In today's rapidly evolving digital landscape, the importance of robust cybersecurity has never been greater. My research is squarely focused on this critical domain, seeking to uncover new vulnerabilities and exploit them from a red team perspective. This approach enables us to fortify our defenses, better equipping us to thwart the multifaceted threats that endanger our digital ecosystems.

However, we cannot rely solely on traditional methods and technologies. To advance our cybersecurity capabilities, I am passionate about incorporating emergent technologies like artificial intelligence (AI) and blockchain into my work. Their profound potential could lead to groundbreaking improvements in security strategy and architecture, and we must proactively leverage them to stay a step ahead of our adversaries.

Yet, I hold a firm belief that academic research should not exist in isolation. Instead, it should be a driver for practical advancements that positively impact the world around us. Thus, my work aims to turn theoretical concepts into tangible tools and systems that fortify our defenses in a tangible way. By bridging the gap between theory and practice, we can create a safer digital landscape for all.

2020-06-17 | Journal Article

DOI: 10.13140/rg.2.2.26349.44004/1

Language: English 

Abstract - Enterprise password policies require the use of complex passwords that contain lowercase and uppercase letters, numbers, and symbols. Considering this common requirement, end-users tend to create complex (!) passwords containing certain patterns, which make such passwords guessable and, therefore, insecure. A Replacement pattern is one of these pattern-types and substitutes a number or symbol for a certain letter. As an example, the letter ”o” is replaced with 0 (zero), and the password becomes passw0rd. Even though passw0rd contains a number and is assumed to be a strong password, its replacement pattern can be misused to guess it successfully and crack it easily. In our research, In our research, we performed an automated analysis of 1.330.780 word lists from different languages to identify possible replacement patterns. This list contains words from the dictionaries of the most used languages (only the ones that use Latin script) in the world. We identified 43 different replacement-types for one character replacements (single type replacement), 9 different replacement-types for two character replacements (dual type replacement), and 15 different replacement-types for three character replacements (triad type replacement) for our analysis. These identified replacement patterns can be utilized to improve dictionary-attacks, especially for forensic investigations. In this paper, we explain our methodology to identify replacement patterns. The main purpose of this article is to show that with replacement methods on plain texts, it is possible to have more successful rates when trying to recover hashed passwords.

2020-12-31 | Journal Article

E-ISSN: 2528-9993

Language: Turkish

Abstract - Günümüzde siber savunma alanındaki süreçlerin hızı ve kullanılan veri miktarının çokluğu dikkate alındığında, otomasyon sistemlerinin yardımı olmaksızın, salt insan gücü kullanılarak etkili bir savunma meydana getirilmesi beklenemez. Bununla birlikte, ağlardaki dinamik olarak gelişen saldırılara karşı, etkin bir savunma için, klasik sabit algoritmalar ile yazılım geliştirmek zordur. Bu durumun üstesinden, yazılım için esneklik ve öğrenme kabiliyeti sağlayan yapay zeka yöntemleri kullanılarak gelinebilir. Savunma sistemlerinin zekasının arttırılması yoluyla siber savunma yeteneklerinin geliştirilmesi ihtimali oldukça yüksektir. Gerçek hayatta siber savunma ile ilgili sorunlara bakıldığında birçok siber savunma probleminin ancak yapay zeka yöntemleri kullanıldığında başarıyla çözülebileceği açıkça görülmektedir. Bu makalede mevcut yapay zeka uygulama ve teknikleri gözden geçirilerek, yapay zekanın siber savunma sistemlerinde kullanımı ve bu kullanımın zorunluluğu ve öneminden bahsedilmiştir. Makalenin amacı, hali hazırda geliştirilmekte olan yapay zeka teknoloji ve metodoljilerini ele alıp inceleyerek, bu teknoloji ve metodojilerin siber savunmadaki rolü ve adaptasyonu konusuyla entegre ederek, bahsi geçen bu yöntemlerin siber savunma alanında kullanımını güncel örneklerle açıklayabilmektir.

2020-04-20 | Journal Article

DOI: 10.13140/RG.2.2.23982.95044

Language: English

Abstract - The primary objective of this project is to create a paper covering how virtual private networks (VPNs)  can be compromised, the most popular attack vectors being used to compromise networks during this crisis, how security operations center (SOC) analysts are coping with the situation, and recommendations on how to better secure one’s corporate network and personal computer. Particular focus is given to the compromise of encrypted tunnels and how users could be exploited when working remotely.

