Filtreler

Filtreleri Sıfırla

Ayarlar

search.filters.applied.f.publicationcategory: Tez × Konu: Security ×

Arama Sonuçları

Listeleniyor 1 - 7 / 7
  • Küçük Resim
    Yayın
    Security analysis of coap and dtls protocols for internet of things applications
    (Işık Üniversitesi, 2019-08-26) Gürkan, Ali Tunca; Tüysüz Erman, Ayşegül; Işık Üniversitesi, Fen Bilimleri Enstitüsü, Bilgisayar Mühendisliği Yüksek Lisans Programı
    Internet of Things is a very fast growing area. Its requirements and related technologies are changing from day to day. In Internet of Things, devices can communicate with each other with different messaging protocols. The latest messaging protocols are well developed, but they are too heavy to be run on devices developed with old technology. Therefore, these devices have to be operated with old-fashioned protocols. This makes devices vulnerable to security risks. CoAP is a newly developed messaging protocol for constrained devices used in Internet of Things applications. The protocol is a variant of HTTP, so it has similar speci cations. CoAP does not have an embedded security mechanism. Therefore, another protocol called DTLS is used on top of it to provide security. DTLS has powerful functions like handshaking and session processes; however, it is weak against DoS attacks. In this study, we develop a security extension for Internet of Things devices using CoAP with DTLS for secure messaging. DTLS applies handshaking process for every received request. The handshaking process is the most time and resource consuming part of the communication. We propose a security extension to prevent unnecessary messaging during handshaking process of an attacker device that sends a lot of unauthenticated requests. When a client sends requests to a server that has the proposed security extension, the server counts unsuccessful handshaking processes for each client. If the count passes a limit of suspicious requests, the security extension on server adds the client's IP address into a banned IPs list. Until the expiration time, the server does not accept any request from the banned IP address. Our proposed security extension is tested in different scenarios to examine the effects on the network. The results of the experiments show that the enhanced security extension decreases delays on the network and it is helpful for communication between authenticated devices.
  • Küçük Resim
    Yayın
    Ipwall design and implementation of a gateway frewall on linux
    (Işık Üniversitesi, 2004) Durak, Erdem; Yarman, Bekir Sıddık Binboğa; Işık Üniversitesi, Fen Bilimleri Enstitüsü, Bilgisayar Mühendisliği Yüksek Lisans Programı
    The aim of the this project is to develop a firewall which will have functionailities in a regular firewall also will have the missing functions like configuring firewall from any platform and any location via internet or local network. In the beginning of this project information is collected about firewalls and firewalls were examined that work on Windows and Linux operating systems in order to see the differences. On linux operating system source kernel allowed us to implement packet filtering firewall. IPWALL is a firewall which can be used as a gateway firewall also it can be used to secure a local area network. IPWALL key features are stablity, web-based interface which allows configuring firewall form any operating system; it is highly configurable and easy maintainable Linux Firewall. IPWALL communicates with kernel to check and manage network security with packet filtering. By web-based interface IPWALL provides easy and advanced configurable options for novice and expert users. The aim is to continue our improvements on IPWALL as gateway firewall and IPCUBE as personel firewall an share our knowledge of this project in open source community.
  • Küçük Resim
    Yayın
    Performance and security issues in e-payment systems: pay on-line case
    (Işık Üniversitesi, 2006-06) Karahasan, Orhan; Kuru, Selahattin; Işık Üniversitesi, Fen Bilimleri Enstitüsü, Bilgisayar Mühendisliği Yüksek Lisans Programı
    In this thesis, we report an experience on Performance and Security issues in E-Payment systems. We develop an E-Payment system which covers all introduced performance and security measures written in this thesis. We also compare different types of means that can be used in E-Payment systems. We mentioned different types of network architectures, and their benefits and drawbacks for E-Payment systems. An example e-payment system called Pay ON-LINE is developed with the proposed security and performance architectures. This system is in use in Şile campus of Isik University.
  • Küçük Resim
    Yayın
    Ipcube personal firewall on linux
    (Işık Üniversitesi, 2004-06) Pamukçu, Örge Anıl; Koç, Çetin Kaya; Işık Üniversitesi, Fen Bilimleri Enstitüsü, Bilgisayar Mühendisliği Yüksek Lisans Programı
    The aim of this project is to developing a personal firewall which will have functionalities in a regular firewall also will have the missing functions like configuring firewall from any platform and any location via internet or local network. There is no many user-friendly personal firewalls works on Linux operating system. In the beginning of this study differences and common properties of firewalls examined. IPCUBE is designed and developed to collect good features of firewalls on a personal firewall. It provides stable, secure open sourced, web- based, highly configurable and easy maintained Linux Firewall. IPCUBE is designed on Iptable future of Linux. It uses Iptable commands to check and manage network with packet filtering concept. Its web-based console provides easy and highly configurable options to the non-technic users. All of the TPCUBE's functionalities can be managed on this web-based console. The aim is to continue our improvements on IPWALL as gateway firewall and IPCUBE as personal firewall and share our knowledge of this project in open source community.
  • Küçük Resim
    Yayın
    Dilemma between security and privacy on the internet
