Command and Control: Monitoring, defending and exploiting critical infrastructure
| dc.contributor.author | Puuska, Samir | |
| dc.date.accessioned | 2021-07-26T13:53:44Z | |
| dc.date.available | 2021-07-26T13:53:44Z | |
| dc.date.issued | 2021 | |
| dc.identifier.isbn | 978-951-39-8755-8 | |
| dc.identifier.uri | https://jyx.jyu.fi/handle/123456789/77207 | |
| dc.description.abstract | For securing critical infrastructure, this thesis aims to develop a common operating picture system, establish methods for detecting targeted cyberattacks, and investigate exploits against machine learning -based decision making. A design-science research framework is used, in which the validity is assessed through practical applicability of the solution artifact, and through an iterative requirements–evaluation cycle in close cooperation with key stakeholders. The included studies address three topics: i) common operating picture systems, with emphasis on modeling and analysis methods, ii) neural network -based detection of encrypted malware command and control channels, and iii) one-pixel attacks targeting a neural network -based computer-aided cancer diagnosis. The studies made extensive use of raw data obtained through stakeholder collaboration. In addition, malware network traffic data generated through cybertraining activities on cyber-range environments, and tools used in targeted APT-malware attacks were utilized. A tissue sample -based tool, utilizing neural network technology, for computeraided diagnosis of breast cancer, and associated digitized light microscope samples were used in vulnerability research. The main results include ascertaining the applicability of the design-science research framework to the individual problem fields, and noting the necessity of raw data and stakeholder cooperation. Considering the results by topic, the required modeling and analysis methods could be implemented as a part of a common operating picture system, suitable neural network architectures with validation methods were created in malware traffic detection studies, and a method for producing hostile samples could be found in the study concerning one-pixel attacks. The practical results of the common operating picture -study include an VN TEAS report, produced to support state-level decision making, in which the results of the studies were utilized extensively. With regard to cyberattack detection methods, their suitability for SUNBURSTbackdoor detection was established. With regard to the one-pixel attack, the feasibility of the attack was demonstrated and the first publication considering the attack in a computer-aided diagnostic setting was produced. | en |
| dc.format.mimetype | application/pdf | |
| dc.language.iso | eng | |
| dc.publisher | Jyväskylän yliopisto | |
| dc.relation.ispartofseries | JYU dissertations | |
| dc.relation.haspart | <b>Artikkeli I:</b> Puuska S. et al. (2015). Modelling and real-time analysis of critical infrastructure using discrete eventsystems on graph. <i>In 2015 IEEE International Symposium on Technologies for Homeland Security (HST), 2015, pp. 1–5.</i> DOI: <a href="https://doi.org/10.1109/THS.2015.7225330"target="_blank">10.1109/THS.2015.7225330</a> | |
| dc.relation.haspart | <b>Artikkeli II:</b> Puuska S. et al. (2017) Integrated platform for critical infrastructure analysis and common operating picture solutions. In <i>2017 IEEE Internationa lSymposium on Technologies for Homeland Security (HST), 2017, 1–6.</i> DOI: <a href="https://doi.org/10.1109/THS.2017.8093737"target="_blank"> 10.1109/THS.2017.8093737</a> | |
| dc.relation.haspart | <b>Artikkeli III:</b> Puuska S. et al. (2018). Nationwide critical infrastructure monitoring using a common operating picture framework. <i>International Journal of Critical Infrastructure Protection, vol. 20, 28–47.</i> DOI: <a href="https://doi.org/10.1016/j.ijcip.2017.11.005"target="_blank"> 10.1016/j.ijcip.2017.11.005</a> | |
