Dr. Ibrahim Ethem Bagci


I am a Network Threat Analyst at VMware.

Before joining VMware, I was a Network Threat Analyst at Lastline Inc., which was acquired by VMware. And before Lastline, I was a Research Associate in the School of Computing and Communications at Lancaster University and Researcher at Quantum Base. I was a member of Security Lancaster and Quantum Technology Centre.

I finished my PhD in the School of Computing and Communications at Lancaster University in 2016 under supervision of Prof. Utz Roedig. My PhD was funded by HMGCC. I received my BSc and MSc degrees from the Department of Computer Engineering at TOBB University of Economics and Technology, Ankara, Turkey, in 2008 and 2011, respectively. I worked with Prof. Bulent Tavli and Prof. Kemal Bicakci during my BSc and MSc.


Research

Research Interests

My research interests include Security and Privacy, Wireless Communications, Internet of Things and Programmable Networks.

During my post-doctoral studies, I worked on lightweight authentication methods using quantum mechanics; security in acoustic domain; security in wireless networks; and security in programmable networks (SDN, NFV).

During my PhD, I worked on physical tamper detection on Wi-Fi devices using physical layer information of the wireless channel; wireless sensor node fingerprinting using hardware characteristics; improving performance of security protocols in wireless sensor networks; modeling environmental properties to enable more dependable wireless sensor network applications; and efficient and lightweight authentication methods using quantum mechanics. During my BSc and MSc, I worked on lifetime optimization in wireless sensor networks concerning digital signatures, sink and event unobservability, data processing and communication, and cooperation of neighbor sensor networks.

Research Projects
  • Lightweight Authentication Methods Using Quantum Mechanics: 12.2017 - 02.2019 [EPSRC]
    The aim of this project is to develop new efficient PUF and RNG devices using quantum mechanics.
  • RASE (Robustness-AS-Evolvability): Joined on 04.2016 - 11.2017 [EPSRC]
    The RASE (Robustness-AS-Evolvability) project aims to provide research on a dynamic and evolvable control plane based on software-defined-networks (SDN), which is resilient to targeted attacks.
  • Building a Wireless Testbed to Detect Physical Attacks on Wi-Fi Devices: 02.2016 - 03.2016 [EPSRC]
  • RELYonIT - Research by Experimentation for Dependability on the Internet of Things: Joined on 11.2013 - 01.2015 [EU]
    The goal of this project is to enable dependable Internet of Things (IoT) applications by taking into account all relevant environmental properties and their impact on IoT platforms and protocols.
  • Risk Management in Wireless Sensor Networks: 01.08.2011 - 31.01.2016 [funded by HMGCC]
    Wireless sensor networks (WSNs) are a new type of communication system that is useful for a number of applications. For example, a WSN can be used to build a physical intrusion detection system. If unauthorized access is detected personnel can be informed about the intrusion or, alternatively, the WSN can interact directly with other systems to respond to the incident. However, before a WSN can be used in practice it must be ensured that the WSN can be operated securely. The WSN must be able to handle and withstand attacks. However, the threat to a WSN is generally not constant. The threat situation may differ from one application scenario to the next and threat levels change over time. Therefore, it is necessary to use adaptive security mechanisms that can be tailored to the currently experienced threat level. To allow for such adaptation it must also be possible to monitor and identify the current threat level. The goal of this research project is to develop a risk management strategy for WSNs comprising adaptive security mechanisms and threat monitoring methods.
Research Visits

Publications & Talks

You can reach my Google Scholar profile from here.

