Person:
ÇAKMAKCİ, Kübra Kalkan

Profile Picture

Email Address

Birth Date

WoSScopusGoogle ScholarORCID

Name

Job Title

First Name

Kübra Kalkan

Last Name

ÇAKMAKCİ
OrgUnit Logo
Organizational Unit

Filters

2020 - 202412
Reset filters

Settings

Publication Search Results

Now showing 1 - 10 of 12
  • Placeholder
    Conference ObjectPublicationMetadata only
    BCPriPIoT: BlockChain utilized privacy-preservation mechanism for IoT devices
    (IEEE, 2021) Kashif, Muhammad; Çakmakçı, Kübra Kalkan; Computer Science; ÇAKMAKCİ, Kübra Kalkan; Kashif, Muhammad
    Security and privacy are the primary concerns for IoT devices but because of their inherent limitation both in terms of processing and energy, IoT devices cannot be deployed at their full scale. To alleviate such security and privacy issues, the interaction of blockchain with IoT systems has acquired significant attention these days because blockchain has presented an underlying mechanism of immutability, audibility, and transparency for data storage. However due to the intrinsic nature of a blockchain containing complex mathematical proof concepts such as Merkle Hash Tree and Proof of Work (PoW) which demands high computation power making it less viable for IoT devices to be connected with. To overcome these issues, a novel scheme is proposed in this paper, which deploys private by design based blockchain architecture for IoT devices using low complex consensus algorithm and low computation cryptographic mechanism which suits best for IoT devices to address the privacy concerns. Unlike the traditional blockchain network in which every node maintained a copy of the transaction, we have proposed a new architecture in which block validation and block generation logic has been modified so that a transaction will be limited to the trusted recipient only. The proposed scheme outperforms the contemporary approaches both in terms of throughput and latency as observed through simulation results as well as maintaining the privacy concerns which will encourage the actual implementation of IoT applications in the real world. Moreover, the evaluation analysis demonstrate that the approach has major potential in a trusted network computing system and provides a substantial secure environment for IoT users.
  • Placeholder
    ArticlePublicationMetadata only
    CWT-DPA: Component-wise waiting time for BC-enabled data plane authentication
    (Elsevier, 2022-11-24) Latah, Majd; Çakmakçı, Kübra Kalkan; Computer Science; ÇAKMAKCİ, Kübra Kalkan; Latah, Majd
    Software-Defined Networking (SDN) is a promising networking paradigm that brings central management and network programmability to improve existing networking systems. However, SDN has several security threats due to its untrusted control and data planes. Blockchain (BC) technology has recently provided a fault-tolerant, decentralized, and immutable ledger among untrusted parties. While the integration between SDN and BC enhances the security, it suffers from performance degradation when applied to SDN's data plane. In traditional BC-SDN approaches, such as our previous work DPSEC (Latah and Kalkan, 2020), every switch has to wait for the final commitment of each submitted transaction, which significantly decreases the performance of the BC-SDN model. In this work, we enhance the performance of BC-SDN data plane approaches by separating switch-related and host-related transactions and propose a different waiting strategy for each type of data plane transaction. We also propose a batching technique to enhance the average latency for high-load scenarios. In addition, SDN switches and controllers utilize lattice-based signatures and Key Encapsulation Methods (KEMs) to protect against quantum adversaries. We compare the performance of CWT-DPA with existing solutions such as SSL/TLSv1.3, DPSEC (Latah and Kalkan, 2020), and AuthFlow (Mattos and Duarte, 2016).
  • Placeholder
    Conference ObjectPublicationMetadata only
    SeCaS: Secure capability sharing framework for IoT devices in a structured P2P network
    (The ACM Digital Library, 2020-03-16) Aktypi, A.; Çakmakçı, Kübra Kalkan; Rasmussen, K. B.; Computer Science; ÇAKMAKCİ, Kübra Kalkan
    The emergence of the internet of Things (IoT) has resulted in the possession of a continuously increasing number of highly heterogeneous connected devices by the same owner. To make full use of the potential of a personal IoT network, there must be secure and effective cooperation between them. While application platforms (e.g., Samsung SmartThings) and interoperable protocols (e.g., MQTT) exist already, the reliance on a central hub to coordinate communication introduces a single-point of failure, provokes bottleneck problems and raises privacy concerns. In this paper we propose SeCaS, a Secure Capability Sharing framework, built on top of a peer-to-peer (P2P) architecture. SeCaS addresses the problems of fault tolerance, scalability and security in resource discovery and sharing for IoT infrastructures using a structured P2P network, in order to take advantage of the self-organised and decentralised communication it provides. SeCaS brings three main contributions: (i) a capability representation that allows each device to specify what services they offer, and can be used as a common language to search for, and exchange, capabilities, resulting in flexible service discovery that can leverage the properties on a distributed hash table (DHT); (ii) a set of four protocols that provides identification of the different devices that exist in the network and authenticity of the messages that are exchanged among them; and (iii) a thorough security and complexity analysis of the proposed scheme that shows SeCaS to be both secure and scalable.
