Filtreler

2003 - 200942010 - 20191
Filtreleri Sıfırla

Ayarlar

Bölüm: Işık Üniversitesi, Fen Bilimleri Enstitüsü, Bilgisayar Mühendisliği Yüksek Lisans Programı × Konu: Security ×

Arama Sonuçları

Listeleniyor 1 - 5 / 5
  • Küçük Resim
    Yayın
    Security analysis of coap and dtls protocols for internet of things applications
    (Işık Üniversitesi, 2019-08-26) Gürkan, Ali Tunca; Tüysüz Erman, Ayşegül; Işık Üniversitesi, Fen Bilimleri Enstitüsü, Bilgisayar Mühendisliği Yüksek Lisans Programı
    Internet of Things is a very fast growing area. Its requirements and related technologies are changing from day to day. In Internet of Things, devices can communicate with each other with different messaging protocols. The latest messaging protocols are well developed, but they are too heavy to be run on devices developed with old technology. Therefore, these devices have to be operated with old-fashioned protocols. This makes devices vulnerable to security risks. CoAP is a newly developed messaging protocol for constrained devices used in Internet of Things applications. The protocol is a variant of HTTP, so it has similar speci cations. CoAP does not have an embedded security mechanism. Therefore, another protocol called DTLS is used on top of it to provide security. DTLS has powerful functions like handshaking and session processes; however, it is weak against DoS attacks. In this study, we develop a security extension for Internet of Things devices using CoAP with DTLS for secure messaging. DTLS applies handshaking process for every received request. The handshaking process is the most time and resource consuming part of the communication. We propose a security extension to prevent unnecessary messaging during handshaking process of an attacker device that sends a lot of unauthenticated requests. When a client sends requests to a server that has the proposed security extension, the server counts unsuccessful handshaking processes for each client. If the count passes a limit of suspicious requests, the security extension on server adds the client's IP address into a banned IPs list. Until the expiration time, the server does not accept any request from the banned IP address. Our proposed security extension is tested in different scenarios to examine the effects on the network. The results of the experiments show that the enhanced security extension decreases delays on the network and it is helpful for communication between authenticated devices.
  • Küçük Resim
    Yayın
    Ipwall design and implementation of a gateway frewall on linux
    (Işık Üniversitesi, 2004) Durak, Erdem; Yarman, Bekir Sıddık Binboğa; Işık Üniversitesi, Fen Bilimleri Enstitüsü, Bilgisayar Mühendisliği Yüksek Lisans Programı
    The aim of the this project is to develop a firewall which will have functionailities in a regular firewall also will have the missing functions like configuring firewall from any platform and any location via internet or local network. In the beginning of this project information is collected about firewalls and firewalls were examined that work on Windows and Linux operating systems in order to see the differences. On linux operating system source kernel allowed us to implement packet filtering firewall. IPWALL is a firewall which can be used as a gateway firewall also it can be used to secure a local area network. IPWALL key features are stablity, web-based interface which allows configuring firewall form any operating system; it is highly configurable and easy maintainable Linux Firewall. IPWALL communicates with kernel to check and manage network security with packet filtering. By web-based interface IPWALL provides easy and advanced configurable options for novice and expert users. The aim is to continue our improvements on IPWALL as gateway firewall and IPCUBE as personel firewall an share our knowledge of this project in open source community.
  • Küçük Resim
    Yayın
    Performance and security issues in e-payment systems: pay on-line case
    (Işık Üniversitesi, 2006-06) Karahasan, Orhan; Kuru, Selahattin; Işık Üniversitesi, Fen Bilimleri Enstitüsü, Bilgisayar Mühendisliği Yüksek Lisans Programı
    In this thesis, we report an experience on Performance and Security issues in E-Payment systems. We develop an E-Payment system which covers all introduced performance and security measures written in this thesis. We also compare different types of means that can be used in E-Payment systems. We mentioned different types of network architectures, and their benefits and drawbacks for E-Payment systems. An example e-payment system called Pay ON-LINE is developed with the proposed security and performance architectures. This system is in use in Şile campus of Isik University.
  • Küçük Resim
    Yayın
    Ipcube personal firewall on linux
    (Işık Üniversitesi, 2004-06) Pamukçu, Örge Anıl; Koç, Çetin Kaya; Işık Üniversitesi, Fen Bilimleri Enstitüsü, Bilgisayar Mühendisliği Yüksek Lisans Programı
    The aim of this project is to developing a personal firewall which will have functionalities in a regular firewall also will have the missing functions like configuring firewall from any platform and any location via internet or local network. There is no many user-friendly personal firewalls works on Linux operating system. In the beginning of this study differences and common properties of firewalls examined. IPCUBE is designed and developed to collect good features of firewalls on a personal firewall. It provides stable, secure open sourced, web- based, highly configurable and easy maintained Linux Firewall. IPCUBE is designed on Iptable future of Linux. It uses Iptable commands to check and manage network with packet filtering concept. Its web-based console provides easy and highly configurable options to the non-technic users. All of the TPCUBE's functionalities can be managed on this web-based console. The aim is to continue our improvements on IPWALL as gateway firewall and IPCUBE as personal firewall and share our knowledge of this project in open source community.
  • Küçük Resim
    Yayın
    21 st century university campus internetworking infrastructure
    (Işık Üniversitesi, 2003-07) Büyüktopçu, Hakan; Aksen, Ahmet; Işık Üniversitesi, Fen Bilimleri Enstitüsü, Bilgisayar Mühendisliği Yüksek Lisans Programı
    In the thesis, we study emerging technologies for a University Campus Internetworking Infrastructure including wireless communication standards. Basicly, Internetworking is a collection of data networking technologies including Local Area Network (LAN), Wide Area Network (WAN) and Data Network Security. A LAN is a high-speed data network that covers a relatively small geographic area. It typically connects workstations, personal computers, printers, servers and other devices. LANs offer computer users mmany advantages, including shared access to devices and applications, file exchange between connected users, and communication between users via electronic mail and other applications.Wireless LAN (WLAN) is an emerging technology providing mobility and efficiency. A WAN is a data communications network that covers a relatively broad geographic area and that often uses transmission facilities provided by common carriers, such as telephone companies. WAN technologies generally function at the lower three layers of the OSI reference model: the physical layer, the data link layer, and the network layer. WAN includes several protocols and technologies. WAN also covers wired and wireless transmission methods. With the rapid growth of interest in the Internet, network security has become a major concern to companies throughout the world. The fact that the information and tools needed to penetrate the security of corporate networks are widely avaliable has increased that concern. Because of this increased focus on network security, several security issues(Firewall, IDS, Virus Protection, URL Filtering etc...) that arise when connecting a private network to the Internet are developed. All core practices and the proposed ones are applied to the Case Study for Işık University new Sile Campus Internetworking Infrastructure Design.