Yağci, Hüseyin

Profile Picture
Profile URL
https://gcris.yasar.edu.tr/handle/123456789/12760
Name Variants
Job Title
Araş.Gör.
Email Address
Main Affiliation
01.01.09.03. Endüstri Mühendisliği Bölümü
Status
Former Staff
Website
ORCID ID
Scopus Author ID
57203115619
Turkish CoHE Profile ID
Google Scholar ID
WoS Researcher ID

Sustainable Development Goals

SDG data is not available
Documents

2

Citations

0

h-index

0

Go to Scopus profile
This researcher does not have a WoS ID.
Scholarly Output

2

Articles

0

Views / Downloads

0/0

Supervised MSc Theses

0

Supervised PhD Theses

0

WoS Citation Count

0

Scopus Citation Count

0

Patents

0

Projects

0

WoS Citations per Publication

0.00

Scopus Citations per Publication

0.00

Open Access Source

0

Supervised Theses

0

JournalCount
15th European Conference on Cyber Warfare and Security ECCWS 20161
16th European Conference on Cyber Warfare and Security ECCWS 20171
Current Page: 1 / 1

Scopus Quartile Distribution

Quartile distribution chart data is not available

Competency Cloud

GCRIS Competency Cloud

Filters

2016 - 20172
Reset filters

Settings

Scholarly Output Search Results

Now showing 1 - 2 of 2
  • Thumbnail Image
    Conference Object
    A parallel cyber universe: Botnet implementations over TOR-like networks
    (Curran Associates Inc., 2017) Hüseyin Yaǧci; Cagatay Yucel; Ahmet Hasan Koltuksuz; Yüce, Çaǧatay; Yaǧci, Hüseyin; Koltuksuz, Ahmet; M. Scanlon , N.-A. Le-Khac
    The first bot implemented in the history of computers was the Eggdrop (Fisher J 1998). The first instance of this kind was benign, it was an automated management tool for Internet Relay Chat (IRC) rooms. It wasn't much later when Internet users experienced the first botnet attack. The GTbot family was the first known malicious automated attack network on IRCs (Bächer et al. 2009) and new era for bots had begun. Botnets can be practically defined as a network of infected smart devices. As a result of the infiltration attacks made on a victim's computer with different malwares and zero-day attacks the control of the computer is confiscated without the victim being aware of it. Confiscated machines are connected to Command and Control (C&C) centers. In the case of a single infection this attack is nothing more than a data theft or privilege escalation. However when the number of the infected devices scales up to thousands the attack becomes a mass destruction weapon on global companies' networks. Amazon Spotify Twitter and many more companies were affected by DDoS attacks by the Mirai botnet in October 2016 (Allison Nixon John Costello 2016). The Mirai botnet was conducted by a malicious network utilizing the IoT devices. Moreover an even worse fact was the announcement of more similar botnet attacks after that October (Paganini 2016 Anon 2016). Today honeypot-based signature-based and host-based defenses as well as active and passive monitoring techniques are being developed against botnets (Silva et al. 2013). Botnets are fighting back for their existence by using binary obfuscation fast-flux networks domain generation algorithm (DGA) techniques and polymorphism while ciphering IP spoofing multi-hopping and email spoofing (Rodríguez-Gómez et al. 2013 Wang et al. 2016). Another important technique for botnets is to utilize The Onion Routing (TOR) networks where the communication scheme of the bot network is anonymized in the layers of the TOR scheme. The name of this network comes from a reference to the multi-layered structure of an onion. This research presents a novel implementation of a hidden botnet mechanism over like networks to The Onion Routing (TOR) ones. The focus is on creating parallel cyber universes with TOR-like structures and hiding the existence of the botnets in the blind range of the Internet. The design of such a network and the attack vector is explained in detail for the first time in the literature. © 2023 Elsevier B.V. All rights reserved.
  • Thumbnail Image
    Conference Object
    Clandestine cell based honeypot networks
    (Curran Associates Inc., 2016) Cagatay Yucel; Ahmet Hasan Koltuksuz; Hüseyin Yaǧci; Yucel, Cagatay; Yagci, Huseyin; Koltuksuz, Ahmet; R. Koch , G.D. Rodosek
    A Clandestine Cell is a type of an intelligence organization where a cell only knows the immediate superior and the associated members of itself. This kind of organizational structure is used by intelligence agencies throughout the world to provide security against a breach thus ensuring the safety of the members. This well-known intelligence organization is applied to solve an advanced cyber security issue. A relatively new kind of a cyber threat known as an Advanced Persistent Threat (APTs) has been around for some time now Stuxnet being the very first identified. There are several points to consider when identifying the characteristics of an APT such as the aim its interactions with Internet way of collecting information operations they do disrupt and concealment mechanisms utilized. An important aspect is whether it is statistically analyzable or dynamically identifiable that its communication patterns need to be inspected to identify the characteristics. The traces of an APT might be identified this way. In this research a honeypot network with a communication policy based on a clandestine cell is introduced. Each honeypot only knows a hub. And a hub only knows the main malware analysis server. By utilizing this approach the communications are hidden from possible attackers without compromising the main server. In each honeypot server dead-ends are created and implemented in the honeypot servers. Advantages and ramifications are discussed regarding the types of malware. It is aimed to create yet another taxonomy of malware regarding the network activities as they are being trapped by our introduced honeypot network. A clandestine cell format is one of its kind within organizations. This is the very first time that such kind of format is being applied to honeypot design for APT hunting. This is the paper in which an intelligence organizational structure meets with a network architecture in order to solve a very hard to crack cyber security problem. The idea itself is a new and untried one. © 2023 Elsevier B.V. All rights reserved.