  • Placeholder
    ReviewPublicationMetadata only
    When SDN and blockchain shake hands
    (Wiley, 2022-09) Latah, Majd; Çakmakçı, Kübra Kalkan; Computer Science; ÇAKMAKCİ, Kübra Kalkan; Latah, Majd
    A survey of recent efforts to combine SDN and BC shows promising results and points to directions for future research.
  • Placeholder
    ArticlePublicationMetadata only
    EPIoT: Enhanced privacy preservation based blockchain mechanism for internet-of-things
    (Elsevier, 2024-01) Kashif, Muhammad; Çakmakçı, Kübra Kalkan; Computer Science; ÇAKMAKCİ, Kübra Kalkan; Kashif, Muhammad
    With the increasing popularity of the Internet of things (IoT) and giving the end users the opportunity of collecting and analyzing the data by these IoT devices give rise to ultimate privacy concern and is attracting significant attention nowadays. These IoT devices may contain highly sensitive data and data sharing processes which may lead to security and privacy concerns. To surmount these issues, the interaction of IoT with blockchain for a secure transaction is accepted as a candidate solution. However, the innate behavior of blockchain containing complex mathematical proofs and consensus protocol requires high computational power making it less favorable for IoT devices to be connected with. Motivated by a private by-design framework and emphasizing greater control and setting of privacy preferences by the data owner, this paper complements our previous work on privacy preservation in IoT networks. In this paper, we design and propound a complete blockchain-based privacy-preserving framework by deploying service-oriented layers concepts and low computation cryptography, and a less complex consensus protocol to address the privacy concern. Moreover, this paper will unravel the complete end-to-end architecture of IoT-based blockchain purposely build for secure transactions in IoT networks. Security analysis is conducted using AVISPA tool to show that the proposed algorithms attain the desired security goals. This is followed by extensive simulation experiments and ultimate output results cultivating it much favorably for the deployment of IoT applications in real life.
  • Placeholder
    ArticlePublicationMetadata only
    Sorec: Self-organizing and resource efficient clustered blockchain network
    (Elsevier, 2023-09) Doğan, Orkun; Çakmakçı, Kübra Kalkan; Computer Science; ÇAKMAKCİ, Kübra Kalkan; Doğan, Orkun
    With the emergence of Industry 4.0, the features of the technologies that are utilized in broad range of areas are obliged to change according to the new necessities. Especially, the network requirements have to be adopted accordingly in terms of efficiency, transparency, faster pay-outs and asset security. The blockchain technology promises to fulfill the requirements these key aspects of networking impose with the advantages it provides. However, the technology has certain limitations regarding its scalability and its transaction throughput rate. The advantages in security provided by blockchain comes at a cost in terms of scalability and transaction throughput rate. In this paper, a novel decentralized and distributed network architecture is presented. With its novel approach the proposed architecture aims to address these issues with network scalability and to provide an increased transaction throughput rate. Without introducing any centralization with its clusters, the proposed architecture allows the network to utilize its resources much more efficiently and effectively, which allows the participants to focus their efforts on mining, increasing the performance of the network. The architecture also proposes a novel communication handling promoting bulk communications and random workload distribution over the entire network to reduce the bottlenecking that occurs on the peers. A comparison to other state-of-the-art works, namely Bitcoin [1] and Community Clustering [2], is also presented in this paper. The comparison of the collected data shows that the proposed architecture in this paper is able to reduce the overall network latency and provide an increase in the transaction throughout of the network.
  • Placeholder
    Conference ObjectPublicationMetadata only
    DPSec: A blockchain-based data plane authentication protocol for SDNs
    (IEEE, 2020-11-02) Latah, Majd; Çakmakçı, Kübra Kalkan; Computer Science; Alsmirat, M.; Jararweh, Y.; Aloqaily, M.; Ozkasap, O.; ÇAKMAKCİ, Kübra Kalkan; Latah, Majd
    Software-Defined Networking (SDN) is a promising networking architecture that enables central management along with network programmability. However, SDN brings additional security threats due to untrusted control and data planes. In this work, we focus on authenticating SDN's data plane since it can be exploited to attack SDN's control plane. As a result, the whole SDN network will be paralysed. On the other hand, Blockchain (BC) can be utilized to provide more secure data plane by introducing a fault-tolerant, decentralized and secure ledger without relying on any trusted third-party intermediaries. To this end, in this work we propose, DPSec, a consortium BC-based protocol for authenticating SDN's data plane including SDN switches and hosts. We also provide a proof-of-concept that demonstrates the applicability and feasibility of our protocol in SDNs. Finally, we present a security analysis that shows how DPSec can address several attacks against SDNs including CVE-2018-1000155 vulnerability [1] that targets SDN controllers due to the untrusted data plane.