    (Işık Üniversitesi, 2005-07-31) Ayduran, Güven; Akçakaya, Ergül; Yarman, Bekir Sıddık Binboğa; Işık Üniversitesi, Fen Bilimleri Enstitüsü, Enformasyon Teknolojileri Yüksek Lisans Programı
    In this thesis, the following issues are discussed. Even in today society, it is hard to talk about security and privacy. And no one can imagine what will be structure of tomorrow society. We study what are the internet security systems and government security projects. Even we discuss that these systems effect to human rights and privacy. We define importance of cryptography and discuss relation with human rights. We examine internet privacy laws. We also study about George Orwell's book '1984' and consider similarity between novel and real life. We give information about intellectual property and its rights on the internet. We show that intellectual property rights are not enough to protect all properties and these rules are valid for some economic environments. We also discuss issue in instead of knowledge society, creates ignorance society. All these discussed and studied issues show big dilemma to us between security and privacy. The dilemma goes to a result that there is no security in today's society. Keywords: Security, privacy, internet security, internet privacy rights, cryptography, Orwell, intellectual property rights, knowledge society, ignorance society, internet and dilemma.
  • Küçük Resim
    Yayın
    21 st century university campus internetworking infrastructure
    (Işık Üniversitesi, 2003-07) Büyüktopçu, Hakan; Aksen, Ahmet; Işık Üniversitesi, Fen Bilimleri Enstitüsü, Bilgisayar Mühendisliği Yüksek Lisans Programı
    In the thesis, we study emerging technologies for a University Campus Internetworking Infrastructure including wireless communication standards. Basicly, Internetworking is a collection of data networking technologies including Local Area Network (LAN), Wide Area Network (WAN) and Data Network Security. A LAN is a high-speed data network that covers a relatively small geographic area. It typically connects workstations, personal computers, printers, servers and other devices. LANs offer computer users mmany advantages, including shared access to devices and applications, file exchange between connected users, and communication between users via electronic mail and other applications.Wireless LAN (WLAN) is an emerging technology providing mobility and efficiency. A WAN is a data communications network that covers a relatively broad geographic area and that often uses transmission facilities provided by common carriers, such as telephone companies. WAN technologies generally function at the lower three layers of the OSI reference model: the physical layer, the data link layer, and the network layer. WAN includes several protocols and technologies. WAN also covers wired and wireless transmission methods. With the rapid growth of interest in the Internet, network security has become a major concern to companies throughout the world. The fact that the information and tools needed to penetrate the security of corporate networks are widely avaliable has increased that concern. Because of this increased focus on network security, several security issues(Firewall, IDS, Virus Protection, URL Filtering etc...) that arise when connecting a private network to the Internet are developed. All core practices and the proposed ones are applied to the Case Study for Işık University new Sile Campus Internetworking Infrastructure Design.
  • Küçük Resim
    Yayın
    Parola karma algoritmalarının derinlemesine karşılaştırması: kriptografik güvenlik, performans etkinliği, regülasyon uyumluluğu ve anahtar türetim stratejilerinde gelecek eğilimler
    (Işık Üniversitesi, Lisansüstü Eğitim Enstitüsü, 2025-06-30) Ulutaş, Erdem; Çeliktaş, Barış; Işık Üniversitesi, Lisansüstü Eğitim Enstitüsü, Siber Güvenlik Yüksek Lisans Programı; Işık University, School of Graduate Studies, Master’s Program in Cybersecurity
    Parola karma ve anahtar türetme fonksiyonlarının uygulanması, kullanıcı kimlik bilgilerinin kaba kuvvet saldırılarına ve yetkisiz erişime karşı korunmasını amaçlayan kimlik doğrulama ve kriptografik güvenlik şemalarının temelini oluşturmaktadır. PBKDF2, bcrypt ve scrypt gibi parola karma algoritmaları günümüzde oldukça popüler olmasına rağmen modern donanımdaki gelişmeler, paralel işlem yetenekleri ve gelişmiş kriptoanalitik saldırılar karşısında yetersiz kalmaktadır. Bu eksiklikleri gidermek amacıyla, 2013 yılında parola karma yarışması başlatılmış ve parola karma için 22 aday fonksiyonel değerlendirmeye alınmıştır. Yapılan kapsamlı incelemeler sonucunda, güvenlik, hız, bellek dostu olma, esneklik ve verimlilik kriterlerine dayanarak 9 finalist belirlenmiştir. Bu çalışma, parola karma yarışması finalistleri olan Argon, battcrypt, Catena, Lyra2, MAKWA, Parallel, POMELO, Pufferfish ve yescrypt üzerine yapılan derleme ve performans değerlendirme çalışmalarını ele almaktadır. Finalistler mimari açıdan değerlendirilmiş, güvenlik özellikleri, bellek kullanım dayanıklılığı, performans açısından avantaj ve dezavantajları ayrıca pratik kullanımları incelenmiştir. Bu yeni fonksiyonların geleneksel parola karma algoritmaları ile kıyaslanarak eksiklikleri ve avantajları ortaya konmuştur. Parola karma algoritmalarının kuantum sonrası dayanıklılığı ele alınarak, bu fonksiyonların kuantum saldırılarına karşı dayanıklılığı ve ek bir güvenlik önlemi olarak kullanılan "peppering" tekniğinin rolü araştırılmıştır. Ayrıca parola karma yarışması finalistlerinin NIST SP 800-63B, OWASP ASVS, PCI DSS, GDPR, KVKK ve ISO/IEC 27001 gibi küresel standartlar ve regülasyonlarla olan uyumluluklarını kapsamlı bir şekilde haritalandırılarak, regülasyonlara uyumlu olması gereken organizasyonlarda güvenli dağıtım için pratik uygunlukları değerlendirilmiştir. Son olarak, web kimlik doğrulaması, anahtar türetme fonksiyonları ve gömülü platformlar için bu fonksiyonların kullanımına yönelik öneriler sunulmuştur. Bu çalışmanın amacı, en güncel parola karma ve anahtar türetme fonksiyonları hakkında bilgi sahibi olması gereken araştırmacılar, geliştiriciler ve güvenlik mühendisleri için bir referans kaynağı olmaktır.