I am a research assistant in the Department of Electrical Engineering and Computer Science at the Pennsylvania State University working with Prof. Patrick McDaniel and lead graduate student of the Systems and Internet Infrastructure Security Lab (SIIS). During my Msc. studies, I worked with Prof. George Kesidis and Prof. David J. Miller. My research was on machine learning (ML) systems and network security. Previously I worked at VMware evaluating the security of VMware software source code, Vencore Labs building ML systems under privileged information, and Istanbul Technical University doing research on feature engineering for malware detection.
My research investigates the design and evaluation of security for software and systems, specifically on emerging computing platforms and the complex environments in which they operate. Through systems design and program analysis, my research seeks to improve security and privacy guarantees in commodity computer systems. My research approach is best illustrated by my extensive work in safety, security and privacy of IoT systems.
To students at Purdue: There are research opportunities for undergraduate and graduate students interested in security of Internet of Things and Cyber-Physical Systems and security and privacy of Machine Learning Systems. Please email me for details.
This graduate-level course will provide students with materials to discuss the intersection of two ubiquitous concepts: Security and Machine Learning. The course is structured in two parts: (1) Machine Learning for Security and (2) Security of Machine Learning Systems. The focus of the first part will be on building a principled understanding of key learning algorithms and techniques, and their applications within the security domain, as well as general questions related to analyzing and handling datasets. The first part will provide students with the necessary background to understand the second half of the course. The second part covers recently discovered security implications of deploying machine learning algorithms in the physical realm. Students will learn about attacks against computer systems leveraging machine learning algorithms, as well as defense techniques to mitigate such attacks during learning and inference.
The course aims to motivate the exploration of new problems that advance the state-of-the-art; thus, the course will include reviewing recent papers from top-tier conferences. Students successfully completing this class will be able to evaluate machine learning systems in academic and commercial security, and will have rudimentary skills in security and machine learning research.
Program Analysis of Commodity IoT Applications for Security and Privacy: Opportunities and Challenges
Z. Berkay Celik, Earlence Fernandes, Eric Pauley, Gang Tan, and Patrick McDaniel
In ACM Computing Surveys (CSUR), 2019
IoTGuard: Dynamic Enforcement of Security and Safety Policy in Commodity IoT
Z. Berkay Celik, Gang Tan, and Patrick McDaniel
Proceedings of the Network and Distributed System Security Symposium (NDSS), 2019
Acceptance Rate: 17%
Soteria: Automated IoT Safety and Security Analysis
Z. Berkay Celik, Patrick McDaniel, and Gang Tan
Proceedings of the USENIX Annual Technical Conference (USENIX ATC), 2018
Acceptance Rate: 19%
[Slides] [Slides for Usenix HotSec’18]
Sensitive Information Tracking in Commodity IoT
Z. Berkay Celik, Leonardo Babun, Amit K. Sikder, Hidayet Aksu, Gang Tan, Patrick McDaniel, and Selcuk Uluagac
Proceedings of the USENIX Security Symposium (USENIX Security), 2018
Acceptance Rate: 18%
[Slides] [Talk video]
Practical Black-Box Attacks against Machine Learning
Nicolas Papernot, Patrick McDaniel, Ian Goodfellow, Somesh Jha, Z. Berkay Celik, and Ananthram Swami
Proceedings of the Asia Conference on Computer, and Communications Security (ASIACCS), 2017
Acceptance Rate: 20%
Machine Learning in Adversarial Settings
Patrick McDaniel, Nicolas Papernot, and Z. Berkay Celik
IEEE Security & Privacy Magazine (May/June), 2016
The Limitations of Deep Learning in Adversarial Settings
Nicolas Papernot, Patrick McDaniel, Somesh Jha, Matt Fredrikson, Z. Berkay Celik, and Ananthram Swami
Proceedings of the European Symposium on Security and Privacy (Euro S&P), 2016
Acceptance Rate: 17.3%