  • Placeholder
    ArticlePublicationMetadata only
    TruSD: Trust framework for service discovery among IoT devices
    (Elsevier, 2020-09-04) Çakmakçı, Kübra Kalkan; Computer Science; ÇAKMAKCİ, Kübra Kalkan
    IoT provides an environment which enables access to a plethora of different services. In order to reach these services, devices need to decide if the providers are trustable or not. The decision to trust a node with whom one has not communicated earlier becomes more critical when the system has unrecoverable damages with inaccurate services. In this paper, we propose a framework which enables trusted communication among devices during service discovery. It focuses not only on the communication between the known devices but also the stranger communications which have not contacted earlier. Our framework works in a decentralized manner on top of a structured P2P network based on a Distributed Hash Table (DHT). In our system, for each device there are several nodes which are responsible for holding a trust value for this device. These responsible nodes are called Reference Holders for this device. By utilizing DHT, we propose a novel way of choosing Reference Holders that prevents the malicious nodes to control these nodes. Our protocols provide trust aggregation, service provision and feedback aggregation. In our threat model, attacker provides on-off, bad mouthing, ballot stuffing and selective attacks. We present closed form of probabilistic analysis and provide simulations that manage to give network-wide probabilistic security guarantees. Our results suggest that until 60% of the devices are captured, the results are perfect. Also, just three reference holders are enough to get accurate services through the network. Additionally, we analyze the framework in terms of memory, computational cost and communication overhead since we propose the framework for IoT devices. Due to these analysis, our framework is affordable for IoT devices.
  • Placeholder
    ArticlePublicationMetadata only
    SUTSEC: SDN Utilized trust based secure clustering in IoT
    (Elsevier, 2020-09-04) Çakmakçı, Kübra Kalkan; Computer Science; ÇAKMAKCİ, Kübra Kalkan
    Internet of Things (IoT) technology consists of huge number of heterogeneous devices that create enormous amount of data. Providing a robust communication for billions of devices is one of the most significant challenges for IoT environment. Thus, cluster based communication is preferable as it promotes scalability. We propose an SDN Utilized Secure Clustering mechanism (SUTSEC) that provides benign cluster heads for the groups by considering mobility, priority, power and trust. SDN’s inherited characteristics are leveraged for providing a dynamic secure selection. Additionally, secure key distribution is also considered in trusted clustering. During these security operations we considered several issues related to QoS and QoE such as energy efficiency, reliable communication, lower latency and user preferences awareness. We performed simulations of our proposal in order to show the percentage of compromised cluster heads. Our results suggest that despite half of the nodes are captured in the network, 70% of cluster heads are benign nodes in our model. This means that SUTSEC performs well in preventing the election of compromised nodes as cluster heads. Additionally, we provide analysis for compromised links and connectivity of nodes in order to show the performance of secure communication between clustered nodes.
  • Placeholder
    Conference ObjectPublicationMetadata only
    DiBLIoT: A distributed blacklisting protocol for iot device classification using the hashgraph consensus algorithm
    (IEEE Computer Society, 2022) Tarlan, Ozan; Şafak, I.; Çakmakçı, Kübra Kalkan; Computer Science; ÇAKMAKCİ, Kübra Kalkan; Tarlan, Ozan
    Industrial applications require highly reliable, secure, low-power and low-delay communications. However, wireless communication links in the industrial environment suffer from various channel impairments which can compromise the above requirements. This paper presents a new reliable blacklisting protocol for ensuring the Internet of Things (IoT) network security and mitigating the effects of interference caused by multipath Rayleigh fading using a distributed approach. The proposed blacklisting protocol is simulated over a distributed IoT network setup where flat Rayleigh fading disrupts Message Queuing Telemetry Transport (MQTT) communications. Distributed servers jointly decide in real-Time whether to blacklist a device after individually performing anomaly detection and submitting their results to the hashgraph network. The IoT devices are classified by a device fingerprinting method using various machine learning (ML) algorithms that are trained with real-Time packet capture data. The proposed blacklisting protocol is shown to increase the accuracy of blacklisting malignant devices from 42% to 82% as the number of servers increases from one to five for mixed attacks. It also achieves higher accuracies ranging between 47.2%-97.6% versus 47.4%-90.7% compared to the related work for Denial of Service (DoS) attacks. The proposed protocol is particularly suitable for the Industrial IoT (IIoT) in mitigating the effects of harsh communication environments in manufacturing facilities.