Andrei Costin

• Assistant Professor
• Professor (Assistant) at University of Jyväskylä

Vulnerability management is a critical industry activity driven by compliance and regulations aiming to allocate best-fitted resources to address vulnerabilities efficiently. The increasing number of vulnerabilities reported and discovered by a diverse community results in varying quality of the reports and differing perspectives. To tackle this, m...

During the past few decades, the aviation, maritime, aerospace, and search-and-rescue domains have witnessed tremendous improvement thanks to technological, digitalization and Internet of Things (IoT) advances such as Automatic Dependent Surveillance–Broadcast (ADS-B) (e.g., Aviation IoT, Airports IoT) and Automatic Identification System (AIS) (e.g...

The rise of malware targeting interconnected infrastructures has surged in recent years, driven largely by the widespread presence of vulnerable legacy IoT devices and inadequately secured networks. Despite the strong interest attackers have in targeting this infrastructure, a significant gap remains in understanding how the landscape has recently...

The rising popularity of phenomena such as ubiquitous computing and IoT poses increasingly high demands for data management, and it is not uncommon that database management systems (DBMS) must be capable of reading and writing hundreds of operations per second. Vector DBMSs (VDBMS) are novel products that focus on the management of vector data and...

The Brain-Computer Interface (BCI) is a rapidly evolving technology set to revolutionize our perception of the Internet of Things (IoT). BCI facilitates direct communication between the brain and external devices, enabling the control or interaction of devices without physical intervention. BCI technology is becoming more sophisticated, allowing th...

An organization’s ability to protect itself against risks originating from system vulnerabilities is determined by its ability to apply and maintain an operating system security policy and detect, prioritize, and timely apply patches to known system vulnerabilities. This paper discusses the usability of openly available Security Content Automation...

The number of different devices connected to the Internet is constantly increasing. There is a high demand for these devices, and their benefits are clear for certain groups of users. Some of these devices, the Internet of Things (IoT), are part of smart homes, making the residents’ everyday lives easier and safer. In general, the security of IoT d...

The brain-computer interface (BCI) is a growing field of technology, and it has become clear that BCI systems’ cybersecurity needs amelioration. When BCI devices are developed with wireless connection capabilities, more often than not, this creates more surface area for attackers to concentrate their attacks. The more invasive BCI technology is use...

Automatic Dependent Surveillance (ADS), Automatic Dependent Surveillance-Broadcast (ADS-B), Secondary Surveillance Radars (SSR), and Mode S are key air surveillance technologies representing a critical component of next-generation air transportation systems. However, compared to 1090MHz demodulators and decoders, which have plenty of implementation...

Automatic Dependent Surveillance (ADS), Automatic Dependent Surveillance-Broadcast (ADS-B), Secondary Surveillance Radars (SSR), and Mode S are key air surveillance technologies representing a critical component of next-generation air transportation systems. However, compared to 1090MHz demodulators and decoders, which have plenty of implementation...

Aviation, maritime, and aerospace traffic control, radar, communication, and software technologies received increasing attention in the research literature over the past decade, as software-defined radios have enabled practical wireless attacks on communication links previously thought to be unreachable by unskilled or low-budget attackers. Moreove...

COSPAS-SARSAT is an International programme for "Search and Rescue" (SAR) missions based on the "Satellite Aided Tracking" system (SARSAT). It is designed to provide accurate, timely, and reliable distress alert and location data to help SAR authorities of participating countries to assist persons and vessels in distress. Two types of satellite con...

Cyberattacks are now occurring on a daily basis. As attacks and breaches are so frequent, and the fact that human work hours do not scale infinitely, the cybersecurity industry needs innovative and scalable tools and techniques to automate certain cybersecurity defensive tasks in order to keep up. The variety, the complex nature of the attacks, and...

Cyberattacks are the “new normal” in the hyper-connected and all-digitized modern world, as breaches, denial-of-service, ransomware, and a myriad of other attacks occur every single day. As the attacks and breaches increase in complexity, diversity, and frequency, cybersecurity actors (both ethical and cybercrime) turn to automating these attacks i...

In this work, we present CCTV-Exposure -- the first CCTV-aware solution to evaluate potential privacy exposure to closed-circuit television (CCTV) cameras. The objective was to develop a toolset for quantifying human exposure to CCTV cameras from a privacy perspective. Our novel approach is trajectory analysis of the individuals, coupled with a dat...

