Person:
ÇAKMAKCİ, Kübra Kalkan

Profile Picture

Email Address

Birth Date

WoSScopusGoogle ScholarORCID

Name

Job Title

First Name

Kübra Kalkan

Last Name

ÇAKMAKCİ
OrgUnit Logo
Organizational Unit

Filters

2020 - 202412
Reset filters

Settings

Publication Search Results

Now showing 1 - 10 of 12
  • Placeholder
    Conference paperPublicationMetadata only
    BCPriPIoT: BlockChain utilized privacy-preservation mechanism for IoT devices
    (IEEE, 2021) Kashif, Muhammad; Çakmakçı, Kübra Kalkan; Computer Science; ÇAKMAKCİ, Kübra Kalkan; Kashif, Muhammad
    Security and privacy are the primary concerns for IoT devices but because of their inherent limitation both in terms of processing and energy, IoT devices cannot be deployed at their full scale. To alleviate such security and privacy issues, the interaction of blockchain with IoT systems has acquired significant attention these days because blockchain has presented an underlying mechanism of immutability, audibility, and transparency for data storage. However due to the intrinsic nature of a blockchain containing complex mathematical proof concepts such as Merkle Hash Tree and Proof of Work (PoW) which demands high computation power making it less viable for IoT devices to be connected with. To overcome these issues, a novel scheme is proposed in this paper, which deploys private by design based blockchain architecture for IoT devices using low complex consensus algorithm and low computation cryptographic mechanism which suits best for IoT devices to address the privacy concerns. Unlike the traditional blockchain network in which every node maintained a copy of the transaction, we have proposed a new architecture in which block validation and block generation logic has been modified so that a transaction will be limited to the trusted recipient only. The proposed scheme outperforms the contemporary approaches both in terms of throughput and latency as observed through simulation results as well as maintaining the privacy concerns which will encourage the actual implementation of IoT applications in the real world. Moreover, the evaluation analysis demonstrate that the approach has major potential in a trusted network computing system and provides a substantial secure environment for IoT users.
  • Placeholder
    ArticlePublicationMetadata only
    CWT-DPA: Component-wise waiting time for BC-enabled data plane authentication
    (Elsevier, 2022-11-24) Latah, Majd; Çakmakçı, Kübra Kalkan; Computer Science; ÇAKMAKCİ, Kübra Kalkan; Latah, Majd
    Software-Defined Networking (SDN) is a promising networking paradigm that brings central management and network programmability to improve existing networking systems. However, SDN has several security threats due to its untrusted control and data planes. Blockchain (BC) technology has recently provided a fault-tolerant, decentralized, and immutable ledger among untrusted parties. While the integration between SDN and BC enhances the security, it suffers from performance degradation when applied to SDN's data plane. In traditional BC-SDN approaches, such as our previous work DPSEC (Latah and Kalkan, 2020), every switch has to wait for the final commitment of each submitted transaction, which significantly decreases the performance of the BC-SDN model. In this work, we enhance the performance of BC-SDN data plane approaches by separating switch-related and host-related transactions and propose a different waiting strategy for each type of data plane transaction. We also propose a batching technique to enhance the average latency for high-load scenarios. In addition, SDN switches and controllers utilize lattice-based signatures and Key Encapsulation Methods (KEMs) to protect against quantum adversaries. We compare the performance of CWT-DPA with existing solutions such as SSL/TLSv1.3, DPSEC (Latah and Kalkan, 2020), and AuthFlow (Mattos and Duarte, 2016).
  • Placeholder
    Conference paperPublicationMetadata only
    SeCaS: Secure capability sharing framework for IoT devices in a structured P2P network
    (The ACM Digital Library, 2020-03-16) Aktypi, A.; Çakmakçı, Kübra Kalkan; Rasmussen, K. B.; Computer Science; ÇAKMAKCİ, Kübra Kalkan
    The emergence of the internet of Things (IoT) has resulted in the possession of a continuously increasing number of highly heterogeneous connected devices by the same owner. To make full use of the potential of a personal IoT network, there must be secure and effective cooperation between them. While application platforms (e.g., Samsung SmartThings) and interoperable protocols (e.g., MQTT) exist already, the reliance on a central hub to coordinate communication introduces a single-point of failure, provokes bottleneck problems and raises privacy concerns. In this paper we propose SeCaS, a Secure Capability Sharing framework, built on top of a peer-to-peer (P2P) architecture. SeCaS addresses the problems of fault tolerance, scalability and security in resource discovery and sharing for IoT infrastructures using a structured P2P network, in order to take advantage of the self-organised and decentralised communication it provides. SeCaS brings three main contributions: (i) a capability representation that allows each device to specify what services they offer, and can be used as a common language to search for, and exchange, capabilities, resulting in flexible service discovery that can leverage the properties on a distributed hash table (DHT); (ii) a set of four protocols that provides identification of the different devices that exist in the network and authenticity of the messages that are exchanged among them; and (iii) a thorough security and complexity analysis of the proposed scheme that shows SeCaS to be both secure and scalable.
