Teaching

CS 426: Computer Security (Undergraduate) [Spring 23] [Syllabus]

This introductory undergraduate course focuses on the principles and foundations of building secure computer systems, security best practices, and security failures in existing and emerging computer networks and systems. The course covers four key topic areas: basics of cryptography and crypto protocols, network security, systems security, and privacy. Students successfully completing this class will be able to understand and assess security threats, become familiar with security engineering best practices, write better software, protocols, and systems, and have rudimentary skills in security research.

CS 590: IoT/CPS Security (Graduate) [Spring 20, Spring 22] [Syllabus]

In this course, we will study the latest research in the design of Internet of Things (IoT) and Cyber-Physical Systems (CPS) and methods for securing them. The course will provide foundations of safety and security of IoT/CPS and covers the topics of policy verification, approaches for designing safe and secure systems, techniques for detecting problems in conventional IoT/CPS design and repairing such problems. Example topics include the security of voice-controlled devices, IoT applications, edge computing, industrial control systems, and autonomous vehicles.

CS 529: Security Analytics (Graduate) [Fall 22, Fall 21, Fall 20, Fall 19] [Syllabus]

This graduate-level course will provide students with materials to discuss the intersection of two ubiquitous concepts: Security and Machine Learning. The course is structured in two parts: (1) Machine Learning for Security and (2) Security of Machine Learning Systems. The focus of the first part will be on building a principled understanding of key learning algorithms and techniques, and their applications within the security domain, as well as general questions related to analyzing and handling datasets. The first part will provide students with the necessary background to understand the second half of the course. The second part covers recently discovered security implications of deploying machine learning algorithms in the physical realm. Students will learn about attacks against computer systems leveraging machine learning algorithms, as well as defense techniques to mitigate such attacks during learning and inference.

Full list of courses

Selected Publications

2011-2021

A Systematic Study of Physical Sensor Attack Hardness
Hyungsub Kim, Rwitam Bandyopadhyay, Muslum Ozgur Ozmen, Z. Berkay Celik, Antonio Bianchi, Yongdae Kim, and Dongyan Xu
IEEE Security and Privacy (IEEE S&P), 2024
Acceptance Rate: TBD

Wear’s my Data? Understanding the Cross-Device Runtime Permission Model in Wearables
Doguhan Yeke, Muhammad Ibrahim, Guliz Seray Tuncay, Habiba Farrukh, Abdullah Imran, Antonio Bianchi, and Z. Berkay Celik
IEEE Security and Privacy (IEEE S&P), 2024
Acceptance Rate: TBD

ATTention Please! An Investigation of the App Tracking Transparency Permission
Reham Mohamed, Arjun Arunasalam, Habiba Farrukh, Jason Tong, Antonio Bianchi, and Z. Berkay Celik
USENIX Security Symposium, 2024
Acceptance Rate: TBD

Understanding the Security and Privacy Implications of Online Toxic Content on Refugees
Arjun Arunasalam, Habiba Farrukh, Eliz Tekcan, and Z. Berkay Celik
USENIX Security Symposium, 2024
Acceptance Rate: TBD

The Dark Side of E-commerce: Dropshipping Abuse as a Business Model
Arjun Arunasalam, Andrew Chu, M. Ozgur Ozmen, Habiba Farrukh, and Z. Berkay Celik
Network and Distributed System Security Symposium (NDSS), 2024
Acceptance Rate: 15.0%

Can Large Language Models Provide Security & Privacy Advice? Measuring the Ability of LLMs to Refute Misconceptions.
Yufan Chen, Arjun Arunasalam, and Z. Berkay Celik.
In Annual Computer Security Applications Conference (ACSAC), 2023
Acceptance Rate: 24%

Discovering Adversarial Driving Maneuvers against Autonomous Vehicles
Ruoyu Song, M. Ozgur Ozmen, Hyungsub Kim, Raymond Muller, Z. Berkay Celik, and Antonio Bianchi
USENIX Security Symposium, 2023
Acceptance Rate: 29.2%

LocIn: Inferring Semantic Location from Spatial Maps in Mixed Reality
Habiba Farrukh, Reham Mohamed, Aniket Nare, Antonio Bianchi, and Z. Berkay Celik
USENIX Security Symposium, 2023
Acceptance Rate: 29.2%

