0000000000621752

AUTHOR

Hannu Turtiainen

showing 11 related works from this author

Brima: Low-Overhead Browser-Only Image Annotation Tool (Preprint)

2021

Image annotation and large annotated datasets are crucial parts within the Computer Vision and Artificial Intelligence this http URL the same time, it is well-known and acknowledged by the research community that the image annotation process is challenging, time-consuming and hard to scale. Therefore, the researchers and practitioners are always seeking ways to perform the annotations easier, faster, and at higher quality. Even though several widely used tools exist and the tools' landscape evolved considerably, most of the tools still require intricate technical setups and high levels of technical savviness from its operators and crowdsource contributors. In order to address such challenge…

FOS: Computer and information sciencesComputer Science - Machine LearningLow overheadProcess (engineering)Computer scienceComputer Vision and Pattern Recognition (cs.CV)Scale (chemistry)media_common.quotation_subjectComputer Science - Computer Vision and Pattern RecognitionMachine Learning (cs.LG)World Wide WebCrowdsourceAutomatic image annotationResearch communityQuality (business)Preprintmedia_common2021 IEEE International Conference on Image Processing (ICIP)
researchProduct

Towards CCTV-aware Routing and Navigation for Privacy, Anonymity, and Safety - Feasibility Study in Jyväskylä

2021

AbstractIn order to withstand the ever-increasing invasion of privacy by CCTV cameras and technologies, on par CCTV-aware solutions must exist that provide privacy, safety, and cybersecurity features. We argue that a first important step towards such CCTV-aware solutions must be a mapping system (e.g., Google Maps, OpenStreetMap) that provides both privacy and safety routing and navigation options. Unfortunately, to the best of our knowledge, there are no mapping nor navigation systems that support CCTV-privacy and CCTV-safety routing options. At the same time, in order to move the privacy vs. safety debate related to CCTV surveillance cameras from purely subjective to data-driven and evide…

safetyComputer sciencePrivacy laws of the United StatesContext (language use)PedestrianprivacyComputer securitycomputer.software_genrelcsh:TelecommunicationDomain (software engineering)anti-surveillancelcsh:TK5101-6720yksityisyyskameravalvontakarttapalvelutcctv-aware technologymappingnavigationreititysanonymityNavigation systemvalvontajärjestelmätcctvroutingsurveillanceRouting (electronic design automation)anonymiteettiScale (map)yksilönsuojacomputerAnonymity2021 28th Conference of Open Innovations Association (FRUCT)
researchProduct

On Apache Log4j2 Exploitation in Aeronautical, Maritime, and Aerospace Communication

2022

Apache Log4j2 is a prevalent logging library for Java-based applications. In December 2021, several critical and high-impact software vulnerabilities, including CVE-2021-44228, were publicly disclosed, enabling remote code execution (RCE) and denial of service (DoS) attacks. To date, these vulnerabilities are considered critical and the consequences of their disclosure far-reaching. The vulnerabilities potentially affect a wide range of internet of things (IoT) devices, embedded devices, critical infrastructure (CI), and cyber-physical systems (CPSs). In this paper, we study the effects and feasibility of exploiting these vulnerabilities in mission-critical aviation and maritime environment…

log4shellCVE-2021-44228General Computer Sciencelog4jvulnerabilitysatelliteavionicsexperimentationlangaton tiedonsiirtoproof-of-conceptACARSGeneral Materials ScienceElectrical and Electronic EngineeringkyberturvallisuushaavoittuvuusAIStietoliikennesatelliititlentoliikenneGeneral EngineeringaerospaceApachemeriliikennemaritimeaviationlangaton viestintäverkkohyökkäyksetlennonvarmistusexploitationADS-BJavaIEEE Access
researchProduct

Cybersecurity Attacks on Software Logic and Error Handling Within ADS-B Implementations: Systematic Testing of Resilience and Countermeasures