  • Placeholder
    ReviewPublicationMetadata only
    When SDN and blockchain shake hands
    (Wiley, 2022-09) Latah, Majd; Çakmakçı, Kübra Kalkan; Computer Science; ÇAKMAKCİ, Kübra Kalkan; Latah, Majd
    A survey of recent efforts to combine SDN and BC shows promising results and points to directions for future research.
  • Placeholder
    ArticlePublicationMetadata only
    EPIoT: Enhanced privacy preservation based blockchain mechanism for internet-of-things
    (Elsevier, 2024-01) Kashif, Muhammad; Çakmakçı, Kübra Kalkan; Computer Science; ÇAKMAKCİ, Kübra Kalkan; Kashif, Muhammad
    With the increasing popularity of the Internet of things (IoT) and giving the end users the opportunity of collecting and analyzing the data by these IoT devices give rise to ultimate privacy concern and is attracting significant attention nowadays. These IoT devices may contain highly sensitive data and data sharing processes which may lead to security and privacy concerns. To surmount these issues, the interaction of IoT with blockchain for a secure transaction is accepted as a candidate solution. However, the innate behavior of blockchain containing complex mathematical proofs and consensus protocol requires high computational power making it less favorable for IoT devices to be connected with. Motivated by a private by-design framework and emphasizing greater control and setting of privacy preferences by the data owner, this paper complements our previous work on privacy preservation in IoT networks. In this paper, we design and propound a complete blockchain-based privacy-preserving framework by deploying service-oriented layers concepts and low computation cryptography, and a less complex consensus protocol to address the privacy concern. Moreover, this paper will unravel the complete end-to-end architecture of IoT-based blockchain purposely build for secure transactions in IoT networks. Security analysis is conducted using AVISPA tool to show that the proposed algorithms attain the desired security goals. This is followed by extensive simulation experiments and ultimate output results cultivating it much favorably for the deployment of IoT applications in real life.
  • Placeholder
    ArticlePublicationMetadata only
    Sorec: Self-organizing and resource efficient clustered blockchain network
    (Elsevier, 2023-09) Doğan, Orkun; Çakmakçı, Kübra Kalkan; Computer Science; ÇAKMAKCİ, Kübra Kalkan; Doğan, Orkun
    With the emergence of Industry 4.0, the features of the technologies that are utilized in broad range of areas are obliged to change according to the new necessities. Especially, the network requirements have to be adopted accordingly in terms of efficiency, transparency, faster pay-outs and asset security. The blockchain technology promises to fulfill the requirements these key aspects of networking impose with the advantages it provides. However, the technology has certain limitations regarding its scalability and its transaction throughput rate. The advantages in security provided by blockchain comes at a cost in terms of scalability and transaction throughput rate. In this paper, a novel decentralized and distributed network architecture is presented. With its novel approach the proposed architecture aims to address these issues with network scalability and to provide an increased transaction throughput rate. Without introducing any centralization with its clusters, the proposed architecture allows the network to utilize its resources much more efficiently and effectively, which allows the participants to focus their efforts on mining, increasing the performance of the network. The architecture also proposes a novel communication handling promoting bulk communications and random workload distribution over the entire network to reduce the bottlenecking that occurs on the peers. A comparison to other state-of-the-art works, namely Bitcoin [1] and Community Clustering [2], is also presented in this paper. The comparison of the collected data shows that the proposed architecture in this paper is able to reduce the overall network latency and provide an increase in the transaction throughout of the network.
  • Placeholder
    Conference paperPublicationMetadata only
    Towards test automation for certification tests in the banking domain
    (IEEE, 2023) Elakas, A.; Tarlan, Ozan; Safak, I.; Çakmakçı, Kübra Kalkan; Sözer, Hasan; Computer Science; SÖZER, Hasan; ÇAKMAKCİ, Kübra Kalkan; Tarlan, Ozan
