Sampsa Rauti

• University of Turku

The internet has become a primary source of health information for many people. For example, the websites of many medical condition support associations, meant for people suffering from various medical conditions, contain information on different medical conditions, treatments, and general health advice. However, accessing such information can be a...

In our digitalized modern society where cyber-physical systems and internet-of-things (IoT) devices are increasingly commonplace, it is paramount that we are able to assure the cybersecurity of the systems that we rely on. As a fundamental policy, we join the advocates of multilayered cybersecurity measures, where resilience is built into IoT syste...

There are numerous benefits from regularly walking in nature, and today's mobile technologies have the potential to encourage people to do so. Past research has showed that gamified map-based apps and location-based games (LBGs) have the capability to incentivize people to go to nature areas in cities and beyond. In this study, we explored LBGs' po...

The concepts of sacred places and spaces appear throughout religions globally. Places such as churches, cathedrals, temples, mosques, synagogues and graveyards are given special meanings, both functionally and spiritually, and separated from the ordinary. Recently location-based augmented reality (AR) technologies and applications have become wides...

As the demand for digital services keeps growing, online pharmacies have become a very important part of essential digital services. When sensitive personal data such as medicine orders are processed, privacy issues become increasingly important. In this paper, we take a look at personal data delivered to third parties in 20 Finnish online pharmaci...

Joukkoliikenteen käyttäminen on monelle kansalaiselle välttämättömyys, joten joukkoliikenteen mobiilisovelluksien toiminnan tulee olla avointa ja luotettavaa. Tässä artikkelissa tutkimme henkilötietojen käsittelyn läpinäkyvyyden toteutumista suomalaisissa joukkoliikenteen mobiilisovelluksissa havainnoimalla empiirisesti sovellusten tietosuojaselost...

Purpose With digitalization, using essential digital services such as online services has become increasingly common. These services process sensitive health related data, such as customers’ prescription medicine orders, which makes ensuring stringent data privacy crucial. The current study examines third parties such as analytics services on Finni...

In the realm of music we have multiple examples of successful rock stars, composers and producers who describe themselves as self-taught. This suggests there might be a demand in formal music education for learning technologies that support students' self-propelled discovery. In this theoretical work, we explore the design space of educational musi...

Whistleblowing refers to reporting misconduct to responsible authorities. With accelerating digitalization and the European Union’s new whistleblower directive, large numbers of whistleblowing channels and company web pages that act as gateways to these services have been deployed. At the same time, on modern websites rife with third-party services...

Today, many everyday tasks are carried out online, and traditional desktop applications are also being replaced by web applications. Consequently, the web browser has become an important execution environment. The security of the browser environment, however, has not fully kept up with this recent development. One notable threat to online privacy i...

The accelerated digitalization and the increased use of online services for everyday tasks, online privacy issues are more important than ever before. This also goes for universities which are increasingly moving information and services online. Our study provides a technical overview of prevalence of third-party analytics on university websites. W...

Today, web services are widely used by ordinary people with little technical know-how. Thus, end user cybersecurity in web applications has become an essential aspect to consider in web development. One important part of online cybersecurity is the HTTPS protocol that encrypts the web traffic between endpoints. This paper explores how the relevant...

Children increasingly download and use mobile applications from marketplaces such as Apple's App Store or the Google Play Store. One would expect that applications intended for children are free of third-party analytics, or at least make sure parents give their consent for collecting personal data from children. In this study, we performed an in-de...

Previous research suggests that the experience and practices related to gaming and extended realities, and religion and spiritualism, share similarities. In this study, we explore how both the employees of the Evangelical Lutheran Church (n=156) and pervasive game players (n=98) perceive and make sense of these connections. We approach the qualitat...

Internet of Things (IoT) has emerged as an umbrella term to describe connecting smart everyday objects (such as washing machines, toilets and sound systems), sensors and industrial machines to the internet. While IoT devices hold potential to greatly enhance quality of life through automating and optimizing mundane tasks, there are a great deal of...