2022

Automatic Dependent Surveillance-Broadcast (ADS-B) is a cornerstone of the next-generation digital sky and is now mandated in several countries. However, there have been many reports of serious security vulnerabilities in the ADS-B architecture. In this paper, we demonstrate and evaluate the impact of multiple cyberattacks on ADS-B via remote radio frequency links that affected various network, processing, and display subsystems used within the ADS-B ecosystem. Overall we implemented and tested 12 cyberattacks on ADS-B in a controlled environment, out of which 5 attacks were presented or implemented for the first time. For all these attacks, we developed a unique testbed that consisted of 1…

vulnerabilitiesATCcybersecurity1090MHzlentoliikenneAerospace Engineeringcountermeasuresavionics978MHzdatalinkATMpentestingaviationexperimental platformElectrical and Electronic EngineeringUATlennonjohtoEFBkyberturvallisuusverkkohyökkäyksetlennonvarmistusADS-B1090ESIEEE Transactions on Aerospace and Electronic Systems
researchProduct

Cybersecurity Attacks on Software Logic and Error Handling Within AIS Implementations: A Systematic Testing of Resilience

2022

To increase situational awareness of maritime vessels and other entities and to enable their exchange of various information, the International Maritime Organization mandated the use of the Automatic Identification System (AIS) in 2004. The AIS is a self-reporting system that uses the VHF radio link. However, any radio-based self-reporting system is prone to forgery, especially in situations where authentication of the message is not designed into the architecture. As AIS was designed in the 1990s when cyberattacks were in their infancy, it does not implement authentication or encryption; thus, it can be seen as fundamentally vulnerable against modern-day cyberattacks. This paper demonstrat…

resilienssishipcybersecurityGeneral Computer ScienceAISGeneral EngineeringresiliencyGeneralLiterature_MISCELLANEOUSattacksmaritimelaivatmerenkulkuidentifiointiGeneral Materials ScienceDoSkyberturvallisuusverkkohyökkäyksetIEEE Access
researchProduct

GDL90fuzz: Fuzzing - GDL-90 Data Interface Specification Within Aviation Software and Avionics Devices–A Cybersecurity Pentesting Perspective

2022

As the core part of next-generation air transportation systems, the Automatic Dependent Surveillance-Broadcast (ADS-B) is becoming very popular. However, many (if not most) ADS-B devices and implementations support and rely on Garmin’s GDL-90 protocol for data exchange and encapsulation. In this paper, we research GDL-90 protocol fuzzing options and demonstrate practical Denial-of-Service (DoS) attacks on popular Electronic Flight Bag (EFB) software operating on mobile devices. For this purpose, we specifically configured our own avionics pentesting platform. and targeted the popular Garmin’s GDL-90 protocol as the industry-leading devices operate on it. We captured legitimate traffic from …

General Computer Sciencecybersecurityprotocolsaerospace electronicsavionicsattacksheart beatGeneral Materials SciencelennonjohtokyberturvallisuussoftwareGeneral EngineeringlentoliikenneresiliencyfuzzingtestausmenetelmätpentestingairtrafficaviationstandardsDoSaircraftverkkohyökkäyksetlennonvarmistusGDL-90ADS-BIEEE Access
researchProduct

On the (In)Security of 1090ES and UAT978 Mobile Cockpit Information Systems : An Attacker Perspective on the Availability of ADS-B Safety- and Missio…

2022

Automatic dependent surveillance-broadcast (ADS-B) is a key air surveillance technology and a critical component of next-generation air transportation systems. It significantly simplifies aircraft surveillance technology and improves airborne traffic situational awareness. Many types of mobile cockpit information systems (MCISs) are based on ADS-B technology. MCIS gives pilots the flight and traffic-related information they need. MCIS has two parts: an ADS-B transceiver and an electronic flight bag (EFB) application. The ADS-B transceivers transmit and receive the ADS-B radio signals while the EFB applications hosted on mobile phones display the data. Because they are cheap, lightweight, an…

cybersecurityATClentokoneetUAT978availabilitylentoliikennecodesaerospace electronicsattackstransceiversaircraft navigationcomputer crashesATMsurveillanceDoSlennonjohtokyberturvallisuusaircraftverkkohyökkäyksetlennonvarmistusADS-B1090EStietojärjestelmät
researchProduct