ZBCAN: A Zero-Byte CAN Defense System
Khaled Serag, Rohit Bhatia, Akram Faqih, Vireshwar Kumar, Muslum Ozgur Ozmen, Z. Berkay Celik, and Dongyan Xu
USENIX Security Symposium, 2023
Acceptance Rate: 29.2%

That Person Moves Like A Car: Misclassification Attack Detection for Autonomous Systems Using Spatiotemporal Consistency
Yanmao Man, Raymond Muller, Ming Li, Z. Berkay Celik, and Ryan Gerdes
USENIX Security Symposium, 2023
Acceptance Rate: 29.2%

PatchVerif: Discovering Faulty Patches in Robotic Vehicles
Hyungsub Kim, M. Ozgur Ozmen, Z. Berkay Celik, Antonio Bianchi, and Dongyan Xu
USENIX Security Symposium, 2023
Acceptance Rate: 29.2%

One Key to Rule Them All: Secure Group Pairing for Heterogeneous IoT Devices
Habiba Farrukh, M. Ozgur Ozmen, F. Kerem Ors, and Z. Berkay Celik
IEEE Security and Privacy (IEEE S&P), 2023
Acceptance Rate: 17%

iStelan: Disclosing Sensitive User Information by Mobile Magnetometer from Finger Touches
Reham Mohamed, Habiba Farrukh, He Wang, Yidong Lu, and Z. Berkay Celik
Privacy Enhancing Technologies (PoPETS), 2023
Acceptance Rate: 25%

Evasion Attacks and Defenses on Smart Home Physical Event Verification
M. Ozgur Ozmen, Ruoyu Song, Habiba Farrukh, and Z. Berkay Celik
Network and Distributed System Security Symposium (NDSS), 2023
Acceptance Rate: 16.2%

Discovering IoT Physical Channel Vulnerabilities
M. Ozgur Ozmen, Xuansong Li, Andrew Chun-An Chu, Z. Berkay Celik, Bardh Hoxha, and Xiangyu Zhang
ACM Conference on Computer and Communications Security (CCS), 2022
Acceptance Rate: 22%

Physical Hijacking Attacks against Object Trackers
Raymond Muller, Yanmao Man, Z. Berkay Celik, Ryan Gerdes, and Ming Li
ACM Conference on Computer and Communications Security (CCS), 2022
Acceptance Rate: 22%

PGPatch: Policy-Guided Logic Bug Patching for Robotic Vehicles
Hyungsub Kim, M. Ozgur Ozmen, Z. Berkay Celik, Antonio Bianchi, and Dongyan Xu
IEEE Security and Privacy (IEEE S&P), 2022
Acceptance Rate: 14.5%

Behind the Tube: Exploitative Monetization of Content on YouTube
Andrew Chu, Arjun Arunaslam, M. Ozgur Ozmen, and Z. Berkay Celik
USENIX Security Symposium, 2022
Acceptance Rate: 18.1%

What do you see? Evaluation of Explainable Artificial Intelligence (XAI) Interpretability through Neural Backdoors
Yi-Shan Lin, Wen-Chuan Lee, and Z. Berkay Celik
ACM SIGKDD Conference on Knowledge Discovery & Data Mining (KDD), 2021
Acceptance Rate: 15.4%

S3: Side-channel Attack on Stylus Pencil Through Sensors
Habiba Farrukh, Tinghan Yang, Yuxuan Yin, Hanwen Xu, He Wang, and Z. Berkay Celik
ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies (IMWUT/UbiComp), 2021
Acceptance Rate: TBD

Exposing New Vulnerabilities of Error Handling Mechanism in CAN
Khaled Serag, Rohit Bhatia, Vireshwar Kumar, Z. Berkay Celik, and Dongyan Xu
USENIX Security Symposium, 2021
Acceptance Rate: 18.8%

Evading Voltage-Based Intrusion Detection on Automotive CAN
Rohit Bhatia, Vireshwar Kumar, Khaled Serag, Z. Berkay Celik, Mathias Payer, and Dongyan Xu
Network and Distributed System Security Symposium (NDSS), 2021
Acceptance Rate: 15.2%

ATLAS: A Sequence-based Learning Approach for Attack Investigation
Abdulellah Alsaheel, Yuhong Nan, Shiqing Ma, Le Yu, Gregory Walkup, Z. Berkay Celik, Dongyan Xu, and Xiangyu Zhang
USENIX Security Symposium, 2021
Acceptance Rate: 18.8%

Full list of Publications