Gunes Karabulut Kurt

Selen Gecgel Cetin, Gunes Karabulut Kurt, Angeles Vazquez-Castro

There is no doubt that the Moon has become the center of interest for commercial and international actors. Over the past decade, the number of planned long-term missions has increased dramatically. This makes the establishment of cislunar space networks (CSNs) crucial to orchestrate uninterrupted communications between the Moon and Earth. However, there are numerous challenges, unknowns, and uncertainties associated with cislunar communications that may pose various risks to lunar missions. In this study, we aim to address these challenges for cislunar communications by proposing a machine learning-based cislunar space domain awareness (SDA) capability that enables robust and secure communications. To this end, we first propose a detailed channel model for selected cislunar scenarios. Secondly, we propose two types of interference that could model anomalies that occur in cislunar space and are so far known only to a limited extent. Finally, we discuss our cislunar SDA to work in conjunction with the spacecraft communication system. Our proposed cislunar SDA, involving heuristic learning capabilities with machine learning algorithms, detects interference models with over 96% accuracy. The results demonstrate the promising performance of our cislunar SDA approach for secure and robust cislunar communication.

Selen Gecgel Cetin, Berna Ozbek, Gunes Karabulut Kurt

Space has been reforming and this evolution brings new threats that, together with technological developments and malicious intent, can pose a major challenge. Space domain awareness (SDA), a new conceptual idea, has come to the forefront. It aims sensing, detection, identification and countermeasures by providing autonomy, intelligence and flexibility against potential threats in space. In this study, we first present an insightful and clear view of the new space. Secondly, we propose an integrated SDA and communication (ISDAC) system for attacker detection. We assume that the attacker has beam-steering antennas and is capable to vary attack scenarios, such as random attacks on some receiver antennas. To track random patterns and meet SDA requirements, a lightweight convolutional neural network architecture is developed. The proposed ISDAC system shows superior and robust performance under 12 different attacker configurations with a detection accuracy of over 97.8%.

Anouar Boumeftah, Sarah McKenzie-Picot, Peter Klimas et al.

Modern satellite systems face increasing operational risks from jamming, cyberattacks, and electromagnetic disruptions in contested space environments. Traditional redundancy strategies often fall short against such dynamic and multi-vector threats. This paper introduces a resilience by design framework grounded in the PACE (Primary, Alternate, Contingency, Emergency) methodology, originally developed for tactical communications in military operations, and adapts it to satellite systems through a layered state transition model informed by threat scoring frameworks such as CVSS, DREAD, and NASA's risk matrix. We define a dynamic resilience index to quantify system adaptability and implement three PACE variants (static, adaptive, and epsilon-greedy reward optimized) to evaluate resilience under diverse disruption scenarios. Results show that lightweight, decision aware fallback mechanisms can substantially improve survivability and operational continuity for next generation space assets.

Rüdiger Machhamer, Lejla Begic Fazlic, Eray Guven et al.

An important task in the field of sensor technology is the efficient implementation of adaptation procedures of measurements from one sensor to another sensor of identical design. One idea is to use the estimation of an affine transformation between different systems, which can be improved by the knowledge of experts. This paper presents an improved solution from Glacier Research that was published back in 1973. The results demonstrate the adaptability of this solution for various applications, including software calibration of sensors, implementation of expert-based adaptation, and paving the way for future advancements such as distributed learning methods. One idea here is to use the knowledge of experts for estimating an affine transformation between different systems. We evaluate our research with simulations and also with real measured data of a multi-sensor board with 8 identical sensors. Both data set and evaluation script are provided for download. The results show an improvement for both the simulation and the experiments with real data.

Selen Gecgel Cetin, Tolga Ovatman, Gunes Karabulut Kurt

This letter addresses essential aspects of threat assessment by proposing intent-driven threat models that incorporate both capabilities and intents. We propose a holistic framework for cyber physical awareness (CPA) in space networks, pointing out that analyzing reliability and security separately can lead to overfitting on system-specific criteria. We structure our proposed framework in three main steps. First, we suggest an algorithm that extracts characteristic properties of the received signal to facilitate an intuitive understanding of potential threats. Second, we develop a multitask learning architecture where one task evaluates reliability-related capabilities while the other deciphers the underlying intentions of the signal. Finally, we propose an adaptable threat assessment that aligns with varying security and reliability requirements. The proposed framework enhances the robustness of threat detection and assessment, outperforming conventional sequential methods, and enables space networks with emerging intershell links to effectively address complex threat scenarios.

Ozan Alp Topal, Gunes Karabulut Kurt

Physical layer authentication (PLA) is the process of claiming identity of a node based on its physical layer characteristics such as channel fading or hardware imperfections. In this work, we propose a novel PLA method for the inter-satellite communication links (ISLs) of the LEO satellites. In the proposed PLA method, multiple receiving satellites validate the identity of the transmitter by comparing the Doppler frequency measurements with the reference mobility information of the legitimate transmitter and then fuse their decision considering the selected decision rule. Analytical expressions are obtained for the spoofing detection probability and false alarm probability of the fusion methods. Numerically obtained high authentication performance results pave the way to a novel and easily integrable authentication mechanism for the LEO satellite networks.

