Master Degree / Yüksek Lisans Tezleri

Permanent URI for this collectionhttps://hdl.handle.net/11147/3008

Browse

Filters

2016 - 20193

Settings

Author: search.filters.author.Tomur, Emrah

Search Results

Now showing 1 - 3 of 3
  • Master Thesis
    Extended Topology Analysis of a Detection Mechanism Implementation Against Botnet Based Ddos Flooding Attack in Sdn
    (Izmir Institute of Technology, 2019) Karakış, Emre; Erten, Yusuf Murat; Tomur, Emrah
    When SDN comes up as a new technology, while it also brings many benefits such as high availability, scalability and performance, it also brings us new vulnerabilities that is targeted by attackers. Botnet Based DDoS Flooding Attacks have been one of the major problems for service provider networks who encountered these repeatedly since the first DDoS came into existence in the early 2000’s. In this thesis, we mainly concentrate on the source-based detection approach against Botnet Based DDoS Flooding Attack by combining the strength of SDN and s-Flow-RT technology. The main purpose of this research is to detect Botnet Based DDoS Flooding Attack that can also be performed in distributed SDN environments by using a similar approach with an available detection mechanism which is not implemented previously on an extended network with more network elements in order to observe whether the obtained successful results on the small network are compatible with a result obtained on this research. This study also includes a detection application using previously studied detection approach based on statistical inference model. The detection application is tested on virtual environments by organizing a Botnet Based DDoS Flooding Attacks on a predefined source node and then test results show that the mechanism could effectively detect the attack.
  • Master Thesis
    Context Aware Role Based Access Control Model for Internet of Things Applications
    (Izmir Institute of Technology, 2018) Genç, Didem; Erten, Yusuf Murat; Tomur, Emrah
    As the day goes on, both the academic and industrial studies related with IoT is increasing with the advance of technology, and this progresses require development of new security approaches aiming this domain. Despite the presence of many studies interested in security of IoT applications, they are just the implementation of currently security methods to IoT scenarios. IoT applications contain the interaction of different kinds of vast amount of thing(computer, process, people, service etc.). Therefore it is going to be inadequate and inefficient to try defining the interaction between these things, and providing security through execution of predefined static security policies. By considering these problems, we can conclude that new generation IoT needs an security mechanism which must offer fine-grained and dynamic access control. In the scope of this thesis, we design a context-aware role based access control model that provides dynamism by using attribute based access control model’s attribute function, and fine-granularity with usage of context term, by considering the security needs of IoT domain.
  • Master Thesis
    Privacy Preservation on Mobile Systems Using Context-Aware Role Based Accss Control
    (Izmir Institute of Technology, 2016) Abdella, Juhar Ahmed; Özuysal, Mustafa; Tomur, Emrah; Özuysal, Mustafa; Tomur, Emrah
    Existing mobile platforms require the user to manually grant and revoke permissions to applications. Once the user grants a given permission to an application, the application can use it without limit unless the user manually revokes the permission. This has become the reason for a lot of privacy problems. One of the solutions suggested by a lot of researchers is Context Aware Access Control (CAAC). However, dealing with policy configurations at permission level becomes very complex as the number of policy rules to configure will become very large. For instance, if there are A applications, P permissions and C contexts, the user may have to deal with A x P x C number of policy configurations. Therefore, we propose a Context-Aware Role-Based Access Control (CA-RBAC) model that can provide dynamic permission granting and revoking while keeping the number of policy rules as small as possible. We demonstrate our model based on Android. In our model, Android applications are assigned roles where roles contain a set of permissions and contexts are associated with permissions. Permissions are activated and deactivated for the containing role based on the associated contexts. Our approach is unique in that our system associates contexts with permissions as opposed to existing similar works which associate contexts with roles. As a proof of concept, we have developed a prototype application called CA-ARBAC (Context-Aware Android Role Based Access Control). We have also performed various tests using our application and the result shows that our model is working as desired.