As services increasingly move online and mobile devices become ubiquitous, mobile applications are widely used by ordinary people with little technical knowledge. Consequently, user privacy has become an essential matter to consider when developing mobile applications. In this paper, we study the privacy of 32 mobile applications provided by Finnis...

Single player video games unite players through shared experiences, passion and knowledge about the game. We investigate the role of video game music in this setting. We analyse comments (n=1893) on 20 popular single player adventure game songs on social media sorted into four clusters based on the following two variables (1) age of the game; and (...

Several popular contemporary online multiplayer games and franchises are developed and managed with the aid of multiple data sources. Despite the control and insight that the utilization of data brings to game design and business decisions, video game developers occasionally receive backlash from their player communities. Examples include the annou...

Online multiplayer game developers have plenty of motivation to prevent technical cheating in their games. In the case of location-based games (LBGs), in addition to the usual anti-cheat measures, developers need to be able to verify players' location sensor data. This is a challenge, as mobile devices' sensor data is easy to manipulate, and its ve...

Emergent religious phenomena arise in various contexts, also in cross-media franchises and video games. In this work we investigate the similarities between virtual game worlds, as created by location-based games, and the spiritual world of Christianity through a survey study with 156 employees of the Finnish Evangelical Lutheran Church. Through th...

Online scams, unsolicited advertisements, messages containing malicious files and other forms of spam continue to be a nuisance in today's internet, wasting users' time and causing financial damage to companies and organizations. There have been many proposals on how spam should be stopped, from various kinds of spam filters to legislative measures...

Smart environments such as smart homes are a collection of IoT devices, sensors, artificial intelligence and remote control systems. These technologies come with many possible benefits, such as improved energy-efficiency, easier maintenance and increased living comfort. On the other hand, ubiquitous use of these technologies raise cybersecurity and...

Augmented reality (AR) games such as location-based games add virtual content on top of the real world. We investigate why playing these games feels meaningful to players by focusing on the dimensions of imagination and sociality. We theorise a structural model that we test with data collected from a global sample of players of the popular AR game...

Popular scambaiting content creators and streamers have turned scambaiting into a form of video entertainment, which has accumulated hundreds of millions of views on YouTube alone. In this explorative study, we followed four popular scambaiters and their viewers to gain insight into the phenomena. Four levels of scambaiting were observed: (1) wasti...

Interface diversification is a proactive approach to combat malware. By uniquely diversifying critical interfaces on each computer, the malicious executable code can be rendered useless. This paper discusses the advantages and challenges of interface diversification as a software security mechanism in order the gauge its feasibility and also gives...

Pokémon has become the most profitable cross-media franchise since its creation 25 years ago. In this conceptual work, we go through the current eight generations of Pokémon games, movies and anime episodes to understand why the franchise appeals to humans. We focus on the following four core themes: (1) relationship with the Pokémon creatures; (2)...

This paper discusses a technical solution that will help to bring the cyber defenders and investigators one step closer to successful cyber attribution: deception technology. The goal is to detect abnormal activities taking place in the computer system by planting so called fake entities into the system. These fake entities appear to be interesting...

Man-in-the-browser (MitB) attacks can modify the contents of a web page or alter data in messages exchanged over the network without the communicating parties (the user and the web service) noticing anything out of ordinary. In this paper, we present a systematic survey of countermeasures against man-in-the-browser attacks. While no countermeasure...

Location-based applications (LBAs) capture the user’s physical location via satellite navigation sensors and integrate it as part of the digital application. Because of this connection, the real-world environment needs to be accounted for in LBA design. In this work, we focused on creating a database of geographically distributed points of interest...

Previous studies have reported various potential benefits from playing location-based games (LBGs). These include being outdoors, exercise , decreased sedentary behavior, increased knowledge of surroundings , improved cartographic, geographical and navigation skills, increased social interaction, meeting new people, forming acquaintances and activa...

Lunch cafeterias are forced to throw away food daily. The two main reasons are customer food waste and cafeteria food overproduction. Currently lunch cafeterias are able to follow how much surplus food is generated and find solutions such as offering excess food to consumers at a discount the next day. Reducing consumer food waste is more challengi...

