Browsing by Author "Ermis, Orhan"

Filter results by typing the first few letters
Now showing 1 - 2 of 2
  • Thumbnail Image
    Article
    Citation - WoS: 1
    Citation - Scopus: 1
    Analytical models for the scalability of dynamic group-key agreement protocols and secure file sharing systems
    (Association for Computing Machinery acmhelp@acm.org, 2019) Gokcan Cantali; Orhan Ermiş; Mehmet Ufuk Çaĝlayan; Cem Ersoy; Ermis, Orhan; Çaglayan, Mehmet Ufuk; Ersoy, Cem; Cantali, Gokcan
    Dynamic group key agreement protocols are cryptographic primitives to provide secure group communications in decentralized and dynamic networks. Such protocols provide additional operations to update the group key while adding new participants into the group and removing existing participants from the group without re-executing the protocol from the beginning. However the lack of scalability emerges as one of the most significant issues of dynamic group key agreement protocols when the number of participants in the group increases. For instance frequent participant join requests for large groups may cause an effect similar to a Distributed Denial of Service (DDoS) attack and violate the system availability due to the increase in group key update time. Therefore analyzing the scalability of dynamic group key agreement protocols is crucial to detect conditions where the system becomes unavailable. In this article we propose an analytical performance model to evaluate the scalability of dynamic group key agreement protocols by using queueing models. We also extend our performance model for evaluating the scalability of secure file sharing systems that utilize group key agreement protocols. Moreover we present a demonstrative use case to show the applicability of our performance model on an example group key agreement protocol and a secure file sharing system. © 2019 Elsevier B.V. All rights reserved.
  • Thumbnail Image
    Conference Object
    Citation - WoS: 3
    Citation - Scopus: 5
    Trust Enhanced Security for Routing in SDN
    (IEEE, 2022) Nurefsan Sertbas Bulbul; Orhan Ermis; Serif Bahtiyar; M. Ufuk Caglayan; Fatih Alagoz; Bulbul, Nurefsan Sertbas; Ermis, Orhan; Bahtiyar, Serif; Caglayan, M. Ufuk; Alagoz, Fatih
    Software Defined Networking (SDN) paradigm is the redefinition of conventional networks based on the use of programmable entities together with a clear separation between the data plane and the control plane. The idea behind this new paradigm is to achieve a more flexible network architecture and better management capabilities. However with all these advantages it has been experienced that SDNs are open to new security threats and unfortunately current technologies are not mature enough to overcome those vulnerabilities. As an example we can consider the detection of the compromised switches in the network. Since switches are programmable entities in SDN they are the potential targets for attackers. When a switch is compromised the attacker can use this switch to deploy incorrect packet forwarding and unsubstantiated packet dropping attacks. Current SDN protocols are not able to detect such kinds of attacks in the network and hence the whole network traffic can be affected in the end. One particular assumption is to use an approach that reflects the trust level of switches in the network for the detection of a compromised one. Therefore in this paper we propose Trust Enhanced Security (TES) for routing in SDN. The proposed approach provides three different trust computations to find the most suitable trust level for different states of a network. To show the applicability of the proposed approach we demonstrate a set of simulations based on the detection of compromised switches. Simulation results show that the proposed model operates effectively to detect and eliminate compromised nodes while selecting secure paths.