Due to technical advances, old ways for securing DevOps software development have become obsolete. Thus, researchers and practitioners need new insights into the security challenges and practices of DevOps development. This paper reviews the data extraction and analysis phase and results of a Systematic Literature Review (SLR) study that was carrie...

In this work, we present CCTV-Exposure-the first CCTV-aware solution to evaluate potential privacy exposure to closed-circuit television (CCTV) cameras. The objective was to develop a toolset for quantifying human exposure to CCTV cameras from a privacy perspective. Our novel approach is trajectory analysis of the individuals, coupled with a databa...

For the last several decades, the increased, widespread, unwarranted , and unaccountable use of closed-circuit television cameras (CCTV) globally has raised concerns about privacy risks. Recent CCTV camera features, such as Artificial Intelligence (AI)-based facial recognition, only increase concerns. Therefore, CCTV-aware solutions must exist that...

In this chapter, we analyze cybersecurity weaknesses in three use-cases of real-world cyber-physical systems: transportation (aviation), remote explosives and robotic weapons (fireworks pyrotechnics), and physical security (CCTV). The digitalization, interconnection, and IoT-nature of cyber-physical systems make them attractive targets. It is cruci...

As the core technology of next-generation air transportation systems, the Automatic Dependent Surveillance-Broadcast (ADS-B) is becoming very popular. However, many (if not most) ADS-B devices and implementations support and rely on Garmin’s Datalink 90 (GDL-90) protocol for data exchange and encapsulation. This makes it essential to investigate th...

To increase situational awareness of maritime vessels and other entities and to enable their exchange of various information, the International Maritime Organization mandated the use of the Automatic Identification System (AIS) in 2004. The AIS is a self-reporting system that uses the VHF radio link. However, any radio-based self-reporting system i...

Automatic dependent surveillance-broadcast (ADS-B) is a key air surveillance technology and a critical component of next-generation air transportation systems. It significantly simplifies aircraft surveillance technology and improves airborne traffic situational awareness. Many types of mobile cockpit information systems (MCISs) are based on ADS-B...

Apache Log4j2 is a prevalent logging library for Java-based applications. In December 2021, several critical and high-impact software vulnerabilities, including CVE-2021-44228, were publicly disclosed, enabling remote code execution (RCE) and denial of service (DoS) attacks. To date, these vulnerabilities are considered critical and the consequence...

Internet-Of-Things (IoT) devices and their firmware are notorious for their lifelong vulnerabilities. As device infection increases, vendors also fail to release patches at a competitive pace. Despite security in IoT being an active area of research, prior work has mainly focused on vulnerability detection and exploitation, threat modelling, and pr...

Automatic Dependent Surveillance-Broadcast (ADS-B) is a cornerstone of the next-generation digital sky and is now mandated in several countries. However, there have been many reports of serious security vulnerabilities in the ADS-B architecture. In this paper, we demonstrate and evaluate the impact of multiple cyberattacks on ADS-B via remote radio...

For the last several decades, the increased, widespread, unwarranted, and unaccountable use of Closed-Circuit TeleVision (CCTV) cameras globally has raised concerns about privacy risks. Additional recent features of many CCTV cameras, such as Internet of Things (IoT) connectivity and Artificial Intelligence (AI)-based facial recognition, only incre...

Image annotation and large annotated datasets are crucial parts within the Computer Vision and Artificial Intelligence fields.At the same time, it is well-known and acknowledged by the research community that the image annotation process is challenging, time-consuming and hard to scale. Therefore, the researchers and practitioners are always seekin...

Software vulnerabilities are identified during their whole life-cycle; some vulnerabilities may be caused by flaws on the design while other appear due to advances on the technologies around the systems. Frameworks such as OWASP are well- known and are used for testing a systems security before or after implementation, and such testing is carried o...

The goal of this chapter is to introduce the reader to the domain of bug discovery in embedded systems which are at the core of the Internet of Things. Embedded software has a number of particularities which makes it slightly different to general purpose software. In particular, embedded devices are more exposed to software attacks but have lower d...

In order to withstand the ever-increasing invasion of privacy by CCTV cameras and technologies, on par CCTV-aware solutions must exist that provide privacy, safety, and cybersecurity features. We argue that a first important step towards such CCTV-aware solutions must be a mapping system that provides both privacy and safety routing and navigation...

