{"id":"https://openalex.org/W4291653443","doi":"https://doi.org/10.1109/access.2022.3198947","title":"On Apache Log4j2 Exploitation in Aeronautical, Maritime, and Aerospace Communication","display_name":"On Apache Log4j2 Exploitation in Aeronautical, Maritime, and Aerospace Communication","publication_year":2022,"publication_date":"2022-01-01","ids":{"openalex":"https://openalex.org/W4291653443","doi":"https://doi.org/10.1109/access.2022.3198947"},"language":"en","primary_location":{"id":"doi:10.1109/access.2022.3198947","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2022.3198947","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1109/access.2022.3198947","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5032849467","display_name":"Artturi Juvonen","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Artturi Juvonen","raw_affiliation_strings":["Faculty of Information Technology, University of Jyv&#x00E4;skyl&#x00E4;, Jyv&#x00E4;skyl&#x00E4;, Finland"],"affiliations":[{"raw_affiliation_string":"Faculty of Information Technology, University of Jyv&#x00E4;skyl&#x00E4;, Jyv&#x00E4;skyl&#x00E4;, Finland","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5060661495","display_name":"Andrei Costin","orcid":"https://orcid.org/0000-0002-2704-9715"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Andrei Costin","raw_affiliation_strings":["Faculty of Information Technology, University of Jyv&#x00E4;skyl&#x00E4;, Jyv&#x00E4;skyl&#x00E4;, Finland"],"affiliations":[{"raw_affiliation_string":"Faculty of Information Technology, University of Jyv&#x00E4;skyl&#x00E4;, Jyv&#x00E4;skyl&#x00E4;, Finland","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5036288913","display_name":"Hannu Turtiainen","orcid":"https://orcid.org/0000-0002-7631-620X"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Hannu Turtiainen","raw_affiliation_strings":["Faculty of Information Technology, University of Jyv&#x00E4;skyl&#x00E4;, Jyv&#x00E4;skyl&#x00E4;, Finland"],"affiliations":[{"raw_affiliation_string":"Faculty of Information Technology, University of Jyv&#x00E4;skyl&#x00E4;, Jyv&#x00E4;skyl&#x00E4;, Finland","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5036786418","display_name":"Timo H\u00e4m\u00e4l\u00e4inen","orcid":"https://orcid.org/0000-0002-4168-9102"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Timo Hamalainen","raw_affiliation_strings":["Faculty of Information Technology, University of Jyv&#x00E4;skyl&#x00E4;, Jyv&#x00E4;skyl&#x00E4;, Finland"],"affiliations":[{"raw_affiliation_string":"Faculty of Information Technology, University of Jyv&#x00E4;skyl&#x00E4;, Jyv&#x00E4;skyl&#x00E4;, Finland","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5032849467"],"corresponding_institution_ids":[],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":10.8312,"has_fulltext":false,"cited_by_count":18,"citation_normalized_percentile":{"value":0.97615665,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":"10","issue":null,"first_page":"86542","last_page":"86557"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11489","display_name":"Air Traffic Management and Optimization","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/2202","display_name":"Aerospace Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11489","display_name":"Air Traffic Management and Optimization","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/2202","display_name":"Aerospace Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10525","display_name":"Human-Automation Interaction and Safety","score":0.9746999740600586,"subfield":{"id":"https://openalex.org/subfields/3207","display_name":"Social Psychology"},"field":{"id":"https://openalex.org/fields/32","display_name":"Psychology"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10370","display_name":"Traffic and Road Safety","score":0.9606999754905701,"subfield":{"id":"https://openalex.org/subfields/2213","display_name":"Safety, Risk, Reliability and Quality"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7482197284698486},{"id":"https://openalex.org/keywords/payload","display_name":"Payload (computing)","score":0.5954801440238953},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5890112519264221},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5673760175704956},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.5041042566299438},{"id":"https://openalex.org/keywords/documentation","display_name":"Documentation","score":0.5018341541290283},{"id":"https://openalex.org/keywords/aerospace","display_name":"Aerospace","score":0.46475210785865784},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.46341556310653687},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.32475385069847107},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.28642261028289795},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.1331072449684143}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7482197284698486},{"id":"https://openalex.org/C134066672","wikidata":"https://www.wikidata.org/wiki/Q1424639","display_name":"Payload (computing)","level":3,"score":0.5954801440238953},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5890112519264221},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5673760175704956},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.5041042566299438},{"id":"https://openalex.org/C56666940","wikidata":"https://www.wikidata.org/wiki/Q788790","display_name":"Documentation","level":2,"score":0.5018341541290283},{"id":"https://openalex.org/C167740415","wikidata":"https://www.wikidata.org/wiki/Q2876213","display_name":"Aerospace","level":2,"score":0.46475210785865784},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.46341556310653687},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.32475385069847107},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.28642261028289795},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.1331072449684143},{"id":"https://openalex.org/C146978453","wikidata":"https://www.wikidata.org/wiki/Q3798668","display_name":"Aerospace engineering","level":1,"score":0.0},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.0}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1109/access.2022.3198947","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2022.3198947","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:jyx.jyu.fi:123456789/84864","is_oa":true,"landing_page_url":"http://urn.fi/URN:NBN:fi:jyu-202301091213","pdf_url":null,"source":{"id":"https://openalex.org/S4306400563","display_name":"Jyv\u00e4skyl\u00e4 University Digital Archive (University of Jyv\u00e4skyl\u00e4)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I94722563","host_organization_name":"University of Jyv\u00e4skyl\u00e4","host_organization_lineage":["https://openalex.org/I94722563"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":null,"raw_type":"A1"},{"id":"pmh:oai:doaj.org/article:14b2d85e15fa43c59acb050c1db245dd","is_oa":true,"landing_page_url":"https://doaj.org/article/14b2d85e15fa43c59acb050c1db245dd","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 10, Pp 86542-86557 (2022)","raw_type":"article"},{"id":"pmh:oai:jyx.jyu.fi:123456789/82892","is_oa":false,"landing_page_url":"http://urn.fi/URN:NBN:fi:jyu-202208314429","pdf_url":null,"source":{"id":"https://openalex.org/S4306400563","display_name":"Jyv\u00e4skyl\u00e4 University Digital Archive (University of Jyv\u00e4skyl\u00e4)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I94722563","host_organization_name":"University of Jyv\u00e4skyl\u00e4","host_organization_lineage":["https://openalex.org/I94722563"],"host_organization_lineage_names":[],"type":"repository"},"license":"public-domain","license_id":"https://openalex.org/licenses/public-domain","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"G2"}],"best_oa_location":{"id":"doi:10.1109/access.2022.3198947","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2022.3198947","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.5199999809265137,"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9"}],"awards":[{"id":"https://openalex.org/G3388475616","display_name":null,"funder_award_id":"00221059","funder_id":"https://openalex.org/F4320321726","funder_display_name":"Suomen Kulttuurirahasto"}],"funders":[{"id":"https://openalex.org/F4320307791","display_name":"Cisco Systems","ror":"https://ror.org/03yt1ez60"},{"id":"https://openalex.org/F4320321726","display_name":"Suomen