Security and Privacy

Security and Privacy

LISTEN
Albert Levi
Albert Levi
  • Computer and Network Security
    Wormhole Attack Scenario

    Securing computing and cyber systems is a challenging task under different types of attacks from various malicious sources. Measures to be taken against these threats and attacks require a wide range of techniques from cryptography to data analysis. We conduct high-quality research on providing enhanced security and privacy for different types of wired/wireless systems, networks and applications in the following focused sub-areas:

    Computer and Network Security
    • Security and privacy in wireless and wired networks including sensor networks, RFID (Radio Frequency Identification) systems and wireless mesh networks
    • Security and privacy in Body Area Networks (BANs) and mobile health
    • Security and privacy in cyberphysical systems and the Internet of Things (IoT)
    • Email and web security
    • Privacy-enhanced system security
    • Digital cash and secure banking applications
    Further Information
Berrin Yanıkoğlu
Berrin Yanıkoğlu
  • Biometrics
    Biometrics

    Biometric authentication uses a person's biometric features (face, fingerprint, signature etc.) to verify his/her identity. State-of-the-art error rates are very low, less than 2% for fingerprints and signature, and even less for iris verification. An emerging topic in biometrics is privacy concerns related to the use of biometrics. Our group is actively working on signature, fingerprint, and voice verification methods, as well as the new privacy schemes (fuzzy vault, multi-biometrics etc.)

Erkay Savaş
Erkay Savaş
  • Cryptography and Hardware Security
    Processing Encrypted Data without Decryption

    Homomorphic encryption technologies allow processing of encrypted data without the decryption key. In an era of cloud computing, IT outsourcing and big data collection, where privacy and security become of utmost concern, homomorphic encryption is a key technology to meet the novel security and privacy challenges. While a powerful cryptographic primitive, homomorphic encryption is in its infancy and prohibitively slow for practical applications. Our research activities focus on, but are not limited to, the following areas:

    • Acceleration of homomorphic encryption technologies using parallelization in such computing platforms as multi-core general purpose processors, graphical processing units (GPU) and hardware (e.g., FPGA).
    • Design and implementation of advanced cryptographic primitives based on homomorphic encryption such as attribute-based encryption, predicate-based encryption, and cryptographic software obfuscation.
    • Design and development of privacy-preserving applications based on homomorphic encryption primitives such as searchable encryption, privacy-preserving key search, document similarity, machine learning techniques, and in general privacy-preserving cyber-security applications.
Yücel Saygın
Yücel Saygın
Privacy Preserving Data Management

Knowledge Discovery and Data Mining has a lot of applications in personal data analysis which may contain sensitive information that is protected with law and regulations. Protecting sensitive data while performing data analysis or data publishing is crucial especially in the context of Big Data. My research includes data anonymization and privacy preserving data mining. Currently I am interested in privacy preserving data management for complex data.

Cemal Yılmaz
Cemal Yılmaz
Software Security

Cyberattacks, which have been proven to be quite costly, are carried out against computing systems with the goal of destroying, disabling, altering, exposing, and/or stealing information through unauthorized channels.

Our broad research interest in Software Engineering Research Group (SUSOFT) is on detection, isolation, and prevention of cyberattacks at runtime. To this end, we develop practical approaches and tools, combining data-driven, dynamic program analyses with a wide spectrum of artificial intelligence approaches. One particular focus we have is on side-channel attacks, which operate by analyzing the information unintentionally leaked by computing systems to infer some secret information.
Associated Faculty Members from other programs are shown in italics