Thesis defense

thesis defense

Gürol Canbek : Multi-Perspective Analysis and Systematic Benchmarking for Binary-Classification Performance Evaluation Instruments

PhD. Candidate: Gürol Canbek

Program: Information Systems

Date: 02.09.2019 13:00 p.m

Place: Conference Hall 01

Abstract: This thesis proposes novel methods to analyze and benchmark binary-classification performance evaluation instruments. It addresses critical problems found in the literature, clarifies terminology and distinguishes instruments as measure, metric, and as a new category indicator for the first time. The multi-perspective analysis introduces novel concepts such as canonical form, geometry, duality, complementation, dependency, and leveling with formal definitions as well as two new basic instruments. An indicator named Accuracy Barrier is also proposed and tested in re-evaluating performances of surveyed machine-learning classifications. An exploratory table is designed to represent all the concepts for over 50 instruments. The table’s real use cases such as domain-specific metrics reporting are demonstrated. Furthermore, this thesis proposes a systematic benchmarking method comprising 3 stages to assess metrics’ robustness over new concepts such as meta-metrics (metrics about metrics) and metric-space. Benchmarking 13 metrics reveals critical issues especially in accuracy, F1, and normalized mutual information conventional metrics and identifies Matthews Correlation Coefficient as the most robust metric. The benchmarking method is evaluated with the literature. Additionally, this thesis formally demonstrates publication and confirmation biases due to reporting non-robust metrics. Finally, this thesis gives recommendations on precise and concise performance evaluation, comparison, and reporting. The developed software library, analysis/benchmarking platform, visualization and calculator/dashboard tools, and datasets were also released online. This research is expected to re-establish and facilitate classification performance evaluation domain as well as contribute towards responsible open research in performance evaluation to use the most robust and objective instruments.

Announcement Category

Mustafa Mert Karataş : Malicious User Input Detection on Web-Based Attacks with the Negative Selection Algorithm

Msc. Candidate: Mustafa Mert Karataş

Program: Cyber Security

Date: 09.09.2019 13:00 p.m

Place: A-212

Abstract: The human body is exposed to several pathogens during its lifetime. HIS(Human Immune System) is responsible to protect the body from different pathogens. HIS has two distinct response systems to these outsiders, which are; innate and adaptive immune systems. While the innate system takes general actions to the intruding pathogens, the adaptive immune system eradicates them by its special cells. T-Cells, one of the defined adaptive immunity cells, are created in the thymus. The generation of these cells is constant and continued to the end of the human life span. T-Cells protects the human body with the use of its distinct self and non-self discrimination ability. In the computer science domain, self/non-self discrimination of the T-Cells are studied and applied in the subject of AIS (Artificial Immune System). A model observed from the HIS while creating these cells, Negative Selection, is added as an algorithm to this subject. The ability to discriminate self from non-self is thought to be useful for the detection of any malicious activity in a computer or a computer network. In this thesis, the Negative Selection Algorithm of the T-Cells is applied in order to detect malicious user input that is submitted from HTTP GET parameters. Detection is done through detectors strings with varying lengths. Detectors are constructed with randomly chosen n-gram strings generated from the training dataset. The number of n-gram strings to form a single detector is determined with the use of Poisson Probability. Detection rates, number of attempts needed for generating a single detector, average detection rates for each detector, the lengths of the detectors and number of detectors that can be generated over a course of time are calculated and presented.

Announcement Category

Muhsin Aldemir : Social Network Analysis of Malicious Websites for Detection and Characterization

Msc. Candidate: Muhsin Aldemir

Program: Information Systems

Date: 02.09.2019 15:30 p.m

Place: A-108

Abstract: Malicious websites pose major risks to users and businesses including economic damages, privacy breaches and loss of valuable data. Malicious actors use websites as a spreading medium for their motives. Analyzing the relationships between malicious websites and comparing them to benign ones can help understand the problem better, and enable detection and prevention of these websites more accurately. This thesis focuses on detection and characterization of malicious websites using Social Network Analysis (SNA). SNA provides powerful methodologies for discovering and visualizing the relationships between actors. By utilizing the links in between and among malicious and benign websites, graphs were constituted, whose nodes were websites and ties were hyperlinks between them. For this purpose, the data which included the snapshot of the pairwise links amongst millions of websites, the list of malicious websites and their types were obtained from the web. First, the same size networks of malicious and benign websites were characterised and compared using their descriptive properties. Then, using these networks new analyses were carried out to determine malicious websites and their types based on their network structures and link similarities. Results were presented showing the detection accuracies of applied methods.