BRIMA : Low-Overhead Browser-Only Image Annotation Tool

2021

Image annotation and large annotated datasets are crucial parts within the Computer Vision and Artificial Intelligence fields. At the same time, it is well-known and acknowledged by the research community that the image annotation process is challenging, time-consuming and hard to scale. Therefore, the researchers and practitioners are always seeking ways to perform the annotations easier, faster, and at higher quality. Even though several widely used tools exist and the tools’ landscape evolved considerably, most of the tools still require intricate technical setups and high levels of technical savviness from its operators and crowdsource contributors.In order to address such challenges, w…

COCOhahmontunnistus (tietotekniikka)selaimetjoukkoistaminenimage dataset generationcrowdsource annotationannotointiannotation toolkonenäköimage annotationkuvat
researchProduct

CCTV-FullyAware: toward end-to-end feasible privacy-enhancing and CCTV forensics applications

2022

It is estimated that over 1 billion Closed-Circuit Television (CCTV) cameras are operational worldwide. The advertised main benefits of CCTV cameras have always been the same; physical security, safety, and crime deterrence. The current scale and rate of deployment of CCTV cameras bring additional research and technical challenges for CCTV forensics as well, as for privacy enhancements. This paper presents the first end-to-end system for CCTV forensics and feasible privacy-enhancing applications such as exposure measurement, CCTV route recovery, CCTV-aware routing/navigation, and crowd-sourcing. For this, we developed and evaluated four complex and distinct modules (CCTVCV [1], OSRM-CCTV [2],…

tekninen rikostutkintatietosuojamachine learningkoneoppiminenyksityisyyskameravalvontaobject detectionvideo surveillancekonenäkönavigationsovellusohjelmatyksilönsuojaprivacy-enhancing technologies2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)
researchProduct

CCTVCV: Computer Vision model/dataset supporting CCTV forensics and privacy applications

2022

The increased, widespread, unwarranted, and unaccountable use of Closed-Circuit TeleVision (CCTV) cameras globally has raised concerns about privacy risks for the last several decades. Recent technological advances implemented in CCTV cameras, such as Artificial Intelligence (AI)-based facial recognition and Internet of Things (IoT) connectivity, fuel further concerns among privacy advocates. Machine learning and computer vision automated solutions may prove necessary and efficient to assist CCTV forensics of various types. In this paper, we introduce and release the first and only computer vision models are compatible with Microsoft common object in context (MS COCO) and capable of accurately…

tekninen rikostutkintasovellukset (soveltaminen)datasetsobject detectiontekoälyprivacykameratcomputer visiontietosuojamachine learningkoneoppiminencamerasyksityisyyskameravalvontavideo surveillancekonenäköCCTVmappingkasvontunnistus (tietotekniikka)2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)
researchProduct

HALE-IoT: HArdening LEgacy Internet-of-Things devices by retrofitting defensive firmware modifications and implants

2022

Internet-Of-Things (IoT) devices and their firmware are notorious for their lifelong vulnerabilities. As device infection increases, vendors also fail to release patches at a competitive pace. Despite security in IoT being an active area of research, prior work has mainly focused on vulnerability detection and exploitation, threat modelling, and protocol security. However, these methods are ineffective in preventing attacks against legacy and End-Of-Life devices that are already vulnerable. Current research mainly focuses on implementing and demonstrating the potential of malicious modifications. Hardening emerges as an effective solution to provide IoT devices with an additional layer of d…

IoTfirmware modificationcybersecurityend-of-lifesuojausSSL-proxyHTTPSlegacyfirmwaredefensive techniquesWAFretrofit securityesineiden internettietoturvakyberturvallisuusEOLverkkohyökkäyksetdeviceshaavoittuvuus
researchProduct