László Erdődi

• PhD
• Professor (Associate) at University of Oslo

In recent years, the automotive industry has witnessed a paradigm shift in the capabilities and functionalities of modern passenger vehicles. These vehicles have evolved beyond their conventional roles as modes of transportation to become complex data-generating and transmitting entities. With the integration of advanced sensors, processors, and co...

Advanced Persistent Threats (APTs) are stealthy, multi-step attacks tailored to a specific target. Often described as ’low and slow’, APTs remain undetected until the consequences of the cyber-attack become evident, usually in the form of damage to the physical world, as seen with the Stuxnet attack, or manipulation of an industrial process, as was...

This paper reports the presentation and discussion during the Cybersecurity of Critical Infrastructures workshop organized as a part of the 18th IFIP Summer School on Privacy and Identity Management. Furthermore, this paper also pointed to several promising future research directions. This workshop was primarily aimed at empowering PhD candidates,...

The rapid digitalization of power systems involves enhanced interconnectivity, intelligence, and cost-efficiency across all components. In the era of Industry 5.0, the criticality of energy supply makes power systems prime targets for attacks, highlighting the need for the creation and evaluation of solutions against cyber-physical threats. Testbed...

Industrial Control Systems (ICS) are increasingly integrated with Information Technology (IT) systems, blending Operational Technology (OT) and IT components. This evolution introduces new cyber-attack risks, necessitating specialized security measures like Intrusion Detection Systems (IDS). This paper presents our work on both developing an experi...

Vulnerabilities such as SQL injection represent a serious challenge to security. While tools with a pre-defined logic are commonly used in the field of penetration testing, the continually evolving nature of the security challenge calls for models able to learn autonomously from experience. In this paper we build on previous results on the developm...

Digital substations, also referred to as modern power grid substations, utilize the IEC 61850 station and process bus in conjunction with IP-based communication. This includes communication with switch yard equipment within the substation as well as the dispatch center. IEC 61850 is a global standard developed to standardize power grid communicatio...

Penetration testing is a security exercise aimed at assessing the security of a system by simulating attacks against it. So far, penetration testing has been carried out mainly by trained human attackers and its success critically depended on the available expertise. Automating this practice constitutes a non‐trivial problem because of the range an...

Smart grid brings various advantages such as increased automation in decision making, tighter coupling between production and consumption, and increased digitalization. Because of the many changes that the smart grid inflicts on the power grid as critical infrastructure, cyber security and robust resilience against cyberat-tacks are essential to ha...

Cyber security is a big challenge nowadays. However, the lack of qualified individuals and awareness is making the current situation more problematic. One way to address this problem is through National cyber security competitions. Such competitions provide large-scale awareness of cyber security issues and motivate individuals to join the cyber se...

Website hacking is a frequent attack type used by malicious actors to obtain confidential information, modify the integrity of web pages or make websites unavailable. The tools used by attackers are becoming more and more automated and sophisticated, and malicious machine learning agents seem to be the next development in this line. In order to pro...

Penetration testing is a central problem in computer security, and recently, the application of machine learning techniques to this topic has gathered momentum. In this paper, we consider the problem of exploiting SQL injection vulnerabilities, and we represent it as a capture-the-flag scenario in which an attacker can submit strings to an input fo...

In this paper, we propose a formalization of the process of exploitation of SQL injection vulnerabilities. We consider a simplification of the dynamics of SQL injection attacks by casting this problem as a security capture-the-flag challenge. We model it as a Markov decision process, and we implement it as a reinforcement learning problem. We then...

In this paper, we summarize the latest social engineering phishing attack types with the focus on domain name manipulation. Providing a fake domain is a crucial part of phishing attacks that can be carried out with different techniques such as cybersquatting, typosquattings, or homographs. We argue that homographs with special International Domain...

In this paper, we propose a first formalization of the process of exploitation of SQL injection vulnerabilities. We consider a simplification of the dynamics of SQL injection attacks by casting this problem as a security capture-the-flag challenge. We model it as a Markov decision process, and we implement it as a reinforcement learning problem. We...