There are several implicit benefits to formal school education. One the most important is the learning of social skills i.e. how to behave, interact meaningfully and form social bonds with other people. However, there are multiple situations where the learning of social skills can be disrupted, e.g. bullying or the recent COVID-19 pandemic that for...

Internal interface diversification is a proactive software security method that prevents malware from using the fundamental services provided by an operating system by uniquely diversifying internal interfaces and propagating the information only to trusted programs. There are three main internal interfaces in operating systems that have been diver...

Context: Coordination is a fundamental tenet of software engineering. Coordination is required also for identifying discovered and disclosed software vulnerabilities with Common Vulnerabilities and Exposures (CVEs). Motivated by recent practical challenges, this paper examines the coordination of CVEs for open source projects through a public maili...

21st century skills are being added in K-12 educational curricula globally, often via integrating them into existing subjects such as math. Simultaneously music teaching in K-12 education is losing relevance and popularity. Yet, music theory contains logical structures which are in many regards similar to program code. Additionally the digitization...

Location-based games (LBGs) are becoming increasingly popular. These games use player’s physical location as a game mechanic, and many of the games are played in real time. This study investigates the affordances that three popular LBGs, Ingress, Pokémon GO and The Walking Dead: Our World, provide for users to collect location data from other playe...

Despite computer programming courses today often having hundreds of participants, it is important that the students complete practical programming exercises and have a possibility to participate in hands-on programming sessions, where they can get help from their peers and teaching assistants. However, heterogeneous devices used by students pose a...

Man-in-the-browser (MitB) attacks, often implemented as malicious browser extensions, have the ability to alter the structure and contents of web pages, and stealthily change the data given by the user before it is sent to the server. This is done without the user or the online service (the server) noticing anything suspicious. In this study, we pr...

This study argues that the fundamental tenets Carl von Clausewitz presented about warfare in his influential book On War can be applied to defensive cyberwar. This will help in forming a new multidisciplinary perspective on the topic, which can benefit policy makers, political and military scientists and cyber security specialists alike. Moreover,...

Internal interface diversification is a proactive technique that protects software and devices from malicious cyber attacks by making interfaces unique in every separate system. As malware cannot use the knowledge about internal interfaces in the system to its advantage anymore, it is rendered useless. The current study gauges the effectiveness of...

Location-based games (LBGs), where the user's physical location is a central part of gameplay, have become popular since the commercial success of Pokémon Go. The extant literature has focused to explain the success of LBGs by focusing on aspects of gratification and reasons to start, continue and quit playing. This study departs from the previous...

Exergames, i.e. games which aim to increase player’s physical activity, are a prominent sub-category of serious games (SGs). Recently, location-based games (LBGs) similar to Pokémon GO have gained the attention of exergame designers as they have been able to reach people who would otherwise not be motivated to exercise. Multiple studies have been c...

It is rare for a game to become such a phenomenon that almost 300 scientific papers are published about it in a span of three years. However, that is the case with the location-based game Pokémon GO. The game has been praised as a solution to the global inactivity crisis, but also criticized, for example, for only increasing physical activity in th...

In today’s diverse cyber threat landscape, anomaly-based intrusion detection systems that learn the normal behavior of a system and have the ability to detect previously unknown attacks are needed. However, the data gathered by the intrusion detection system is useless if we do not form reasonable data points for machine learning methods to work, b...

Asynchronous telemedicine systems face many challenges related to information security as the patient's sensitive information and data on medicine dosage is transmitted over a network when monitoring patients and controlling asynchronous telemedical IoT devices. This information may be modified or spied on by a malicious adversary. To make asynchro...

Location-based games (LBGs) have risen to popularity recently with games like Pokémon GO, Jurassic World: Alive and Walking Dead: Our World. The games revolve around travelling to points of interests (PoIs) to perform missions, but where the points are located and what they represent in the real world varies between games. In this study, we look at...