Journal Articles
  • A PUF taxonomy Thomas McGrath, Ibrahim Ethem Bagci, Zhiming M Wang, Utz Roedig, Robert J. Young Applied Physics Reviews, 2019.
    [Abstract]  [BibTexI
    Abstract
    Authentication is an essential cryptographic primitive that confirms the identity of parties during communications. For security, it is important that these identities are complex, in order to make them difficult to clone or guess. In recent years, physically unclonable functions (PUFs) have emerged, in which identities are embodied in structures, rather than stored in memory elements. PUFs provide “digital fingerprints,” where information is usually read from the static entropy of a system, rather than having an identity artificially programmed in, preventing a malicious party from making a copy for nefarious use later on. Many concepts for the physical source of the uniqueness of these PUFs have been developed for multiple different applications. While certain types of PUF have received a great deal of attention, other promising suggestions may be overlooked. To remedy this, we present a review that seeks to exhaustively catalogue and provide a complete organisational scheme towards the suggested concepts for PUFs. Furthermore, by carefully considering the physical mechanisms underpinning the operation of different PUFs, we are able to form relationships between PUF technologies that previously had not been linked and look toward novel forms of PUF using physical principles that have yet to be exploited.
  • Resonant-Tunnelling Diodes as PUF Building Blocks Ibrahim Ethem Bagci, Thomas McGrath, Christine Barthelmes, Scott Dean, Ramon Bernardo Gavito, Robert James Young, Utz Roedig IEEE Transactions on Emerging Topics in Computing (TETC), 2019.
    [Abstract]  [BibTexI
    Abstract
    Resonant-Tunnelling Diodes (RTDs) have been proposed as building blocks for Physical Unclonable Functions (PUFs). In this paper we show how the unique RTD current-voltage (I-V) spectrum can be translated into a robust digital representation. We analyse 130 devices and show that RTDs are a viable PUF building block.
  • SonarSnoop: Active Acoustic Side-Channel Attacks Peng Cheng, Ibrahim Ethem Bagci, Utz Roedig, Jeff Yan International Journal of Information Security, 2019.
    [Abstract]  [BibTexI
    Abstract
    We report the first active acoustic side-channel attack. Speakers are used to emit human inaudible acoustic signals and the echo is recorded via microphones, turning the acoustic system of a smart phone into a sonar system. The echo signal can be used to profile user interaction with the device. For example, a victim's finger movements can be inferred to steal Android phone unlock patterns. In our empirical study, the number of candidate unlock patterns that an attacker must try to authenticate herself to a Samsung S4 Android phone can be reduced by up to 70% using this novel acoustic side-channel. Our approach can be easily applied to other application scenarios and device types. Overall, our work highlights a new family of security threats.
  • Extracting Random Numbers from Quantum Tunnelling Through a Single Diode Ramon Bernardo-Gavito, Ibrahim Ethem Bagci, Jonathan Roberts, James Sexton, Benjamin Astbury, Hamzah Shokeir, Thomas McGrath, Yasir J Noori, Christopher S Woodhead, Mohamed Missous, Utz Roedig, Robert J Young Scientific Reports 7, 17879; doi: 10.1038/s41598-017-18161-9, 2017.
    [Abstract]  [BibTexI
    Abstract
    Random number generation is crucial in many aspects of everyday life, as online security and privacy depend ultimately on the quality of random numbers. Many current implementations are based on pseudo-random number generators, but information security requires true random numbers for sensitive applications like key generation in banking, defence or even social media. True random number generators are systems whose outputs cannot be determined, even if their internal structure and response history are known. Sources of quantum noise are thus ideal for this application due to their intrinsic uncertainty. In this work, we propose using resonant tunnelling diodes as practical true random number generators based on a quantum mechanical effect. The output of the proposed devices can be directly used as a random stream of bits or can be further distilled using randomness extraction algorithms, depending on the application.
  • Using Quantum Confinement to Uniquely Identify Devices Jonathan Roberts, Ibrahim Ethem Bagci, Mohamad Adzhar Md Zawawi, James Sexton, Nicholas Hulbert, Yasir J. Noori, Matthew P. Young, Chris S. Woodhead, Mohamed Missous, Max A. Migliorato, Utz Roedig, and Robert J. Young Scientific Reports 5, 16456, doi: 10.1038/srep16456, 2015.
    [Abstract]  [BibTexI
    Abstract
    Modern technology unintentionally provides resources that enable the trust of everyday interactions to be undermined. Some authentication schemes address this issue using devices that give a unique output in response to a challenge. These signatures are generated by hard-to-predict physical responses derived from structural characteristics, which lend themselves to two different architectures, known as unique objects (UNOs) and physically unclonable functions (PUFs). The classical design of UNOs and PUFs limits their size and, in some cases, their security. Here we show that quantum confinement lends itself to the provision of unique identities at the nanoscale, by using fluctuations in tunnelling measurements through quantum wells in resonant tunnelling diodes (RTDs). This provides an uncomplicated measurement of identity without conventional resource limitations whilst providing robust security. The confined energy levels are highly sensitive to the specific nanostructure within each RTD, resulting in a distinct tunnelling spectrum for every device, as they contain a unique and unpredictable structure that is presently impossible to clone. This new class of authentication device operates with minimal resources in simple electronic structures above room temperature.
