Security and Privacy

Security and Privacy

Albert Levi
Albert Levi
  • Computer and Network Security
    Wormhole Attack Scenario

    Securing computing and cyber systems is a challenging task under different types of attacks from various malicious sources. Measures to be taken against these threats and attacks require a wide range of techniques from cryptography to data analysis. We conduct high-quality research on providing enhanced security and privacy for different types of wired/wireless systems, networks and applications in the following focused sub-areas:

    Computer and Network Security
    • Security and privacy in wireless and wired networks including sensor networks, RFID (Radio Frequency Identification) systems and wireless mesh networks
    • Security and privacy in Body Area Networks (BANs) and mobile health
    • Security and privacy in cyberphysical systems and the Internet of Things (IoT)
    • Email and web security
    • Privacy-enhanced system security
    • Digital cash and secure banking applications
    Further Information
Berrin Yanıkoğlu
Berrin Yanıkoğlu
  • Biometrics

    Biometric authentication uses a person's biometric features (face, fingerprint, signature etc.) to verify his/her identity. State-of-the-art error rates are very low, less than 2% for fingerprints and signature, and even less for iris verification. An emerging topic in biometrics is privacy concerns related to the use of biometrics. Our group is actively working on signature, fingerprint, and voice verification methods, as well as the new privacy schemes (fuzzy vault, multi-biometrics etc.)

Erkay Savaş
Erkay Savaş
  • Cryptography and Hardware Security
    Processing Encrypted Data without Decryption

    Homomorphic encryption technologies allow processing of encrypted data without the decryption key. In an era of cloud computing, IT outsourcing and big data collection, where privacy and security become of utmost concern, homomorphic encryption is a key technology to meet the novel security and privacy challenges. While a powerful cryptographic primitive, homomorphic encryption is in its infancy and prohibitively slow for practical applications. Our research activities focus on, but are not limited to, the following areas:

    • Acceleration of homomorphic encryption technologies using parallelization in such computing platforms as multi-core general purpose processors, graphical processing units (GPU) and hardware (e.g., FPGA).
    • Design and implementation of advanced cryptographic primitives based on homomorphic encryption such as attribute-based encryption, predicate-based encryption, and cryptographic software obfuscation.
    • Design and development of privacy-preserving applications based on homomorphic encryption primitives such as searchable encryption, privacy-preserving key search, document similarity, machine learning techniques, and in general privacy-preserving cyber-security applications.
Yücel Saygın
Yücel Saygın
Privacy Preserving Data Management

Knowledge Discovery and Data Mining has a lot of applications in personal data analysis which may contain sensitive information that is protected with law and regulations. Protecting sensitive data while performing data analysis or data publishing is crucial especially in the context of Big Data. My research includes data anonymization and privacy preserving data mining. Currently I am interested in privacy preserving data management for complex data.

Mehmet Keskinöz
Mehmet Keskinöz
  • Multimedia Security and Information Hiding
    Multimedia Security and Information Hiding

    With the fast development of Internet, the need to create, store and distribute the digital multimedia gets more and more increasing. This raises, however, security concerns since multimedia is highly vulnerable to the illegal copying, distribution, manipulations and other attacks. To remedy these security issues, the idea of “the digital watermarking” and “stenography” have been introduced where the secret information is carried over the host signal.For example one can embed;

    • Road map into the image
    • Digital signature into the speech to prevent from illegal copying
    • Logo into the video
    • The name of the patient into the X-ray reports and MRI Scans
    • Embed watermark into text document to ensure that it is not changed

    In communication theory and technologies (CTT) group at Sabanci, which is supervised by Dr. Keskinoz, conduct research to develop practical and efficient algorithms for the multimedia and information hiding.

  • Secure Biometric Autentication Using Correlation Filters:

    Biometric person identification and verification is a promising methodology for authentication applications. However, there are many issues that need to be addressed to ensure the security of biometric templates in biometric authentication systems. One such aspect is the cancelability of a biometric. For example, consider a scenario where a biometric template is stored on a card for authenticating a user. What happens when that card with the user’s biometric template is lost or stolen? How does one cancel the lost or stolen card and re-issue a new biometric card for that person? In order to protect the user’s biometric templates from possible hacking and to ensure cancelability, the templates must be encrypted. Then in case of theft or loss, a different encrypted biometric template can be issued from the same original biometric pattern. Recent work in using advanced correlation filters has shown promise for biometric verification. Correlation filter methods offer advantages such as shift-invariance and graceful degradation.

    In communication theory and technologies (CTT) group at Sabanci, which is supervised by Dr. Keskinoz, conduct research to devise new correlation filters and/or techniques based on correlation filters for the purpose of developing secure biometric authentication systems.

    Further Information
Cemal Yılmaz
Cemal Yılmaz
Software Security

Cyberattacks, which have been proven to be quite costly, are carried out against computing systems with the goal of destroying, disabling, altering, exposing, and/or stealing information through unauthorized channels.

Our broad research interest in Software Engineering Research Group (SUSOFT) is on detection, isolation, and prevention of cyberattacks at runtime. To this end, we develop practical approaches and tools, combining data-driven, dynamic program analyses with a wide spectrum of artificial intelligence approaches. One particular focus we have is on side-channel attacks, which operate by analyzing the information unintentionally leaked by computing systems to infer some secret information.
Associated Faculty Members from other programs are shown in italics