Your search keyword '"Cengiz Acarturk"' showing total 17 results

1. Static Malware Detection Using Stacked BiLSTM and GPT-2

Author

Deniz Demirci, Nazenin Sahin, Melih Sirlancis, and Cengiz Acarturk

Subjects

Malware detection, static analysis, stacked BiLSTM, GPT-2, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

In recent years, cyber threats and malicious software attacks have been escalated on various platforms. Therefore, it has become essential to develop automated machine learning methods for defending against malware. In the present study, we propose stacked bidirectional long short-term memory (Stacked BiLSTM) and generative pre-trained transformer based (GPT-2) deep learning language models for detecting malicious code. We developed language models using assembly instructions extracted from .text sections of malicious and benign Portable Executable (PE) files. We treated each instruction as a sentence and each .text section as a document. We also labeled each sentence and document as benign or malicious, according to the file source. We created three datasets from those sentences and documents. The first dataset, composed of documents, was fed into a Document Level Analysis Model (DLAM) based on Stacked BiLSTM. The second dataset, composed of sentences, was used in Sentence Level Analysis Models (SLAMs) based on Stacked BiLSTM and DistilBERT, Domain Specific Language Model GPT-2 (DSLM-GPT2), and General Language Model GPT-2 (GLM-GPT2). Lastly, we merged all assembly instructions without labels for creating the third dataset; then we fed a custom pre-trained model with it. We then compared malware detection performances. The results showed that the pre-trained model improved the DSLM-GPT2 and GLM-GPT2 detection performance. The experiments showed that the DLAM, the SLAM based on DistilBERT, the DSLM-GPT2, and the GLM-GPT2 achieved 98.3%, 70.4%, 86.0%, and 76.2% F1 scores, respectively.

Published

2022

2. Malicious Code Detection: Run Trace Output Analysis by LSTM

Author

Cengiz Acarturk, Melih Sirlanci, Pinar Gurkan Balikcioglu, Deniz Demirci, Nazenin Sahin, and Ozge Acar Kucuk

Subjects

Dynamic analysis, LSTM, malware detection, natural language processing, run trace, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Malicious software threats and their detection have been gaining importance as a subdomain of information security due to the expansion of ICT applications in daily settings. A major challenge in designing and developing anti-malware systems is the coverage of the detection, particularly the development of dynamic analysis methods that can detect polymorphic and metamorphic malware efficiently. In the present study, we propose a methodological framework for detecting malicious code by analyzing run trace outputs by Long Short-Term Memory (LSTM). We developed models of run traces of malicious and benign Portable Executable (PE) files. We created our dataset from run trace outputs obtained from dynamic analysis of PE files. The obtained dataset was in the instruction format as a sequence and was called Instruction as a Sequence Model (ISM). By splitting the first dataset into basic blocks, we obtained the second one called Basic Block as a Sequence Model (BSM). The experiments showed that the ISM achieved an accuracy of 87.51% and a false positive rate of 18.34%, while BSM achieved an accuracy of 99.26% and a false positive rate of 2.62%.

Published

2021

3. Anomaly-Based Intrusion Detection by Machine Learning: A Case Study on Probing Attacks to an Institutional Network

Author

Emrah Tufan, Cihangir Tezcan, and Cengiz Acarturk

Subjects

Anomaly-based, misuse-based, intrusion detection systems, probing attacks, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Cyber attacks constitute a significant threat to organizations with implications ranging from economic, reputational, and legal consequences. As cybercriminals’ techniques get sophisticated, information security professionals face a more significant challenge to protecting information systems. In today’s interconnected realm of computer systems, each attack vector has a network dimension. The present study investigates network intrusion attempts with anomaly-based machine learning models to provide better protection than the conventional misuse-based models. Two models, namely an ensemble learning model and a convolutional neural network model, were built and implemented on a data set gathered from a real-life, institutional production environment. To demonstrate the models’ reliability and validity, they were applied to the UNSW-NB15 benchmarking data set. The type of attack was limited to probing attacks to keep the scope of the study manageable. The findings revealed high accuracy rates, the CNN model being slightly more accurate.