  • Fusion: Coalesced Confidential Storage and Communication Framework for the IoT Ibrahim Ethem Bagci, Shahid Raza, Utz Roedig, and Thiemo Voigt Security and Communication Networks, doi: 10.1002/sec.1260, 2015.
    [Abstract]  [BibTexI
    Abstract
    Comprehensive security mechanisms are required for a successful implementation of the Internet of Things (IoT). Existing solutions focus mainly on securing the communication links between Internet hosts and IoT devices. However, as most IoT devices nowadays provide vast amounts of flash storage space, it is as well required to consider storage security within a comprehensive security framework. Instead of developing independent security solutions for storage and communication, we propose Fusion, a framework that provides coalesced confidential storage and communication. Fusion uses existing secure communication protocols for the IoT such as Internet protocol security (IPsec) and datagram transport layer security (DTLS) and re-uses the defined communication security mechanisms within the storage component. Thus, trusted mechanisms developed for communication security are extended into the storage space. Notably, this mechanism allows us to transmit requested data directly from the file system without decrypting read data blocks and then re-encrypting these for transmission. Thus, Fusion provides benefits in terms of processing speed and energy efficiency, which are important aspects for resource-constrained IoT devices. This paper describes the Fusion architecture and its instantiation for IPsec-based and DTLS-based systems. We describe Fusion's implementation and evaluate its storage overheads, communication performance, and energy consumption.
  • Neighbor sensor networks: Increasing lifetime and eliminating partitioning through cooperation Kemal Bicakci, Ibrahim Ethem Bagci, Bulent Tavli, and Zeydin Pala Computer Standards & Interfaces, Volume 35, Issue 4, Pages 396-402. June 2013.
    [Abstract]  [BibTexI
    Abstract
    In this paper we consider neighbor sensor networks which are defined as multiple wireless sensor networks under the administration of different authorities but located physically on the same area or close to each other. We construct a Linear Programming framework to characterize the cooperation of neighbor sensor networks in comparison to non-cooperating networks. We show that if neighbor sensor networks cooperate with each other for relaying data packets then this cooperation brings two advantages as compared to no cooperation case. First, lifetime of both networks is prolonged — the results of our analysis show that cooperation between neighbor sensor networks can significantly extend the overall network lifetime. Second, cooperation reduces the probability of disjoint partitions arising due to the limited transmission ranges of sensor nodes. When neighbor sensor networks cooperate, eliminating disjoint partitions is possible with sensors having shorter transmission ranges as demonstrated and quantified by our analysis.
  • Communication/computation tradeoffs for prolonging network lifetime in wireless sensor networks: The case of digital signatures Kemal Bicakci, Ibrahim Ethem Bagci, and Bulent Tavli Information Sciences, Volume 188, Pages 44-63. April 2012.
    [Abstract]  [BibTexI
    Abstract
    In the context of wireless sensor networks, computation/communication tradeoffs may appear in many aspects of the system design. In this paper, we present a linear programming framework to guide designers in effectively using these tradeoffs for prolonging network lifetime. To investigate the tradeoff in more concrete terms, as our representative problem we choose a security service; non-repudiation which can be supported with different types of digital signature algorithms. Since these algorithms have high computation and/or communication overheads, supporting non-repudiation of sensor data has been traditionally considered to be infeasible in wireless sensor networks. Using our framework, we compare three signature algorithms with respect to their effect on network lifetime in different topologies and operating conditions. We have shown that with proper algorithm selection the lifetime reduction due to the utilization of digital signatures can be as low as 10%; however, non-optimal algorithm selection can result in more than 90% lifetime reduction compared to a network not supporting non-repudiation.
  • Maximizing lifetime of event-unobservable wireless sensor networks Kemal Bicakci, Hakan Gultekin, Bulent Tavli, and Ibrahim Ethem Bagci Computer Standards & Interfaces, Volume 33, Issue 4, Pages 401-410. June 2011.
    [Abstract]  [BibTexI
    Abstract
    In wireless sensor networks (WSNs) contextual information such as the information regarding whether, when, and where the data is collected cannot be protected using only traditional measures (e.g., encryption). Contextual information can be protected against global eavesdroppers by periodic packet transmission combined with dummy traffic filtering at proxy nodes. In this paper, through a Linear Programming (LP) framework, we analyze lifetime limits of WSNs preserving event-unobservability with different proxy assignment methodologies. We show that to maximize the network lifetime data flow should pass through multiple proxies that are organized as a general directed graph rather than as a tree.