Detecting vulnerabilities in software is a critical challenge in the development and deployment of applications. One of the most known and dangerous vulnerabilities is stack-based buffer overflows, which may allow potential attackers to execute malicious code. In this paper we consider the use of modern machine learning models, specifically recurre...

Website hacking is a frequent attack type used by malicious actors to obtain confidential information, modify the integrity of web pages or make websites unavailable. The tools used by attackers are becoming more and more automated and sophisticated, and malicious machine learning agents seems to be the next development in this line. In order to pr...

Penetration testing is a security exercise aimed at assessing the security of a system by simulating attacks against it. So far, penetration testing has been carried out mainly by trained human attackers and its success critically depended on the available expertise. Automating this practice constitutes a non-trivial problem, as the range of action...

Exploits are advanced threats that take advantage of vulnerabilities in IT infrastructures. The technological background of the exploits has been changed during the years. Several significant protections have been introduced (e.g. Data Execution Prevention, Enhanced Mitigation Experience Toolkit, etc.), but attackers have always found effective way...

This paper demonstrates how a local attack against a city traffic controller located in a public area can be detected and mitigated in a cost-effective way. This is done by applying a general security methodology, an architecture and a set of new and existing tools integrated by the PRECYSE EU-project. The traffic controller does not contain built-...

This paper investigates how secure information sharing with external vendors can be achieved in an Industrial Internet of Things (IIoT). It also identifies necessary security requirements for secure information sharing based on identified security challenges stated by the industry. The paper then proposes a roadmap for improving security in IIoT wh...

Against vulnerable binary applications both ethical and malicious hackers frequently apply an exploitation technique called egg-hunting. Egg-hunters are small shellcodes whose goal is to search for a usually longer and less restricted egg that executes the next phase of the attack. Here, this method is investigated from several new aspects. First w...

Memory corruption vulnerabilities are one of the most dangerous types of software errors. By exploiting such vulnerabilities the malicious attackers can force the operating system to run arbitrary code on the system. The understanding and the research of memory corruption exploitation methods are crucial in order to improve detection and promote pr...

The return oriented programming is one of the most up-to-date form of the memory corruption based attacks recently. The return oriented shellcode is written by the malicious attacker in order to have his own code run with a vulnerable program on the attacked computer. When composing a return oriented program the attacker uses the binary code of the...

Jump oriented programming is one of the most up-to-date form of the memory corruption attacks. During this kind of attack the attacker tries to achieve his goal by using library files linked to the binary, without the placing of any own code. To execute attacks like this, a dispatcher gadget is needed which does the control by reading from a given...

One of the most dangerous forms of the memory manipulation based attacks is the code reuse based attack type. In this type of attack the malwares do not need to place own malicious code in the memory space, they use the already linked code to achieve the aim. The present study discusses a critical part of the jump oriented programming which is nowa...

File compression in the case of large files can be time consuming and it is not even necessarily effective. Vast majority of the compression software use algorithms with implementations for CPU architecture. From the beginning of the 2000's the performance of graphic processing units (GPU) have been continuously increasing and at the present time i...

Timber joints are usually considered as perfectly pinned or stiff against rotation during the calculations of engineering timber structures. However the semi-rigid behavior the joints cannot be avoided in case of accurate calculations. In this paper the rotational stiffness and the full moment-rotational behavior of dowel-type timber joints were an...

Modeling timber joints it is essential to know the stiffness of the connections. In some cases the prescriptions of the standards contain only general approach without considering significant effects. The presented paper analyzes the load-slip behavior of dowel-type timber joints. A computer calculation method is presented, which is able to take in...

Analyzing the strength behavior of wooden materials the stresses that cause failure can be determined only in case of uniaxial compression or tension and shear parallel to the grain according to Eurocode 5. The standard does not give any data for stress pairs that are not part of the above cases. In this study the strength failure of the wood with...

In this study, a calculation method is presented for wood fiber reinforced concrete. This combined material shares many favorable characteristics, such as small crack width values and great durability. However, the calculations show that the load-displacement behavior deviates from conventional timber and reinforced concrete structures. A significa...