Search results for "verkkohyökkäykset"

showing 10 items of 41 documents

State of the Art Literature Review on Network Anomaly Detection

2018

As network attacks are evolving along with extreme growth in the amount of data that is present in networks, there is a significant need for faster and more effective anomaly detection methods. Even though current systems perform well when identifying known attacks, previously unknown attacks are still difficult to identify under occurrence. To emphasize, attacks that might have more than one ongoing attack vectors in one network at the same time, or also known as APT (Advanced Persistent Threat) attack, may be hardly notable since it masquerades itself as legitimate traffic. Furthermore, with the help of hiding functionality, this type of attack can even hide in a network for years. Additi…

Advanced persistent threatComputer science05 social sciences050801 communication & media studiesDenial-of-service attack02 engineering and technology021001 nanoscience & nanotechnologyComputer securitycomputer.software_genrenetwork anomaly detection0508 media and communicationsAnomaly detectionState (computer science)tietoturva0210 nano-technologyverkkohyökkäyksetcomputer
researchProduct

A Novel Deep Learning Stack for APT Detection

2019

We present a novel Deep Learning (DL) stack for detecting Advanced Persistent threat (APT) attacks. This model is based on a theoretical approach where an APT is observed as a multi-vector multi-stage attack with a continuous strategic campaign. To capture these attacks, the entire network flow and particularly raw data must be used as an input for the detection process. By combining different types of tailored DL-methods, it is possible to capture certain types of anomalies and behaviour. Our method essentially breaks down a bigger problem into smaller tasks, tries to solve these sequentially and finally returns a conclusive result. This concept paper outlines, for example, the problems an…

Advanced persistent threatProcess (engineering)Computer science020209 energyDistributed computing02 engineering and technologylcsh:Technologylcsh:ChemistryStack (abstract data type)020204 information systemsAdvanced Persistent Thread (APT)0202 electrical engineering electronic engineering information engineeringGeneral Materials Sciencetietoturvalcsh:QH301-705.5Instrumentationta113Fluid Flow and Transfer Processeslcsh:Tbusiness.industryProcess Chemistry and TechnologyDeep learningGeneral EngineeringFlow networklcsh:QC1-999Computer Science Applicationsnetwork anomaly detectionkoneoppiminenlcsh:Biology (General)lcsh:QD1-999lcsh:TA1-2040Deep Learning (DL)Artificial intelligencelcsh:Engineering (General). Civil engineering (General)Raw databusinessverkkohyökkäyksetlcsh:Physics
researchProduct

State of the Art Literature Review on Network Anomaly Detection with Deep Learning

2018

As network attacks are evolving along with extreme growth in the amount of data that is present in networks, there is a significant need for faster and more effective anomaly detection methods. Even though current systems perform well when identifying known attacks, previously unknown attacks are still difficult to identify under occurrence. To emphasize, attacks that might have more than one ongoing attack vectors in one network at the same time, or also known as APT (Advanced Persistent Threat) attack, may be hardly notable since it masquerades itself as legitimate traffic. Furthermore, with the help of hiding functionality, this type of attack can even hide in a network for years. Additi…

Advanced persistent threatbusiness.industryComputer scienceDeep learningdeep learning020206 networking & telecommunications02 engineering and technologyComputer securitycomputer.software_genrenetwork anomaly detectionkoneoppiminen0202 electrical engineering electronic engineering information engineering020201 artificial intelligence & image processingAnomaly detectionState (computer science)Artificial intelligencetietoturvabusinessverkkohyökkäyksetcomputer
researchProduct

Exploring Azure Active Directory Attack Surface: Enumerating Authentication Methods with Open-Source Intelligence Tools

2022

Azure Active Directory (Azure AD) is Microsoft’s identity and access management service used globally by 90 per cent of Fortune 500 companies and many other organisations. Recent attacks by nation-state adversaries have targeted these organisations by exploiting known attack vectors. In this paper, open-source intelligence (OSINT) is gathered from organisations using Azure AD to explore the current attack surface. OSINT is collected from Fortune 500 companies and top 2000 universities globally. The collected OSINT includes authentication methods used by the organisation and the full name and phone number of the primary technical contact. The findings reveal that most organisations are using…

Azure Active DirectorypääsynvalvontatodentaminenattacktietoturvaAzure AdOSINTverkkohyökkäyksetSAMLenumerationKerberosProceedings of the 24th International Conference on Enterprise Information Systems
researchProduct

Artificial Intelligence in Protecting Smart Building’s Cloud Service Infrastructure from Cyberattacks

2020

Gathering and utilizing stored data is gaining popularity and has become a crucial component of smart building infrastructure. The data collected can be stored, for example, into private, public, or hybrid cloud service infrastructure or distributed service by utilizing data platforms. The stored data can be used when implementing services, such as building automation (BAS). Cloud services, IoT sensors, and data platforms can face several kinds of cybersecurity attack vectors such as adversarial, AI-based, DoS/DDoS, insider attacks. If a perpetrator can penetrate the defenses of a data platform, she can cause significant harm to the system. For example, the perpetrator can disrupt a buildin…

Computer scienceDenial-of-service attackCloud computingComputerApplications_COMPUTERSINOTHERSYSTEMStekoälyComputer securitycomputer.software_genreInsiderpilvipalvelutälytalotComponent (UML)cloud servicetietoturvakyberturvallisuusBuilding automationbusiness.industryattack vectorsartificial intelligencePopularityartificial-intelligence-based applicationsHeating systemälytekniikkabusinessdata platformCloud storagecomputerverkkohyökkäykset
researchProduct