Announcement Category

Ahmet Serhat Demir : A Fully Decentralized Framework for Securely Sharing Digital Contents

Msc. Candidate: Ahmet Serhat Demir

Program: Cyber Security

Date: 04.09.2019 15:00 p.m

Place: A-212

Abstract: Blockchain technology is first known as the secure, immutable, distributed public ledger of the Bitcoin network, which enables value transfer without the need of a trusted third party. Besides cryptocurrencies and finance, blockchain technology has the potential to disrupt several industries, which is made possible with the advance of the smart contracts and decentralized applications. This thesis explores the blockchain technology, Ethereum smart contracts, and investigates the potential of Ethereum Web 3.0 stack for secure information and file sharing in a fully decentralized architecture. It is aimed to discard the need of a central authority in every layer of the application, and cope with the drawbacks of centralized content exchange platforms. Accordingly, a proof-of-concept of a decentralized application is designed. This design is implemented in Ethereum Web 3.0 stack using blockchain for the immutable distributed ledger, Ether for cash transfers, and smart contracts for application logic. Since data storage in blockchain is expensive, Swarm is used for decentralized reliable content storage system. Nevertheless, according to our research, permissionless systems in the Ethereum ecosystem lack necessary data privacy, which causes a risk for secure information exchange. In order to provide a secure way of content exchange, public key encryption is utilized to enable sensitive content delivery without the need of a pre-shared secret. Also, to protect both buyer and seller, a double escrow functionality is implemented. According to the validation and evaluation of our proof-of-concept, we successfully show that Ethereum Web 3.0 stack is applicable for securely sharing digital contents.

Announcement Category

Burak Çelik : OPTIMIZATION OF ADVANCED ENCRYPTION STANDARD (AES) ON CUDA

Msc. Candidate: Burak Çelik

Program: Cyber Security

Date: 04.09.2019 14:00 p.m

Place: A-212

Abstract: This thesis presents several optimization techniques of AES implementations on CUDA. 6 different CUDA kernels are implemented for AES-128 exhaustive search with different software designs and they are compared with each other using Nsight experiment results. Outcome of these results are used for finding the best CUDA implementation and from it, AES-128, AES-192 and AES-256 versions are created for exhaustive search, on the fly CTR and file encryption. They are compared with CPU implementations in order to decide whether GPU or CPU is the fastest considering these topics. For this comparison, two different type of CPU implementations are created which are AES-NI, using new instruction set of Intel, and basic C++. 1, 2, 4 and 8 threads versions of these implementations are compared with CUDA and results are shared. According to them, CUDA is 21, 19 and 18 times faster than the best CPU implementations for exhaustive search with respect to key length. These ratios are 4 times for CTR implementations in which 37.52 GBs of data can be encrypted each second while using CUDA. File encryption for CUDA is 22, 19 and 17 times faster than the best CPU implementations. CUDA can encrypt 31.24 GBs of data per second in this regard without considering I/O operations.

Announcement Category

Nur Didem Başkurt : Omnidirectional Hyperspectral Imaging

PhD. Candidate: Nur Didem Başkurt

Program: Information Systems

Date: 28.08.2019 10:00 a.m

Place: Conference Hall 01

Abstract: We aim to integrate hyperspectral cameras with catadioptric omnidirectional imaging systems to be able to benefit from the advantages of both. Hyperspectral imaging systems provide dense spectral information about the scene being investigated by collecting contiguous data from high number of bands on the electromagnetic spectrum. However the low spatial resolution of these sensors frequently bring about the mixing problem in remote sensing applications. Several unmixing approaches are developed in order to handle the challenging mixing problem on perspective images. On the other hand, omnidirectional imaging systems provide a 360-degree field of view in a single image, while they renounce high spatial resolution. Catadioptric images introduce a radial warping due to the structure of the mirror used in the system. This warping causes a non-uniformity in the spatial resolution which makes the unmixing problem more complicated. In this context, a novel spatial-contextual unmixing algorithm is developed specialized for the large field of view hyperspectral imaging systems. The proposed algorithms are evaluated on various real-world and simulated cases. Experimental results show that the proposed approach outperforms compared methods.

Announcement Category

Bekir Öztürk, : Semi Dynamic Light Maps

M.S. Candidate: Bekir Öztürk

Program: Multimedia Informatics

Date: 04.09.2019 / 13:30

Place: A-108

Abstract: One of the biggest challenges of real-time graphics applications is to maintain high frame rates while producing realistically lit results. Many realistic lighting effects such as indirect illumination, ambient occlusion, soft shadows and caustics are either too complex to render in real-time with today`s hardware or cause significant hits to frame rates. Light mapping technique offers to precompute the lighting of the scene to speed up expensive lighting calculations at run-time. This allows rendering high quality lights from a high number of light sources even on low-end devices. The primary drawback of this technique is that scene state that is dependent on the precomputed data cannot be changed at run-time. This includes intensity, color and position of light sources as well as position and visibility state of light map illuminated objects. This property of light maps significantly decreases the interactability of applications. In this thesis, we present a method to remove some of these restrictions at the cost of additional texture memory and small CPU/GPU workload. This allows changing color and intensity properties of selected light sources at run-time while keeping the benefits of light mapping technique. It is also becomes possible to change visibility state of selected objects. Our algorithm computes the light maps separately for each light source. Regions shadowed by each selected object are also captured and stored. These maps are later combined at run-time to correctly illuminate the scene. Despite the increase in the generation time of precomputed data, the overhead of the method at run-time is low enough to make it useful in many real-time applications.