Published

2021

4. Gaze aversion in conversational settings: An investigation based on mock job interview

Author

Cengiz Acarturk, Bipin Indurkya, Piotr Nawrocki, Bartlomiej Sniezynski, Mateusz Jarosz, and Kerem Alp Usal

Subjects

Gaze in conversation, gaze aversion, face contact, Human Human Interaction, Human anatomy, QM1-695

Abstract

We report the results of an empirical study on gaze aversion during dyadic human-to-human conversation in an interview setting. To address various methodological challenges in as- sessing gaze-to-face contact, we followed an approach where the experiment was conducted twice, each time with a different set of interviewees. In one of them the interviewer’s gaze was tracked with an eye tracker, and in the other the interviewee’s gaze was tracked. The gaze sequences obtained in both experiments were analyzed and modeled as Discrete-Time Markov Chains. The results show that the interviewer made more frequent and longer gaze contacts compared to the interviewee. Also, the interviewer made mostly diagonal gaze aversions, whereas the interviewee made sideways aversions (left or right). We discuss the relevance of this research for Human-Robot Interaction, and discuss some future research problems.

Published

2021

5. MAGiC: A multimodal framework for analysing gaze in dyadic communication

Author

Ülkü Arslan Aydin, Sinan Kalkan, and Cengiz Acarturk

Subjects

Gaze analysis, speech analysis, automatic face detection, automatic speech segmentation, Human anatomy, QM1-695

Abstract

The analysis of dynamic scenes has been a challenging domain in eye tracking research. This study presents a framework, named MAGiC, for analyzing gaze contact and gaze aversion in face-to-face communication. MAGiC provides an environment that is able to detect and track the conversation partner’s face automatically, overlay gaze data on top of the face video, and incorporate speech by means of speech-act annotation. Specifically, MAGiC integrates eye tracking data for gaze, audio data for speech segmentation, and video data for face tracking. MAGiC is an open source framework and its usage is demonstrated via publicly available video content and wiki pages. We explored the capabilities of MAGiC through a pilot study and showed that it facilitates the analysis of dynamic gaze data by reducing the annotation effort and the time spent for manual analysis of video data.

Published

2018

6. Multimodal Comprehension of Language and Graphics: Graphs with and without annotations

Author

Cengiz Acarturk, Christopher Habel, Kursat Cagiltay, and Ozge Alacam

Subjects

eye movements, multimodal comprehension, graph comprehension, text-graphics documents, annotations, Human anatomy, QM1-695

Abstract

An experimental investigation into interaction between language and information graphics in multimodal documents served as the basis for this study. More specifically, our purpose was to investigate the role of linguistic annotations in graph-text documents. Participants were presented with three newspaper articles in the following conditions: one text-only, one text plus non-annotated graph, and one text plus annotated graph. Results of the experiment showed that, on one hand, annotations play a bridging role for integration of information contributed by different representational modalities. On the other hand, linguistic annotations have negative effects on recall, possibly due to attention divided by the different parts of a document.

Published

2008

7. Using manufacturer usage descriptions for IoT network security: An experimental investigation of smart home network devices

Author

null Cengiz Acarturk, null Pelin Angin, and null Milad Kazemi Darazam

Abstract

The Internet of Things (IoT) has shown significant growth in the past decades. Recently, IoT networks have been subject to cybersecurity threats on multiple fronts. A lack of improvement in IoT infrastructures' cybersecurity may result in challenges with a broad impact, such as DDoS attacks that target global DNS services. This paper reviews existing solutions to mitigate attacks on and from IoT networks. As a specific mitigation approach, we propose the use of a standardized whitelisting method, namely Manufacturer Usage Description (MUD), which provides enhanced explainability over machine learning-based approaches and is complementary to them. For evaluating the use of MUD in IoT networks, we report a case study, which we conducted through traffic analysis of two IoT devices by detecting recognizable and distinctive traffic patterns, which demonstrate the feasibility of MUD-based intrusion prevention.

Published

2022

8. Studying Mind Perception in Social Robotics Implicitly

Author

Tugçe Nur Pekçetin, Badel Barinal, Jana Tunç, Cengiz Acarturk, and Burcu A. Urgen

Published

2023

9. Malicious code detection in android : the role of sequence characteristics and disassembling methods

Author

Pinar G. Balikcioglu, Melih Sirlanci, Ozge A. Kucuk, Bulut Ulukapi, Ramazan K. Turkmen, and Cengiz Acarturk

Subjects

malware detection, Computer Networks and Communications, Safety, Risk, Reliability and Quality, LSTM, Software, Information Systems, Natural Language Processing