Kulttuurirahasto","ror":"https://ror.org/027xav248"},{"id":"https://openalex.org/F4320323168","display_name":"Jyv\u00e4skyl\u00e4n Yliopisto","ror":"https://ror.org/05n3dz165"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":23,"referenced_works":["https://openalex.org/W1515073590","https://openalex.org/W2064081054","https://openalex.org/W2097926665","https://openalex.org/W2118756516","https://openalex.org/W2128683226","https://openalex.org/W2143159920","https://openalex.org/W2411180172","https://openalex.org/W2602047697","https://openalex.org/W2765482058","https://openalex.org/W2788735606","https://openalex.org/W2808554791","https://openalex.org/W2904451801","https://openalex.org/W2946563641","https://openalex.org/W2964471108","https://openalex.org/W3103700441","https://openalex.org/W4205377954","https://openalex.org/W4206565539","https://openalex.org/W4211105048","https://openalex.org/W4225858218","https://openalex.org/W4226330143","https://openalex.org/W4245243716","https://openalex.org/W6713023146","https://openalex.org/W6766905537"],"related_works":["https://openalex.org/W1535080110","https://openalex.org/W2097492617","https://openalex.org/W306312984","https://openalex.org/W4225795411","https://openalex.org/W857189463","https://openalex.org/W2809744190","https://openalex.org/W4386482731","https://openalex.org/W2765763546","https://openalex.org/W2618286804","https://openalex.org/W4385302085"],"abstract_inverted_index":{"Apache":[0],"Log4j2":[1,170,187],"is":[2],"a":[3,53,99],"prevalent":[4],"logging":[5],"library":[6],"for":[7,178,209],"Java-based":[8],"applications.":[9],"In":[10,71],"December":[11],"2021,":[12],"several":[13],"critical":[14,41,64],"and":[15,29,42,67,78,87,94,102,108,114,133,146,160,172,192,202],"high-impact":[16],"software":[17,213],"vulnerabilities,":[18,171],"including":[19],"CVE-2021-44228,":[20],"were":[21],"publicly":[22],"disclosed,":[23],"enabling":[24],"remote":[25],"code":[26],"execution":[27],"(RCE)":[28],"denial":[30],"of":[31,45,56,58,80,143,168],"service":[32],"(DoS)":[33],"attacks.":[34],"To":[35,181],"date,":[36],"these":[37,82],"vulnerabilities":[38,50,83],"are":[39,163,176],"considered":[40],"the":[43,76,91,110,141,144,158,166,169,174],"consequences":[44],"their":[46],"disclosure":[47],"far-reaching.":[48],"The":[49],"potentially":[51],"affect":[52],"wide":[54],"range":[55],"internet":[57],"things":[59],"(IoT)":[60],"devices,":[61,63],"embedded":[62],"infrastructure":[65],"(CI),":[66],"cyber-physical":[68],"systems":[69],"(CPSs).":[70],"this":[72,216],"paper,":[73],"we":[74,122,195],"study":[75,107],"effects":[77],"feasibility":[79,142],"exploiting":[81],"in":[84,211,215],"mission-critical":[85],"aviation":[86,159],"maritime":[88,161,193],"environments":[89,162],"using":[90],"ACARS,":[92],"ADS-B,":[93],"AIS":[95],"protocols.":[96,154],"We":[97,139,155],"develop":[98,130,134],"systematic":[100],"methodology":[101],"an":[103],"experimental":[104],"setup":[105],"to":[106,136,165,186],"identify":[109],"protocols\u2019":[111],"exploitable":[112],"fields":[113],"associated":[115],"attack":[116],"payload":[117],"features.":[118],"For":[119],"our":[120],"experiments,":[121],"employ":[123],"software-defined":[124],"radios":[125],"(SDRs),":[126],"use":[127],"open-source":[128,212],"software,":[129,200],"novel":[131],"tools,":[132],"features":[135],"existing":[137],"software.":[138],"evaluate":[140],"attacks":[145,175,188],"demonstrate":[147,156],"end-to-end":[148],"RCE":[149],"with":[150],"all":[151],"three":[152],"studied":[153],"that":[157,173],"susceptible":[164],"exploitation":[167],"feasible":[177],"non-sophisticated":[179],"attackers.":[180],"facilitate":[182],"further":[183],"studies":[184],"related":[185],"on":[189],"aerospace,":[190],"aviation,":[191],"infrastructures,":[194],"release":[196],"relevant":[197],"artifacts":[198],"(e.g.,":[199],"documentation,":[201],"scripts)":[203],"as":[204],"open-source,":[205],"complemented":[206],"by":[207],"patches":[208],"bugs":[210],"used":[214],"study.":[217]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":6},{"year":2023,"cited_by_count":7}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}