2019-12-01 | Journal Article

ISSN 2521-1331

Language: English

Abstract - Threat intelligence is proven based on information, including setting, instruments, pointers, suggestions, and noteworthy guidance, around a current or developing threat or risk to assets (such as unauthorized access, unauthorized use of assets, disclosing sensitive information, unauthorized changes to an asset, deny access). Studying advanced adversary tactics, techniques, and procedures is also part of cyber threat intelligence (CTI) and it can help find breaches or atypical movement, as well as help to get adversaries and prevent threats even before they take place. Minimizing false positives (and false negatives) with cyber threat intelligence increases the effectiveness of cyber defense. Before using CTI, it is important to define and understand it. This article aims to describe and explain all the basics of CTI.  

2019-08-02 | Journal Article

DOI: 10.13140/RG.2.2.13916.62080

Language: English

Abstract - This publication is part of a series of country reports offering a comprehensive overview of national cyber security governance by nation. The aim is to improve awareness of cyber security management in varied national settings, support nations in enhancing their own cyber security governance, encourage the spread of best practices, and contribute to the development of interagency and international cooperation. Primarily focusing on NATO Nations that are Sponsoring Nations to the NATO CCDCOE, each country report outlines the division of cyber security roles and responsibilities between agencies, describes their mandates, tasks, and competencies, as well as coordination between them. In particular, it covers the mandates of political and strategic management; operational cyber security capabilities and cyber incident management; military cyber defence; and cyber aspects of crisis prevention and management. It offers an introduction to the broader digital ecosystem of the country and outlines national cyber security strategy objectives in order to clarify the context for the organisational approach in a particular nation.

2019-05-24 | Journal Article

DOI: 10.13140/rg.2.2.25720.29441

Language: English

Abstract - Nowadays, considering the speed of the processes and the amount of data used in cyber defense, it cannot be expected to have an effective defense by using only human power without the help of automation systems. However, for effective defense against dynamically evolving attacks on networks, it is difficult to develop software with conventional fixed algorithms. This can be achieved by using artificial intelligence methods that provide flexibility and learning capability. The likelihood of developing cyber defense capabilities through increased intelligence in defense systems is quite high. Given the problems associated with cyber defense in real life, it is clear that many cyber defense problems can be successfully solved only when artificial intelligence methods are used. In this article, the current artificial intelligence practices and techniques are reviewed, and the use and importance of artificial intelligence in cyber defense systems are mentioned. The aim of this article is to be able to explain the use of these methods in the field of cyber defense with current examples by considering and analyzing the artificial intelligence technologies and methodologies that are currently being developed and integrating them with the role and adaptation of the technology and methodology in the defense of cyberspace.

2019-04-01 | Journal Article

DOI: 10.13140/rg.2.2.30543.74406

Language: English

Abstract - This paper explores the potential of Cyber Defense Exercises (CDXs) as a practical and effective testbed for cyber security assessments. CDXs, which simulate real-world cyber threats in a controlled environment, offer a unique opportunity to evaluate the robustness of cyber defense mechanisms, assess the skills of cyber security personnel, and identify potential vulnerabilities in systems and networks. The study begins with an overview of the CDXs concept, followed by a detailed discussion of its application in cyber security assessments. It further investigates the benefits and challenges associated with the use of CDXs as a testbed, drawing on case studies and recent advancements in the field. The paper concludes with recommendations for optimizing the use of CDXs in cyber security assessments, emphasizing the need for continuous improvement and adaptation to evolving cyber threats. This research contributes to the growing body of knowledge on cyber security assessment methodologies and provides valuable insights for practitioners, policymakers, and researchers in the field.

2018-12-06 | Conference Paper

DOI: 10.1109/cybersecpods.2018.8560673

ISBN: 9781538646830

Language: English

Abstract - This paper discusses the concept of cyber defence exercises (CDX), which are a very important tool when it comes to enhancing the safety awareness of cyberspace, testing an organization's ability to put up resistance and respond to different cyber events to establish a secure environment, gathering empirical data related to security, and looking at the practical training of experts on this subject. The exercises can give ideas to the decision-makers about the precautions in the cybersecurity area and to the officials, institutions, organizations, and staff who are responsible for the cyber tools, techniques, and procedures that can be developed for this field. In the cyber defense exercises, the scenarios that are simulated closest to reality provide very important contributions by bringing together the necessity of making the best decisions and management capabilities under the cyber crisis by handling stress and coordinating movement as a team. The objective of this paper is to address the issue from a scientific point of view by setting out the stages of planning, implementation, and evaluation of these exercises, taking into account and comparing international firefighting exercises. Another aim of the work is to be able to reveal the necessary processes that are required for all kinds of cyber exercises, regardless of the type, although the processes involved vary according to the target mass of the planned exercise.