  • Lifetime Bounds of Wireless Sensor Networks Preserving Perfect Sink Unobservability Kemal Bicakci, Ibrahim Ethem Bagci, and Bulent Tavli Communications Letters, IEEE, Volume 15, No 2, Pages 205-207. February 2011.
    [Abstract]  [BibTexI
    Abstract
    In wireless sensor networks an attack to the base station (sink) can render the whole network useless. Hence, concealing the physical location of the sink may be necessary in certain circumstances. Previous studies addressing this challenging problem assume a weak adversary model. The problem has not been studied in the presence of an eavesdropper who has global knowledge for the entire network. Here, a naive solution is to employ fake sinks so that nodes send their data not only to the real sink but also to other locations. An alternative solution with less overhead could be provided when all nodes including base station equalize the values of their total incoming and outgoing flows as well as their energy expenditure. This way, no information about the sink location is revealed even when all communication within the network is monitored. In this paper, through a Linear Programming (LP) framework we analyze and compare lifetime limits of wireless sensor networks preserving sink location privacy with the aforementioned two approaches.
  • Data processing and communication strategies for lifetime optimization in wireless sensor networks Bulent Tavli, Mehmet Kayaalp, Onur Ceylan, and Ibrahim Ethem Bagci AEU - International Journal of Electronics and Communications, Volume 64, Issue 10, Pages 992-998. October 2010.
    [Abstract]  [BibTexI
    Abstract
    In this paper we introduced a novel Linear Programming framework to model sensor network lifetime when data reduction through compression is utilized. Comparative analysis of three data compression and forwarding strategies show that neither data compression nor flow balancing can achieve the maximal possible sensor network lifetime when optimized independently. The comparisons reveal that jointly optimizing data compression and load balancing results in up to an order of magnitude longer network lifetimes than non-optimized data compression and load balancing.
  • Optimal data compression and forwarding in wireless sensor networks Bulent Tavli, Ibrahim Ethem Bagci, and Onur Ceylan Communications Letters, IEEE, Volume 14, No 5, Pages 408-410. May 2010.
    [Abstract]  [BibTexI
    Abstract
    In this letter, we present a Linear Programming framework for modeling dynamic data compression and decompression in conjunction with flow balancing in wireless sensor networks. Using the developed framework, we investigated the sensor network lifetimes for different network sizes with various data compression and flow balancing strategies. Our results show that neither compressing all data nor avoiding data compression completely can achieve the longest possible network lifetime. Dynamic data transformation is shown to achieve significantly longer network lifetimes than the lifetimes obtained with the two pure strategies above.
Conferences and Workshops
  • Optically Interrogated Unique Object with Simulation Attack Prevention Povilas Marcinkevicius, Ibrahim Ethem Bagci, Nema M. Abdelazim, Christopher S. Woodhead, Robert J. Young, Utz Roedig In Proceedings of Design, Automation & Test in Europe Conference & Exhibition (DATE), 2019.
    [Abstract]  [BibTexI
    Abstract
    A Unique Object (UNO) is a physical object with unique characteristics that can be measured externally. The usually analogue measurement can be converted into a digital representation - a fingerprint - which uniquely identifies the object. For practical applications it is necessary that measurements can be performed without the need of specialist equipment or complex measurement setup. Furthermore, a UNO should be able to defeat simulation attacks; an attacker may replace the UNO with a device or system that produces the expected measurement. Recently a novel type of UNOs based on Quantum Dots (QDs) and exhibiting unique photo-luminescence properties has been proposed. The uniqueness of these UNOs is based on quantum effects that can be interrogated using a light source and a camera. The so called Quantum Confinement UNO (QCUNO) responds uniquely to different light excitation levels which is exploited for simulation attack protection, as opposed to focusing on features too small to reproduce and therefore difficult to measure. In this paper we describe methods for extraction of fingerprints from the QCUNO. We evaluate our proposed methods using 46 UNOs in a controlled setup. Focus of the evaluation are entropy, error resilience and the ability to detect simulation attacks.
  • Smart Speaker Privacy Control - Acoustic Tagging for Personal Voice Assistants Peng Cheng, Ibrahim Ethem Bagci, Jeff Yan and Utz Roedig IEEE Workshop on the Internet of Safe Things (SafeThings) 2019, in conjunction with IEEE S&P'19.
    [Abstract]  [BibTexI
    Abstract
    Personal Voice Assistants (PVAs) such as the Siri, Amazon Echo and Google Home are now commonplace. PVAs continuously monitor conversations which may be transported to a cloud back end where they are stored, processed and maybe even passed on to other service providers. A user has little control over this process. She is unable to control the recording behaviour of surrounding PVAs, unable to signal her privacy requirements to back-end systems and unable to track conversation recordings. In this paper we explore techniques for embedding additional information into acoustic signals processed by PVAs. A user employs a tagging device which emits an acoustic signal when PVA activity is assumed. Any active PVA will embed this tag into their recorded audio stream. The tag may signal a cooperating PVA or back-end system that a user has not given a recording consent. The tag may also be used to trace when and where a recording was taken. We discuss different tagging techniques and application scenarios, and we describe the implementation of a prototype tagging device based on PocketSphinx. Using the popular PVA Google Home Mini we demonstrate that the device can tag conversations and that the tagging signal can be retrieved from conversations stored in the Google back-end system.