Although email spam has been decreasing in recent years, it is still a significant problem. Unsolicited messages are not only an annoying waste of time, but may also lead users to dubious websites where their personal information is collected or malicious code is executed. In this paper, we study a relatively new trend in the world of spamming, loc...

The software architecture plan describes the high-level structure and logic of a software system. The architectural plan acts as a constitution and dictates the fundamental principles of the system; therefore, the plan also eventually determines which kinds of business models the software system can support. In the modern mercury business, there is...

Studies on location-based games ubiquitously report positive learning outcomes for the players. Particularly these games are shown to promote exercise, encourage to social interaction and increase geographical and cartographical knowledge. To find out whether these positive effects are game-specific or characteristic to all location-based games, we...

Host intrusion detection systems are used to analyze internal events on host machines and detect behavioral patterns that differ from normal operation of the system and its processes. One important aspect in observing the behavior of processes are the application updates that may change the behavior of an application but also potentially help to bu...

Context: Diversification and obfuscation are promising techniques for securing software and protecting computers from harmful malware. The goal of these techniques is not removing the security holes, but making it difficult for the attacker to exploit security vulnerabilities and perform successful attacks. Objective: There is an increasing body of...

Context: Coordination is a fundamental tenet of software engineering. Coordination is required also for identifying discovered and disclosed software vulnerabilities with Common Vulnerabilities and Exposures (CVEs). Motivated by recent practical challenges, this paper examines the coordination of CVEs for open source projects through a public maili...

Payloads of packets transmitted over network contain dynamic fields that represent many kinds of real world objects. In many different applications, there is a need to recognize and sometimes replace these fields. In this paper, we present a manually assisted solution for searching and annotating dynamic fields in message payloads, specifically foc...

More actuator and sensor devices are connected to the Internet of Things (IoT) every day, and the network keeps growing, while software security of the devices is often incomplete. Sensor networks and the IoT in general currently cover a large number of devices with an identical internal interface structure. By diversifying the internal interfaces,...

Deception is a promising method for strengthening software security. It differs from many traditional security approaches as it does not directly prevent the attacker’s actions but instead aims to learn about the attacker’s behavior. In this paper, we discuss the idea of deceiving attackers with fake services and fabricated content in order to find...

Coordination is one central tenet of software engineering practices and processes. In terms of software vulnerabilities, coordination is particularly evident in the processes used for obtaining Common Vulnerabilities and Exposures (CVEs) identifiers for discovered and disclosed vulnerabilities. As the central CVE tracking infrastructure maintained...

One way to learn more about how a malicious program functions and what its objectives are is to deceive it with fake services that provide responses containing fabricated data. This goal can be achieved with so called record and play -honeypot that learns what the normal communication between clients and a server looks like and then tries to mimic...

Malware uses knowledge of well-known interfaces to achieve its goals. However, if we uniquely diversify these interfaces in each system, the malware no longer knows the "language" of a specific system and it becomes much more difficult for malicious programs to operate. This paper extends the idea of interface diversification by presenting a scheme...

Asynchronous telemedicine systems face many challenges related to information security as the patient's sensitive information and data on medicine dosage is transmitted over a network when monitoring patients and controlling asynchronous telemedical IoT devices. This information may be modified or spied on by a malicious adversary. To make asynchro...

The principle of least privilege states that components in a system should only be allowed to perform actions that are required for them to function. The wish to limit what programs can access has given rise to a set of application-level sandboxing solutions. In this paper, we survey recent research on application-level sandboxing. We discuss the p...

Record and play -honeypots mimic normal TCP traffic and fool the adversary with fake data while simultaneously keeping the setting realistic. ln this paper, we propose several designs for such honeypots. Two important aspects of honeypot design are considered. First, we compare named entity recognition systems in order to recognize the entities in...

Modern virtual machines, debuggers, and sandboxing solutions lend themselves towards more and more inconspicuous ways to run honeypots, and to observe and analyze malware and other malicious activity. This analysis yields valuable data for threat-assessment, malware identification and prevention. However, the use of such introspection methods has c...

