PhD. Candidate: Emre Süren

Program: Bilişim Sistemleri

Date: 06.08.2019

Place: Konferans Salonu 01

Abstract: The prevalence and non-stop evolving technical sophistication of Exploit Kits (EKs) is one of the most challenging shifts in the modern cybercrime landscape. Over the last few years, malware infection via drive-by download attacks have been orchestrated with EK infrastructures. An EK serves various types of malicious content via several threat vectors for a variety of criminal attempts, which are mostly monetary-centric. In this dissertation, an in-depth discussion of the EK philosophy and internals is provided. A content analysis is introduced for the EK families where special contextaware properties are identified. A key observation is that while the webpage contents have drastic differences between distinct intrusions executed through the same EK, the patterns in URL addresses stay similar. This is due to the fact that auto-generated URLs by EK platforms follow specific templates. This dissertation proposes a new lightweight technique to quickly categorize unknown EK families with high accuracy leveraging machine learning algorithms with novel URL features. Rather than analyzing each URL individually, the proposed overall URL patterns approach examines all URLs associated with an EK infection. The method has been evaluated with a popular and publicly available dataset that contains 240 different real-world infection cases involving over 2250 URLs, the incidents being linked with the 4 major EK flavors that occurred throughout the year 2016. In the experiments, the system achieves up to 93.7 % clustering accuracy and up to 100 % classification accuracy with the estimators experimented.

M.S. Candidate: Amin Zabardast

Program: Medical Informatics

Date: 07.08.2019

Place: A-108

Abstract: Minimally invasive surgical procedures utilize technology to provide surgeons with more functionality as well as a better perspective to help them succeed in their tasks and reduce operations risks. Surgeons usually rely on screens and cameras during minimally invasive surgeries such as Laparoscopic, Endoscopic, or Robotic Surgeries. Currently, operating rooms use information from different modalities such as Computer-Aided Tomography and Magnetic Resonance Imaging. However, the information is not integrated, and the task of extracting and combining features falls under the surgeon’s expertise. Conventional cameras, although very helpful, are not capable of transmitting every aspect of the scene including depth perception. Recently stereo cameras are being introduced to operating rooms. Utilizing stereo endoscopic equipment alongside algorithms to process the information can enable depth perception.The process of extracting depth information from stereo cameras, also known as Stereo Correspondence, is still an active research field in computer science. Understanding depth information from the view is a necessary step for reconstruction of the scene in a 3D environment. Ultimately, this reconstructed environment acts as a basis to build an Augmented Reality with extra information baked into the scene to help the surgeon. Artificial Neural Networks (ANNs), specially Convolutional Neural Networks (CNNs), have revolutionized the computer vision research in the past few years. One of the problems that researchers tried to solve using ANNs was Stereo Correspondence. There are variations of CNNs with excellent accuracy in Stereo Correspondence problem. This thesis aims to achieve surface reconstruction from in vitro stereo images of organs using Deep Neural Networks and in silico simulations.

Title: MINING EYETRACKING DATA TO CHARACTERISE USERS AND THEIR PATTERNS OF USE 

PhD Candidate: Melih Öder

Program: Informations Systems Department 

Date: 26 June 10:00

Place: A-212

Abstract: Eye tracking studies typically collect an enormous amount of data that encodes a lot of information about the users’ behavior and characteristics on the web. However, there are not many studies that mine such data to learn and discover user characteristics and profiles. The main goal of this study is to mine eye tracking data by machine learning methods to create data models which characterise users and predict their characteristics, in particular, familiarity and gender. Detecting users’ characteristics can be used in creating adaptive user interfaces to improve user experience and interaction efficiency. In a typical eye tracking study, collected demographics data have participants’ educational backgrounds, gender, age, and familiarity degree to a web page (subjectively). In this thesis, a model focusing on the users’ familiarity degree and gender is first created based on an existing eye-tracking dataset, and then a new eye-tracking study is conducted to validate this model. The main contribution of this thesis is a machine learning approach that can be used to characterise users, in particular, familiarity and gender, based on eye-tracking data and also a tool that can be used to extract features and metrics from an eye-tracking dataset.

