Browsing by Author "Tomur, Emrah"

Filter results by typing the first few letters
Now showing 1 - 2 of 2
  • Thumbnail Image
    Article
    Citation - WoS: 1
    Citation - Scopus: 3
    Merging Threat Modeling with Threat Hunting for Dynamic Cybersecurity Defense
    (IEEE-Inst Electrical Electronics Engineers Inc, 2024) Nour, Boubakr; Ujjwal, Sonika; Karacay, Leyli; Laaroussi, Zakaria; Gulen, Utku; Tomur, Emrah; Pourzandi, Makan
    As technology advances swiftly and the Internet of Things undergoes significant growth, the world is experiencing a surge in data creation. This has resulted in the rapid emergence of novel applications, bringing forth a broader range of intricate and challenging threats that pose difficulties in detection. Therefore, a comprehensive and proactive approach is needed to identify and mitigate security threats. In this article, we combine threat modeling and threat hunting using different approaches in order to provide a more holistic understanding of the security posture of the system, by leveraging the threat model capability in anticipating potential threats and the capability of the threat hunting in identifying evolving and previously unidentified threats. This integration allows for early detection and mitigation of potential threats and enables organizations to enhance their incident response readiness, implement targeted risk mitigation strategies, and fortify their overall cybersecurity posture in the face of evolving and sophisticated threats.
  • Thumbnail Image
    Conference Object
    Citation - WoS: 2
    Secure Iot Update Using Blockchain
    (IEEE, 2021) Kaptan, Melike; Tomur, Emrah; Ayav, Tolga; Erten, Yusuf Murat
    In this study a platform is devised to send automatic remote updates for embedded devices. In this scenario there are Original Equipment Manufacturers (OEMs), Software suppliers, blockchain nodes, Gateways and embedded devices. OEMs and software suppliers are there to keep their software on Inter Planetary File System (IPFS) and send the meta-data and hashes of their software to the blockchain nodes in order to keep this information distributed and ready to be requested and used. There are also gateways which are the members of the blockchain and the IPFS network. Gateways are responsible for asking for a specific update for specific devices from IPFS database using the meta-data kept on the blockchain, and they will send those hashed secure updates to the devices. In order to provide a traceable data keeping platform, gateway update operations are handled as transactions in a second blockchain network which is the clockchain of the gateways. The system was implemented as of the two separate blockchain networks and it has been shown that, despite the calculation overhead of the member devices, by separating the functions between the two blockchain networks a more reliable and secure platform can be achieved.