    Software systems in the banking domain are business-critical applications that provide financial services. These systems are subject to rigorous certification tests, which are performed manually, and take weeks to complete. In this paper, we suggest that automation of the certificate tests are possible and it will save a considerable amount of time. A certification testing operation which can take a few weeks can be reduced to a few seconds. Firstly, we review the existing test activities to identify the ones that can be automated and introduce a prototype tool for automating some of the tests used for certification. We focus on rules that are verified by analyzing the banking infrastructure. Our tool takes the network topology of the banking infrastructure as input and verifies a subset of these rules. The tool can be extended with additional rules in order to reduce the effort for certification tests. In addition to this tool, we introduce softwaredefined network-based tests to automatically verify compliance with the rules by checking the firewall constraints and host connections. In particular, we focus on a security certification standard named Payment Card Industry Data Security Standard. This certification aims to reduce the risk of data breaches in cardholder data by ensuring industry standard practices for payment card transactions. Our tool offers effort reduction in auditing through automation. It supports continuous auditing and network security enhancement processes.
  • Placeholder
    Conference paperPublicationMetadata only
    DPSec: A blockchain-based data plane authentication protocol for SDNs
    (IEEE, 2020-11-02) Latah, Majd; Çakmakçı, Kübra Kalkan; Computer Science; Alsmirat, M.; Jararweh, Y.; Aloqaily, M.; Ozkasap, O.; ÇAKMAKCİ, Kübra Kalkan; Latah, Majd
    Software-Defined Networking (SDN) is a promising networking architecture that enables central management along with network programmability. However, SDN brings additional security threats due to untrusted control and data planes. In this work, we focus on authenticating SDN's data plane since it can be exploited to attack SDN's control plane. As a result, the whole SDN network will be paralysed. On the other hand, Blockchain (BC) can be utilized to provide more secure data plane by introducing a fault-tolerant, decentralized and secure ledger without relying on any trusted third-party intermediaries. To this end, in this work we propose, DPSec, a consortium BC-based protocol for authenticating SDN's data plane including SDN switches and hosts. We also provide a proof-of-concept that demonstrates the applicability and feasibility of our protocol in SDNs. Finally, we present a security analysis that shows how DPSec can address several attacks against SDNs including CVE-2018-1000155 vulnerability [1] that targets SDN controllers due to the untrusted data plane.
  • Placeholder
    Conference paperPublicationMetadata only
    DiBLIoT: A distributed blacklisting protocol for iot device classification using the hashgraph consensus algorithm
    (IEEE Computer Society, 2022) Tarlan, Ozan; Şafak, I.; Çakmakçı, Kübra Kalkan; Computer Science; ÇAKMAKCİ, Kübra Kalkan; Tarlan, Ozan
    Industrial applications require highly reliable, secure, low-power and low-delay communications. However, wireless communication links in the industrial environment suffer from various channel impairments which can compromise the above requirements. This paper presents a new reliable blacklisting protocol for ensuring the Internet of Things (IoT) network security and mitigating the effects of interference caused by multipath Rayleigh fading using a distributed approach. The proposed blacklisting protocol is simulated over a distributed IoT network setup where flat Rayleigh fading disrupts Message Queuing Telemetry Transport (MQTT) communications. Distributed servers jointly decide in real-Time whether to blacklist a device after individually performing anomaly detection and submitting their results to the hashgraph network. The IoT devices are classified by a device fingerprinting method using various machine learning (ML) algorithms that are trained with real-Time packet capture data. The proposed blacklisting protocol is shown to increase the accuracy of blacklisting malignant devices from 42% to 82% as the number of servers increases from one to five for mixed attacks. It also achieves higher accuracies ranging between 47.2%-97.6% versus 47.4%-90.7% compared to the related work for Denial of Service (DoS) attacks. The proposed protocol is particularly suitable for the Industrial IoT (IIoT) in mitigating the effects of harsh communication environments in manufacturing facilities.
  • Placeholder
    Conference paperPublicationMetadata only
    IBAM: IPFS and blockchain based authentication for MQTT protocol in IoT
    (IEEE, 2023) Karadaş, Hasan Bahadır; Çakmakçı, Kübra Kalkan; Computer Science; ÇAKMAKCİ, Kübra Kalkan; Karadaş, Hasan Bahadır
    Decentralized systems have proven themselves as a dominant authentication and storage paradigm for IoT systems where smartwatches are integrated with MQTT messaging framework for transmitting medical data to doctors. However, the security concerns with centralized frameworks presented vital security challenges regarding data privacy and network security for healthcare systems. This paper will present an integrated framework involving a reliable and lightweight e-health data-sharing framework that combines the decentralized interplanetary file system (IPFS) and blockchain on a smartwatch platform. Particularly, this framework helps in trustworthy control mechanisms which use smart contracts to achieve authentication and storage for both subscribers and publishers. We presented a simulation using Ethereum blockchain and IPFS in a real data-sharing scenario with the MQTT protocol. Our analysis proved that our approach satisfies lightweight access control requirements since it demonstrates the low latency of the framework and optimized energy consumption with high security and data privacy levels.