The evolution of cloud computing and advancement of its services has motivated the organizations and enterprises to move towards the cloud, in order to provide their services to their customers, with greater ease and higher efficiency. Utilizing the cloud-based services, on one hand has brought along numerous compelling benefits and, on the other h...

Internet of Things (IoT) is a swiftly growing technology and business domain that is expected to revolutionize the modern trade. Nonetheless, shortcomings in security are common in this new domain and security issues are the Achilles' heel of the new technology. In this study, we analyze different security solutions for IoT devices and propose suit...

With the advancement of Internet in Things (IoT) more and more "things" are connected to each other through the Internet. Due to the fact that the collected information may contain personal information of the users, it is very important to ensure the security of the devices in IoT. Diversification is a promising technique that protects the software...

Defending information systems against advanced attacks is a challenging task; even if all the systems have been properly updated and all the known vulnerabilities have been patched, there is still the possibility of previously unknown zero day attack compromising the system. Honeypots offer a more proactive tool for detecting possible attacks. What...

The idea of interface diversification is that internal interfaces in the system are transformed into unique secret instances. On one hand, the trusted programs in the system are accordingly modified so that they can use the diversified interfaces. On the other hand, the malicious code injected into a system does not know the diversification secret,...

Internet of Things (IoT) currently covers billions of devices with identical internal software interfaces. This software monoculture exposes the systems to the same security vulnerabilities. Internal interface diversification, by introducing diverse and unique interfaces on each device, is a solution for this problem. In this paper, we discuss inte...

Diversification and obfuscation methods are promising approaches used to secure software and prevent malware from functioning. Diversification makes each software instance unique so that malware attacks cannot rely on the knowledge of the program’s execution environment and/or internal structure anymore. We present a systematic literature review on...

Instruction set randomization (ISR) provides a strong defense against all types of injection attacks, especially in interpreted environments. However, fully enabling a system to benefit from language interpreters that support programs diversified with ISR requires several alterations and considerations. In this paper we identify core challenges rel...

Internet of Things (IoT) is composed of heterogeneous embedded and wearable sensors and devices that collect and share information over the Internet. This may contain private information of the users. Thus, securing the information and preserving the privacy of the users are of paramount importance. In this paper we look into the possibility of app...

This paper presents system call diversification as a method for protecting operating systems and rendering malicious programs ineffective. The idea is to change all the system call numbers in the kernel and in the applications that invoke these system calls. As a result, it becomes much more difficult for a harmful program to access resources of a...

Man-in-the-browser is a Trojan that infects a Web browser. A Trojan has the ability to modify Web pages and online transaction content, or insert itself in a covert manner, without the user noticing anything suspicious. This chapter presents a study of several man-in-the-browser attacks that tamper with the user's transactions and examines differen...

This paper studies the idea of using large-scale diversification to protect operating systems and make malware ineffective. The idea is to fist diversify the system call interface on a specific computer so that it becomes very challenging for a piece of malware to access resources, and to combine this with the recursive diversification of system li...

In this paper, we advocate large-scale diversification as a method to protect operating systems and render malicious programs ineffective. The idea is to diversify all the indirect library entry points to the system calls on a specific computer. As a result, it becomes very difficult for a piece of malware to access resources. The diversification o...

This paper presents an idea of using a proxy-based security solution to protect web-based eHealth applications from client-side attacks. In today’s Internet, eHealth services face many challenges related to information security as the users display and input sensitive information using web applications. This information may be spied on or modified...

In order to use resources of a computer, malware has to know the interfaces provided by the operating system. If we make these critical interfaces unique by diversifying the operating system and user applications, a piece of malware can no longer successfully interact with its environment. Diversification can be considered as a computer-specific se...

As the web pages today rely on Ajax and JavaScript, a larger attack surface becomes available. This paper presents in detail several different man-in-the-browser attacks against Ajax applications. We implemented browser extensions for Mozilla Firefox to demonstrate these attacks and their effectiveness. Some countermeasures to mitigate the problem...