  • Towards Reactive Acoustic Jamming for Personal Voice Assistants Peng Cheng, Ibrahim Ethem Bagci, Jeff Yan and Utz Roedig In the 2nd International Workshop on Multimedia Privacy and Security (MPS'18), in conjunction with CCS'18.
    [Abstract]  [BibTexI
    Abstract
    Personal Voice Assistants (PVAs) such as the Amazon Echo are commonplace and it is now likely to always be in range of at least one PVA. Although the devices are very helpful they are also continuously monitoring conversations. When a PVA detects a wake word, the immediately following conversation is recorded and transported to a cloud system for further analysis. In this paper we investigate an active protection mechanism against PVAs: reactive jamming. A Protection Jamming Device (PJD) is employed to observe conversations. Upon detection of a PVA wake word the PJD emits an acoustic jamming signal. The PJD must detect the wake word faster than the PVA such that the jamming signal still prevents wake word detection by the PVA. The paper presents an evaluation of the effectiveness of different jamming signals. We quantify the impact of jamming signal and wake word overlap on jamming success. Furthermore, we quantify the jamming false positive rate in dependence of the overlap. Our evaluation shows that a 100% jamming success can be achieved with an overlap of at least 60% with a negligible false positive rate. Thus, reactive jamming of PVAs is feasible without creating a system perceived as a noise nuisance.
  • Using Channel State Information for Tamper Detection in the Internet of Things Ibrahim Ethem Bagci, Utz Roedig, Ivan Martinovic, Matthias Schulz, and Matthias Hollick In Proceedings of the 31st Annual Computer Security Applications Conference (ACSAC 2015).
    [Abstract]  [BibTexI
    Abstract
    The Internet of Things (IoT) is increasingly used for critical applications and securing the IoT has become a major concern. Among other issues it is important to ensure that tampering with IoT devices is detected. Many IoT devices use WiFi for communication and Channel State Information (CSI) based tamper detection is a valid option. Each 802.11n WiFi frame contains a preamble which allows a receiver to estimate the impact of the wireless channel, the transmitter and the receiver on the signal. The estimation result - the CSI - is used by a receiver to extract the transmitted information. However, as the CSI depends on the communication environment and the transmitter hardware, it can be used as well for security purposes. If an attacker tampers with a transmitter it will have an effect on the CSI measured at a receiver. Unfortunately not only tamper events lead to CSI fluctuations; movement of people in the communication environment has an impact too. We propose to analyse CSI values of a transmission simultaneously at multiple receivers to improve distinction of tamper and movement events. A moving person is expected to have an impact on some but not all communication links between transmitter and the receivers. A tamper event impacts on all links between transmitter and the receivers. The paper describes the necessary algorithms for the proposed tamper detection method. In particular we analyse the tamper detection capability in practical deployments with varying intensity of people movement. In our experiments the proposed system deployed in a busy office environment was capable to detect 53% of tamper events (TPR = 53%) while creating zero false alarms (FPR = 0%).
  • Short Paper: Gathering Tamper Evidence in Wi-Fi Networks Based on Channel State Information Ibrahim Ethem Bagci, Utz Roedig, Matthias Schulz, and Matthias Hollick In Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 2014).
    [Abstract]  [BibTexI
    Abstract
    Wireless devices are often used in application scenarios with strict security requirements. Examples are physical intrusion detection systems commonly used to protect factories, airports or government buildings. In such scenarios, additional security features such as tamper detection are highly desirable to complement traditional cryptographic mechanisms. In this paper we use channel state information (CSI), extracted from off-the-shelf 802.11n Wi-Fi cards, to calculate a tamper-evidence value for transmitters. This value enables detection of tampering due to device movement or replacement. We describe algorithms for tamper-evidence value computation, discuss the interpretation of this value and evaluate its effectiveness.
  • Node Identification Using Clock Skew Ibrahim Ethem Bagci and Utz Roedig In Proceedings of the 5th Workshop on Real-World Wireless Sensor Networks (RealWSN 2013).
    [Abstract]  [BibTexI
    Abstract
    Clocks on wireless sensor nodes experience a natural drift. This clock skew is unique for each node as it depends on the clocks manufacturing characteristics. Clock skew can be used as unique node identifier which is, among other applications, useful for node authentication. We describe how clock skew of a node's clock can be measured directly on a node by utilising the available high precision radio transceiver clock. We detail an implementation of this proposed local clock skew tracking method for the Zolertia Z1 platform. We determine the required sampling effort to accurately determine clock skew. We also discuss how clock skew measurements can be aligned with existing transceiver operations in order to avoid an increase in energy consumption.