2018-07-25 | Conference Paper

DOI: 10.1109/codit.2018.8394966

ISBN: 9781538650653

Language: English

Abstract - Enterprise password policies require the use of complex passwords that contain lowercase and uppercase letters, numbers, and symbols. Considering this common requirement, end-users tend to create complex (!) passwords containing certain patterns, which make such passwords guessable and, therefore, insecure. A Replacement pattern is one of these pattern types and substitutes a number or symbol for a certain letter. As an example, the letter “o” is replaced with 0 (zero), and a password becomes the password. Even though passw0rd contains a number and is assumed to be a strong password, its replacement pattern can be misused to successfully guess it and crack it easily. In our research, we performed an automated analysis of ca. 14.5 million real-life leaked passwords to identify all possible replacement patterns. We identified 43 different replacement types at the end of the analysis. These identified replacement patterns can be utilized to improve dictionary-attacks, especially for forensic investigations. In this paper, we explain our methodology to identify replacement patterns, all possible replacement types with their examples, The top 5 replacement patterns with examples as well as the elimination of false-positive cases in detail.

2017-12-31 | Journal Article

E-ISSN: 2528-9993

Language: Turkish

Abstract - Siber savunma tatbikatları, siber güvenlik bilinirliliğini arttırmak, siber alanda meydana gelebilecek olası farklı senaryolarda nasıl hareket edilmesi gerektiği konusunda gerekli ortamın oluşturulması, ve konuyla ilgili uzmanların uygulamalı olarak eğitimleri açısından bakıldığında çok önemli bir araçtır. Söz konusu tatbikatlar siber alanda alınabilecek önlemler konusunda karar vericilere ve bu alan için geliştirilebilecek araçlar, teknikler ve prosedürler konusunda siber savunma ile görevli veya ilgili kurum, kuruluş, ve personele de fikirler verebilmektedir. Siber savunma tatbikatlarında gerçeğe en yakın şekilde oluşturulan senaryolarla özellikle siber saldırılar ile karşı karşıya iken özellikle stres altında en iyi kararları verebilme ve takım olarak koordineli hareket edebilmenin zorunluluğunu beraberinde getirerek çok önemli katkılar sağlamaktadır. Bu makalenin amacı uluslararası siber savunma tatbikatları göz önünde bulundurularak ve karşılaştırılarak bu tatbikatların planlama, uygulama ve değerlendirme aşamalarını ortaya koyarak konuyu bilimsel açıdan ele almaktır. Çalışmanın bir diğer amacı ise söz konusu süreçler her ne kadar yapılması planlanan tatbikatın hedef kitlesine göre farklılıklar arz etse de, türüne bakılmaksızın genel bir siber savunma tatbikatında olması gerekli süreçleri de ortaya koyabilmektir.

2016-08-18 | Conference Paper

DOI: 10.1109/cscloud.2016.35

ISBN: 9781509009466

Language: English

Abstract - In recent years, cloud computing has been getting more and more attention every day. While outsourcing the hardware and software resources, still being able to manage them remotely with benefits like high computing power, competitiveness, cost efficiency, scalability, flexibility, accessibility, and availability are revolutionary. For all of its advantages, on the other hand, nothing interesting is ever completely one-sided. Security and integrity of the data which is stored in untrustworthy servers are critically important and raise concerns about it. The data can be modified, removed, corrupted, or even stolen since it is in the remote server. These kinds of malicious activities can be done either by untrusted servers or by unauthorized user(s). Therefore, various integrity checking methods have been offered for cloud computing systems. This survey aims to analyze and compare different research about data integrity proofs for these systems.

2016-08-18 | Conference Paper

DOI: 10.1109/cybersecpods.2016.7502348

ISBN: 9781509007097

Language: English

Abstract - Recent years have shown us the importance of cybersecurity. Especially when the matter is national security, it is even more essential and crucial. Increasing cyberattacks, especially between countries at the governmental level, created a new term, cyber warfare. Creating some rules and regulations for this kind of war is necessary; therefore, international justice systems are working on it continuously. In this paper, we mentioned fundamental terms of cybersecurity, the cyber capabilities of some countries, some important cyber attacks in the near past, and finally, globally applied cyber warfare law for these attacks.