Title: SECURITY VISUALIZATION INFRASTRUCTURES, TECHNIQUES, AND METHODOLOGIES FOR IMPROVED ENTERPRISE SECURITY 

PhD Candidate: Fatma Ferda Özdemir

Program: Informations Systems Department 

Date: 17 June 15:30

Place: Conference Hall-01

Abstract: This thesis represents research focuses on providing designs to allow monitoring of the security status of enterprises at the organization level. The audience of this research is all enterprise level IT and security experts, and the other users who may be engaged in the security visualization designs, including the top level management. Numerous tools and programs are being used to analyze to overcome security vulnerabilities of the organizations. However, the outputs of these programs are rarely understood clearly. During the research, existing security visualization requirements and designs along with the corresponding technologies used for security visualization are examined. For the sake of being user-centric, a visualization requirements survey is held. The results of the literature review and the survey are converted to a substantial requirement set for a generic enterprise security visualization infrastructure. This infrastructure is implemented using industry best standards and the contemporary big data solutions. The resulting design is validated through the use of expert reviews. Later, one of the favorite security visualization subjects for the enterprises, namely web application security is depicted. A dashboard type holistic design to visualize black-box vulnerability test results is proposed along with forty plus metrics and measures. SIEM systems are also examined for their custom data visualization capabilities in parallel to this part of the study. Finally, security management related issues for the organizations was focused. In this part of this study , a decision support system for the optimization of security costs which relies on analytical methods and uses treemap type visualizations to visualize the threats, risks, corresponding precautions, and the costs is proposed. A real-world case study is used to demonstrate the benefits of this system.

Title: MOBILE USER DATA MINING FOR INFERRING INDIVIDUAL’S DIFFERENCES IN INFLUENCE STRATEGIES

PhD Candidate: Şeyma Çavdar

Program: Informations Systems Department 

Date: 28 August 13:00

Place: Conference Hall-01

Abstract: Owing to the widespread and ubiquitous nature of mobile technologies, a large amount of data about users including location, access and interaction behavior is currently available. These data have recently become important as it has the potential to reveal personal information and user characteristics such as personality traits. In the literature, data of mobile phone use (such as number of calls, messages) is generally collected with questionnaires or special applications and then analyzed. However, self-reported data is often difficult to collect as well as mobile call data is limited for inferring user preferences and characteristics. In addition, people increasingly use different types of mobile applications. In this thesis, personal data obtained by mobile applications will be used and analyzed with data mining techniques in order to infer personality characteristics of users (e.g. BIG5) and how they are affected by influence strategies (e.g. Cialdini’s six strategies). The results are expected to improve personalization of mobile applications and develop successful user profiles. The health domain will be selected in this thesis.

Phd Candidate: Utku Kaplan

Department: Cyber Security

Date: 14 January 2019

Place:  A-212 15:30

Abstract: To improve the quality of the software and find security vulnerabilities, code review is usually performed during software development activities. The experience of software developers reviewing the code may affect the quality of the code review. This study investigates whether differences between novices and experts in the detection of vulnerabilities in the code can be identified by eye tracking. Participants’ eye movements were recorded by an eye tracker while they investigated program codes for security review. The experiment was carried out with 20 programmer participants. The results showed that experienced software developers found security vulnerabilities in a shorter time than less experienced software developers. The findings also indicated that experts are more successful in terms of finding security vulnerabilities.

Keywords: software security vulnerabilities, eye tracking, source code review

Graduate School of Informatics /Information Systems

In partial fulfillment of the requirements for the degree of Master of Fatih Işıktaş will defend his thesis.

Title: APPLICATION OF SUBSPACE CLUSTERING TO SCALABLE MALWARE CLUSTERING

Date: 14th January 2019

Time: 14:00 PM

Place: A-108

Thesis Abstract : In recent years, massive proliferation of malware variants has made it necessary to employ sophisticated clustering techniques in malware analysis. Choosing an appropriate clustering approach is very important especially for rapidly and accurately mining clustering information from a large malware set with high number of attributes. In this study, we propose a clustering method that is based on subspace clustering and graph matching techniques and presents an enhanced clustering ability and scalable runtime performance for the analysis of large malware sets. Unlike traditional signature-based clustering techniques, we aimed to obtain more accurate malware clusters by comparing internal structures of malware binaries. We also integrated a subspace clustering technique in order to scale and speed up the clustering process. To be able to verify our method, we developed a system prototype that can perform the mentioned clustering processes. This prototype provides a graphical user interface which allows users to navigate over malware binaries and generated clusters for a detailed analysis. We performed clustering experiments on real malware sets by using our system prototype. The experiment results showed that using a clustering method based on comparison of internal structure of malware binaries reveals clustering outputs with a 98% accuracy. Besides, the experiment results demonstrated that our method significantly improves the runtime performance of the clustering process without degrading clustering accuracy.