| dc.relation.haspart | <b>Artikkeli IV:</b> Kokkonen T. and Puuska S. (2018). Blue Team Communication and Reporting for Enhancing Situational Awareness from White Team Perspective in Cyber Security Exercises. In <i>Internet of Things, Smart Spaces, and Next Generation Networks and Systems, O. Galinina et al., Eds.. Cham: Springer International Publishing, 277–288.</i> DOI: <a href="https://doi.org/10.1007/978-3-030-01168-0_26"target="_blank"> 10.1007/978-3-030-01168-0_26</a> | |
| dc.relation.haspart | <b>Artikkeli V:</b> Puuska S. et al. (2019). Anomaly-Based Network Intrusion Detection Using Wavelets and Adversarial Autoencoders. In <i>Innovative Security Solutions for Information Technology and Communications, J.-L. Lanet and C. Toma, Eds., Cham: Springer International Publishing, 234–246.</i> DOI: <a href="https://doi.org/10.1007/978-3-030-12942-2_18"target="_blank">10.1007/978-3-030-12942-2_18</a> | |
| dc.relation.haspart | <b>Artikkeli VI:</b> Kokkonen T. et al. (2019). Network Anomaly Detection Based on WaveNet. In <i>Internet of Things, Smart Spaces, and Next Generation Networks and Systems, O. Galinina et al., Eds., Cham:Springer International Publishing, 424–433.</i> DOI: <a href="https://doi.org/10.1007/978-3-030-30859-9_36"target="_blank">10.1007/978-3-030-30859-9_36</a> | |
| dc.relation.haspart | <b>Artikkeli VII:</b> Puuska S. et al. (2020). Statistical Evaluation of Artificial Intelligence -Based Intrusion Detection System. In <i>Trends and Innovations in Information Systems and Technologies, Á. Rocha et al., Eds. Cham: Springer International Publishing, 464–470.</i> DOI: <a href="https://doi.org/10.1007/978-3-030-45691-7_43"target="_blank">10.1007/978-3-030-45691-7_43</a> | |
| dc.relation.haspart | <b>Artikkeli VIII:</b> Sipola T. et al. (2020). Model Fooling Attacks Against Medical Imaging: A Short Survey. <i>Information & Security: An International Journal, vol. 46, no. 2, 215–224.</i> DOI: <a href="https://doi.org/10.11610/isij.4615"target="_blank">10.11610/isij.4615</a> | |
| dc.relation.haspart | <b>Artikkeli IX:</b> Korpihalkola J. et al. (2020). One-pixel Attack Deceives Automatic Detection of Breast Cancer. <i> Computers & Security, under review.</i> | |
| dc.rights | In Copyright | |
| dc.subject.other | critical infrastructure protection | en |
| dc.subject.other | mathematical modeling | en |
| dc.subject.other | advanced persistent threat | en |
| dc.subject.other | intrusion detection | en |
| dc.subject.other | one-pixel attack | en |
| dc.subject.other | computer-aided diagnosis | en |
| dc.subject.other | kriittinen infrastruktuuri | fi |
| dc.subject.other | matemaattinen mallinnus | fi |
| dc.subject.other | APT-uhka | fi |
| dc.subject.other | kyberhyökkäysten havaitseminen | fi |
| dc.subject.other | yhden pikselin hyökkäys | fi |
| dc.subject.other | tietokoneavusteinen diagnoosi | fi |
| dc.title | Command and Control: Monitoring, defending and exploiting critical infrastructure | |
| dc.type | Diss. | |
| dc.identifier.urn | URN:ISBN:978-951-39-8755-8 | |
| dc.relation.issn | 2489-9003 | |
| dc.rights.copyright | © The Author & University of Jyväskylä | |
| dc.rights.accesslevel | openAccess | |
| dc.type.publication | doctoralThesis | |
| dc.subject.yso | neural networks (information technology) | en |
| dc.subject.yso | data security | en |
| dc.subject.yso | cyber attacks | en |
| dc.subject.yso | cyber security | en |
| dc.subject.yso | cancerous diseases | en |
| dc.subject.yso | neuroverkot | fi |
| dc.subject.yso | tietoturva | fi |
| dc.subject.yso | verkkohyökkäykset | fi |
| dc.subject.yso | kyberturvallisuus | fi |
| dc.subject.yso | syöpätaudit | fi |
| dc.format.content | fulltext | |
| dc.rights.url | http://rightsstatements.org/page/InC/1.0/?language=en | |
| dc.date.digitised |
Aineistoon kuuluvat tiedostot
Aineisto kuuluu seuraaviin kokoelmiin
-
JYU Dissertations [748]
-
Väitöskirjat [3428]
Ellei muuten mainita, aineiston lisenssi on In Copyright