Sueda Guzey, Gunes Karabulut Kurt, Enver Ozdemir

Group authentication is a method of confirmation that a set of users belong to a group and of distributing a common key among them. Unlike the standard authentication schemes where one central authority authenticates users one by one, group authentication can handle the authentication process at once for all members of the group. The recently presented group authentication algorithms mainly exploit Lagrange's polynomial interpolation along with elliptic curve groups over finite fields. As a fresh approach, this work suggests use of linear spaces for group authentication and key establishment for a group of any size. The approach with linear spaces introduces a reduced computation and communication load to establish a common shared key among the group members. The advantages of using vector spaces make the proposed method applicable to energy and resource constrained devices. In addition to providing lightweight authentication and key agreement, this proposal allows any user in a group to make a non-member to be a member, which is expected to be useful for autonomous systems in the future. The scheme is designed in a way that the sponsors of such members can easily be recognized by anyone in the group. Unlike the other group authentication schemes based on Lagrange's polynomial interpolation, the proposed scheme doesn't provide a tool for adversaries to compromise the whole group secrets by using only a few members' shares as well as it allows to recognize a non-member easily, which prevents service interruption attacks.

Selen Gecgel, Gunes Karabulut Kurt

Towards sixth-generation networks (6G), satellite communication systems, especially based on Low Earth Orbit (LEO) networks, become promising due to their unique and comprehensive capabilities. These advantages are accompanied by a variety of challenges such as security vulnerabilities, management of hybrid systems, and high mobility. In this paper, firstly, a security deficiency in the physical layer is addressed with a conceptual framework, considering the cyber-physical nature of the satellite systems, highlighting the potential attacks. Secondly, a learning-driven detection scheme is proposed, and the lightweight convolutional neural network (CNN) is designed. The performance of the designed CNN architecture is compared with a prevalent machine learning algorithm, support vector machine (SVM). The results show that deficiency attacks against the satellite systems can be detected by employing the proposed scheme.

Caner Goztepe, Saliha Buyukcorak, Gunes Karabulut Kurt et al.

The impact of localization systems in our daily lives is increasing. As next-generation networks will introduce hyperconnectivity with the emerging applications, this impact will undoubtedly further increase, proliferating the importance of the location information's reliability. As society becomes more dependent on this information in terms of the products and services, security solutions will have to be enriched to provide countermeasures sufficiently advanced to ever-evolving threats, forcing the joint design of communication and localization systems. This paper envisions integrated communication and localization systems by focusing on localization security. Also, conventional and next-generation attacks on localization are discussed along with an efficient attack detection method and test-bed-based demonstration, highlighting the need for effective countermeasures.

Ozan Alp Topal, Gunes Karabulut Kurt, Halim Yanikomeroglu

In this work, we propose a secret key generation procedure specifically designed for the inter-spacecraft communication links. As a novel secrecy source, the spacecrafts utilize Doppler frequency shift based measurements. In this way, the mobilities of the communication devices are exploited to generate secret keys, where this resource can be utilized in the environments that the channel fading based key generation methods are not available. The mobility of a spacecraft is modeled as the superposition of a pre-determined component and a dynamic component. We derive the maximum achievable secret key generation rate from the Doppler frequency shift. The proposed secret key generation procedure extracts the Doppler frequency shift in the form of nominal power spectral density samples (NPSDS). We propose a maximum-likelihood (ML) estimation for the NPSDS at the spacecrafts, then a uniform quantizer is utilized to obtain secret key bits. The key disagreement rate (KDR) is analytically obtained for the proposed key generation procedure. Through numerical studies, the tightness of the provided approximations is shown. Both the theoretical and numerical results demonstrate the validity and the practicality of the presented physical layer key generation procedure considering the security of the communication links of spacecrafts.

Selen Gecgel, Caner Goztepe, Gunes Karabulut Kurt et al.

Communications are realized as a result of successive decisions at the physical layer, from modulation selection to multi-antenna strategy, and each decision affects the performance of the communication systems. Future communication systems must include extensive capabilities as they will encompass a wide variety of devices and applications. Conventional physical layer decision mechanisms may not meet these requirements, as they are often based on impractical and oversimplifying assumptions that result in a trade-off between complexity and efficiency. By leveraging past experiences, learning-driven designs are promising solutions to present a resilient decision mechanism and enable rapid response even under exceptional circumstances. The corresponding design solutions should evolve following the lines of learning-driven paradigms that offer more autonomy and robustness. This evolution must take place by considering the facts of real-world systems and without restraining assumptions. In this paper, the common assumptions in the physical layer are presented to highlight their discrepancies with practical systems. As a solution, learning algorithms are examined by considering the implementation steps and challenges. Furthermore, these issues are discussed through a real-time case study using software-defined radio nodes to demonstrate the potential performance improvement. A cyber-physical framework is presented to incorporate future remedies.

