C. Emre Koksal

Abdullah Y. Etcibasi, C. Emre Koksal, Eylem Ekici

Age of Information (AoI) has become a central metric for the design of wireless update systems, especially in applications where fresh measurements support tracking, estimation, and control. Despite its popularity, the use of mean AoI or peak AoI as a surrogate for closed-loop performance is often motivated by intuition rather than by a control-theoretic derivation. This paper examines whether minimizing the mean AoI is in fact optimal for networked control systems. For scalar linear time-invariant systems with delayed intermittent updates, we show that, under state-independent scheduling policies, the infinite-horizon LQR tracking problem reduces to an optimization over the distribution of inter-scheduling intervals. The resulting objective depends on higher-order statistical moments, and in unstable or correlated regimes on exponential moments, of the inter-scheduling process rather than only on its mean. Consequently, policies with identical mean AoI can induce substantially different tracking costs. We further extend the analysis to disturbances with exponentially decaying autocorrelation and derive equivalent cost formulations that expose the role of the full interval distribution. Finally, we validate the theory using real vehicle trajectories from the NGSIM US-101 dataset. The empirical results match the predicted performance trends, demonstrating that mean AoI alone is insufficient for control-oriented network design.

Yunus Sarikaya, C. Emre Koksal, Ozgur Ercetin

We consider the problem of resource allocation and control of multihop networks in which multiple source-destination pairs communicate confidential messages, to be kept confidential from the intermediate nodes. We pose the problem as that of network utility maximization, into which confidentiality is incorporated as an additional quality of service constraint. We develop a simple, and yet provably optimal dynamic control algorithm that combines flow control, routing and end-to-end secrecy-encoding. In order to achieve confidentiality, our scheme exploits multipath diversity and temporal diversity due to channel variability. Our end-to-end dynamic encoding scheme encodes confidential messages across multiple packets, to be combined at the ultimate destination for recovery. We first develop an optimal dynamic policy for the case in which the number of blocks across which secrecy encoding is performed is asymptotically large. Next, we consider encoding across a finite number of packets, which eliminates the possibility of achieving perfect secrecy. For this case, we develop a dynamic policy to choose the encoding rates for each message, based on the instantaneous channel state information, queue states and secrecy outage requirements. By numerical analysis, we observe that the proposed scheme approaches the optimal rates asymptotically with increasing block size. Finally, we address the consequences of practical implementation issues such as infrequent queue updates and de-centralized scheduling. We demonstrate the efficacy of our policies by numerical studies under various network conditions.

Jihyeon Yun, Abdullah Yasin Etcibasi, Ming Shi et al.

We develop a queueing-theoretic framework to model the temporal evolution of cyber-attack surfaces, where the number of active vulnerabilities is represented as the backlog of a queue. Vulnerabilities arrive as they are discovered or created, and leave the system when they are patched or successfully exploited. Building on this model, we study how automation affects attack and defense dynamics by introducing an AI amplification factor that scales arrival, exploit, and patching rates. Our analysis shows that even symmetric automation can increase the rate of successful exploits. We validate the model using vulnerability data collected from an open source software supply chain and show that it closely matches real-world attack surface dynamics. Empirical results reveal heavy-tailed patching times, which we prove induce long-range dependence in vulnerability backlog and help explain persistent cyber risk. Utilizing our queueing abstraction for the attack surface, we develop a systematic approach for cyber risk mitigation. We formulate the dynamic defense problem as a constrained Markov decision process with resource-budget and switching-cost constraints, and develop a reinforcement learning (RL) algorithm that achieves provably near-optimal regret. Numerical experiments validate the approach and demonstrate that our adaptive RL-based defense policies significantly reduce successful exploits and mitigate heavy-tail queue events. Using trace-driven experiments on the ARVO dataset, we show that the proposed RL-based defense policy reduces the average number of active vulnerabilities in a software supply chain by over 90% compared to existing defense practices, without increasing the overall maintenance budget. Our results allow defenders to quantify cumulative exposure risk under long-range dependent attack dynamics and to design adaptive defense strategies with provable efficiency.

Abdullah Y. Etcibasi, Zachary Dobos, C. Emre Koksal

We provide an approach that closely estimates an organization's cyber resources directly from vulnerability timestamps, using a non-stationary queueing framework. Traditional attack-surface metrics operate on static snapshots, ignoring the core attack-defense dynamics within information systems, which exhibit bursty, heavy-tailed, and capacity-constrained behavior. Our approach to modeling such dynamics is based on a queueing abstraction of attack surfaces. We utilize a segmentation method to identify piecewise-stationary regimes via Gaussian mixture modeling (GMM) of queue length distributions. We fit segment-specific arrival, service, and resource parameters through the minimization of Kullback--Leibler divergence (KL) between the empirical and estimated distributions. Applied to both large-scale software supply chain data and multi-year private logistics enterprise cyber-ticket workflows, the model estimates organizational resources, measured in the time-varying active personnel and output rate per personnel, solely from bug report and fix timings for software supply chains, and discovery and patch timestamps in the enterprise setting. Our results provide 91--96\% accuracy in resource estimation, making the dynamic queueing framework a compelling approach for understanding attack surface dynamics. Further, our framework exposes resource bottlenecks, establishing a foundation for predictive workforce planning, patch-race modeling, and proactive cyber-risk management.

