Author Archives: Heli Sutinen

Review of Pedagogical Principles of Cyber Security Exercises

Modern digitalized cyber domains are extremely complex ensemble. Cyber attacks or incidents against system may affect capricious effects for another system or even for physical devices. For understanding and training to encounter those effects requires an effective and complex simulation capability. Cyber Security Exercises are an effective expedient for training and learning measures and operations […]

Model Fooling Attacks Against Medical Imaging: A Short Survey

This study aims to find a list of methods to fool artificial neural networks used in medical imaging. We collected a short list of publications related to machine learning model fooling to see if these methods have been used in the medical imaging domain. Specifically, we focused our interest to pathological whole slide images used […]

The National Cyber Security Exercise 2020

The Institute of Information Technology of JAMK University of Applied Sciences and JYVSECTEC are organizing the National Cyber ​​Security Exercise 2020 for Finnish State Administration organisations (KYHA20vh). The Exercise takes place in Jyväskylä from 28 September to 2 October 2020. This KYHA20vh exercise is a continuum of the series of National Cyber Security Exercises that […]

Model for Cyber Security Information Sharing in Healthcare Sector

In the modern society almost all services are based on data-networks and networked systems. Especially through the growing digitalization an increasing number of services is connected to data-networks. One example of a highly digitalized domain is the healthcare sector, where a cyber-attack could cause extreme circumstances. Decision making requires knowledge about the current situation. Particularly, […]

CISS2020-OL: Attacking the Secure Water Treatment testbed

JYVSECTEC Red Team participated in CISS2020-OL Critical Infrastructure Security Showdown 2020 Online competition and placed 3rd out of 17 teams. CISS2020-OL participants were invited by iTrust, Centre for Research in Cyber Security at the Singapore University of Technology and Design (SUTD). CISS2020 invites red teams to try their best at disrupting their Secure Water Treatment […]

Cyber security incident response processes and guidelines in healthcare environments

The project will develop cyber security incident response processes and guidelines for healthcare environments, to improve and ensure the continuity of socially critical healthcare also if cyber-attacks occur. In the midst of the COVID-19 crisis, the project is very topical and there is a great need for preparedness for cyber threats. Numerous cyber-attacks targeted to […]

Adding Realism to Cyber Security Exercises – Populating RGCE environment

Our Realistic Global Cyber Environment (RGCE) is a feature rich live cyber range that brings together a realistic global world and organization environments in an isolated private cloud. RGCE’s global world functions the same way as the real Internet; however, it is fully controlled by JYVSECTEC. The Internet of RGCE has similar counterparts as the real […]

Statistical Evaluation of Artificial Intelligence -Based Intrusion Detection System

Training neural networks with captured real-world network data may fail to ascertain whether or not the network architecture is capable of learning the types of correlations expected to be present in real data. In this paper we outline a statistical model aimed at assessing the learning capability of neural network-based intrusion detection system. We explore […]

Continuous integration in collaborative analysis of incidents = CINCAN

Some say all good things must come to an end. The CINCAN project started in 2018 and this 2-year project, co-financed by the Connecting Europe Facility of the European Union, is reaching the end on June 2020. The project was established with a mission to make the jobs of national cyber security operators easier by […]

Carry out investigations remotely using containerized GRR

The containerized GRR is a forked version of GRR Rapid Response, incident response framework designed by Google engineers. In today’s blog post I’m focusing on the GRR features that allow the real-time investigation to be made remotely via web-based user interface. Read more about the Docker containerized GRR from my previous blog post. GRR is an […]