I am a first-year Ph.D. student at ETH in the Networked Systems Group led by Laurent Vanbever. My focus is on cyber security and privacy in the context of computer networks. More specifically, I work on novel attack and defence mechanisms that can be enabled or leveraged by network programmability.
I received my Bachelor’s Degree in Electrical and Electronics Engineering (2017) and also in Industrial Engineering (2017) both from Koç University; in my hometown Istanbul, Turkey.
I received my Master’s Degree in Electrical Engineering and Information Technology (2020) from ETH Zurich, where I spent most of my time at the NSG.
Before coming to Zurich, I spent a semester as an exchange student at Northwestern University, in Illinois, USA.
ACM IMC 2022. Nice, France (October 2022).
What are the worst outages for Internet users? How long do they last, and how wide are they? Such questions are hard to answer via traditional outage detection and analysis techniques, as they conventionally rely on network-level signals and do not necessarily represent users' perceptions of connectivity.
We present SIFT, a detection and analysis tool for capturing user-affecting Internet outages. SIFT leverages users' aggregated web search activity to detect outages. Specifically, SIFT starts by building a timeline of users' interests in outage-related search queries. It then analyzes this timeline looking for spikes of user interest. Finally, SIFT characterizes these spikes in duration, geographical extent, and simultaneously trending search terms which may help understand root causes, such as power outages or associated ISPs.
We use SIFT to collect more than 49000 Internet outages in the United States over the last two years. Among others, SIFT reveals that user-affecting outages: (i) do not happen uniformly: half of them originate from 10 states only; (ii) can affect users for a long time: 10% of them last at least 3 hours; and (iii) can have a broad impact: 11% of them simultaneously affect at least 10 distinct states. SIFT annotations also reveal a perhaps overlooked fact: outages are often caused by climate and/or power-related issues.
ACM SOSR 2022. Online (October 2022).
Over the last decade, programmable data planes have enabled highly customizable and efficient packet processing in commercial off-the-shelf hardware. Although researchers have demonstrated various use cases of this technology, its potential misuse has gained much less traction. This work investigates a typical surveillance scenario, VoIP call identification and monitoring, through a tailored data-plane attack.
We introduce DELTA, a network-level side-channel at- tack that can efficiently identify VoIP calls and their hosting services. DELTA achieves this by tracking the inherent network footprint of VoIP services in the data plane. Specifically, DELTA stores the user addresses recently connected to VoIP services and links potential call flows with these addresses.
We implement DELTA on existing hardware and conduct high-throughput tests based on representative traffic. DELTA can simultaneously store around 100 000 VoIP connections per service and identify call streams in-path, at line-rate, inside terabits of Internet traffic per second, immediately revealing users’ communication patterns.