Abdullah Y. Etcibasi, C. Emre Koksal, Eylem Ekici

In this work, we first prove that the separation principle holds for switched LQR problems under i.i.d. zero-mean disturbances with a symmetric distribution. We then solve the dynamic programming problem and show that the optimal switching policy is a symmetric threshold rule on the accumulated disturbance since the most recent update, while the optimal controller is a discounted linear feedback law independent of the switching policy.

Jialei Liu, C. Emre Koksal, Ming Shi

We study a bi-level online provisioning and scheduling problem motivated by network resource allocation, where provisioning decisions are made at a slow time scale while queue-/state-dependent scheduling is performed at a fast time scale. We model this two-time-scale interaction using an upper-level online convex optimization (OCO) problem and a lower-level constrained Markov decision process (CMDP). Existing OCO typically assumes stateless decisions and thus cannot capture MDP network dynamics such as queue evolution. Meanwhile, CMDP algorithms typically assume a fixed constraint threshold, whereas in provisioning-and-scheduling systems, the threshold varies with online budget decisions. To address these gaps, we study bi-level OCO-CMDP learning under switching costs (budget reprovisioning/system reconfiguration) and cross-level constraints that couple budgets to scheduling decisions. Our new algorithm solves this learning problem via several non-trivial developments, including a carefully designed dual feedback that returns the budget multiplier as sensitivity information for the upper-level update and a lower level that solves a budget-adaptive safe exploration problem via an extended occupancy-measure linear program. We establish near-optimal regret and high-probability satisfaction of the cross-level constraints.

Yahia Shabara, Eylem Ekici, C. Emre Koksal

The speed at which millimeter-Wave (mmWave) channel estimation can be carried out is critical for the adoption of mmWave technologies. This is particularly crucial because mmWave transceivers are equipped with large antenna arrays to combat severe path losses, which consequently creates large channel matrices, whose estimation may incur significant overhead. This paper focuses on the mmWave channel estimation problem. Our objective is to reduce the number of measurements required to reliably estimate the channel. Specifically, channel estimation is posed as a "source compression" problem in which measurements mimic an encoded (compressed) version of the channel. Decoding the observed measurements, a task which is traditionally computationally intensive, is performed using a deep-learning-based approach, facilitating a high-performance channel discovery. Our solution not only outperforms state-of-the-art compressed sensing methods, but it also determines the lower bound on the number of measurements required for reliable channel discovery.

Amr Abdelaziz, C. Emre Koksal, Hesham El Gamal et al.

Compound MIMO wiretap channel with double sided uncertainty is considered under channel mean information model. In mean information model, channel variations are centered around its mean value which is fed back to the transmitter. We show that the worst case main channel is anti-parallel to the channel mean information resulting in an overall unit rank channel. Further, the worst eavesdropper channel is shown to be isotropic around its mean information. Accordingly, we provide the capacity achieving beamforming direction. We show that the saddle point property holds under mean information model, and thus, compound secrecy capacity equals to the worst case capacity over the class of uncertainty. Moreover, capacity achieving beamforming direction is found to require matrix inversion, thus, we derive the null steering (NS) beamforming as an alternative suboptimal solution that does not require matrix inversion. NS beamformer is in the direction orthogonal to the eavesdropper mean channel that maintains the maximum possible gain in mean main channel direction. Extensive computer simulation reveals that NS performs very close to the optimal solution. It also verifies that, NS beamforming outperforms both maximum ratio transmission (MRT) and zero forcing (ZF) beamforming approaches over the entire SNR range. Finally, An equivalence relation with MIMO wiretap channel in Rician fading environment is established.

Amr Abdelaziz, Ron Burton, C. Emre Koksal

In the scope of VANETs, nature of exchanged safety/warning messages renders itself highly location dependent as it is usually for incident reporting. Thus, vehicles are required to periodically exchange beacon messages that include speed, time and GPS location information. In this paper paper, we present a physical layer assisted message authentication scheme that uses Angle of Arrival (AoA) estimation to verify the message originator location based on the claimed location information. Within the considered vehicular communication settings, fundamental limits of AoA estimation are developed in terms of its Cramer Rao Bound (CRB) and existence of efficient estimator. The problem of deciding whether the received signal is originated from the claimed GPS location is formulated as a two sided hypotheses testing problem whose solution is given by Wald test statics. Moreover, we use correct decision, $P_D$, and false alarm, $P_F$, probabilities as a quantitative performance measure. The observation posterior likelihood function is shown to satisfy regularity conditions necessary for asymptotic normality of the ML-AoA estimator. Thus, we give $P_D$ and $P_F$ in a closed form. We extend the potential of physical layer contribution in security to provide physical layer assisted secret key agreement (SKA) protocol. A public key (PK) based SKA in which communicating vehicles are required to validate their respective physical location. We show that the risk of the Man in the Middle attack, which is common in PK-SKA protocols without a trusted third party, is waived up to the literal meaning of the word "middle".

Y. Ozan Basciftci, C. Emre Koksal, Fusun Ozguner

We consider the wiretap channel model under the presence of a hybrid, half duplex adversary that is capable of either jamming or eavesdropping at a given time. We analyzed the achievable rates under a variety of scenarios involving different methods for obtaining transmitter CSI. Each method provides a different grade of information, not only to the transmitter on the main channel, but also to the adversary on all channels. Our analysis shows that main CSI is more valuable for the adversary than the jamming CSI in both delay-limited and ergodic scenarios. Similarly, in certain cases under the ergodic scenario, interestingly, no CSI may lead to higher achievable secrecy rates than with CSI.