finance being more advanced than government and education. The research highlights the necessity of an integrated AI-CS strategy and provides actionable recommendations to increase investments in these domains. In contrast to the preceding fragmented evaluations, the current research establishes a comprehensive, empirically grounded framework that acts as a strategic reference point for digital resilience. Follow-up studies will involve collecting real-world industry data in support of empirical validation and predictive ability in measuring AI and CS maturity. This research adds to the existing literature by filling the gaps among fragmented digital maturity models and providing a consistent empirical base for organizations to thrive in an evolving technological environment.
  • Küçük Resim
    Yayın
    A metric-driven IT risk scoring framework: incorporating contextual and organizational factors
    (Institute of Electrical and Electronics Engineers Inc., 2025-09-24) Ünal, Nezih Mahmut; Çeliktaş, Barış
    Risk analysis is a critical process for organizations seeking to manage their cybersecurity posture effectively. However, traditional risk analysis frameworks, such as the Common Vulnerability Scoring System (CVSS), primarily evaluate technical impacts without incorporating organizational context and dynamic risk factors. This paper presents a metric-based risk analysis framework designed to provide a more adaptable and context-aware risk-scoring framework. The proposed model enables risk owners to define customized threat scenarios and dynamically adjust metric weights based on organizational needs. Unlike traditional approaches, our method integrates contextual parameters to improve the accuracy and relevance of risk calculations. Experimental evaluations demonstrate that the proposed framework enhances risk prioritization and provides more actionable insights for decision-makers. This study contributes to the field by addressing the limitations of existing risk analysis models and offering a systematic approach for cybersecurity risk management.
  • Küçük Resim
    Yayın
    Çok ölçekli görsel benzerlik analizi ile oltalama saldırısı tespiti
    (Institute of Electrical and Electronics Engineers Inc., 2025-08-15) Kılıç, Bartu; Çeliktaş, Barış
    Oltalama saldırıları teknolojinin gelişmesiyle günümüzün en yaygın siber güvenlik tehditlerinden biri haline gelmiştir. Bu çalışma, web sitelerinin ekran görüntülerini gelişmiş bir görsel benzerlik analizi yöntemiyle inceleyerek oltalama saldırılarını yüksek doğrulukla tespit eden bir yaklaşım sunmaktadır. Oltalama tespiti için önerilen yöntemde, algısal özütleme tabanlı çoklu çözünürlük analizi, akıllı ilgi bölgesi (ROI) tespiti ve çoklu metrik füzyonu gibi teknikler birleştirilerek yüksek doğrulukta tespit yapılabilmektedir. Veri seti, popüler bankacılık, e-posta ve sosyal medya platformlarının gerçek ve oltalama sayfalarından oluşan 23 gerçek ve 3 oltalama sayfası ekran görüntülerinden derlenmiştir. Yapılan testler, yöntemin %85 doğruluk oranı ile tekil metrik tabanlı yaklaşımlardan daha iyi performans gösterdiğini ortaya koymuştur. Dil bağımsız çalışan bu yöntem, URL ve HTML manipülasyonlarına karşı dayanıklıdır ve gerçek zamanlı oltalama tespiti için güçlü bir çözüm sunmaktadır.
  • Küçük Resim
    Yayın
    Privacy-preserving cyber threat intelligence: a framework combining private information retrieval, federated learning, and differential privacy
    (Institute of Electrical and Electronics Engineers Inc., 2025-09-21) Çamalan, Emre; Çeliktaş, Barış
    Threat Intelligence Platforms (TIPs) are essential for sharing indicators of compromise (IoCs), but querying them can leak sensitive organizational data. We propose a privacy-preserving framework that combines Private Information Retrieval (PIR), Federated Learning (FL), and Differential Privacy (DP) to mitigate this risk. Our approach addresses both content-level and metadata-level privacy concerns while supporting collaborative learning across organizations. It ensures that sensitive query patterns remain hidden, local threat data never leaves organizational boundaries, and model updates are protected against inference attacks. The framework integrates with existing TIPs such as MISP and OpenCTI, requiring minimal operational changes. We implement a prototype using a simulated Abuse IP dataset and evaluate it on latency, accuracy, and communication overhead. The system supports private queries in under 300 ms and maintains over 95% model accuracy under DP noise. These results indicate that strong privacy can be achieved with minimal performance trade-offs, making the approach viable for real-world CTI environments.
  • Küçük Resim
    Yayın
    Cross-layer ransomware detection framework for SDN using HMM, LSTM, and Bayesian inference
    (Institute of Electrical and Electronics Engineers Inc., 2025-08-28) Serter, Cemal Emre; Çeliktaş, Barış
    Ransomware continues to pose a serious threat to endpoint computers as well as network systems, especially in Software Defined Networks (SDN) environments where programmability and centralized control offer novel attack surfaces. In this paper, a cross-layer detection model for ransomware is introduced that integrates host-based behavioral modeling using Hidden Markov Models (HMM), anomaly detection at flow level using Long Short-Term Memory (LSTM) networks, and probabilistic fusion through Bayesian inference. By correlating host and SDN layer anomalies, the system enhances early-stage detection and reduces false positives. A variational Bayesian approximation technique is utilized for decision score stabilization under ambiguous conditions. The model is evaluated with new ransomware datasets and obtains a range between 97.5%-99.92% F1-score across three benchmark datasets with less than 50 ms latency for detection. The hybrid framework gives a promising direction for real-time threat detection in resilient programmable networks.