  • Combined Secure Storage and Communication for the Internet of Things Ibrahim Ethem Bagci, Shahid Raza, Tony Chung, Utz Roedig, and Thiemo Voigt In Proceedings of the 10th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks (IEEE SECON'13). IEEE . June 2013
    [Abstract]  [BibTexI
    Abstract
    The future Internet of Things (IoT) may be based on the existing and established Internet Protocol (IP). Many IoT application scenarios will handle sensitive data. However, as security requirements for storage and communication are addressed separately, work such as key management or cryptographic processing is duplicated. In this paper we present a framework that allows us to combine secure storage and secure communication in the IP-based IoT. We show how data can be stored securely such that it can be delivered securely upon request without further cryptographic processing. Our prototype implementation shows that combined secure storage and communication can reduce the security-related processing on nodes by up to 71% and energy consumption by up to 32.1%.
  • Defend Your Home! Jamming Unsolicited Messages in the Smart Home James Brown, Ibrahim Ethem Bagci, Alex King and Utz Roedig In Proceedings of the 2nd ACM Workshop on Hot Topics on Wireless Network Security and Privacy (HotWiSec'13).
    [Abstract]  [BibTexI
    Abstract
    A plethora of communication protocols for home automation are currently in use. These protocols generally lack essential security features such as message authentication. Thus, smart homes are not protected against accidental or malicious message injection. In this paper we describe how jamming can be used to prevent processing of unsolicited messages in smart homes. We describe how jamming based protection can be added to a home automation system without impairing legitimate transmissions in neighbouring houses. Furthermore, we present the initial evaluation of a jamming device and its capability to secure networks of a variety of protocol types. Our evaluation shows that even a single jamming device can significantly improve the security of a smart home.
  • Codo: Confidential Data Storage for Wireless Sensor Networks Ibrahim Ethem Bagci, Mohammad Reza Pourmirza, Shahid Raza, Utz Roedig, and Thiemo Voigt In the 8th IEEE International Workshop on Wireless and Sensor Networks Security (WSNS'12), in conjunction with 9th IEEE MASS'12. October 2012.
    [Abstract]  [BibTexI
    Abstract
    Many Wireless Sensor Networks (WSNs) are used to collect and process confidential information. Confidentiality must be ensured at all times and, for example, solutions for confidential communication, processing or storage are required. To date, the research community has addressed mainly the issue of confidential communication. Efficient solutions for cryptographically secured communication and associated key exchange in WSNs exist. Many WSN applications, however, rely heavily on available on-node storage space and therefore it is essential to ensure the confidentiality of stored data as well. In this paper we present Codo, a confidential data storage solution which balances platform, performance and security requirements. We implement Codo for the Contiki WSN operating system and evaluate its performance.
arXiv
  • Strong PUFs from arrays of resonant tunnelling diodes Ben Astbury, Ibrahim Ethem Bagci, Thomas McGrath, James Sexton, Mohamed Missous, Utz Roedig, Ramon Bernardo Gavito, Robert J. Young arXiv:1805.03246, 2018.
    [Abstract]  [BibTexI
    Abstract
    In this work, we design and implement a strong physical uncloneable function from an array of individual resonant tunnelling diodes that were previously described to have a unique response when challenged. The system demonstrates the exponential scalability of its responses when compared to the number of devices present in the system, with an expected large set of responses while retaining a 1:1 relationship with challenges. Using a relatively small set of 16 devices, 256 responses are shown to have promising levels of distinctness and repeatability through multiple measurements.
Posters and Demos
  • Poster: Quantum Confinement as Security Elements Thomas McGrath, Ramon Bernardo Gavito, Ibrahim Ethem Bagci, Chen Wang, Ben Astbury, Robert J. Young and Utz Roedig CHES'18.
    [Abstract]  [BibTexI
    Abstract
  • Demo: Home Jamming James Brown, Ibrahim Ethem Bagci, Alex King and Utz Roedig In Proceedings of 10th European Conference on Wireless Sensor Networks (EWSN'13).
    [Abstract]  [BibTexI
    Abstract
    Wireless sensors and actuators are increasingly used to automate residential properties. Such home automation (HA) systems are generally built around simple devices and network protocols in order to keep system complexity and prices low. Nearly all used protocols do not provide any security mechanisms and it is possible to inject messages accidentally or on purpose. As it is not feasible to upgrade already deployed devices or to simply re-design the used protocols it is desirable to find a protection mechanism that can be used to augment existing systems. We propose to use jamming in order to prevent unsolicited messages from reaching devices in home automation systems. We demonstrate a jamming device that can be used to augment HA systems to add an additional layer of protection. The device can be integrated into existing home automation systems.
Publication Reviews