Abstract

The acceptance and widespread use of the Android operating system drew the attention of both legitimate developers and malware authors, which resulted in a significant number of benign and malicious applications available on various online markets. Since the signature-based methods fall short for detecting malicious software effectively considering the vast number of applications, machine learning techniques in this field have also become widespread. In this context, stating the acquired accuracy values in the contingency tables in malware detection studies has become a popular and efficient method and enabled researchers to evaluate their methodologies comparatively. In this study, we wanted to investigate and emphasize the factors that may affect the accuracy values of the models managed by researchers, particularly the disassembly method and the input data characteristics. Firstly, we developed a model that tackles the malware detection problem from a Natural Language Processing (NLP) perspective using Long Short-Term Memory (LSTM). Then, we experimented with different base units (instruction, basic block, method, and class) and representations of source code obtained from three commonly used disassembling tools (JEB, IDA, and Apktool) and examined the results. Our findings exhibit that the disassembly method and different input representations affect the model results. More specifically, the datasets collected by the Apktool achieved better results compared to the other two disassemblers.

Published

2023

10. An Eye Tracking Analysis of Conversational Violations in Dyadic and Collaborative Interaction

Author

Cengiz Acarturk and Bengisu Cagiltay

Published

2022

11. Performance in the workplace : a critical evaluation of cognitive enhancement

Author

Cengiz Acarturk and Baris Mucen

Subjects

Philosophy, History and Philosophy of Science, Sociology and Political Science, Management of Technology and Innovation, cognitive sciences, artificial intelligence, cognitive enhancement, Social Sciences (miscellaneous), performance, mind as a machine

Abstract

The popular debates about the future organization of work through artificial intelligence technologies focus on the replacement of human beings by novel technologies. In this essay, we oppose this statement by closely following what has been developed as AI technologies and analyzing how they work, specifically focusing on research that may impact work organizations. We develop this argument by showing that the recent research and developments in AI technologies focus on developing accurate and precise performance models, which in turn shapes organizational patterns of work. We propose that the increased interest in the relationship between human cognition and performance will shortly bring human cognition to the focus on AI systems in workplaces. More specifically, we claim that the cognitive load measurement will shape human performance in manufacturing systems shortly.

Published

2022

12. Cyber Warfare Integration to Conventional Combat Modeling: A Bayesian Framework

Author

Zafer Sengul and Cengiz Acarturk

Published

2021

13. Team ReadMe at CMCL 2021 Shared Task: Predicting Human Reading Patterns by Traditional Oculomotor Control Models and Machine Learning

Author

Çağrı Çöltekin, Cengiz Acarturk, Alisan Balkoca, and Abdullah Algan

Subjects

Focus (computing), Computer science, business.industry, media_common.quotation_subject, Machine learning, computer.software_genre, Task (project management), Oculomotor control, Reading (process), README, Linear regression, Eye tracking, Artificial intelligence, business, computer, Network model, media_common

Abstract

This system description paper describes our participation in CMCL 2021 shared task on predicting human reading patterns. Our focus in this study is making use of well-known,traditional oculomotor control models and machine learning systems. We present experiments with a traditional oculomotor control model (the EZ Reader) and two machine learning models (a linear regression model and a re-current network model), as well as combining the two different models. In all experiments we test effects of features well-known in the literature for predicting reading patterns, such as frequency, word length and predictability.Our experiments support the earlier findings that such features are useful when combined.Furthermore, we show that although machine learning models perform better in comparison to traditional models, combination of both gives a consistent improvement for predicting multiple eye tracking variables during reading.

Published

2021

14. Continuous improvement on maturity and capability of Security Operation Centres

Author

Cengiz Acartürk, Murat Ulubay, and Efe Erdur

Subjects

continuous improvement, organisational aspects, security of data, six sigma (quality), Computer engineering. Computer hardware, TK7885-7895, Electronic computers. Computer science, QA75.5-76.95

Abstract

Abstract This study addresses maturity and capability assessment of Security Operation Centres (SOC). It aims to contribute to continuous improvement for SOCs by proposing a complementary methodology that provides SOCs a self‐assessment capability. The method basically involves an assessment of the gaps between the current and the desired states of the organization and facilitates determining critical aspects that have priority. The proposed methodology is based on the define, measure, analyze, improve, and control methodology of the Six Sigma approach and offers a service‐oriented improvement process for SOCs. The applicability of the methodology is demonstrated by a case study. We evaluated subject matter experts’ reviews using simplified conversation analysis as a qualitative, content‐analysis approach.