Yucel Aydin, Gunes Karabulut Kurt, Enver Ozdemir et al.

The widespread use of new technologies such as the Internet of things (IoT) and machine type communication(MTC) forces an increase on the number of user equipments(UEs) and MTC devices that are connecting to mobile networks. Inherently, as the number of UEs inside a base station's (BS) coverage area surges, the quality of service (QoS) tends to decline. The use of drone-mounted BS (UxNB) is a solution in places where UEs are densely populated, such as stadiums. UxNB emerges as a promising technology that can be used for capacity injection purposes in the future due to its fast deployment. However, this emerging technology introduces a new security issue. Mutual authentication, creating a communication channel between terrestrial BS and UxNB, and fast handover operations may cause security issues in the use of UxNB for capacity injection. This new protocol also suggests performing UE handover from terrestrial to UxNB as a group. To the best of the authors' knowledge, there is no authentication solution between BSs according to LTE and 5G standards. The proposed scheme provides a solution for the authentication of UxNB by the terrestrial BS. Additionally, a credential sharing phase for each UE in handover is not required in the proposed method. The absence of a credential sharing step saves resources by reducing the number of communications between BSs. Moreover, many UE handover operations are completed in concise time within the proposed group handover method.

Gunes Karabulut Kurt, Enver Ozdemir, Neslihan Aysen Ozkirisci et al.

In this work, we propose a novel key reconciliation protocol for the quantum key distribution (QKD). Based on Newton's polynomial interpolation, the proposed protocol aims to correct all erroneous bits at the receiver without revealing information to the eavesdropper. We provide the exact frame error rate (FER) expression of the proposed protocol. The inherent nature of the proposed algorithm ensures correcting all erroneous bits if the algorithm succeeds. We present an information-theoretical proof that the revealed information during the key reconciliation process is equal to zero. We also provide a numerical comparison of our algorithm with the asymptotic performance of the error-correcting codes and two exemplary low-density-parity-check (LDPC) codes. The results highlight that our algorithm provides superior performance when compared to the LDPC codes, regardless of the distance between Alice and Bob. Furthermore, the proposed key reconciliation protocol is usable for the longer quantum link distances than the state-of-the-art protocols.

Yucel Aydin, Gunes Karabulut Kurt, Enver Özdemir et al.

Internet of Things (IoT) networks are becoming a part of our daily lives, as the number of IoT devices around us are surging. The authentication of millions of connected things and the distribution and management of secret keys between these devices pose challenging research problems. Current one-to-one authentication schemes do not take the resource limitations of IoT devices into consideration. Nor do they address the scalability problem of massive machine type communication (mMTC) networks. Group authentication schemes (GAS), on the other hand, have emerged as novel approaches for many-to-many authentication problems. They can be used to simultaneously authenticate numerous resource-constrained devices. However, existing GAS are not energy efficient, and they do not provide enough security for widespread use. In this paper, we propose a lightweight GAS that significantly reduces energy consumption on devices, providing almost 80% energy savings when compared to the state-of-the-art solutions. Our approach is also resistant to the replay and man-in-the-middle attacks. The proposed approach also includes a solution for key agreement and key distribution problems in mMTC environments. Moreover, this approach can be used in both centralized and decentralized group authentication scenarios. The proposed approach has the potential to address the fast authentication requirements of the envisioned agile 6G networks, supported through aerial networking nodes.

Yucel Aydin, Gunes Karabulut Kurt, Enver Ozdemır

Current advancements in mobility of devices and also Internet of Things (IoT) have replaced the central networks by distributed infrastructure. The more a network is distributed, the more the security of infrastructure and the communication is getting complex. The members in a distributed network create different groups according to their coverage area or their requirements. Mobility nature of the members brings a problem called hand-over of members between groups. Current authentication methods are not applicable due to the lack of resources in the devices.A lightweight authentication method and an easy and fast hand-over process are the current need for the distributed networks. Shamir Secret Sharing algorithm is used for the authentication process in the studies before, but still secure group authentication algorithm and hand-over process are challenges in the group authentication. In this study, a new method is proposed to provide a secure group authentication and hand-over process between groups based on Lagrange's Interpolation.

Yucel Aydin, Gunes Karabulut Kurt, Enver Ozdemır

Shamir or Blakley secret sharing schemes are used for the authentication process in the studies before, but still secure group authentication and hand-over process remain as challenges in group authentication approaches. In this study, a novel method is proposed to provide a secure group authentication. The proposed approach also enables a hand-over process between groups by using Lagrange's polynomial interpolation and Weil pairing in elliptic curve groups for wireless networks with mobility support. One of the advantages of our proposed scheme is that the computational load for a member in the group is lower than the other schemes in the state-of-the-art. It is also possible to authorize many users at the same time, not one-to-one as in the group authentication methods in current cellular networks including Long Term Evolution (LTE). Another advantage that is not covered in other secret sharing methods is that the proposed approach constitutes a practical solution for the hand-over of members between different groups. We have also proposed a solution for replay and man-in-the-middle attacks in secret exchange.