Strategic cyber threat intelligence : Building the situational picture with emerging technologies

2020

In 2019, e-criminals adopted new tactics to demand enormous ransoms from large organizations by using ransomware, a phenomenon known as “big game hunting.” Big game hunting is an excellent example of a sophisticated and coordinated modern cyber-attack that has a significant impact on the target. Cyber threat intelligence (CTI) increases the possibilities to detect and prevent cyber-attacks and gives defenders more time to act. CTI is a combination of incident response and traditional intelligence. Intelligence modifies raw data into information for decision-making and action. CTI consists of strategic, operational, or tactical intelligence on cyber threats. Security event monitoring, event-…

Emerging technologiesStrategic Cyber Threat IntelligencetekoälyComputer securitycomputer.software_genremachine learningkoneoppiminenArtificial IntelligencetiedusteluBusinessCyber threat intelligenceSituational ethicskyberturvallisuuscomputerverkkohyökkäykset
researchProduct

Countering Adversarial Inference Evasion Attacks Towards ML-Based Smart Lock in Cyber-Physical System Context

2021

Machine Learning (ML) has been taking significant evolutionary steps and provided sophisticated means in developing novel and smart, up-to-date applications. However, the development has also brought new types of hazards into the daylight that can have even destructive consequences required to be addressed. Evasion attacks are among the most utilized attacks that can be generated in adversarial settings during the system operation. In assumption, ML environment is benign, but in reality, perpetrators may exploit vulnerabilities to conduct these gradient-free or gradient-based malicious adversarial inference attacks towards cyber-physical systems (CPS), such as smart buildings. Evasion attac…

ExploitComputer sciencebusiness.industryCyber-physical systemevasion attacksEvasion (network security)Context (language use)Adversarial machine learningComputer securitycomputer.software_genreadversarial machine learningdefensive mechanismscyber-physical systemAdversarial systemSmart lockkoneoppiminenälytekniikkabusinesskyberturvallisuuscomputerverkkohyökkäyksetBuilding automation
researchProduct

One-Pixel Attack Deceives Computer-Assisted Diagnosis of Cancer

2020

Computer vision and machine learning can be used to automate various tasks in cancer diagnostic and detection. If an attacker can manipulate the automated processing, the results can be devastating and in the worst case lead to wrong diagnosis and treatment. In this research, the goal is to demonstrate the use of one-pixel attacks in a real-life scenario with a real pathology dataset, TUPAC16, which consists of digitized whole-slide images. We attack against the IBM CODAIT's MAX breast cancer detector using adversarial images. These adversarial examples are found using differential evolution to perform the one-pixel modification to the images in the dataset. The results indicate that a mino…

FOS: Computer and information sciencesComputer Science - Machine LearningComputer Science - Cryptography and SecurityComputer scienceComputer Vision and Pattern Recognition (cs.CV)Computer Science - Computer Vision and Pattern RecognitionComputingMethodologies_IMAGEPROCESSINGANDCOMPUTERVISIONMachine Learning (cs.LG)Medical imagingComputer visionkonenäköIBMkyberturvallisuusPixelbusiness.industryPerspective (graphical)diagnostiikkakoneoppiminenDifferential evolutionWhole slide imageReversingsyöpätauditArtificial intelligencebusinessCryptography and Security (cs.CR)verkkohyökkäykset
researchProduct

GDL90fuzz: Fuzzing - GDL-90 Data Interface Specification Within Aviation Software and Avionics Devices–A Cybersecurity Pentesting Perspective

2022

As the core part of next-generation air transportation systems, the Automatic Dependent Surveillance-Broadcast (ADS-B) is becoming very popular. However, many (if not most) ADS-B devices and implementations support and rely on Garmin’s GDL-90 protocol for data exchange and encapsulation. In this paper, we research GDL-90 protocol fuzzing options and demonstrate practical Denial-of-Service (DoS) attacks on popular Electronic Flight Bag (EFB) software operating on mobile devices. For this purpose, we specifically configured our own avionics pentesting platform. and targeted the popular Garmin’s GDL-90 protocol as the industry-leading devices operate on it. We captured legitimate traffic from …

General Computer Sciencecybersecurityprotocolsaerospace electronicsavionicsattacksheart beatGeneral Materials SciencelennonjohtokyberturvallisuussoftwareGeneral EngineeringlentoliikenneresiliencyfuzzingtestausmenetelmätpentestingairtrafficaviationstandardsDoSaircraftverkkohyökkäyksetlennonvarmistusGDL-90ADS-BIEEE Access
researchProduct

Citizens’ Cybersecurity Behavior: Some Major Challenges

2022

Citizens’ cybersecurity behaviors are an important concern in the modern age. This work discusses the challenges of studying citizen cybersecurity behaviors and the directions for future research. peerReviewed

InternetturvallisuusComputer Networks and CommunicationsComputer scienceuhatorganisaatiottietoturvapolitiikkahakkerointikansalaisetvaikuttaminenetätyöEngineering ethicstietoturvaElectrical and Electronic EngineeringkyberturvallisuusverkkohyökkäyksetLawIEEE Security & Privacy
researchProduct