Published

2021

15. IDEST: International Database of Emotional Short Texts.

Author

Johanna K Kaakinen, Egon Werlen, Yvonne Kammerer, Cengiz Acartürk, Xavier Aparicio, Thierry Baccino, Ugo Ballenghein, Per Bergamin, Núria Castells, Armanda Costa, Isabel Falé, Olga Mégalakaki, and Susana Ruiz Fernández

Subjects

Medicine, Science

Abstract

We introduce a database (IDEST) of 250 short stories rated for valence, arousal, and comprehensibility in two languages. The texts, with a narrative structure telling a story in the first person and controlled for length, were originally written in six different languages (Finnish, French, German, Portuguese, Spanish, and Turkish), and rated for arousal, valence, and comprehensibility in the original language. The stories were translated into English, and the same ratings for the English translations were collected via an internet survey tool (N = 573). In addition to the rating data, we also report readability indexes for the original and English texts. The texts have been categorized into different story types based on their emotional arc. The texts score high on comprehensibility and represent a wide range of emotional valence and arousal levels. The comparative analysis of the ratings of the original texts and English translations showed that valence ratings were very similar across languages, whereas correlations between the two pairs of language versions for arousal and comprehensibility were modest. Comprehensibility ratings correlated with only some of the readability indexes. The database is published in osf.io/9tga3, and it is freely available for academic research.

Published

2022

16. Speech Driven Gaze in a Face-to-Face Interaction

Author

Ülkü Arslan Aydin, Sinan Kalkan, and Cengiz Acartürk

Subjects

face-to-face interaction, gaze analysis, deep learning, speech annotation, multimodal communication, Neurosciences. Biological psychiatry. Neuropsychiatry, RC321-571

Abstract

Gaze and language are major pillars in multimodal communication. Gaze is a non-verbal mechanism that conveys crucial social signals in face-to-face conversation. However, compared to language, gaze has been less studied as a communication modality. The purpose of the present study is 2-fold: (i) to investigate gaze direction (i.e., aversion and face gaze) and its relation to speech in a face-to-face interaction; and (ii) to propose a computational model for multimodal communication, which predicts gaze direction using high-level speech features. Twenty-eight pairs of participants participated in data collection. The experimental setting was a mock job interview. The eye movements were recorded for both participants. The speech data were annotated by ISO 24617-2 Standard for Dialogue Act Annotation, as well as manual tags based on previous social gaze studies. A comparative analysis was conducted by Convolutional Neural Network (CNN) models that employed specific architectures, namely, VGGNet and ResNet. The results showed that the frequency and the duration of gaze differ significantly depending on the role of participant. Moreover, the ResNet models achieve higher than 70% accuracy in predicting gaze direction.

Published

2021

17. Towards a Multimodal Model of Cognitive Workload Through Synchronous Optical Brain Imaging and Eye Tracking Measures

Author

Erdinç İşbilir, Murat Perit Çakır, Cengiz Acartürk, and Ali Şimşek Tekerek

Subjects

neuroergonomics, fNIRS, eye tracking, human machine interface, cognitive workload, Neurosciences. Biological psychiatry. Neuropsychiatry, RC321-571

Abstract

Recent advances in neuroimaging technologies have rendered multimodal analysis of operators’ cognitive processes in complex task settings and environments increasingly more practical. In this exploratory study, we utilized optical brain imaging and mobile eye tracking technologies to investigate the behavioral and neurophysiological differences among expert and novice operators while they operated a human-machine interface in normal and adverse conditions. In congruence with related work, we observed that experts tended to have lower prefrontal oxygenation and exhibit gaze patterns that are better aligned with the optimal task sequence with shorter fixation durations as compared to novices. These trends reached statistical significance only in the adverse condition where the operators were prompted with an unexpected error message. Comparisons between hemodynamic and gaze measures before and after the error message indicated that experts’ neurophysiological response to the error involved a systematic increase in bilateral dorsolateral prefrontal cortex (dlPFC) activity accompanied with an increase in fixation durations, which suggests a shift in their attentional state, possibly from routine process execution to problem detection and resolution. The novices’ response was not as strong as that of experts, including a slight increase only in the left dlPFC with a decreasing trend in fixation durations, which is indicative of visual search behavior for possible cues to make sense of the unanticipated situation. A linear discriminant analysis model capitalizing on the covariance structure among hemodynamic and eye movement measures could distinguish experts from novices with 91% accuracy. Despite the small sample size, the performance of the linear discriminant analysis combining eye fixation and dorsolateral oxygenation measures before and after an unexpected event suggests that multimodal approaches may be fruitful for distinguishing novice and expert performance in similar neuroergonomic applications in the field.

Published

2019