Graduate School of Informatics /Cognitive Sciences

In partial fulfillment of the requirements for the degree of Master of Borabay Kadirdağ will defend his thesis.

Title: THE EFFECTS OF COGNITIVE REAPPARISAL & EXPRESSIVE SUPPRESSION ON EXAM PERFORMANCE OF UNIVERSITY STUDENTS

Date: 26th November 2018

Time: 11:30 AM

Place: A-212

Thesis Abstract : The main objective of this thesis is to examine the effect of cognitive (re-)appraisal and expressive suppression and on exam performance in Turkish university students. The study is based on the appraisal-tendency framework of Lerner and Keltner (2000) which defines cognitive appraisal as cognitive meaning making that leads to emotions, (Lerner, Li, Valdesolo, & Kassam, 2015). Expressive suppression, on the other hand, is defined as an aspect of emotional regulation where individuals mask their facial giveaways to hide their emotional states (Niedenthal, P. M., Ric, F., & Krauth-Gruber, S. 2006). Based on the cognitive reappraisal and expressive suppression abilities of the students, their affective responses (PANAS) to anxiety before and after watching a video of a stressful scene were measured to find out if there is an effect of the emotional regulation abilities to exam performances of the students. 63 students with medium-level of exam anxiety based on the Test Anxiety Questionnaire (Nist & Diehl, 1990) participated. Results of the emotional regulation abilities suggest that expressive suppression has a significant effect on exam performances. Those students who suppressed the expression of their emotions less could increase their exam scores as measured in two exams at the beginning and end of the term. The responses based on PANAS scores indicate no significant difference of emotional regulation abilities on exam performance. Keywords: emotion, exam anxiety, emotional regulation, cognitive reappraisal, expressive suppression

Graduate School of Informatics /Information Systems

In partial fulfillment of the requirements for the degree of Master of Burak Ünaltay will defend his thesis.

Title: A TRANSFORMATIVE EMBEDDED SOFTWARE ARCHITECTURE FOR IMAGE PROCESSING APPLICATIONS

Date: 14th November 2018

Time: 14:00 AM

Place: B-116

Thesis Abstract : Real time image processing is often subjected to very harsh constraints due to the nature of the embedded hardware it is implemented on. Embedded hardware offer very limited memory, has low processing power and required to have low power needs.These constraints however, cannot be an excuse to give up on performance, as many of the applications in this field of work are created for high end military systems, border security, medical applications and areas similar to these where performance is critical. Unfortunately, many of the image processing algorithms used in these systems are rarely developed for the limited boundaries of embedded world. As such, there is a need for a methodology where one can transform image processing algorithms that is written in high level languages (matlab, python etc..) or even in pseudo-code to the low level languages (c++, c, assembly) that is more suited for embedded world. In this study, existing software development processes that are being used for this effort will be reviewed, and an embedded software architecture will be proposed as a solution to the problems stated above.

Graduate School of Informatics /Cognitive Sciences

In partial fulfillment of the requirements for the degree of Master of Dilek Deniz Bilgiç will defend his thesis.

Title: PRESCHOOL CHILDREN’S STORY CONSTRUCTION AND USE OF DEIXIS IN FICTIONAL NARRATIVES

Date: 14th November 2018

Time: 10:00 AM

Place: A-108

Thesis Abstract : The Deictic Shift theory suggests that for interpreting an utterance, deictic terms must be used and one’s deictic center needs to be shifted with respect to the speaker’s. In the present study, Turkish preschool children’s fictional narratives are studied by examining the deictic terms they use to construct the story-world context within the theory of Deictic Shift and Deictic Center. For this goal, narratives elicited by a picture-based book by 47 preschool children between ages 3;6 and 6 are explored and compared to 23 adults’ narratives. Younger children used more demonstrative deictic terms, suggesting that they are tuned to the picture-book rather than the story context. They also used temporal deictics less frequently than adults, indicating that temporal deictics develop alongside the ability of plot organization. Overall, the results show that narrative development goes hand in hand with the development of how the expressions of the real-world context are shifted to the story-world context and the development of deictic expressions to convey psychological proximity.