Announcement Category

Özgür Ural, : AUTOMATIC DETECTION OF CYBER SECURITY EVENTS FROM TURKISH TWITTER STREAM AND TURKISH NEWSPAPER DATA

M.S. Candidate: Özgür Ural

Program: Cyber Security

Date: 07.08.2019 / 11:00

Place: A-108

Abstract: Cybersecurity experts scan the internet and face security events that influence users, institutions, and governments. An information security analyst regularly examines sources to stay up to date on security events in her/his domain of expertise. This may lead to a heavy workload for the information analysts if they do not have proper tools for security event investigation. For example, an information analyst may want to stay aware of cybersecurity events, such as a DDoS (Distributed Denial of Service) attack on a government agency website. The earlier they detect and understand the threats, the longer time remaining to alleviate the obstacle and to investigate the event. Therefore, information security analysts need to establish and keep situational awareness active about the security events and their likely effects. However, due to the large volume of information flow, it may be difficult for security analysts and researchers to detect and analyze security events timely. There have been attempts to solve this problem both from an academic perspective and engineering purposes.

 A recent challenge in this domain is that the internet community use different languages to share information. For instance, information about security events in Turkey is mostly shared on the internet in Turkish. The present thesis investigates the automatic detection of security incidents in Turkish by processing Twitter and news media. It proposes an automatic, Turkish specific software system that can detect cybersecurity events in real time.

Announcement Category

Zafer Şengül, : Modelling the Effects of Malware Propagation on Military Operations by Using Bayesian Network Framework

M.S. Candidate: Zafer Şengül

Program: Cyber Security

Date: 07.08.2019 / 09:45

Place: A-212

Abstract: Malware are malicious programs that cause unwanted system behavior and usually result in damage to IT systems or its users. These effects can also be seen during military operations because high-tech military weapons, command, control and communication systems are also interconnected IT systems. This thesis employs conventional models that have been used for modeling the propagation of biological diseases to investigate the spread of malware in connected systems. In particular, it proposes a probabilistic learning approach, namely Bayesian Network analysis, for developing a framework for the investigation of mixed epidemic model and combat models to characterize the propagation of malware. Compared to the classical models, which have employed formula-based representations, the results of this thesis reveal more enriched representations of the superiority of one military force over the other in probabilistic terms.

Announcement Category

Habibe Cansu Demirel, : Modeling the Tumor Specific Network Rewiring by Integrating Alternative Splicing Events with Structural Interactome

M.S. Candidate: Habibe Cansu Demirel

Program: Bioinformatics

Date: 31.07.2019

Place: A-108

Abstract: Alternative splicing is a post-transcriptional regulation which is important for the diversity of the proteome and eventually the interactome. It enables the production of multiple proteins from a single gene with different structures. In a network point of view, these structural changes can introduce new interactions or cause the loss of the existing ones. The variations in this mechanism has been associated with various diseases including cancer. In this study, we reconstructed patient specific networks with tumor specific protein isoforms by integrating the protein structures and the interaction losses they bring with. For this purpose, we collected 400 breast cancer tumors and 112 normal RNA-seq data from the Cancer Genome Atlas (TCGA) and found the transcripts that show increased expression patterns in tumor cells. We mapped these transcripts to their available protein isoforms found in UniProt. Additionally, we compiled a structural human interactome from multiple sources and aligned the missing residues on isoforms with the known/predicted protein interfaces to find potential interaction losses. At the end, we constructed two interactomes for each sample; one filtered based on the lost interfaces as a result of predominant isoforms (called “terminal set”) and one filtered based on the expression. Then, we used the same terminal set with Omics Integrator to model two sets of networks based on the two patient-specific interactomes. Finally, we compared the resulting two networks and all tumor specific networks simultaneously to reveal pathway, protein-protein interaction and protein patterns that can cluster the tumors according to their similarities. The results of our analysis will contribute to the elucidation of tumor mechanisms and will help for target selection and developing therapeutic strategies.

Announcement Category

Pages

Subscribe to RSS - Thesis defense