In order to withstand the ever-increasing invasion of privacy by CCTV cameras and technologies, on par CCTV-aware solutions must exist that provide privacy, safety, and cybersecurity features. We argue that a first important step towards such CCTV-aware solutions must be a mapping system (e.g., Google Maps, OpenStreetMap) that provides both privacy...

Static and dynamic binary analysis techniques are actively usedto reverse engineer software’s behavior and to detect its vulnera-bilities, even when only the binary code is available for analysis.To avoid analysis errors due to misreading op-codes for a wrongCPU architecture, these analysis tools must precisely identify theInstruction Set Architect...

Cybersecurity is a real challenge on many levels for the transportation sector and its sub-sectors (air, maritime, ports, road...). While some aspects remain sub-sector specific, thereby making cy- bersecurity issues difficult to address, this report aims to understand the landscape and come up with a horizontal and holistic understanding of the cy...

Static and dynamic binary analysis techniques are actively used to reverse engineer software's behavior and to detect its vulnerabilities, even when only the binary code is available for analysis. To avoid analysis errors due to misreading op-codes for a wrong CPU architecture, these analysis tools must precisely identify the Instruction Set Archit...

Lua is an interpreted, cross-platform, embeddable, performant and low-footprint language. Lua's popularity is on the rise in the last couple of years. Simple design and efficient usage of resources combined with its performance make it attractive for production web applications even to big organizations such as Wikipedia, CloudFlare and GitHub. In...

Embedded systems, as opposed to traditional computers, bring an incredible diversity. The number of devices manufactured is constantly increasing and each has a dedicated software, commonly known as firmware. Full firmware images are often delivered as multiple releases, correcting bugs and vulnerabilities, or adding new features. Unfortunately, th...

Video surveillance, closed-circuit TV and IP-camera systems became virtually omnipresent and indispensable for many organizations, businesses, and users. Their main purpose is to provide physical security, increase safety, and prevent crime. They also became increasingly complex, comprising many communication means, embedded hardware and non-trivia...

Embedded devices are becoming more widespread, interconnected, and web-enabled than ever. However, recent studies showed that embedded devices are far from being secure. Moreover, many embedded systems rely on web interfaces for user interaction or administration. Web security is still difficult and therefore the web interfaces of embedded systems...

Embedded devices are becoming more widespread, interconnected, and web-enabled than ever. However, recent studies showed that these devices are far from being secure. Moreover, many embedded systems rely on web interfaces for user interaction or administration. Unfortunately, web security is known to be difficult, and therefore the web interfaces o...

Monitoring of the high-performance computing systems and their components, such as clusters, grids and federations of clusters, is performed using monitoring systems for servers and networks, or Network Monitoring Systems (NMS). These monitoring tools assist system administrators in assessing and improving the health of their infrastructure. A suc...

As embedded systems are more than ever present in our society, their security is becoming an increasingly important issue. However, based on the results of many recent analyses of individual firmware images, embedded systems acquired a reputation of being insecure. De-spite these facts, we still lack a global understanding of embedded systems’ secu...

Fireworks are used around the world to salute popular events such as festivals, weddings, and public or private celebrations. Besides their entertaining effects fireworks are essentially colored explosives which are sometimes directly used as weapons. Modern fireworks systems heavily rely on `wireless pyrotechnic firing systems'. Those `embedded cy...

Internet and telephones are part of everyone's modern life. Unfortunately, several criminal activities also rely on these technologies to reach their victims. While the use and importance of the Internet has been largely studied, previous work overlooked the role that phone numbers can play in understanding online threats. In this work we aim at de...

419 scam (also referred to as Nigerian scam) is a popular form of fraud in which the fraudster tricks the victim into paying a certain amount of money under the promise of a future, larger payoff. Using a public dataset, in this paper, we study how these forms of scam campaigns are organized and evolve over time. In particular, we discuss the role...

In this paper we investigate (in)security aspects of Automatic Dependent Surveillance-Broadcast (ADS-B) proto-col. ADS-B is intended to be widely deployed in Air Traffic Management (ATM) Surveillance systems by 2020. One of the goals of ADS-B is to increase safety of air traffic. While the security of ADS-B was previously questioned, in this paper...