IEEE Internet of Things Journal (2018, 2017), ACM Transactions on Sensor Networks (2017), EURASIP Journal on Information Security (2014), Computer Standards & Interfaces (2014, 2013), IEEE Communications Letters (2011).

Talks
  • "Using Channel State Information for Tamper Detection in the Internet of Things" - ACSAC 2015, December 2015, Los Angeles, USA.
  • "Gathering Tamper Evidence in Wi-Fi Networks Based on Channel State Information" - ACM WiSec 2014, July 2014, Oxford, UK.
  • "Defend Your Home! Jamming Unsolicited Messages in the Smart Home" - Cyber Security Conference 2013 (CSC 2013), December 2013, Lancaster, UK.
  • "Node Identification Using Clock Skew" - The 2nd Academic Centres of Excellence in Cyber Security Research Conference [I represented Security Lancaster in the elevator pitch.], December 2013, Solihull, UK.
  • "Node Identification Using Clock Skew" - REALWSN 2013, September 2013, Como Lake, Italy.
  • "Combined Secure Storage and Communication for the Internet of Things" - IEEE SECON 2013, June 2013, New Orleans, USA.
  • "Defend Your Home! Jamming Unsolicited Messages in the Smart Home" - ACM HotWiSec 2013 [in conjunction with ACM WiSec 2013], April 2013, Budapest, Hungary.
  • "Codo: Confidential Data Storage for Wireless Sensor Networks" - IEEE WSNS 2012 [in conjunction with IEEE MASS 2012], October 2012, Las Vegas, USA.

CV

You can download PDF version of my CV from here.

Education
Work Experience
Scholarships
  • Industrial PhD Studentship by HMGCC (2011 - 2016).
  • TOBB University of Economics and Technology, Graduate Student Scholarship (2008 - 2011).
  • TOBB University of Economics and Technology, Undergraduate Student Scholarship (2004 - 2008).

A dummy text to fix the style. A dummy text to fix the style. A dummy text to fix the style. A dummy text to fix the style. A dummy text to fix the style. A dummy text to fix the style. A dummy text to fix the style. A dummy text to fix the style.