Search results for "kyberturvallisuus"
showing 10 items of 117 documents
Knowledge Discovery from Network Logs
2015
Modern communications networks are complex systems, which facilitates malicious behavior. Dynamic web services are vulnerable to unknown intrusions, but traditional cyber security measures are based on fingerprinting. Anomaly detection differs from fingerprinting in that it finds events that differ from the baseline traffic. The anomaly detection methodology can be modelled with the knowledge discovery process. Knowledge discovery is a high-level term for the whole process of deriving actionable knowledge from databases. This article presents the theory behind this approach, and showcases research that has produced network log analysis tools and methods. peerReviewed
Artificial Intelligence for Cybersecurity: A Systematic Mapping of Literature
2020
Due to the ever-increasing complexities in cybercrimes, there is the need for cybersecurity methods to be more robust and intelligent. This will make defense mechanisms to be capable of making real-time decisions that can effectively respond to sophisticated attacks. To support this, both researchers and practitioners need to be familiar with current methods of ensuring cybersecurity (CyberSec). In particular, the use of artificial intelligence for combating cybercrimes. However, there is lack of summaries on artificial intelligent methods for combating cybercrimes. To address this knowledge gap, this study sampled 131 articles from two main scholarly databases (ACM digital library and IEEE…
Hypervisor-assisted dynamic malware analysis
2021
AbstractMalware analysis is a task of utmost importance in cyber-security. Two approaches exist for malware analysis: static and dynamic. Modern malware uses an abundance of techniques to evade both dynamic and static analysis tools. Current dynamic analysis solutions either make modifications to the running malware or use a higher privilege component that does the actual analysis. The former can be easily detected by sophisticated malware while the latter often induces a significant performance overhead. We propose a method that performs malware analysis within the context of the OS itself. Furthermore, the analysis component is camouflaged by a hypervisor, which makes it completely transp…
Artificial Intelligence in Protecting Smart Building’s Cloud Service Infrastructure from Cyberattacks
2020
Gathering and utilizing stored data is gaining popularity and has become a crucial component of smart building infrastructure. The data collected can be stored, for example, into private, public, or hybrid cloud service infrastructure or distributed service by utilizing data platforms. The stored data can be used when implementing services, such as building automation (BAS). Cloud services, IoT sensors, and data platforms can face several kinds of cybersecurity attack vectors such as adversarial, AI-based, DoS/DDoS, insider attacks. If a perpetrator can penetrate the defenses of a data platform, she can cause significant harm to the system. For example, the perpetrator can disrupt a buildin…
SHAPES secure cloud platform for healthcare solutions and services
2020
The SHAPES project is an ambitious endeavour that gathers stakeholders from across Europe to create, deploy and pilot at large-scale a EU-standardised open platform incorporating and integrating a broad range of solutions, including technological, organisational, clinical, educational and societal, to enable the ageing population of Europe to remain healthy, active and productive, as well as to maintain a high quality of life and sense of wellbeing for the longest time possible. Not only each digital solution will be ethical, legal and appropriate for users, but also the results will align with the full and ethically responsible end-to-end exploitation of the new functionalities empowered b…
Strategic cyber threat intelligence : Building the situational picture with emerging technologies
2020
In 2019, e-criminals adopted new tactics to demand enormous ransoms from large organizations by using ransomware, a phenomenon known as “big game hunting.” Big game hunting is an excellent example of a sophisticated and coordinated modern cyber-attack that has a significant impact on the target. Cyber threat intelligence (CTI) increases the possibilities to detect and prevent cyber-attacks and gives defenders more time to act. CTI is a combination of incident response and traditional intelligence. Intelligence modifies raw data into information for decision-making and action. CTI consists of strategic, operational, or tactical intelligence on cyber threats. Security event monitoring, event-…
Kyberturvallisuus esineiden internetissä
2017
Esineiden internetin laitteiden määrä on jatkuvasti kasvussa ja niiden hyödyt koskettavat kaikkia yhteiskuntamme jäseniä. Valitettavasti samanaikaisesti myös onnistuneiden kyberhyökkäysten määrä on kasvussa ja se uhkaa esineiden inter-netin luotettavuutta. Tämän takia onkin tärkeää tutkia, minkälaisia uhkia esinei-den internet kohtaa ja kuinka näiltä uhkilta voitaisiin suojautua. Tutkielmassa käsitellään esineiden internetin laitteita, mitä kyseiset laitteet ovat, kuinka ne toi-mivat ja miten ne ovat suojattu. Tutkielma toteutettiin kirjallisuuskatsauksena ja sen lähteinä on käytetty pääsääntöisesti akateemisten julkaisujen artikkeleita. Tutkielmassa selvisi esineiden internetin kyberturval…
Countering Adversarial Inference Evasion Attacks Towards ML-Based Smart Lock in Cyber-Physical System Context
2021
Machine Learning (ML) has been taking significant evolutionary steps and provided sophisticated means in developing novel and smart, up-to-date applications. However, the development has also brought new types of hazards into the daylight that can have even destructive consequences required to be addressed. Evasion attacks are among the most utilized attacks that can be generated in adversarial settings during the system operation. In assumption, ML environment is benign, but in reality, perpetrators may exploit vulnerabilities to conduct these gradient-free or gradient-based malicious adversarial inference attacks towards cyber-physical systems (CPS), such as smart buildings. Evasion attac…
One-Pixel Attack Deceives Computer-Assisted Diagnosis of Cancer
2020
Computer vision and machine learning can be used to automate various tasks in cancer diagnostic and detection. If an attacker can manipulate the automated processing, the results can be devastating and in the worst case lead to wrong diagnosis and treatment. In this research, the goal is to demonstrate the use of one-pixel attacks in a real-life scenario with a real pathology dataset, TUPAC16, which consists of digitized whole-slide images. We attack against the IBM CODAIT's MAX breast cancer detector using adversarial images. These adversarial examples are found using differential evolution to perform the one-pixel modification to the images in the dataset. The results indicate that a mino…
GDL90fuzz: Fuzzing - GDL-90 Data Interface Specification Within Aviation Software and Avionics Devices–A Cybersecurity Pentesting Perspective
2022
As the core part of next-generation air transportation systems, the Automatic Dependent Surveillance-Broadcast (ADS-B) is becoming very popular. However, many (if not most) ADS-B devices and implementations support and rely on Garmin’s GDL-90 protocol for data exchange and encapsulation. In this paper, we research GDL-90 protocol fuzzing options and demonstrate practical Denial-of-Service (DoS) attacks on popular Electronic Flight Bag (EFB) software operating on mobile devices. For this purpose, we specifically configured our own avionics pentesting platform. and targeted the popular Garmin’s GDL-90 protocol as the industry-leading devices operate on it. We captured legitimate traffic from …